diff --git a/.well-known/security.txt b/.well-known/security.txt new file mode 100644 index 000000000..71e46f3ec --- /dev/null +++ b/.well-known/security.txt @@ -0,0 +1,5 @@ +Contact: mailto:dsf-security@hs-heilbronn.de +Expires: 2040-12-31T22:59:00.000Z +Preferred-Languages: de,en +Canonical: https://dsf.dev/.well-known/security.txt +Policy: https://dsf.dev/security \ No newline at end of file diff --git a/404.html b/404.html new file mode 100644 index 000000000..5521a8390 --- /dev/null +++ b/404.html @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + +
Skip to main content

404

Page not found

There’s nothing here.

+ + + diff --git a/CNAME b/CNAME new file mode 100644 index 000000000..fa8ac487c --- /dev/null +++ b/CNAME @@ -0,0 +1 @@ +dsf.dev \ No newline at end of file diff --git a/about/index.html b/about/index.html new file mode 100644 index 000000000..3945f5ee6 --- /dev/null +++ b/about/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + About + + + + + +
Skip to main content

About

DSF-TeamLess than 1 minute

Overview

+ + + diff --git a/about/learnmore/contact.html b/about/learnmore/contact.html new file mode 100644 index 000000000..1a544eceb --- /dev/null +++ b/about/learnmore/contact.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contact & Community + + + + + +
Skip to main content

Contact & Community

DSF-TeamLess than 1 minute

✉️ E-MAIL

Feel free to contact us via E-Mail (dsf-gecko@hs-heilbronn.de) and we will take care of your request as soon as possible.

👥 COMMUNITY

DSF's community is growing and we welcome anyone who would like to join! 🚀

Stay up to Date

Contribute Code

You can get familiar with the DSF code on GitHub. Branching follows the git-flow model, for the latest development version see branch develop. Additionally, you can find more information here in the documentation.

Share your Experience & Get support

You´re welcome to share your experience with the Community. If you have a bug to report or feature to request, that's what the GitHub issues are for.

+ + + diff --git a/about/learnmore/index.html b/about/learnmore/index.html new file mode 100644 index 000000000..9e4281797 --- /dev/null +++ b/about/learnmore/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Learn more + + + + + +
Skip to main content

Learn more

DSF-TeamLess than 1 minute

Overview

+ + + diff --git a/about/learnmore/partners.html b/about/learnmore/partners.html new file mode 100644 index 000000000..df5593489 --- /dev/null +++ b/about/learnmore/partners.html @@ -0,0 +1,41 @@ + + + + + + + + + + Partners + + + + + +
Skip to main content

Partners

DSF-TeamLess than 1 minute

Funded for further development of the Data Sharing Framework are:

Heilbronn University of Applied Sciences | Gecko Institute

The GECKO Institute is a research institution of Heilbronn University of Applied Sciences and conducts research and development at the interfaces between medicine, economics and computer science. The DSF is part of Prof. Fegeler's research area: Interoperability and Digital Processes in Medicine. Other areas of research include educational technologies, health economics, and consumer health informatics.

University of Heidelberg | Institute of Medical Informatics

The Institute of Medical Informatics belongs to the University of Heidelberg. The scientific focus of the institute is on structured patient data, e.g.

  • in the Medical Data Integration Center (MeDIC),
  • structured acquisition and transformation of biomedical data,
  • medical information systems and data models
  • and much more.

University of Leipzig | LIFE Institute

The LIFE Institute of the University of Leipzig manages collaborative and follow-on projects in the fields of medicine, public health, medical informatics, and biobanking.

+ + + diff --git a/about/learnmore/public.html b/about/learnmore/public.html new file mode 100644 index 000000000..11629e883 --- /dev/null +++ b/about/learnmore/public.html @@ -0,0 +1,41 @@ + + + + + + + + + + Public Funding + + + + + +
Skip to main content

Public Funding

DSF-TeamAbout 1 min

DSF - Medical Informatics Structure "Data Sharing Framework Community" (2023-2026)

The DSF Community connects the DSF competencies of the entire Medical Informatics Initiative (MII) so that new use cases, in particular from Module 3 or the Network University Medicine (NUM), are better supported in creating the respective DSF plugins. In the context of Module 2b, the DSF Community contributes to the further development of the common digital infrastructure of the MII together with the FDPG+ and TRANSIT projects. BMBF

Heilbronn University (HHN) focuses on the connecting of DSF related topics and competencies in the MII with the community management. The quality assurance of new DSF plugins and further development of the application and core components aim at a scalable, stable and secure operation of the DSF (Funding code: 01ZZ2307A).

Heidelberg University is focusing on the further development of the DSF core components as well as the rollout of the DSF plugins, in particular also from the perspective of a data integration center in consultation with the FDGP+ and TRANSIT projects (Funding code: 01ZZ2307B).

The University of Leipzig will further develop and adapt the DSF plugin for the Research Data Portal for Health FDPG according to specifications resulting from the FDPG+ project and enable Data Integration Centers (DIC) to operate the FDPG plugin (Funding code: 01ZZ2307C).




Development of the DSF in the HiGHmed consortium -Contribution Heilbronn University and Heidelberg University (2018-2022)

HiGHmed aims to increase the efficiency of clinical research and improve patient care through new medical informatics solutions and cross-organizational data exchange. The concept will be developed on the basis of three defined prototypical use cases, which will ensure close integration with the requirements of patient care and medical research. The GECKO Institute of HHN will establish a trusted third party with pseudonymization service to implement the goals of HiGHmed and is involved in the technical development of the DSF together with the partners (Funding code: 01ZZ1802E). Heidelberg University is in particular involved in the technical development of the DSF (Funding code: 01ZZ1802A).

+ + + diff --git a/about/learnmore/team.html b/about/learnmore/team.html new file mode 100644 index 000000000..87d730a38 --- /dev/null +++ b/about/learnmore/team.html @@ -0,0 +1,41 @@ + + + + + + + + + + Team + + + + + +
Skip to main content

Team

DSF-TeamLess than 1 minute

The funded project team includes:

We thank additional contributors, including:

+ + + diff --git a/assets/404.html-CippiRUx.js b/assets/404.html-CippiRUx.js new file mode 100644 index 000000000..972c28b06 --- /dev/null +++ b/assets/404.html-CippiRUx.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as n,o as r}from"./app-BIWb5uIp.js";const a={};function l(s,e){return r(),o("div",null,e[0]||(e[0]=[n("p",null,"404 Not Found",-1)]))}const m=t(a,[["render",l],["__file","404.html.vue"]]),d=JSON.parse('{"path":"/404.html","title":"","lang":"en-US","frontmatter":{"layout":"NotFound","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.01,"words":3},"filePathRelative":null,"excerpt":"

404 Not Found

\\n"}');export{m as comp,d as data}; diff --git a/assets/GMDS2022-dev.html-7MTMzEUe.js b/assets/GMDS2022-dev.html-7MTMzEUe.js new file mode 100644 index 000000000..fdace34ba --- /dev/null +++ b/assets/GMDS2022-dev.html-7MTMzEUe.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as o,d as e,e as a,f as s,r as i,o as d}from"./app-BIWb5uIp.js";const m={};function p(u,t){const r=i("RouteLink");return d(),l("div",null,[o("p",null,[t[1]||(t[1]=e("Redirect to ")),a(r,{to:"/oldstable/tutorial/"},{default:s(()=>t[0]||(t[0]=[e("this webpage")])),_:1}),t[2]||(t[2]=e("."))]),t[3]||(t[3]=o("meta",{"http-equiv":"refresh",content:"0; URL=/oldstable/tutorial/"},null,-1))])}const v=n(m,[["render",p],["__file","GMDS2022-dev.html.vue"]]),D=JSON.parse('{"path":"/intro/tutorials/GMDS2022-dev.html","title":"GMDS2022 - Process Development","lang":"en-US","frontmatter":{"title":"GMDS2022 - Process Development","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"intro/tutorials/GMDS2022-dev.md","excerpt":"

Redirect to this webpage.

\\n\\n"}');export{v as comp,D as data}; diff --git a/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2 b/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2 new file mode 100644 index 000000000..0acaaff03 Binary files /dev/null and b/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2 differ diff --git a/assets/KaTeX_AMS-Regular-DMm9YOAa.woff b/assets/KaTeX_AMS-Regular-DMm9YOAa.woff new file mode 100644 index 000000000..b804d7b33 Binary files /dev/null and b/assets/KaTeX_AMS-Regular-DMm9YOAa.woff differ diff --git a/assets/KaTeX_AMS-Regular-DRggAlZN.ttf b/assets/KaTeX_AMS-Regular-DRggAlZN.ttf new file mode 100644 index 000000000..c6f9a5e7c Binary files /dev/null and b/assets/KaTeX_AMS-Regular-DRggAlZN.ttf differ diff --git a/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf b/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf new file mode 100644 index 000000000..9ff4a5e04 Binary files /dev/null and b/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf differ diff --git a/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff b/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff new file mode 100644 index 000000000..9759710d1 Binary files /dev/null and b/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff differ diff --git a/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2 b/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2 new file mode 100644 index 000000000..f390922ec Binary files /dev/null and b/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2 differ diff --git a/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff b/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff new file mode 100644 index 000000000..9bdd534fd Binary files /dev/null and b/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff differ diff --git a/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2 b/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2 new file mode 100644 index 000000000..75344a1f9 Binary files /dev/null and b/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2 differ diff --git a/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf b/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf new file mode 100644 index 000000000..f522294ff Binary files /dev/null and b/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf differ diff --git a/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf b/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf new file mode 100644 index 000000000..4e98259c3 Binary files /dev/null and b/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf differ diff --git a/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff b/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff new file mode 100644 index 000000000..e7730f662 Binary files /dev/null and b/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff differ diff --git a/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2 b/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2 new file mode 100644 index 000000000..395f28bea Binary files /dev/null and b/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2 differ diff --git a/assets/KaTeX_Fraktur-Regular-CB_wures.ttf b/assets/KaTeX_Fraktur-Regular-CB_wures.ttf new file mode 100644 index 000000000..b8461b275 Binary files /dev/null and b/assets/KaTeX_Fraktur-Regular-CB_wures.ttf differ diff --git a/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2 b/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2 new file mode 100644 index 000000000..735f6948d Binary files /dev/null and b/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2 differ diff --git a/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff b/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff new file mode 100644 index 000000000..acab069f9 Binary files /dev/null and b/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff differ diff --git a/assets/KaTeX_Main-Bold-Cx986IdX.woff2 b/assets/KaTeX_Main-Bold-Cx986IdX.woff2 new file mode 100644 index 000000000..ab2ad21da Binary files /dev/null and b/assets/KaTeX_Main-Bold-Cx986IdX.woff2 differ diff --git a/assets/KaTeX_Main-Bold-Jm3AIy58.woff b/assets/KaTeX_Main-Bold-Jm3AIy58.woff new file mode 100644 index 000000000..f38136ac1 Binary files /dev/null and b/assets/KaTeX_Main-Bold-Jm3AIy58.woff differ diff --git a/assets/KaTeX_Main-Bold-waoOVXN0.ttf b/assets/KaTeX_Main-Bold-waoOVXN0.ttf new file mode 100644 index 000000000..4060e627d Binary files /dev/null and b/assets/KaTeX_Main-Bold-waoOVXN0.ttf differ diff --git a/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2 b/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2 new file mode 100644 index 000000000..5931794de Binary files /dev/null and b/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2 differ diff --git a/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf b/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf new file mode 100644 index 000000000..dc007977e Binary files /dev/null and b/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf differ diff --git a/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff b/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff new file mode 100644 index 000000000..67807b0bd Binary files /dev/null and b/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff differ diff --git a/assets/KaTeX_Main-Italic-3WenGoN9.ttf b/assets/KaTeX_Main-Italic-3WenGoN9.ttf new file mode 100644 index 000000000..0e9b0f354 Binary files /dev/null and b/assets/KaTeX_Main-Italic-3WenGoN9.ttf differ diff --git a/assets/KaTeX_Main-Italic-BMLOBm91.woff b/assets/KaTeX_Main-Italic-BMLOBm91.woff new file mode 100644 index 000000000..6f43b594b Binary files /dev/null and b/assets/KaTeX_Main-Italic-BMLOBm91.woff differ diff --git a/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2 b/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2 new file mode 100644 index 000000000..b50920e13 Binary files /dev/null and b/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2 differ diff --git a/assets/KaTeX_Main-Regular-B22Nviop.woff2 b/assets/KaTeX_Main-Regular-B22Nviop.woff2 new file mode 100644 index 000000000..eb24a7ba2 Binary files /dev/null and b/assets/KaTeX_Main-Regular-B22Nviop.woff2 differ diff --git a/assets/KaTeX_Main-Regular-Dr94JaBh.woff b/assets/KaTeX_Main-Regular-Dr94JaBh.woff new file mode 100644 index 000000000..21f581296 Binary files /dev/null and b/assets/KaTeX_Main-Regular-Dr94JaBh.woff differ diff --git a/assets/KaTeX_Main-Regular-ypZvNtVU.ttf b/assets/KaTeX_Main-Regular-ypZvNtVU.ttf new file mode 100644 index 000000000..dd45e1ed2 Binary files /dev/null and b/assets/KaTeX_Main-Regular-ypZvNtVU.ttf differ diff --git a/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf b/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf new file mode 100644 index 000000000..728ce7a1e Binary files /dev/null and b/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf differ diff --git a/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2 b/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2 new file mode 100644 index 000000000..29657023a Binary files /dev/null and b/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2 differ diff --git a/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff b/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff new file mode 100644 index 000000000..0ae390d74 Binary files /dev/null and b/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff differ diff --git a/assets/KaTeX_Math-Italic-DA0__PXp.woff b/assets/KaTeX_Math-Italic-DA0__PXp.woff new file mode 100644 index 000000000..eb5159d4c Binary files /dev/null and b/assets/KaTeX_Math-Italic-DA0__PXp.woff differ diff --git a/assets/KaTeX_Math-Italic-flOr_0UB.ttf b/assets/KaTeX_Math-Italic-flOr_0UB.ttf new file mode 100644 index 000000000..70d559b4e Binary files /dev/null and b/assets/KaTeX_Math-Italic-flOr_0UB.ttf differ diff --git a/assets/KaTeX_Math-Italic-t53AETM-.woff2 b/assets/KaTeX_Math-Italic-t53AETM-.woff2 new file mode 100644 index 000000000..215c143fd Binary files /dev/null and b/assets/KaTeX_Math-Italic-t53AETM-.woff2 differ diff --git a/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf b/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf new file mode 100644 index 000000000..2f65a8a3a Binary files /dev/null and b/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf differ diff --git a/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2 b/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2 new file mode 100644 index 000000000..cfaa3bda5 Binary files /dev/null and b/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2 differ diff --git a/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff b/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff new file mode 100644 index 000000000..8d47c02d9 Binary files /dev/null and b/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff differ diff --git a/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2 b/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2 new file mode 100644 index 000000000..349c06dc6 Binary files /dev/null and b/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2 differ diff --git a/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff b/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff new file mode 100644 index 000000000..7e02df963 Binary files /dev/null and b/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff differ diff --git a/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf b/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf new file mode 100644 index 000000000..d5850df98 Binary files /dev/null and b/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf differ diff --git a/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf b/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf new file mode 100644 index 000000000..537279f6b Binary files /dev/null and b/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf differ diff --git a/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff b/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff new file mode 100644 index 000000000..31b84829b Binary files /dev/null and b/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff differ diff --git a/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2 b/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2 new file mode 100644 index 000000000..a90eea85f Binary files /dev/null and b/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2 differ diff --git a/assets/KaTeX_Script-Regular-C5JkGWo-.ttf b/assets/KaTeX_Script-Regular-C5JkGWo-.ttf new file mode 100644 index 000000000..fd679bf37 Binary files /dev/null and b/assets/KaTeX_Script-Regular-C5JkGWo-.ttf differ diff --git a/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 b/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 new file mode 100644 index 000000000..b3048fc11 Binary files /dev/null and b/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 differ diff --git a/assets/KaTeX_Script-Regular-D5yQViql.woff b/assets/KaTeX_Script-Regular-D5yQViql.woff new file mode 100644 index 000000000..0e7da821e Binary files /dev/null and b/assets/KaTeX_Script-Regular-D5yQViql.woff differ diff --git a/assets/KaTeX_Size1-Regular-C195tn64.woff b/assets/KaTeX_Size1-Regular-C195tn64.woff new file mode 100644 index 000000000..7f292d911 Binary files /dev/null and b/assets/KaTeX_Size1-Regular-C195tn64.woff differ diff --git a/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf b/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf new file mode 100644 index 000000000..871fd7d19 Binary files /dev/null and b/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf differ diff --git a/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2 b/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2 new file mode 100644 index 000000000..c5a8462fb Binary files /dev/null and b/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2 differ diff --git a/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf b/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf new file mode 100644 index 000000000..7a212caf9 Binary files /dev/null and b/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf differ diff --git a/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2 b/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2 new file mode 100644 index 000000000..e1bccfe24 Binary files /dev/null and b/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2 differ diff --git a/assets/KaTeX_Size2-Regular-oD1tc_U0.woff b/assets/KaTeX_Size2-Regular-oD1tc_U0.woff new file mode 100644 index 000000000..d241d9be2 Binary files /dev/null and b/assets/KaTeX_Size2-Regular-oD1tc_U0.woff differ diff --git a/assets/KaTeX_Size3-Regular-CTq5MqoE.woff b/assets/KaTeX_Size3-Regular-CTq5MqoE.woff new file mode 100644 index 000000000..e6e9b658d Binary files /dev/null and b/assets/KaTeX_Size3-Regular-CTq5MqoE.woff differ diff --git a/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf b/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf new file mode 100644 index 000000000..00bff3495 Binary files /dev/null and b/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf differ diff --git a/assets/KaTeX_Size4-Regular-BF-4gkZK.woff b/assets/KaTeX_Size4-Regular-BF-4gkZK.woff new file mode 100644 index 000000000..e1ec54576 Binary files /dev/null and b/assets/KaTeX_Size4-Regular-BF-4gkZK.woff differ diff --git a/assets/KaTeX_Size4-Regular-DWFBv043.ttf b/assets/KaTeX_Size4-Regular-DWFBv043.ttf new file mode 100644 index 000000000..74f08921f Binary files /dev/null and b/assets/KaTeX_Size4-Regular-DWFBv043.ttf differ diff --git a/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2 b/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2 new file mode 100644 index 000000000..680c13085 Binary files /dev/null and b/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2 differ diff --git a/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff b/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff new file mode 100644 index 000000000..2432419f2 Binary files /dev/null and b/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff differ diff --git a/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2 b/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2 new file mode 100644 index 000000000..771f1af70 Binary files /dev/null and b/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2 differ diff --git a/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf b/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf new file mode 100644 index 000000000..c83252c57 Binary files /dev/null and b/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf differ diff --git a/assets/MIE2023.html-DGWUgkfh.js b/assets/MIE2023.html-DGWUgkfh.js new file mode 100644 index 000000000..a952a83b9 --- /dev/null +++ b/assets/MIE2023.html-DGWUgkfh.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as i,o as r}from"./app-BIWb5uIp.js";const s="/photos/tutorials/dsf-architecture.svg",n={};function o(l,e){return r(),a("div",null,e[0]||(e[0]=[i('

Abstract

With this tutorial, participants will gain a detailed insight into the Data Sharing Framework (DSF) (https://github.com/highmed/highmed-dsf). The open source DSF enables users to execute biomedical research and healthcare delivery processes across organizations, and the tutorial will demonstrate this with examples from the German Medical Informatics Initiative (MII) (https://www.medizininformatik-initiative.de/en/start) funded by the Federal Ministry of Education and Research (BMBF). The tutorial will cover fundamental concepts of distributed processes, the DSFs architecture and key standards such as HL7 FHIR and BPMN 2.0. Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization will be covered, as well as guidance on using the DSF for other use cases. This tutorial is designed for those involved in distributed research projects, including project members and software developers, as well as individuals interested in multi-organizational research projects.

Topic

The use of real-world data collected by healthcare providers for bio-medical research requires the data to be available and accessible. This is especially important when considering the usage of data across organizations. Distributed processes such as feasibility studies, record linkage, and data sharing need to be established for effective consolidation and analysis.
While even multi-center retrospective studies using real-world data become commonplace, maintaining infrastructure components for every project conducted is not sustainable. To address this, the Data Sharing Framework (DSF) was developed as an open source, use case independent distributed business process engine to execute cross-organizational research and healthcare delivery processes.

The tutorial will cover the fundamental concepts of distributed processes and will provide an overview of the DSF's architecture and key standards such as HL7 FHIR and BPMN 2.0 that are used in the framework. The tutorial will present real-world examples to illustrate the DSFs capabilities and delve into specific issues the DSF addresses for the German Medical Informatics Initiative (MII).

Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization, onboarding of new organizations and guidance on using the DSF for other use cases, such as specific research projects or new infrastructure developments, will be covered.
Finally, the tutorial will present lessons learned from the last years of using the DSF in test and production environments in multiple research consortia and will present ideas for future improvements based on feedback from end-users, process developers, project managers and administrative staff.

Target Group

Decision makers and project members with data sharing ideas looking for an architecture, as well as medical informatics professionals and software developers tasked with building multi-centric data sharing applications, are the target audience for this tutorial.

What you need

You need a laptop with a web browser for the hands-on portion of the tutorial.

What you will learn

You will...

',14)]))}const c=t(n,[["render",o],["__file","MIE2023.html.vue"]]),p=JSON.parse('{"path":"/intro/tutorials/MIE2023.html","title":"MIE May 2023","lang":"en-US","frontmatter":{"title":"MIE May 2023","icon":"info","gitInclude":[]},"headers":[{"level":2,"title":"Abstract","slug":"abstract","link":"#abstract","children":[]},{"level":2,"title":"Topic","slug":"topic","link":"#topic","children":[]},{"level":2,"title":"Target Group","slug":"target-group","link":"#target-group","children":[]},{"level":2,"title":"What you need","slug":"what-you-need","link":"#what-you-need","children":[]},{"level":2,"title":"What you will learn","slug":"what-you-will-learn","link":"#what-you-will-learn","children":[]}],"readingTime":{"minutes":1.95,"words":585},"filePathRelative":"intro/tutorials/MIE2023.md","excerpt":"

Abstract

\\n

With this tutorial, participants will gain a detailed insight into the Data Sharing Framework (DSF) (https://github.com/highmed/highmed-dsf). The open source DSF enables users to execute biomedical research and healthcare delivery processes across organizations, and the tutorial will demonstrate this with examples from the German Medical Informatics Initiative (MII) (https://www.medizininformatik-initiative.de/en/start) funded by the Federal Ministry of Education and Research (BMBF). The tutorial will cover fundamental concepts of distributed processes, the DSFs architecture and key standards such as HL7 FHIR and BPMN 2.0. Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization will be covered, as well as guidance on using the DSF for other use cases. This tutorial is designed for those involved in distributed research projects, including project members and software developers, as well as individuals interested in multi-organizational research projects.

"}');export{c as comp,p as data}; diff --git a/assets/SearchResult-DDOJWxca.js b/assets/SearchResult-DDOJWxca.js new file mode 100644 index 000000000..5947319bd --- /dev/null +++ b/assets/SearchResult-DDOJWxca.js @@ -0,0 +1 @@ +import{u as G,g as et,h as at,i as _,j as it,P as nt,t as lt,k as rt,l as E,m as k,n as ot,w as N,p as a,q as mt,R as M,v as st,x as vt,y as ht,C as ut,z as ct,A as dt,B as pt,D as ft,E as gt,F as bt,G as yt,H as $,I as j,J as xt,K as R,L as wt}from"./app-BIWb5uIp.js";const Ht=["/","/about/","/for-you/","/for-you/learn.html","/hackathon/","/intro/","/intro/publications.html","/oldstable/","/oldstable/introduction.html","/security/","/sprechstunde/","/stable/dsf-for-dev.html","/stable/","/stable/process-plugins-advanced.html","/v1.0.0/dsf-for-dev.html","/v1.0.0/","/v1.0.0/process-plugins-advanced.html","/v1.1.0/dsf-for-dev.html","/v1.1.0/","/v1.1.0/process-plugins-advanced.html","/v1.2.0/dsf-for-dev.html","/v1.2.0/","/v1.2.0/process-plugins-advanced.html","/v1.3.0/dsf-for-dev.html","/v1.3.0/","/v1.3.0/process-plugins-advanced.html","/v1.3.1/dsf-for-dev.html","/v1.3.1/","/v1.3.1/process-plugins-advanced.html","/v1.3.2/dsf-for-dev.html","/v1.3.2/","/v1.3.2/process-plugins-advanced.html","/v1.4.0/dsf-for-dev.html","/v1.4.0/","/v1.4.0/process-plugins-advanced.html","/v1.5.0/dsf-for-dev.html","/v1.5.0/","/v1.5.0/process-plugins-advanced.html","/v1.5.1/dsf-for-dev.html","/v1.5.1/","/v1.5.1/process-plugins-advanced.html","/v1.5.2/dsf-for-dev.html","/v1.5.2/","/v1.5.2/process-plugins-advanced.html","/v1.6.0/dsf-for-dev.html","/v1.6.0/","/v1.6.0/process-plugins-advanced.html","/v1.7.0/dsf-for-dev.html","/v1.7.0/","/v1.7.0/process-plugins-advanced.html","/about/learnmore/","/about/learnmore/contact.html","/about/learnmore/partners.html","/about/learnmore/public.html","/about/learnmore/team.html","/intro/info/allowList.html","/intro/info/architecture.html","/intro/info/basics.html","/intro/info/introduction.html","/intro/info/networkSetup.html","/intro/info/process-plugins.html","/intro/info/security.html","/intro/tutorials/GMDS2022-dev.html","/intro/tutorials/MIE2023.html","/intro/tutorials/","/intro/tutorials/Talks.html","/intro/use-cases/","/intro/use-cases/feasibility.html","/intro/use-cases/num.html","/oldstable/build/","/oldstable/build/build.html","/oldstable/build/proxyTestTool.html","/oldstable/build/releaseANewVersion.html","/oldstable/code/","/oldstable/code/addingANewFhirR.html","/oldstable/code/addingANewMpiClient.html","/oldstable/code/addingANewOpenEhrClient.html","/oldstable/code/changingBpmnProcesses.html","/oldstable/code/code.html","/oldstable/code/eclipseContent.html","/oldstable/code/intelliJContent.html","/oldstable/code/libraries.html","/oldstable/code/usingTheGitHubMaven.html","/oldstable/generalinformation/","/oldstable/generalinformation/authentication.html","/oldstable/generalinformation/networkSetup.html","/oldstable/releases/","/oldstable/releases/configBpe.html","/oldstable/releases/configFhir.html","/oldstable/releases/configFhirReverseProxy.html","/oldstable/releases/highmedInstall.html","/oldstable/releases/num-codexInstall.html","/oldstable/releases/upgradeFrom7.html","/oldstable/releases/upgradeFrom8.html","/oldstable/releases/upgradeFrom90.html","/oldstable/releases/upgradeFrom91.html","/oldstable/releases/upgradeFrom92.html","/oldstable/tutorial/","/oldstable/tutorial/ex11-docker-composeyml.html","/oldstable/tutorial/exercise1-simpleProcess.html","/oldstable/tutorial/exercise11-processDebugging.html","/oldstable/tutorial/exercise2-inputParameters.html","/oldstable/tutorial/exercise3-messageEvents.html","/oldstable/tutorial/exercise4-exclusiveGateways.html","/oldstable/tutorial/exercise5-eventBasedGateways.html","/oldstable/tutorial/prerequisites.html","/stable/contribute/code.html","/stable/contribute/documentation.html","/stable/contribute/","/stable/develop/","/stable/develop/create.html","/stable/develop/upgrade-from-0.html","/stable/maintain/","/stable/maintain/allowList-mgm.html","/stable/maintain/install-plugins.html","/stable/maintain/install.html","/stable/maintain/passwords-secrets.html","/stable/maintain/root-certificates.html","/stable/maintain/upgrade-from-0.html","/stable/maintain/upgrade-from-1.html","/v1.0.0/develop/","/v1.0.0/develop/create.html","/v1.0.0/develop/upgrade-from-0.html","/v1.0.0/maintain/","/v1.0.0/maintain/allowList-mgm.html","/v1.0.0/maintain/install.html","/v1.0.0/maintain/upgrade-from-0.html","/v1.1.0/develop/","/v1.1.0/develop/create.html","/v1.1.0/develop/upgrade-from-0.html","/v1.1.0/maintain/","/v1.1.0/maintain/allowList-mgm.html","/v1.1.0/maintain/install.html","/v1.1.0/maintain/upgrade-from-0.html","/v1.1.0/maintain/upgrade-from-1.html","/v1.2.0/develop/","/v1.2.0/develop/create.html","/v1.2.0/develop/upgrade-from-0.html","/v1.2.0/maintain/","/v1.2.0/maintain/allowList-mgm.html","/v1.2.0/maintain/install.html","/v1.2.0/maintain/upgrade-from-0.html","/v1.2.0/maintain/upgrade-from-1.html","/v1.3.0/develop/","/v1.3.0/develop/create.html","/v1.3.0/develop/upgrade-from-0.html","/v1.3.0/maintain/","/v1.3.0/maintain/allowList-mgm.html","/v1.3.0/maintain/install-plugins.html","/v1.3.0/maintain/install.html","/v1.3.0/maintain/upgrade-from-0.html","/v1.3.0/maintain/upgrade-from-1.html","/v1.3.1/develop/","/v1.3.1/develop/create.html","/v1.3.1/develop/upgrade-from-0.html","/v1.3.1/maintain/","/v1.3.1/maintain/allowList-mgm.html","/v1.3.1/maintain/install-plugins.html","/v1.3.1/maintain/install.html","/v1.3.1/maintain/upgrade-from-0.html","/v1.3.1/maintain/upgrade-from-1.html","/v1.3.2/develop/","/v1.3.2/develop/create.html","/v1.3.2/develop/upgrade-from-0.html","/v1.3.2/maintain/","/v1.3.2/maintain/allowList-mgm.html","/v1.3.2/maintain/install-plugins.html","/v1.3.2/maintain/install.html","/v1.3.2/maintain/upgrade-from-0.html","/v1.3.2/maintain/upgrade-from-1.html","/v1.4.0/contribute/code.html","/v1.4.0/contribute/documentation.html","/v1.4.0/contribute/","/v1.4.0/develop/","/v1.4.0/develop/create.html","/v1.4.0/develop/upgrade-from-0.html","/v1.4.0/maintain/","/v1.4.0/maintain/allowList-mgm.html","/v1.4.0/maintain/install-plugins.html","/v1.4.0/maintain/install.html","/v1.4.0/maintain/upgrade-from-0.html","/v1.4.0/maintain/upgrade-from-1.html","/v1.5.0/contribute/code.html","/v1.5.0/contribute/documentation.html","/v1.5.0/contribute/","/v1.5.0/develop/","/v1.5.0/develop/create.html","/v1.5.0/develop/upgrade-from-0.html","/v1.5.0/maintain/","/v1.5.0/maintain/allowList-mgm.html","/v1.5.0/maintain/install-plugins.html","/v1.5.0/maintain/install.html","/v1.5.0/maintain/upgrade-from-0.html","/v1.5.0/maintain/upgrade-from-1.html","/v1.5.1/contribute/code.html","/v1.5.1/contribute/documentation.html","/v1.5.1/contribute/","/v1.5.1/develop/","/v1.5.1/develop/create.html","/v1.5.1/develop/upgrade-from-0.html","/v1.5.1/maintain/","/v1.5.1/maintain/allowList-mgm.html","/v1.5.1/maintain/install-plugins.html","/v1.5.1/maintain/install.html","/v1.5.1/maintain/upgrade-from-0.html","/v1.5.1/maintain/upgrade-from-1.html","/v1.5.2/contribute/code.html","/v1.5.2/contribute/documentation.html","/v1.5.2/contribute/","/v1.5.2/develop/","/v1.5.2/develop/create.html","/v1.5.2/develop/upgrade-from-0.html","/v1.5.2/maintain/","/v1.5.2/maintain/allowList-mgm.html","/v1.5.2/maintain/install-plugins.html","/v1.5.2/maintain/install.html","/v1.5.2/maintain/upgrade-from-0.html","/v1.5.2/maintain/upgrade-from-1.html","/v1.6.0/contribute/code.html","/v1.6.0/contribute/documentation.html","/v1.6.0/contribute/","/v1.6.0/develop/","/v1.6.0/develop/create.html","/v1.6.0/develop/upgrade-from-0.html","/v1.6.0/maintain/","/v1.6.0/maintain/allowList-mgm.html","/v1.6.0/maintain/install-plugins.html","/v1.6.0/maintain/install.html","/v1.6.0/maintain/upgrade-from-0.html","/v1.6.0/maintain/upgrade-from-1.html","/v1.7.0/contribute/code.html","/v1.7.0/contribute/documentation.html","/v1.7.0/contribute/","/v1.7.0/develop/","/v1.7.0/develop/create.html","/v1.7.0/develop/upgrade-from-0.html","/v1.7.0/maintain/","/v1.7.0/maintain/allowList-mgm.html","/v1.7.0/maintain/install-plugins.html","/v1.7.0/maintain/install.html","/v1.7.0/maintain/passwords-secrets.html","/v1.7.0/maintain/root-certificates.html","/v1.7.0/maintain/upgrade-from-0.html","/v1.7.0/maintain/upgrade-from-1.html","/stable/maintain/bpe/","/stable/maintain/bpe/access-control.html","/stable/maintain/bpe/configuration.html","/stable/maintain/bpe/oidc.html","/stable/maintain/bpe-reverse-proxy/","/stable/maintain/bpe-reverse-proxy/configuration.html","/stable/maintain/fhir/","/stable/maintain/fhir/access-control.html","/stable/maintain/fhir/configuration.html","/stable/maintain/fhir/oidc.html","/stable/maintain/fhir-reverse-proxy/","/stable/maintain/fhir-reverse-proxy/configuration.html","/v1.0.0/maintain/configuration/","/v1.0.0/maintain/configuration/bpe.html","/v1.0.0/maintain/configuration/common.html","/v1.0.0/maintain/configuration/fhir.html","/v1.0.0/maintain/configuration/reverseproxy.html","/v1.1.0/maintain/bpe/","/v1.1.0/maintain/bpe/configuration.html","/v1.1.0/maintain/fhir/","/v1.1.0/maintain/fhir/access-control.html","/v1.1.0/maintain/fhir/configuration.html","/v1.1.0/maintain/fhir/oidc.html","/v1.1.0/maintain/fhir-reverse-proxy/","/v1.1.0/maintain/fhir-reverse-proxy/configuration.html","/v1.2.0/maintain/bpe/","/v1.2.0/maintain/bpe/configuration.html","/v1.2.0/maintain/fhir/","/v1.2.0/maintain/fhir/access-control.html","/v1.2.0/maintain/fhir/configuration.html","/v1.2.0/maintain/fhir/oidc.html","/v1.2.0/maintain/fhir-reverse-proxy/","/v1.2.0/maintain/fhir-reverse-proxy/configuration.html","/v1.3.0/maintain/bpe/","/v1.3.0/maintain/bpe/configuration.html","/v1.3.0/maintain/fhir/","/v1.3.0/maintain/fhir/access-control.html","/v1.3.0/maintain/fhir/configuration.html","/v1.3.0/maintain/fhir/oidc.html","/v1.3.0/maintain/fhir-reverse-proxy/","/v1.3.0/maintain/fhir-reverse-proxy/configuration.html","/v1.3.1/maintain/bpe/","/v1.3.1/maintain/bpe/configuration.html","/v1.3.1/maintain/fhir/","/v1.3.1/maintain/fhir/access-control.html","/v1.3.1/maintain/fhir/configuration.html","/v1.3.1/maintain/fhir/oidc.html","/v1.3.1/maintain/fhir-reverse-proxy/","/v1.3.1/maintain/fhir-reverse-proxy/configuration.html","/v1.3.2/maintain/bpe/","/v1.3.2/maintain/bpe/configuration.html","/v1.3.2/maintain/fhir/","/v1.3.2/maintain/fhir/access-control.html","/v1.3.2/maintain/fhir/configuration.html","/v1.3.2/maintain/fhir/oidc.html","/v1.3.2/maintain/fhir-reverse-proxy/","/v1.3.2/maintain/fhir-reverse-proxy/configuration.html","/v1.4.0/maintain/bpe/","/v1.4.0/maintain/bpe/configuration.html","/v1.4.0/maintain/fhir/","/v1.4.0/maintain/fhir/access-control.html","/v1.4.0/maintain/fhir/configuration.html","/v1.4.0/maintain/fhir/oidc.html","/v1.4.0/maintain/fhir-reverse-proxy/","/v1.4.0/maintain/fhir-reverse-proxy/configuration.html","/v1.5.0/maintain/bpe/","/v1.5.0/maintain/bpe/access-control.html","/v1.5.0/maintain/bpe/configuration.html","/v1.5.0/maintain/bpe/oidc.html","/v1.5.0/maintain/bpe-reverse-proxy/","/v1.5.0/maintain/bpe-reverse-proxy/configuration.html","/v1.5.0/maintain/fhir/","/v1.5.0/maintain/fhir/access-control.html","/v1.5.0/maintain/fhir/configuration.html","/v1.5.0/maintain/fhir/oidc.html","/v1.5.0/maintain/fhir-reverse-proxy/","/v1.5.0/maintain/fhir-reverse-proxy/configuration.html","/v1.5.1/maintain/bpe/","/v1.5.1/maintain/bpe/access-control.html","/v1.5.1/maintain/bpe/configuration.html","/v1.5.1/maintain/bpe/oidc.html","/v1.5.1/maintain/bpe-reverse-proxy/","/v1.5.1/maintain/bpe-reverse-proxy/configuration.html","/v1.5.1/maintain/fhir/","/v1.5.1/maintain/fhir/access-control.html","/v1.5.1/maintain/fhir/configuration.html","/v1.5.1/maintain/fhir/oidc.html","/v1.5.1/maintain/fhir-reverse-proxy/","/v1.5.1/maintain/fhir-reverse-proxy/configuration.html","/v1.5.2/maintain/bpe/","/v1.5.2/maintain/bpe/access-control.html","/v1.5.2/maintain/bpe/configuration.html","/v1.5.2/maintain/bpe/oidc.html","/v1.5.2/maintain/bpe-reverse-proxy/","/v1.5.2/maintain/bpe-reverse-proxy/configuration.html","/v1.5.2/maintain/fhir/","/v1.5.2/maintain/fhir/access-control.html","/v1.5.2/maintain/fhir/configuration.html","/v1.5.2/maintain/fhir/oidc.html","/v1.5.2/maintain/fhir-reverse-proxy/","/v1.5.2/maintain/fhir-reverse-proxy/configuration.html","/v1.6.0/maintain/bpe/","/v1.6.0/maintain/bpe/access-control.html","/v1.6.0/maintain/bpe/configuration.html","/v1.6.0/maintain/bpe/oidc.html","/v1.6.0/maintain/bpe-reverse-proxy/","/v1.6.0/maintain/bpe-reverse-proxy/configuration.html","/v1.6.0/maintain/fhir/","/v1.6.0/maintain/fhir/access-control.html","/v1.6.0/maintain/fhir/configuration.html","/v1.6.0/maintain/fhir/oidc.html","/v1.6.0/maintain/fhir-reverse-proxy/","/v1.6.0/maintain/fhir-reverse-proxy/configuration.html","/v1.7.0/maintain/bpe/","/v1.7.0/maintain/bpe/access-control.html","/v1.7.0/maintain/bpe/configuration.html","/v1.7.0/maintain/bpe/oidc.html","/v1.7.0/maintain/bpe-reverse-proxy/","/v1.7.0/maintain/bpe-reverse-proxy/configuration.html","/v1.7.0/maintain/fhir/","/v1.7.0/maintain/fhir/access-control.html","/v1.7.0/maintain/fhir/configuration.html","/v1.7.0/maintain/fhir/oidc.html","/v1.7.0/maintain/fhir-reverse-proxy/","/v1.7.0/maintain/fhir-reverse-proxy/configuration.html","/404.html","/intro/info/"],Lt="SEARCH_PRO_QUERY_HISTORY",g=G(Lt,[]),kt=()=>{const{queryHistoryCount:i}=R,n=i>0;return{enabled:n,queryHistory:g,addQueryHistory:l=>{n&&(g.value=Array.from(new Set([l,...g.value.slice(0,i-1)])))},removeQueryHistory:l=>{g.value=[...g.value.slice(0,l),...g.value.slice(l+1)]}}},P=i=>Ht[i.id]+("anchor"in i?`#${i.anchor}`:""),Rt="SEARCH_PRO_RESULT_HISTORY",{resultHistoryCount:B}=R,b=G(Rt,[]),Qt=()=>{const i=B>0;return{enabled:i,resultHistory:b,addResultHistory:n=>{if(i){const l={link:P(n),display:n.display};"header"in n&&(l.header=n.header),b.value=[l,...b.value.slice(0,B-1)]}},removeResultHistory:n=>{b.value=[...b.value.slice(0,n),...b.value.slice(n+1)]}}},qt=i=>{const n=ut(),l=_(),Q=ct(),o=E(0),w=k(()=>o.value>0),d=dt([]);return pt(()=>{const{search:p,terminate:q}=ft(),y=xt(v=>{const x=v.join(" "),{searchFilter:C=c=>c,splitWord:S,suggestionsFilter:T,...f}=n.value;x?(o.value+=1,p(v.join(" "),l.value,f).then(c=>C(c,x,l.value,Q.value)).then(c=>{o.value-=1,d.value=c}).catch(c=>{console.warn(c),o.value-=1,o.value||(d.value=[])})):d.value=[]},R.searchDelay-R.suggestDelay);N([i,l],([v])=>y(v),{immediate:!0}),gt(()=>{q()})}),{isSearching:w,results:d}};var St=et({name:"SearchResult",props:{queries:{type:Array,required:!0},isFocusing:Boolean},emits:["close","updateQuery"],setup(i,{emit:n}){const l=at(),Q=_(),o=it(nt),{enabled:w,addQueryHistory:d,queryHistory:p,removeQueryHistory:q}=kt(),{enabled:y,resultHistory:v,addResultHistory:x,removeResultHistory:C}=Qt(),S=w||y,T=lt(i,"queries"),{results:f,isSearching:c}=qt(T),r=rt({isQuery:!0,index:0}),h=E(0),u=E(0),I=k(()=>S&&(p.value.length>0||v.value.length>0)),F=k(()=>f.value.length>0),A=k(()=>f.value[h.value]||null),U=()=>{const{isQuery:t,index:e}=r;e===0?(r.isQuery=!t,r.index=t?v.value.length-1:p.value.length-1):r.index=e-1},Y=()=>{const{isQuery:t,index:e}=r;e===(t?p.value.length-1:v.value.length-1)?(r.isQuery=!t,r.index=0):r.index=e+1},J=()=>{h.value=h.value>0?h.value-1:f.value.length-1,u.value=A.value.contents.length-1},V=()=>{h.value=h.value{u.value{u.value>0?u.value-=1:J()},D=t=>t.map(e=>wt(e)?e:a(e[0],e[1])),W=t=>{if(t.type==="customField"){const e=bt[t.index]||"$content",[m,L=""]=yt(e)?e[Q.value].split("$content"):e.split("$content");return t.display.map(s=>a("div",D([m,...s,L])))}return t.display.map(e=>a("div",D(e)))},H=()=>{h.value=0,u.value=0,n("updateQuery",""),n("close")},X=()=>w?a("ul",{class:"search-pro-result-list"},a("li",{class:"search-pro-result-list-item"},[a("div",{class:"search-pro-result-title"},o.value.queryHistory),p.value.map((t,e)=>a("div",{class:["search-pro-result-item",{active:r.isQuery&&r.index===e}],onClick:()=>{n("updateQuery",t)}},[a($,{class:"search-pro-result-type"}),a("div",{class:"search-pro-result-content"},t),a("button",{class:"search-pro-remove-icon",innerHTML:j,onClick:m=>{m.preventDefault(),m.stopPropagation(),q(e)}})]))])):null,Z=()=>y?a("ul",{class:"search-pro-result-list"},a("li",{class:"search-pro-result-list-item"},[a("div",{class:"search-pro-result-title"},o.value.resultHistory),v.value.map((t,e)=>a(M,{to:t.link,class:["search-pro-result-item",{active:!r.isQuery&&r.index===e}],onClick:()=>{H()}},()=>[a($,{class:"search-pro-result-type"}),a("div",{class:"search-pro-result-content"},[t.header?a("div",{class:"content-header"},t.header):null,a("div",t.display.map(m=>D(m)).flat())]),a("button",{class:"search-pro-remove-icon",innerHTML:j,onClick:m=>{m.preventDefault(),m.stopPropagation(),C(e)}})]))])):null;return ot("keydown",t=>{if(i.isFocusing){if(F.value){if(t.key==="ArrowUp")K();else if(t.key==="ArrowDown")z();else if(t.key==="Enter"){const e=A.value.contents[u.value];d(i.queries.join(" ")),x(e),l.push(P(e)),H()}}else if(y){if(t.key==="ArrowUp")U();else if(t.key==="ArrowDown")Y();else if(t.key==="Enter"){const{index:e}=r;r.isQuery?(n("updateQuery",p.value[e]),t.preventDefault()):(l.push(v.value[e].link),H())}}}}),N([h,u],()=>{var t;(t=document.querySelector(".search-pro-result-list-item.active .search-pro-result-item.active"))==null||t.scrollIntoView(!1)},{flush:"post"}),()=>a("div",{class:["search-pro-result-wrapper",{empty:i.queries.length?!F.value:!I.value}],id:"search-pro-results"},i.queries.length?c.value?a(mt,{hint:o.value.searching}):F.value?a("ul",{class:"search-pro-result-list"},f.value.map(({title:t,contents:e},m)=>{const L=h.value===m;return a("li",{class:["search-pro-result-list-item",{active:L}]},[a("div",{class:"search-pro-result-title"},t||o.value.defaultTitle),e.map((s,tt)=>{const O=L&&u.value===tt;return a(M,{to:P(s),class:["search-pro-result-item",{active:O,"aria-selected":O}],onClick:()=>{d(i.queries.join(" ")),x(s),H()}},()=>[s.type==="text"?null:a(s.type==="title"?st:s.type==="heading"?vt:ht,{class:"search-pro-result-type"}),a("div",{class:"search-pro-result-content"},[s.type==="text"&&s.header?a("div",{class:"content-header"},s.header):null,a("div",W(s))])])})])})):o.value.emptyResult:S?I.value?[X(),Z()]:o.value.emptyHistory:o.value.emptyResult)}});export{St as default}; diff --git a/assets/Talks.html-kC-8f0z0.js b/assets/Talks.html-kC-8f0z0.js new file mode 100644 index 000000000..0e00c375c --- /dev/null +++ b/assets/Talks.html-kC-8f0z0.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as l,d as t,e as s,f as n,r as i,o as d}from"./app-BIWb5uIp.js";const u={};function m(p,e){const o=i("RouteLink");return d(),r("div",null,[l("p",null,[e[1]||(e[1]=t("Redirect to ")),s(o,{to:"/oldstable/guideline/publications.html#recorded-talks"},{default:n(()=>e[0]||(e[0]=[t("this webpage")])),_:1}),e[2]||(e[2]=t("."))]),e[3]||(e[3]=l("meta",{"http-equiv":"refresh",content:"0; URL=/oldstable/guideline/publications.html#recorded-talks"},null,-1))])}const f=a(u,[["render",m],["__file","Talks.html.vue"]]),b=JSON.parse('{"path":"/intro/tutorials/Talks.html","title":"Recorded talks","lang":"en-US","frontmatter":{"title":"Recorded talks","icon":"globe","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.08,"words":23},"filePathRelative":"intro/tutorials/Talks.md","excerpt":"

Redirect to this webpage.

\\n\\n"}');export{f as comp,b as data}; diff --git a/assets/access-control.html-4BKEhf1P.js b/assets/access-control.html-4BKEhf1P.js new file mode 100644 index 000000000..d7c172469 --- /dev/null +++ b/assets/access-control.html-4BKEhf1P.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.2/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"v1.5.2/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-B60MdMg4.js b/assets/access-control.html-B60MdMg4.js new file mode 100644 index 000000000..efe185904 --- /dev/null +++ b/assets/access-control.html-B60MdMg4.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.1.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.1.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CCsuodqK.js b/assets/access-control.html-CCsuodqK.js new file mode 100644 index 000000000..fb81151da --- /dev/null +++ b/assets/access-control.html-CCsuodqK.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.3.2/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.3.2/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CJEaNEvV.js b/assets/access-control.html-CJEaNEvV.js new file mode 100644 index 000000000..bdd633636 --- /dev/null +++ b/assets/access-control.html-CJEaNEvV.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.2/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"v1.5.2/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CNsKuzhW.js b/assets/access-control.html-CNsKuzhW.js new file mode 100644 index 000000000..a78a02435 --- /dev/null +++ b/assets/access-control.html-CNsKuzhW.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.1/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"v1.5.1/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CP9FgeAe.js b/assets/access-control.html-CP9FgeAe.js new file mode 100644 index 000000000..5dcc3aee4 --- /dev/null +++ b/assets/access-control.html-CP9FgeAe.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.7.0/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"v1.7.0/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CRKqChY6.js b/assets/access-control.html-CRKqChY6.js new file mode 100644 index 000000000..44d170260 --- /dev/null +++ b/assets/access-control.html-CRKqChY6.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.3.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.3.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CRP3chBx.js b/assets/access-control.html-CRP3chBx.js new file mode 100644 index 000000000..821df584f --- /dev/null +++ b/assets/access-control.html-CRP3chBx.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/stable/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"stable/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-C_Ord2OL.js b/assets/access-control.html-C_Ord2OL.js new file mode 100644 index 000000000..5e3860029 --- /dev/null +++ b/assets/access-control.html-C_Ord2OL.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.4.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.4.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-ChATt82A.js b/assets/access-control.html-ChATt82A.js new file mode 100644 index 000000000..1720f56cf --- /dev/null +++ b/assets/access-control.html-ChATt82A.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.3.1/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.3.1/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-CqlKT6aL.js b/assets/access-control.html-CqlKT6aL.js new file mode 100644 index 000000000..504300b1c --- /dev/null +++ b/assets/access-control.html-CqlKT6aL.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

To types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.2.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.47,"words":742},"filePathRelative":"v1.2.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-DCPRLpIt.js b/assets/access-control.html-DCPRLpIt.js new file mode 100644 index 000000000..7620936d3 --- /dev/null +++ b/assets/access-control.html-DCPRLpIt.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"v1.5.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-DgJ2jQps.js b/assets/access-control.html-DgJ2jQps.js new file mode 100644 index 000000000..ebf0d3092 --- /dev/null +++ b/assets/access-control.html-DgJ2jQps.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.6.0/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"v1.6.0/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-Dk8_tU0U.js b/assets/access-control.html-Dk8_tU0U.js new file mode 100644 index 000000000..76f5862d9 --- /dev/null +++ b/assets/access-control.html-Dk8_tU0U.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.7.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"v1.7.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-DwvV-1yc.js b/assets/access-control.html-DwvV-1yc.js new file mode 100644 index 000000000..e87cc5c0e --- /dev/null +++ b/assets/access-control.html-DwvV-1yc.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.1/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"v1.5.1/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-L-bo7Caf.js b/assets/access-control.html-L-bo7Caf.js new file mode 100644 index 000000000..220fa164a --- /dev/null +++ b/assets/access-control.html-L-bo7Caf.js @@ -0,0 +1,39 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.6.0/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"v1.6.0/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-OtE7EOFQ.js b/assets/access-control.html-OtE7EOFQ.js new file mode 100644 index 000000000..2d211d970 --- /dev/null +++ b/assets/access-control.html-OtE7EOFQ.js @@ -0,0 +1,39 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),i("div",null,e[0]||(e[0]=[a(`

Overview

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable read access for a specific client-certificate:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

practitioner-role

In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
`,33)]))}const h=s(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/stable/maintain/fhir/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":2.52,"words":755},"filePathRelative":"stable/maintain/fhir/access-control.md","excerpt":"

Overview

\\n

The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

"}');export{h as comp,o as data}; diff --git a/assets/access-control.html-WxdBljNr.js b/assets/access-control.html-WxdBljNr.js new file mode 100644 index 000000000..03c9141b2 --- /dev/null +++ b/assets/access-control.html-WxdBljNr.js @@ -0,0 +1,21 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),s("div",null,e[0]||(e[0]=[a(`

Overview

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

OpenID Connect

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

The listing below shows a minimal configuration to enable access for a specific client-certificate:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

Certificate Thumbprints

SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

certtool --fingerprint --hash=sha512 --infile=certificate.pem

Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

Matching Users

To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

thumbprint

The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

email

Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

token-role and token-group

With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

DSF and Practitioner Roles

Two types of roles can be applied to matched users.

dsf-role

DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

ADMIN.

practitioner-role

The BPE server currently does not support any practionier-roles.

Examples

The first example defines a group of DSF administrators. Two client certificates match against this role:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

      DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
`,31)]))}const h=i(t,[["render",l],["__file","access-control.html.vue"]]),o=JSON.parse('{"path":"/v1.5.0/maintain/bpe/access-control.html","title":"Access Control","lang":"en-US","frontmatter":{"title":"Access Control","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Matching Users","slug":"matching-users","link":"#matching-users","children":[]},{"level":2,"title":"DSF and Practitioner Roles","slug":"dsf-and-practitioner-roles","link":"#dsf-and-practitioner-roles","children":[]},{"level":2,"title":"Examples","slug":"examples","link":"#examples","children":[]}],"readingTime":{"minutes":1.94,"words":583},"filePathRelative":"v1.5.0/maintain/bpe/access-control.md","excerpt":"

Overview

\\n

The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

\\n
\\n

OpenID Connect

\\n

To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

\\n
"}');export{h as comp,o as data}; diff --git a/assets/addingANewFhirR.html-DAWjAGtu.js b/assets/addingANewFhirR.html-DAWjAGtu.js new file mode 100644 index 000000000..23ca6c613 --- /dev/null +++ b/assets/addingANewFhirR.html-DAWjAGtu.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as r,o}from"./app-BIWb5uIp.js";const s={};function i(d,e){return o(),t("div",null,e[0]||(e[0]=[r('

This wiki entry walks through the steps to add a new FHIR resource to the server

Database

JSON/XML Adapter

DAO

Resolve Resource References if needed

Authorization

Webservice

Test

',15)]))}const l=a(s,[["render",i],["__file","addingANewFhirR.html.vue"]]),g=JSON.parse(`{"path":"/oldstable/code/addingANewFhirR.html","title":"Adding FHIR Resources","lang":"en-US","frontmatter":{"title":"Adding FHIR Resources","icon":"code","gitInclude":[]},"headers":[{"level":2,"title":"Database","slug":"database","link":"#database","children":[]},{"level":2,"title":"JSON/XML Adapter","slug":"json-xml-adapter","link":"#json-xml-adapter","children":[]},{"level":2,"title":"DAO","slug":"dao","link":"#dao","children":[]},{"level":2,"title":"Resolve Resource References if needed","slug":"resolve-resource-references-if-needed","link":"#resolve-resource-references-if-needed","children":[]},{"level":2,"title":"Authorization","slug":"authorization","link":"#authorization","children":[]},{"level":2,"title":"Webservice","slug":"webservice","link":"#webservice","children":[]},{"level":2,"title":"Test","slug":"test","link":"#test","children":[]}],"readingTime":{"minutes":1.87,"words":560},"filePathRelative":"oldstable/code/addingANewFhirR.md","excerpt":"

This wiki entry walks through the steps to add a new FHIR resource to the server

\\n

Database

\\n"}`);export{l as comp,g as data}; diff --git a/assets/addingANewMpiClient.html-CRNF7NJE.js b/assets/addingANewMpiClient.html-CRNF7NJE.js new file mode 100644 index 000000000..6a5d24ac8 --- /dev/null +++ b/assets/addingANewMpiClient.html-CRNF7NJE.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as n,o as a}from"./app-BIWb5uIp.js";const r={};function o(d,e){return a(),i("div",null,e[0]||(e[0]=[n('

The Master Patient Index (MPI) client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.mpi.webservice.factory.class and loaded using a service loader, which searches for a class of type MasterPatientIndexClientFactory on startup of the BPE.

The framework currently includes an MPI client using the IHE PDQ interface, also supporting client certificate authentication. To use it, add the jar of the dsf-mpi-client-pdq module to the plugin configuration folder and set the property value to org.highmed.mpi.client.pdq.MasterPatientIndexClientPdqFactory.

To implement a new MPI client, the following has to be taken into account:

An example of an MPI client implementation can be found in the dsf-mpi-client-pdq module.

',5)]))}const l=t(r,[["render",o],["__file","addingANewMpiClient.html.vue"]]),h=JSON.parse('{"path":"/oldstable/code/addingANewMpiClient.html","title":"Adding MPI Clients","lang":"en-US","frontmatter":{"title":"Adding MPI Clients","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.77,"words":232},"filePathRelative":"oldstable/code/addingANewMpiClient.md","excerpt":"

The Master Patient Index (MPI) client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.mpi.webservice.factory.class and loaded using a service loader, which searches for a class of type MasterPatientIndexClientFactory on startup of the BPE.

"}');export{l as comp,h as data}; diff --git a/assets/addingANewOpenEhrClient.html-DzNS4kmD.js b/assets/addingANewOpenEhrClient.html-DzNS4kmD.js new file mode 100644 index 000000000..3c6850e18 --- /dev/null +++ b/assets/addingANewOpenEhrClient.html-DzNS4kmD.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as r,o}from"./app-BIWb5uIp.js";const i={};function a(h,e){return o(),t("div",null,e[0]||(e[0]=[r('

The openEHR client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.openehr.webservice.factory.class and loaded using a service loader, which searches for a class of type OpenEhrClientFactory on startup of the BPE.

The framework currently includes an openEHR Jersey REST client using basic authentication. To use it, add the jar of the dsf-openehr-client-impl module to the plugin configuration folder and set the property value to org.highmed.openehr.client.impl.OpenEhrClientJerseyFactory.

To implement a new openEHR client, the following has to be taken into account:

An example of an openEHR client implementation can be found in the dsf-openehr-client-impl module.

',5)]))}const c=n(i,[["render",a],["__file","addingANewOpenEhrClient.html.vue"]]),s=JSON.parse('{"path":"/oldstable/code/addingANewOpenEhrClient.html","title":"Adding openEHR Clients","lang":"en-US","frontmatter":{"title":"Adding openEHR Clients","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":221},"filePathRelative":"oldstable/code/addingANewOpenEhrClient.md","excerpt":"

The openEHR client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.openehr.webservice.factory.class and loaded using a service loader, which searches for a class of type OpenEhrClientFactory on startup of the BPE.

"}');export{c as comp,s as data}; diff --git a/assets/allowList-mgm.html-B6p2Ax_y.js b/assets/allowList-mgm.html-B6p2Ax_y.js new file mode 100644 index 000000000..ccf7e4e41 --- /dev/null +++ b/assets/allowList-mgm.html-B6p2Ax_y.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.3.2/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.3.2/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList-mgm.html-CIu0ylPp.js b/assets/allowList-mgm.html-CIu0ylPp.js new file mode 100644 index 000000000..703d82842 --- /dev/null +++ b/assets/allowList-mgm.html-CIu0ylPp.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.5.1/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.5.1/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList-mgm.html-CQIC2n1m.js b/assets/allowList-mgm.html-CQIC2n1m.js new file mode 100644 index 000000000..0943eba37 --- /dev/null +++ b/assets/allowList-mgm.html-CQIC2n1m.js @@ -0,0 +1 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as t,d as i,e as r,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const a=h("RouteLink");return c(),n("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),r(a,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("here")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

Prerequisites

  1. Deployed DSF instance (test infrastructure)
    1.1 If none exists yet, read here
  2. Certificate
    2.1 If none exists yet, read here
  3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
  4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',8))])}const w=o(u,[["render",d],["__file","allowList-mgm.html.vue"]]),g=JSON.parse('{"path":"/v1.1.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.3,"words":391},"filePathRelative":"v1.1.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists here.

"}');export{w as comp,g as data}; diff --git a/assets/allowList-mgm.html-CZLnHuTV.js b/assets/allowList-mgm.html-CZLnHuTV.js new file mode 100644 index 000000000..73f382d43 --- /dev/null +++ b/assets/allowList-mgm.html-CZLnHuTV.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.4.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.4.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList-mgm.html-Cbz8uLvU.js b/assets/allowList-mgm.html-Cbz8uLvU.js new file mode 100644 index 000000000..18df70cd3 --- /dev/null +++ b/assets/allowList-mgm.html-Cbz8uLvU.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.5.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.5.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList-mgm.html-DQ0SCXIv.js b/assets/allowList-mgm.html-DQ0SCXIv.js new file mode 100644 index 000000000..2cf83afec --- /dev/null +++ b/assets/allowList-mgm.html-DQ0SCXIv.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as a,d as t,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const i=h("RouteLink");return c(),o("div",null,[a("p",null,[e[1]||(e[1]=t("You can read all about the concept of Allow Lists ")),n(i,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[t("in our introduction")])),_:1}),e[2]||(e[2]=t("."))]),e[3]||(e[3]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=r(u,[["render",d],["__file","allowList-mgm.html.vue"]]),w=JSON.parse('{"path":"/stable/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.15,"words":345},"filePathRelative":"stable/maintain/allowList-mgm.md","excerpt":"

You can read all about the concept of Allow Lists in our introduction.

\\n

Overview

\\n

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

"}');export{g as comp,w as data}; diff --git a/assets/allowList-mgm.html-DesR31sE.js b/assets/allowList-mgm.html-DesR31sE.js new file mode 100644 index 000000000..d10249b1c --- /dev/null +++ b/assets/allowList-mgm.html-DesR31sE.js @@ -0,0 +1 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as t,d as i,e as r,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const a=h("RouteLink");return c(),n("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),r(a,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("here")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

Prerequisites

  1. Deployed DSF instance (test infrastructure)
    1.1 If none exists yet, read here
  2. Certificate
    2.1 If none exists yet, read here
  3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
  4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',8))])}const w=o(u,[["render",d],["__file","allowList-mgm.html.vue"]]),g=JSON.parse('{"path":"/v1.2.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.3,"words":391},"filePathRelative":"v1.2.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists here.

"}');export{w as comp,g as data}; diff --git a/assets/allowList-mgm.html-DqHlTqXK.js b/assets/allowList-mgm.html-DqHlTqXK.js new file mode 100644 index 000000000..eb35b9c1f --- /dev/null +++ b/assets/allowList-mgm.html-DqHlTqXK.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as a,d as t,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const i=h("RouteLink");return c(),o("div",null,[a("p",null,[e[1]||(e[1]=t("You can read all about the concept of Allow Lists ")),n(i,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[t("in our introduction")])),_:1}),e[2]||(e[2]=t("."))]),e[3]||(e[3]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=r(u,[["render",d],["__file","allowList-mgm.html.vue"]]),w=JSON.parse('{"path":"/v1.7.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.15,"words":345},"filePathRelative":"v1.7.0/maintain/allowList-mgm.md","excerpt":"

You can read all about the concept of Allow Lists in our introduction.

\\n

Overview

\\n

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

"}');export{g as comp,w as data}; diff --git a/assets/allowList-mgm.html-IMzRqiGI.js b/assets/allowList-mgm.html-IMzRqiGI.js new file mode 100644 index 000000000..059ea87bd --- /dev/null +++ b/assets/allowList-mgm.html-IMzRqiGI.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.5.2/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.5.2/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList-mgm.html-RGpFQJqM.js b/assets/allowList-mgm.html-RGpFQJqM.js new file mode 100644 index 000000000..8c07b2dbc --- /dev/null +++ b/assets/allowList-mgm.html-RGpFQJqM.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as a,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(p,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),a(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
  4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists respective Allow List Management Tool.

Click here to open the DSF Allow List Management Tool for the Test infrastructure.

Click here to open the DSF Allow List Management Tool for the Production infrastructure.

We use different colors for the DSF Allow List Management Tools in the Test (green) and Production (blue) infastructure.

At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',12))])}const g=n(u,[["render",d],["__file","allowList-mgm.html.vue"]]),w=JSON.parse('{"path":"/v1.3.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.4,"words":419},"filePathRelative":"v1.3.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,w as data}; diff --git a/assets/allowList-mgm.html-bG96t5GT.js b/assets/allowList-mgm.html-bG96t5GT.js new file mode 100644 index 000000000..0e263ea36 --- /dev/null +++ b/assets/allowList-mgm.html-bG96t5GT.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as a,d as t,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const i=h("RouteLink");return c(),o("div",null,[a("p",null,[e[1]||(e[1]=t("You can read all about the concept of Allow Lists ")),n(i,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[t("in our introduction")])),_:1}),e[2]||(e[2]=t("."))]),e[3]||(e[3]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=r(u,[["render",d],["__file","allowList-mgm.html.vue"]]),w=JSON.parse('{"path":"/v1.6.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.15,"words":345},"filePathRelative":"v1.6.0/maintain/allowList-mgm.md","excerpt":"

You can read all about the concept of Allow Lists in our introduction.

\\n

Overview

\\n

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

"}');export{g as comp,w as data}; diff --git a/assets/allowList-mgm.html-kVH8jHoC.js b/assets/allowList-mgm.html-kVH8jHoC.js new file mode 100644 index 000000000..690fe1d26 --- /dev/null +++ b/assets/allowList-mgm.html-kVH8jHoC.js @@ -0,0 +1 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as t,d as i,e as r,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const a=h("RouteLink");return c(),n("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),r(a,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("here")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

Prerequisites

  1. Deployed DSF instance (test infrastructure)
    1.1 If none exists yet, read here
  2. Certificate
    2.1 If none exists yet, read here
  3. Organization identifier (FQDN of your organization, e.g. hs-heilbronn.de)
  4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',8))])}const w=o(u,[["render",d],["__file","allowList-mgm.html.vue"]]),g=JSON.parse('{"path":"/v1.0.0/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.3,"words":390},"filePathRelative":"v1.0.0/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists here.

"}');export{w as comp,g as data}; diff --git a/assets/allowList-mgm.html-zpJcNu7t.js b/assets/allowList-mgm.html-zpJcNu7t.js new file mode 100644 index 000000000..917c28075 --- /dev/null +++ b/assets/allowList-mgm.html-zpJcNu7t.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as t,d as i,e as n,f as s,a as l,r as h,o as c}from"./app-BIWb5uIp.js";const u={};function d(f,e){const o=h("RouteLink");return c(),r("div",null,[e[3]||(e[3]=t("div",{class:"hint-container caution"},[t("p",{class:"hint-container-title"},"Caution"),t("p",null,[i("This is an outdated version of the Allow List Management documentation. Please use "),t("a",{href:"/stable/maintain/allowList-mgm"},"the current version"),i(", even if you use an outdated DSF version.")])],-1)),t("p",null,[e[1]||(e[1]=i("You can read all about the concept of Allow Lists ")),n(o,{to:"/intro/info/allowList.html"},{default:s(()=>e[0]||(e[0]=[i("in our introduction")])),_:1}),e[2]||(e[2]=i("."))]),e[4]||(e[4]=l('

Overview

To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

Prerequisites

  1. Deployed DSF instance (test or production infrastructure)
    1.1 If none exists yet, read the installation guide
  2. Certificate
    2.1 If none exists yet, read the certificate requirements
  3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
  4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
  5. Contact details from a responsible person of your organization
  6. Access to the E-Mail address from your organization for verification

Start here

When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

Ideas for improvement?

Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

',10))])}const g=a(u,[["render",d],["__file","allowList-mgm.html.vue"]]),v=JSON.parse('{"path":"/v1.3.1/maintain/allowList-mgm.html","title":"Allow List Management","lang":"en-US","frontmatter":{"title":"Allow List Management","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":2,"title":"Start here","slug":"start-here","link":"#start-here","children":[]}],"readingTime":{"minutes":1.24,"words":372},"filePathRelative":"v1.3.1/maintain/allowList-mgm.md","excerpt":"
\\n

Caution

\\n

This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

\\n
\\n

You can read all about the concept of Allow Lists in our introduction.

"}');export{g as comp,v as data}; diff --git a/assets/allowList.html-U0Ic9Agz.js b/assets/allowList.html-U0Ic9Agz.js new file mode 100644 index 000000000..632825508 --- /dev/null +++ b/assets/allowList.html-U0Ic9Agz.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,b as a,e as l,f as r,d as t,r as d,o as h}from"./app-BIWb5uIp.js";const c="/photos/info/allowList/allowList-architecture.png",f={};function w(m,e){const o=d("RouteLink");return h(),i("div",null,[e[2]||(e[2]=s('

Goal

The main objective is to allow only authorized organizations to do what "we" allow them to do (e.g. query data).
First, we need a list of organizations that we trust. Secondly, we need a way to ensure that the other party is a member of the parent organization. Thirdly, a list of actions we want to allow the organization to perform is needed. An organization can have different roles in different use cases.

The Allow List consists of Organization-, Endpoint- and OrganisationAffiliation- resources. With these resources the allow list defines communication partners and and parent organizations like research consortia and groups as well as the roles of each organization. Each DSF FHIR server stores their own allow list. To make sure that processes can be executed, parties must allow access via their allow list.

Architecture
Architecture

Allow List Managment

',5)),a("p",null,[l(o,{to:"/stable/maintain/allowList-mgm.html"},{default:r(()=>e[0]||(e[0]=[t("Here")])),_:1}),e[1]||(e[1]=t(" you can read all the information if you want to create or update an Allow List."))]),e[3]||(e[3]=a("h4",{id:"feel-free-to-contact-us-via-e-mail-dsf-gecko-hs-heilbronn-de-and-we-will-take-care-of-your-request-as-soon-as-possible",tabindex:"-1"},[a("a",{class:"header-anchor",href:"#feel-free-to-contact-us-via-e-mail-dsf-gecko-hs-heilbronn-de-and-we-will-take-care-of-your-request-as-soon-as-possible"},[a("span",null,[t("Feel free to contact us via "),a("a",{href:"mailto:dsf-gecko@hs-heilbronn.de"}," E-Mail (dsf-gecko@hs-heilbronn.de)"),t(" and we will take care of your request as soon as possible.")])])],-1))])}const p=n(f,[["render",w],["__file","allowList.html.vue"]]),b=JSON.parse('{"path":"/intro/info/allowList.html","title":"Allow Lists","lang":"en-US","frontmatter":{"title":"Allow Lists","icon":"share","gitInclude":[]},"headers":[{"level":2,"title":"Goal","slug":"goal","link":"#goal","children":[]},{"level":2,"title":"Allow List Managment","slug":"allow-list-managment","link":"#allow-list-managment","children":[]}],"readingTime":{"minutes":0.65,"words":196},"filePathRelative":"intro/info/allowList.md","excerpt":"

Goal

\\n

The main objective is to allow only authorized organizations to do what \\"we\\" allow them to do (e.g. query data).
\\nFirst, we need a list of organizations that we trust. Secondly, we need a way to ensure that the other party is a member of the parent organization. Thirdly, a list of actions we want to allow the organization to perform is needed. An organization can have different roles in different use cases.

"}');export{p as comp,b as data}; diff --git a/assets/app-BIWb5uIp.js b/assets/app-BIWb5uIp.js new file mode 100644 index 000000000..7945b1e39 --- /dev/null +++ b/assets/app-BIWb5uIp.js @@ -0,0 +1,42 @@ +const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/index.html-CJqQIH24.js","assets/dsf-concept-Dbcu0twt.js","assets/plugin-vue_export-helper-DlAUqK2U.js","assets/index.html-CEl0GMbE.js","assets/index.html-tRP1yX-S.js","assets/learn.html-CN30f4q5.js","assets/index.html-LTp7GwJa.js","assets/index.html-CCHXQ3qu.js","assets/publications.html-B4U9UGg2.js","assets/index.html-RXe6B_7F.js","assets/introduction.html-KmTMU4Pu.js","assets/index.html-CKHbb906.js","assets/index.html-D7PkCYZy.js","assets/dsf-for-dev.html-Bfk0jIju.js","assets/index.html-Y0e05cKm.js","assets/process-plugins-advanced.html-BXZYZl-l.js","assets/dsf-for-dev.html-C9euuucY.js","assets/index.html-wVEnbcVC.js","assets/process-plugins-advanced.html-DrS0U-59.js","assets/dsf-for-dev.html-x2O2enR2.js","assets/index.html-3D5twG1B.js","assets/process-plugins-advanced.html-CvYyNIjF.js","assets/dsf-for-dev.html-BTVbCBjm.js","assets/index.html-BvjsjDex.js","assets/process-plugins-advanced.html-Gkd0KZn-.js","assets/dsf-for-dev.html-C1_lZM3T.js","assets/index.html-Cndqnr5H.js","assets/process-plugins-advanced.html-CvfI-O1o.js","assets/dsf-for-dev.html-LGq1G0a7.js","assets/index.html-CPm74umY.js","assets/process-plugins-advanced.html-DK2hR7GM.js","assets/dsf-for-dev.html-FPawE1xG.js","assets/index.html-DfC4mUoD.js","assets/process-plugins-advanced.html-CryoSrgT.js","assets/dsf-for-dev.html-Cb90i-uk.js","assets/index.html-CQIyjAbi.js","assets/process-plugins-advanced.html-uS_KMulc.js","assets/dsf-for-dev.html-BEsPCGfN.js","assets/index.html-DQ3Nt6us.js","assets/process-plugins-advanced.html-DknbFNSU.js","assets/dsf-for-dev.html-BbzdxZL5.js","assets/index.html-B2IxHHQk.js","assets/process-plugins-advanced.html-DEwVR5E2.js","assets/dsf-for-dev.html-BHbqABzE.js","assets/index.html-EiZ7XLI5.js","assets/process-plugins-advanced.html-DDT8mKAK.js","assets/dsf-for-dev.html-C7eEqNG_.js","assets/index.html-kMzNwla3.js","assets/process-plugins-advanced.html-Aiosif86.js","assets/dsf-for-dev.html-C54H0sEh.js","assets/index.html-BrXjYrIb.js","assets/process-plugins-advanced.html-C4k17IeZ.js","assets/index.html-Cz99fyPG.js","assets/contact.html--dlNXcVc.js","assets/partners.html-CNkEzyU2.js","assets/public.html-GIYlha5E.js","assets/mii-bWzWhniO.js","assets/team.html-DZAqBiTA.js","assets/allowList.html-U0Ic9Agz.js","assets/architecture.html-C-MxvfKL.js","assets/basics.html-TQpBZp3U.js","assets/introduction.html-CrZ_Peog.js","assets/networkSetup.html-CAU1OxOw.js","assets/highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js","assets/process-plugins.html-BYVzwms7.js","assets/security.html-DlCXhwuq.js","assets/GMDS2022-dev.html-7MTMzEUe.js","assets/MIE2023.html-DGWUgkfh.js","assets/index.html-D0klOcDH.js","assets/Talks.html-kC-8f0z0.js","assets/index.html-psdjpexw.js","assets/feasibility.html-UPmBbOyd.js","assets/num.html-DJf9-cNg.js","assets/index.html-C044djId.js","assets/build.html-CKvxinw6.js","assets/proxyTestTool.html-C8I2FFKb.js","assets/releaseANewVersion.html-BMHv2Zkt.js","assets/index.html-DMDcxf3n.js","assets/addingANewFhirR.html-DAWjAGtu.js","assets/addingANewMpiClient.html-CRNF7NJE.js","assets/addingANewOpenEhrClient.html-DzNS4kmD.js","assets/changingBpmnProcesses.html-B14gOeU8.js","assets/code.html-DedZSN5Z.js","assets/eclipseContent.html-IrZvhAIP.js","assets/intelliJContent.html-BmnP7ie4.js","assets/libraries.html-CbHlGOgV.js","assets/usingTheGitHubMaven.html-Hb3vEwIO.js","assets/index.html-BqCXzk3r.js","assets/authentication.html-6LTSdQiG.js","assets/networkSetup.html-BtZqgB-G.js","assets/index.html-BPv7Yi_g.js","assets/configBpe.html-DIUpo9iX.js","assets/configFhir.html-BBQFAhE_.js","assets/configFhirReverseProxy.html-DxL-rq4Y.js","assets/highmedInstall.html-Gh-l_MIJ.js","assets/num-codexInstall.html-GtOtu3Li.js","assets/upgradeFrom7.html-B6PaZf4F.js","assets/upgradeFrom8.html-BiXdmn2Q.js","assets/upgradeFrom90.html-DBOiKNdT.js","assets/upgradeFrom91.html-BpKtvCHj.js","assets/upgradeFrom92.html-CUfALwuj.js","assets/index.html-S3T0mcfD.js","assets/ex11-docker-composeyml.html-CaQz6qfp.js","assets/exercise1-simpleProcess.html-BxXADBB1.js","assets/exercise11-processDebugging.html-B5eMvcvL.js","assets/exercise2-inputParameters.html-BLlHrkE8.js","assets/exercise3-messageEvents.html-tI2HZN1H.js","assets/exercise4-exclusiveGateways.html-BFc2qSSk.js","assets/exercise5-eventBasedGateways.html-DEvFgy-0.js","assets/prerequisites.html-DWJBX7kG.js","assets/code.html-DFB-nvYv.js","assets/documentation.html-Db26NjAn.js","assets/index.html-CmYLzWSX.js","assets/index.html-BKgt8rGq.js","assets/create.html-B3zd-q7E.js","assets/upgrade-from-0.html-GTzYt6yH.js","assets/index.html-By_2M9Eb.js","assets/allowList-mgm.html-DQ0SCXIv.js","assets/install-plugins.html-BOVVyaxu.js","assets/install.html-Bu9lSmMr.js","assets/passwords-secrets.html-CwvsK-ST.js","assets/root-certificates.html-DBTM8PxT.js","assets/upgrade-from-0.html-C84ezCmE.js","assets/upgrade-from-1.html-BakWeZYj.js","assets/index.html--WiMJ2-5.js","assets/create.html-UzmU0FOF.js","assets/upgrade-from-0.html-CvOTkUrX.js","assets/index.html-BaDl1w7P.js","assets/allowList-mgm.html-kVH8jHoC.js","assets/install.html-WwnVh3au.js","assets/upgrade-from-0.html-Bc8Lyi5a.js","assets/index.html-B_wNLcVr.js","assets/create.html-DfXNs7tA.js","assets/upgrade-from-0.html-DtQnIA8J.js","assets/index.html-bjuFvx66.js","assets/allowList-mgm.html-CQIC2n1m.js","assets/install.html-PX4TNhu_.js","assets/upgrade-from-0.html-g2sDnFxf.js","assets/upgrade-from-1.html-I3a4-uzG.js","assets/index.html-XcF7NSzE.js","assets/create.html-DgtxAQYo.js","assets/upgrade-from-0.html-PytT4X3s.js","assets/index.html-C6jX4zME.js","assets/allowList-mgm.html-DesR31sE.js","assets/install.html-4JkzqW05.js","assets/upgrade-from-0.html-Bpl0xGi5.js","assets/upgrade-from-1.html-le86mUFE.js","assets/index.html-jdtoEAin.js","assets/create.html-DKW1RBR_.js","assets/upgrade-from-0.html-D20VPAYx.js","assets/index.html-B6hfS6g4.js","assets/allowList-mgm.html-RGpFQJqM.js","assets/install-plugins.html-BNnNzW63.js","assets/install.html-C8E-85I9.js","assets/upgrade-from-0.html-DJWodOM6.js","assets/upgrade-from-1.html-Dj9m-NVD.js","assets/index.html-BQ1cFXBB.js","assets/create.html-Dhsfopdf.js","assets/upgrade-from-0.html-HmQi5Tpk.js","assets/index.html-2BGvWDpf.js","assets/allowList-mgm.html-zpJcNu7t.js","assets/install-plugins.html-BrkJzu97.js","assets/install.html-HcGcuX1k.js","assets/upgrade-from-0.html-BfIVWmGA.js","assets/upgrade-from-1.html-KyVmiK2h.js","assets/index.html-DrZ50Pv0.js","assets/create.html-BX-19DEo.js","assets/upgrade-from-0.html-C2OeT5jI.js","assets/index.html-CEXDY_Uk.js","assets/allowList-mgm.html-B6p2Ax_y.js","assets/install-plugins.html-uQEYkgRF.js","assets/install.html-DT8BqM1K.js","assets/upgrade-from-0.html-1HiNaMpm.js","assets/upgrade-from-1.html-CWtjTQLA.js","assets/code.html-BDpTAxf0.js","assets/documentation.html-Wn__5BQ5.js","assets/index.html-DRHY4Bbd.js","assets/index.html-BV9sfGy7.js","assets/create.html-BpleBtB4.js","assets/upgrade-from-0.html-CF476DnM.js","assets/index.html-Bca-G99b.js","assets/allowList-mgm.html-CZLnHuTV.js","assets/install-plugins.html-C10EMoFX.js","assets/install.html-CaWTETgA.js","assets/upgrade-from-0.html-D9wYfXqp.js","assets/upgrade-from-1.html-BMtZHrEs.js","assets/code.html-DbFOsjtY.js","assets/documentation.html-KQtDStaD.js","assets/index.html-DOwz4jEO.js","assets/index.html-zG09QC5j.js","assets/create.html-CBE8y_4a.js","assets/upgrade-from-0.html-dRnDKi2b.js","assets/index.html-B_5_WvMB.js","assets/allowList-mgm.html-Cbz8uLvU.js","assets/install-plugins.html-CjpkZYU8.js","assets/install.html-C5JbEbto.js","assets/upgrade-from-0.html-C0DwKz8X.js","assets/upgrade-from-1.html-B6nw0zTc.js","assets/code.html-wX-SuVoF.js","assets/documentation.html-DxrIQVyi.js","assets/index.html-QtMirOFG.js","assets/index.html-Dnqh_ARi.js","assets/create.html-CEaaiT8A.js","assets/upgrade-from-0.html-DzHXV-5I.js","assets/index.html-DaJfQ08l.js","assets/allowList-mgm.html-CIu0ylPp.js","assets/install-plugins.html-Q8LC3tyN.js","assets/install.html-B0D4qCui.js","assets/upgrade-from-0.html-Bvg37v8B.js","assets/upgrade-from-1.html-DRWK4a79.js","assets/code.html-WJrc1cv8.js","assets/documentation.html-CyhCEMiv.js","assets/index.html-CGF3Du5r.js","assets/index.html-OZBcTdV4.js","assets/create.html-Ce3lf9hk.js","assets/upgrade-from-0.html-DqBMBlca.js","assets/index.html--z6-FzwM.js","assets/allowList-mgm.html-IMzRqiGI.js","assets/install-plugins.html-BKYrmio5.js","assets/install.html-CDyf6Qpa.js","assets/upgrade-from-0.html-DqzXx2zx.js","assets/upgrade-from-1.html-BSet6xf2.js","assets/code.html-CL2p7Hc-.js","assets/documentation.html-YtBXfQ4n.js","assets/index.html-Bu0T-_KJ.js","assets/index.html-B4bLs14H.js","assets/create.html-B1E91RlH.js","assets/upgrade-from-0.html-DwBqJg50.js","assets/index.html-B1pXabiP.js","assets/allowList-mgm.html-bG96t5GT.js","assets/install-plugins.html-CETUdIzs.js","assets/install.html-DNNBSmYy.js","assets/upgrade-from-0.html-DN3ya3ja.js","assets/upgrade-from-1.html-1Wof4LeJ.js","assets/code.html-OC-Q5B21.js","assets/documentation.html-ueGYR-fA.js","assets/index.html-CvKg-5SJ.js","assets/index.html-Cnxg1Eld.js","assets/create.html-CSEOxnfr.js","assets/upgrade-from-0.html-BTr3Ngrn.js","assets/index.html-Dk8E3hDO.js","assets/allowList-mgm.html-DqHlTqXK.js","assets/install-plugins.html-CUvVNWrv.js","assets/install.html-CJSKxVy2.js","assets/passwords-secrets.html-D6qoNVZh.js","assets/root-certificates.html-D3mbENfX.js","assets/upgrade-from-0.html-CnqVdKUA.js","assets/upgrade-from-1.html-li54FQ6Z.js","assets/index.html-C71EusK-.js","assets/access-control.html-CRP3chBx.js","assets/configuration.html-Dxnk3dN3.js","assets/oidc.html-DyXjwCxs.js","assets/index.html-w6bpU2pA.js","assets/configuration.html-BerTbb3a.js","assets/index.html-DrkOei-6.js","assets/access-control.html-OtE7EOFQ.js","assets/configuration.html-DVe4NUbp.js","assets/oidc.html-BjNAiIJl.js","assets/index.html-Br2SEoN8.js","assets/configuration.html-U9VXgZ2T.js","assets/index.html-Cs2nfFpC.js","assets/bpe.html-xUo025DH.js","assets/common.html-it2o1u7D.js","assets/fhir.html-BWbIvPkF.js","assets/reverseproxy.html-DQ5Ws39T.js","assets/index.html-ZBhJuKM1.js","assets/configuration.html--e0C5ZKV.js","assets/index.html-DbFAXAAQ.js","assets/access-control.html-B60MdMg4.js","assets/configuration.html-B9K0thH0.js","assets/oidc.html-BsSFj2Bs.js","assets/index.html-byhqdOu2.js","assets/configuration.html-DzsiotEB.js","assets/index.html-gVhE0Tph.js","assets/configuration.html-BVieb_qp.js","assets/index.html-CzGft21U.js","assets/access-control.html-CqlKT6aL.js","assets/configuration.html-9-gxWTsR.js","assets/oidc.html-CobvVxkW.js","assets/index.html-HyKBLJzv.js","assets/configuration.html-CxcVHTFL.js","assets/index.html-CqQT4XC6.js","assets/configuration.html-D2S40OOC.js","assets/index.html-Bur8W0e8.js","assets/access-control.html-CRKqChY6.js","assets/configuration.html-xk6crEob.js","assets/oidc.html-aVCCllMb.js","assets/index.html-BxLs337Z.js","assets/configuration.html-CqXemyhq.js","assets/index.html-BNbhkZ3e.js","assets/configuration.html-DcUurjxM.js","assets/index.html-TcOcP-Bq.js","assets/access-control.html-ChATt82A.js","assets/configuration.html-DOXO1lQO.js","assets/oidc.html-Cb81bVAU.js","assets/index.html-D2LbKSwg.js","assets/configuration.html-DzrhCnzW.js","assets/index.html-NnyYXI8c.js","assets/configuration.html-0NMspHep.js","assets/index.html-FXArYuCT.js","assets/access-control.html-CCsuodqK.js","assets/configuration.html-B22FewOX.js","assets/oidc.html-DbJNU4iG.js","assets/index.html-DWnbSWRp.js","assets/configuration.html-DfavBsiR.js","assets/index.html-DzD_HNEo.js","assets/configuration.html-gxiqEr2y.js","assets/index.html-_264En7g.js","assets/access-control.html-C_Ord2OL.js","assets/configuration.html-BCcYjJs7.js","assets/oidc.html-DlWufSfD.js","assets/index.html-BCmfWh4B.js","assets/configuration.html-CJGjidT6.js","assets/index.html-KOE2FyFa.js","assets/access-control.html-WxdBljNr.js","assets/configuration.html-AmHqBh1j.js","assets/oidc.html-Bgq1NlNy.js","assets/index.html-CAuA1qZF.js","assets/configuration.html-BCKzibHN.js","assets/index.html-CIYI18oA.js","assets/access-control.html-DCPRLpIt.js","assets/configuration.html-C8C8eVoz.js","assets/oidc.html-rCbM1nU8.js","assets/index.html-CqJnCMPW.js","assets/configuration.html-BEgHxbLV.js","assets/index.html-D9-SkzFP.js","assets/access-control.html-DwvV-1yc.js","assets/configuration.html-CFTMHCPS.js","assets/oidc.html-BTDGYEv3.js","assets/index.html-CQ7vft6x.js","assets/configuration.html-NzlYsJp8.js","assets/index.html-BmaGaBeY.js","assets/access-control.html-CNsKuzhW.js","assets/configuration.html-CT8qdJmH.js","assets/oidc.html-ROX4yxMZ.js","assets/index.html-CXzsHOSr.js","assets/configuration.html-B6x5Arla.js","assets/index.html-Czz42V9T.js","assets/access-control.html-CJEaNEvV.js","assets/configuration.html-CUNojr74.js","assets/oidc.html-CkSwjsiH.js","assets/index.html-BSAIHIgH.js","assets/configuration.html-3bPj-iQy.js","assets/index.html-B8XYCKZS.js","assets/access-control.html-4BKEhf1P.js","assets/configuration.html-C__nH2Qj.js","assets/oidc.html-DLVYL_s-.js","assets/index.html-B5ugpUCb.js","assets/configuration.html-D1oz1N0T.js","assets/index.html-DSkgDhK5.js","assets/access-control.html-DgJ2jQps.js","assets/configuration.html-CzP8igmj.js","assets/oidc.html-D1q5Feuz.js","assets/index.html-DfXGbgMQ.js","assets/configuration.html-2g2NV2bW.js","assets/index.html-C3Ia18VX.js","assets/access-control.html-L-bo7Caf.js","assets/configuration.html-DEel35nd.js","assets/oidc.html-eTv7P-ln.js","assets/index.html-lWF73U7W.js","assets/configuration.html-DgmMmxNu.js","assets/index.html-DsoDbkV8.js","assets/access-control.html-CP9FgeAe.js","assets/configuration.html-BUB13-BB.js","assets/oidc.html-ByT9fRor.js","assets/index.html-DHzXf-Ti.js","assets/configuration.html-CX1SHh6p.js","assets/index.html-DB1QlrqO.js","assets/access-control.html-Dk8_tU0U.js","assets/configuration.html-C5rSSCzr.js","assets/oidc.html-DDUONRpW.js","assets/index.html-DLMT2KGj.js","assets/configuration.html-DHpvcZUz.js","assets/404.html-CippiRUx.js","assets/index.html-BWnQvp8W.js"])))=>i.map(i=>d[i]); +const mp="modulepreload",hp=function(e){return"/"+e},ul={},h=function(t,n,r){let o=Promise.resolve();if(n&&n.length>0){document.getElementsByTagName("link");const a=document.querySelector("meta[property=csp-nonce]"),l=(a==null?void 0:a.nonce)||(a==null?void 0:a.getAttribute("nonce"));o=Promise.allSettled(n.map(s=>{if(s=hp(s),s in ul)return;ul[s]=!0;const u=s.endsWith(".css"),c=u?'[rel="stylesheet"]':"";if(document.querySelector(`link[href="${s}"]${c}`))return;const d=document.createElement("link");if(d.rel=u?"stylesheet":mp,u||(d.as="script"),d.crossOrigin="",d.href=s,l&&d.setAttribute("nonce",l),document.head.appendChild(d),u)return new Promise((p,m)=>{d.addEventListener("load",p),d.addEventListener("error",()=>m(new Error(`Unable to preload CSS for ${s}`)))})}))}function i(a){const l=new Event("vite:preloadError",{cancelable:!0});if(l.payload=a,window.dispatchEvent(l),!l.defaultPrevented)throw a}return o.then(a=>{for(const l of a||[])l.status==="rejected"&&i(l.reason);return t().catch(i)})};/** +* @vue/shared v3.5.12 +* (c) 2018-present Yuxi (Evan) You and Vue contributors +* @license MIT +**//*! #__NO_SIDE_EFFECTS__ */function Zn(e){const t=Object.create(null);for(const n of e.split(","))t[n]=1;return n=>n in t}const Ee={},Nn=[],It=()=>{},vp=()=>!1,Br=e=>e.charCodeAt(0)===111&&e.charCodeAt(1)===110&&(e.charCodeAt(2)>122||e.charCodeAt(2)<97),sa=e=>e.startsWith("onUpdate:"),Re=Object.assign,ua=(e,t)=>{const n=e.indexOf(t);n>-1&&e.splice(n,1)},_p=Object.prototype.hasOwnProperty,pe=(e,t)=>_p.call(e,t),ie=Array.isArray,_r=e=>Io(e)==="[object Map]",gp=e=>Io(e)==="[object Set]",oe=e=>typeof e=="function",xe=e=>typeof e=="string",er=e=>typeof e=="symbol",Pe=e=>e!==null&&typeof e=="object",Vu=e=>(Pe(e)||oe(e))&&oe(e.then)&&oe(e.catch),Ep=Object.prototype.toString,Io=e=>Ep.call(e),yp=e=>Io(e).slice(8,-1),bp=e=>Io(e)==="[object Object]",ca=e=>xe(e)&&e!=="NaN"&&e[0]!=="-"&&""+parseInt(e,10)===e,$n=Zn(",key,ref,ref_for,ref_key,onVnodeBeforeMount,onVnodeMounted,onVnodeBeforeUpdate,onVnodeUpdated,onVnodeBeforeUnmount,onVnodeUnmounted"),Ro=e=>{const t=Object.create(null);return n=>t[n]||(t[n]=e(n))},Ap=/-(\w)/g,Ze=Ro(e=>e.replace(Ap,(t,n)=>n?n.toUpperCase():"")),Tp=/\B([A-Z])/g,fn=Ro(e=>e.replace(Tp,"-$1").toLowerCase()),Hr=Ro(e=>e.charAt(0).toUpperCase()+e.slice(1)),Qo=Ro(e=>e?`on${Hr(e)}`:""),ln=(e,t)=>!Object.is(e,t),Zo=(e,...t)=>{for(let n=0;n{Object.defineProperty(e,t,{configurable:!0,enumerable:!1,writable:r,value:n})},xp=e=>{const t=parseFloat(e);return isNaN(t)?e:t},Pp=e=>{const t=xe(e)?Number(e):NaN;return isNaN(t)?e:t};let cl;const So=()=>cl||(cl=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:typeof global<"u"?global:{});function ko(e){if(ie(e)){const t={};for(let n=0;n{if(n){const r=n.split(Cp);r.length>1&&(t[r[0].trim()]=r[1].trim())}}),t}function Rp(e){let t="";if(!e||xe(e))return t;for(const n in e){const r=e[n];if(xe(r)||typeof r=="number"){const o=n.startsWith("--")?n:fn(n);t+=`${o}:${r};`}}return t}function wo(e){let t="";if(xe(e))t=e;else if(ie(e))for(let n=0;n?@[\\\]^`{|}~]/g;function Fp(e,t){return e.replace(Vp,n=>`\\${n}`)}/** +* @vue/reactivity v3.5.12 +* (c) 2018-present Yuxi (Evan) You and Vue contributors +* @license MIT +**/let We;class Mp{constructor(t=!1){this.detached=t,this._active=!0,this.effects=[],this.cleanups=[],this._isPaused=!1,this.parent=We,!t&&We&&(this.index=(We.scopes||(We.scopes=[])).push(this)-1)}get active(){return this._active}pause(){if(this._active){this._isPaused=!0;let t,n;if(this.scopes)for(t=0,n=this.scopes.length;t0)return;if(Er){let t=Er;for(Er=void 0;t;){const n=t.next;t.next=void 0,t.flags&=-9,t=n}}let e;for(;gr;){let t=gr;for(gr=void 0;t;){const n=t.next;if(t.next=void 0,t.flags&=-9,t.flags&1)try{t.trigger()}catch(r){e||(e=r)}t=n}}if(e)throw e}function Hu(e){for(let t=e.deps;t;t=t.nextDep)t.version=-1,t.prevActiveLink=t.dep.activeLink,t.dep.activeLink=t}function Uu(e){let t,n=e.depsTail,r=n;for(;r;){const o=r.prevDep;r.version===-1?(r===n&&(n=o),ma(r),$p(r)):t=r,r.dep.activeLink=r.prevActiveLink,r.prevActiveLink=void 0,r=o}e.deps=t,e.depsTail=n}function Oi(e){for(let t=e.deps;t;t=t.nextDep)if(t.dep.version!==t.version||t.dep.computed&&(ju(t.dep.computed)||t.dep.version!==t.version))return!0;return!!e._dirty}function ju(e){if(e.flags&4&&!(e.flags&16)||(e.flags&=-17,e.globalVersion===Cr))return;e.globalVersion=Cr;const t=e.dep;if(e.flags|=2,t.version>0&&!e.isSSR&&e.deps&&!Oi(e)){e.flags&=-3;return}const n=ge,r=gt;ge=e,gt=!0;try{Hu(e);const o=e.fn(e._value);(t.version===0||ln(o,e._value))&&(e._value=o,t.version++)}catch(o){throw t.version++,o}finally{ge=n,gt=r,Uu(e),e.flags&=-3}}function ma(e,t=!1){const{dep:n,prevSub:r,nextSub:o}=e;if(r&&(r.nextSub=o,e.prevSub=void 0),o&&(o.prevSub=r,e.nextSub=void 0),n.subs===e&&(n.subs=r,!r&&n.computed)){n.computed.flags&=-5;for(let i=n.computed.deps;i;i=i.nextDep)ma(i,!0)}!t&&!--n.sc&&n.map&&n.map.delete(n.key)}function $p(e){const{prevDep:t,nextDep:n}=e;t&&(t.nextDep=n,e.prevDep=void 0),n&&(n.prevDep=t,e.nextDep=void 0)}let gt=!0;const zu=[];function jt(){zu.push(gt),gt=!1}function zt(){const e=zu.pop();gt=e===void 0?!0:e}function fl(e){const{cleanup:t}=e;if(e.cleanup=void 0,t){const n=ge;ge=void 0;try{t()}finally{ge=n}}}let Cr=0;class Bp{constructor(t,n){this.sub=t,this.dep=n,this.version=n.version,this.nextDep=this.prevDep=this.nextSub=this.prevSub=this.prevActiveLink=void 0}}class Lo{constructor(t){this.computed=t,this.version=0,this.activeLink=void 0,this.subs=void 0,this.map=void 0,this.key=void 0,this.sc=0}track(t){if(!ge||!gt||ge===this.computed)return;let n=this.activeLink;if(n===void 0||n.sub!==ge)n=this.activeLink=new Bp(ge,this),ge.deps?(n.prevDep=ge.depsTail,ge.depsTail.nextDep=n,ge.depsTail=n):ge.deps=ge.depsTail=n,Ku(n);else if(n.version===-1&&(n.version=this.version,n.nextDep)){const r=n.nextDep;r.prevDep=n.prevDep,n.prevDep&&(n.prevDep.nextDep=r),n.prevDep=ge.depsTail,n.nextDep=void 0,ge.depsTail.nextDep=n,ge.depsTail=n,ge.deps===n&&(ge.deps=r)}return n}trigger(t){this.version++,Cr++,this.notify(t)}notify(t){fa();try{for(let n=this.subs;n;n=n.prevSub)n.sub.notify()&&n.sub.dep.notify()}finally{pa()}}}function Ku(e){if(e.dep.sc++,e.sub.flags&4){const t=e.dep.computed;if(t&&!e.dep.subs){t.flags|=20;for(let r=t.deps;r;r=r.nextDep)Ku(r)}const n=e.dep.subs;n!==e&&(e.prevSub=n,n&&(n.nextSub=e)),e.dep.subs=e}}const vo=new WeakMap,Tn=Symbol(""),Ci=Symbol(""),Dr=Symbol("");function Ue(e,t,n){if(gt&&ge){let r=vo.get(e);r||vo.set(e,r=new Map);let o=r.get(n);o||(r.set(n,o=new Lo),o.map=r,o.key=n),o.track()}}function Bt(e,t,n,r,o,i){const a=vo.get(e);if(!a){Cr++;return}const l=s=>{s&&s.trigger()};if(fa(),t==="clear")a.forEach(l);else{const s=ie(e),u=s&&ca(n);if(s&&n==="length"){const c=Number(r);a.forEach((d,p)=>{(p==="length"||p===Dr||!er(p)&&p>=c)&&l(d)})}else switch((n!==void 0||a.has(void 0))&&l(a.get(n)),u&&l(a.get(Dr)),t){case"add":s?u&&l(a.get("length")):(l(a.get(Tn)),_r(e)&&l(a.get(Ci)));break;case"delete":s||(l(a.get(Tn)),_r(e)&&l(a.get(Ci)));break;case"set":_r(e)&&l(a.get(Tn));break}}pa()}function Hp(e,t){const n=vo.get(e);return n&&n.get(t)}function Ln(e){const t=le(e);return t===e?t:(Ue(t,"iterate",Dr),Et(e)?t:t.map(qe))}function ha(e){return Ue(e=le(e),"iterate",Dr),e}const Up={__proto__:null,[Symbol.iterator](){return ti(this,Symbol.iterator,qe)},concat(...e){return Ln(this).concat(...e.map(t=>ie(t)?Ln(t):t))},entries(){return ti(this,"entries",e=>(e[1]=qe(e[1]),e))},every(e,t){return wt(this,"every",e,t,void 0,arguments)},filter(e,t){return wt(this,"filter",e,t,n=>n.map(qe),arguments)},find(e,t){return wt(this,"find",e,t,qe,arguments)},findIndex(e,t){return wt(this,"findIndex",e,t,void 0,arguments)},findLast(e,t){return wt(this,"findLast",e,t,qe,arguments)},findLastIndex(e,t){return wt(this,"findLastIndex",e,t,void 0,arguments)},forEach(e,t){return wt(this,"forEach",e,t,void 0,arguments)},includes(...e){return ni(this,"includes",e)},indexOf(...e){return ni(this,"indexOf",e)},join(e){return Ln(this).join(e)},lastIndexOf(...e){return ni(this,"lastIndexOf",e)},map(e,t){return wt(this,"map",e,t,void 0,arguments)},pop(){return lr(this,"pop")},push(...e){return lr(this,"push",e)},reduce(e,...t){return pl(this,"reduce",e,t)},reduceRight(e,...t){return pl(this,"reduceRight",e,t)},shift(){return lr(this,"shift")},some(e,t){return wt(this,"some",e,t,void 0,arguments)},splice(...e){return lr(this,"splice",e)},toReversed(){return Ln(this).toReversed()},toSorted(e){return Ln(this).toSorted(e)},toSpliced(...e){return Ln(this).toSpliced(...e)},unshift(...e){return lr(this,"unshift",e)},values(){return ti(this,"values",qe)}};function ti(e,t,n){const r=ha(e),o=r[t]();return r!==e&&!Et(e)&&(o._next=o.next,o.next=()=>{const i=o._next();return i.value&&(i.value=n(i.value)),i}),o}const jp=Array.prototype;function wt(e,t,n,r,o,i){const a=ha(e),l=a!==e&&!Et(e),s=a[t];if(s!==jp[t]){const d=s.apply(e,i);return l?qe(d):d}let u=n;a!==e&&(l?u=function(d,p){return n.call(this,qe(d),p,e)}:n.length>2&&(u=function(d,p){return n.call(this,d,p,e)}));const c=s.call(a,u,r);return l&&o?o(c):c}function pl(e,t,n,r){const o=ha(e);let i=n;return o!==e&&(Et(e)?n.length>3&&(i=function(a,l,s){return n.call(this,a,l,s,e)}):i=function(a,l,s){return n.call(this,a,qe(l),s,e)}),o[t](i,...r)}function ni(e,t,n){const r=le(e);Ue(r,"iterate",Dr);const o=r[t](...n);return(o===-1||o===!1)&&ga(n[0])?(n[0]=le(n[0]),r[t](...n)):o}function lr(e,t,n=[]){jt(),fa();const r=le(e)[t].apply(e,n);return pa(),zt(),r}const zp=Zn("__proto__,__v_isRef,__isVue"),Wu=new Set(Object.getOwnPropertyNames(Symbol).filter(e=>e!=="arguments"&&e!=="caller").map(e=>Symbol[e]).filter(er));function Kp(e){er(e)||(e=String(e));const t=le(this);return Ue(t,"has",e),t.hasOwnProperty(e)}class qu{constructor(t=!1,n=!1){this._isReadonly=t,this._isShallow=n}get(t,n,r){const o=this._isReadonly,i=this._isShallow;if(n==="__v_isReactive")return!o;if(n==="__v_isReadonly")return o;if(n==="__v_isShallow")return i;if(n==="__v_raw")return r===(o?i?tm:Ju:i?Xu:Yu).get(t)||Object.getPrototypeOf(t)===Object.getPrototypeOf(r)?t:void 0;const a=ie(t);if(!o){let s;if(a&&(s=Up[n]))return s;if(n==="hasOwnProperty")return Kp}const l=Reflect.get(t,n,Ie(t)?t:r);return(er(n)?Wu.has(n):zp(n))||(o||Ue(t,"get",n),i)?l:Ie(l)?a&&ca(n)?l:l.value:Pe(l)?o?tr(l):Ur(l):l}}class Gu extends qu{constructor(t=!1){super(!1,t)}set(t,n,r,o){let i=t[n];if(!this._isShallow){const s=On(i);if(!Et(r)&&!On(r)&&(i=le(i),r=le(r)),!ie(t)&&Ie(i)&&!Ie(r))return s?!1:(i.value=r,!0)}const a=ie(t)&&ca(n)?Number(n)e,Qr=e=>Reflect.getPrototypeOf(e);function Xp(e,t,n){return function(...r){const o=this.__v_raw,i=le(o),a=_r(i),l=e==="entries"||e===Symbol.iterator&&a,s=e==="keys"&&a,u=o[e](...r),c=n?Di:t?Ii:qe;return!t&&Ue(i,"iterate",s?Ci:Tn),{next(){const{value:d,done:p}=u.next();return p?{value:d,done:p}:{value:l?[c(d[0]),c(d[1])]:c(d),done:p}},[Symbol.iterator](){return this}}}}function Zr(e){return function(...t){return e==="delete"?!1:e==="clear"?void 0:this}}function Jp(e,t){const n={get(o){const i=this.__v_raw,a=le(i),l=le(o);e||(ln(o,l)&&Ue(a,"get",o),Ue(a,"get",l));const{has:s}=Qr(a),u=t?Di:e?Ii:qe;if(s.call(a,o))return u(i.get(o));if(s.call(a,l))return u(i.get(l));i!==a&&i.get(o)},get size(){const o=this.__v_raw;return!e&&Ue(le(o),"iterate",Tn),Reflect.get(o,"size",o)},has(o){const i=this.__v_raw,a=le(i),l=le(o);return e||(ln(o,l)&&Ue(a,"has",o),Ue(a,"has",l)),o===l?i.has(o):i.has(o)||i.has(l)},forEach(o,i){const a=this,l=a.__v_raw,s=le(l),u=t?Di:e?Ii:qe;return!e&&Ue(s,"iterate",Tn),l.forEach((c,d)=>o.call(i,u(c),u(d),a))}};return Re(n,e?{add:Zr("add"),set:Zr("set"),delete:Zr("delete"),clear:Zr("clear")}:{add(o){!t&&!Et(o)&&!On(o)&&(o=le(o));const i=le(this);return Qr(i).has.call(i,o)||(i.add(o),Bt(i,"add",o,o)),this},set(o,i){!t&&!Et(i)&&!On(i)&&(i=le(i));const a=le(this),{has:l,get:s}=Qr(a);let u=l.call(a,o);u||(o=le(o),u=l.call(a,o));const c=s.call(a,o);return a.set(o,i),u?ln(i,c)&&Bt(a,"set",o,i):Bt(a,"add",o,i),this},delete(o){const i=le(this),{has:a,get:l}=Qr(i);let s=a.call(i,o);s||(o=le(o),s=a.call(i,o)),l&&l.call(i,o);const u=i.delete(o);return s&&Bt(i,"delete",o,void 0),u},clear(){const o=le(this),i=o.size!==0,a=o.clear();return i&&Bt(o,"clear",void 0,void 0),a}}),["keys","values","entries",Symbol.iterator].forEach(o=>{n[o]=Xp(o,e,t)}),n}function va(e,t){const n=Jp(e,t);return(r,o,i)=>o==="__v_isReactive"?!e:o==="__v_isReadonly"?e:o==="__v_raw"?r:Reflect.get(pe(n,o)&&o in r?n:r,o,i)}const Qp={get:va(!1,!1)},Zp={get:va(!1,!0)},em={get:va(!0,!1)};const Yu=new WeakMap,Xu=new WeakMap,Ju=new WeakMap,tm=new WeakMap;function nm(e){switch(e){case"Object":case"Array":return 1;case"Map":case"Set":case"WeakMap":case"WeakSet":return 2;default:return 0}}function rm(e){return e.__v_skip||!Object.isExtensible(e)?0:nm(yp(e))}function Ur(e){return On(e)?e:_a(e,!1,qp,Qp,Yu)}function Qu(e){return _a(e,!1,Yp,Zp,Xu)}function tr(e){return _a(e,!0,Gp,em,Ju)}function _a(e,t,n,r,o){if(!Pe(e)||e.__v_raw&&!(t&&e.__v_isReactive))return e;const i=o.get(e);if(i)return i;const a=rm(e);if(a===0)return e;const l=new Proxy(e,a===2?r:n);return o.set(e,l),l}function yr(e){return On(e)?yr(e.__v_raw):!!(e&&e.__v_isReactive)}function On(e){return!!(e&&e.__v_isReadonly)}function Et(e){return!!(e&&e.__v_isShallow)}function ga(e){return e?!!e.__v_raw:!1}function le(e){const t=e&&e.__v_raw;return t?le(t):e}function om(e){return!pe(e,"__v_skip")&&Object.isExtensible(e)&&Kn(e,"__v_skip",!0),e}const qe=e=>Pe(e)?Ur(e):e,Ii=e=>Pe(e)?tr(e):e;function Ie(e){return e?e.__v_isRef===!0:!1}function te(e){return Zu(e,!1)}function Be(e){return Zu(e,!0)}function Zu(e,t){return Ie(e)?e:new im(e,t)}class im{constructor(t,n){this.dep=new Lo,this.__v_isRef=!0,this.__v_isShallow=!1,this._rawValue=n?t:le(t),this._value=n?t:qe(t),this.__v_isShallow=n}get value(){return this.dep.track(),this._value}set value(t){const n=this._rawValue,r=this.__v_isShallow||Et(t)||On(t);t=r?t:le(t),ln(t,n)&&(this._rawValue=t,this._value=r?t:qe(t),this.dep.trigger())}}function an(e){return Ie(e)?e.value:e}const am={get:(e,t,n)=>t==="__v_raw"?e:an(Reflect.get(e,t,n)),set:(e,t,n,r)=>{const o=e[t];return Ie(o)&&!Ie(n)?(o.value=n,!0):Reflect.set(e,t,n,r)}};function ec(e){return yr(e)?e:new Proxy(e,am)}class lm{constructor(t){this.__v_isRef=!0,this._value=void 0;const n=this.dep=new Lo,{get:r,set:o}=t(n.track.bind(n),n.trigger.bind(n));this._get=r,this._set=o}get value(){return this._value=this._get()}set value(t){this._set(t)}}function tc(e){return new lm(e)}class sm{constructor(t,n,r){this._object=t,this._key=n,this._defaultValue=r,this.__v_isRef=!0,this._value=void 0}get value(){const t=this._object[this._key];return this._value=t===void 0?this._defaultValue:t}set value(t){this._object[this._key]=t}get dep(){return Hp(le(this._object),this._key)}}class um{constructor(t){this._getter=t,this.__v_isRef=!0,this.__v_isReadonly=!0,this._value=void 0}get value(){return this._value=this._getter()}}function Vo(e,t,n){return Ie(e)?e:oe(e)?new um(e):Pe(e)&&arguments.length>1?cm(e,t,n):te(e)}function cm(e,t,n){const r=e[t];return Ie(r)?r:new sm(e,t,n)}class dm{constructor(t,n,r){this.fn=t,this.setter=n,this._value=void 0,this.dep=new Lo(this),this.__v_isRef=!0,this.deps=void 0,this.depsTail=void 0,this.flags=16,this.globalVersion=Cr-1,this.next=void 0,this.effect=this,this.__v_isReadonly=!n,this.isSSR=r}notify(){if(this.flags|=16,!(this.flags&8)&&ge!==this)return Bu(this,!0),!0}get value(){const t=this.dep.track();return ju(this),t&&(t.version=this.dep.version),this._value}set value(t){this.setter&&this.setter(t)}}function fm(e,t,n=!1){let r,o;return oe(e)?r=e:(r=e.get,o=e.set),new dm(r,o,n)}const eo={},_o=new WeakMap;let gn;function pm(e,t=!1,n=gn){if(n){let r=_o.get(n);r||_o.set(n,r=[]),r.push(e)}}function mm(e,t,n=Ee){const{immediate:r,deep:o,once:i,scheduler:a,augmentJob:l,call:s}=n,u=x=>o?x:Et(x)||o===!1||o===0?on(x,1):on(x);let c,d,p,m,v=!1,y=!1;if(Ie(e)?(d=()=>e.value,v=Et(e)):yr(e)?(d=()=>u(e),v=!0):ie(e)?(y=!0,v=e.some(x=>yr(x)||Et(x)),d=()=>e.map(x=>{if(Ie(x))return x.value;if(yr(x))return u(x);if(oe(x))return s?s(x,2):x()})):oe(e)?t?d=s?()=>s(e,2):e:d=()=>{if(p){jt();try{p()}finally{zt()}}const x=gn;gn=c;try{return s?s(e,3,[m]):e(m)}finally{gn=x}}:d=It,t&&o){const x=d,V=o===!0?1/0:o;d=()=>on(x(),V)}const E=Mu(),A=()=>{c.stop(),E&&ua(E.effects,c)};if(i&&t){const x=t;t=(...V)=>{x(...V),A()}}let T=y?new Array(e.length).fill(eo):eo;const g=x=>{if(!(!(c.flags&1)||!c.dirty&&!x))if(t){const V=c.run();if(o||v||(y?V.some((H,N)=>ln(H,T[N])):ln(V,T))){p&&p();const H=gn;gn=c;try{const N=[V,T===eo?void 0:y&&T[0]===eo?[]:T,m];s?s(t,3,N):t(...N),T=V}finally{gn=H}}}else c.run()};return l&&l(g),c=new Nu(d),c.scheduler=a?()=>a(g,!1):g,m=x=>pm(x,!1,c),p=c.onStop=()=>{const x=_o.get(c);if(x){if(s)s(x,4);else for(const V of x)V();_o.delete(c)}},t?r?g(!0):T=c.run():a?a(g.bind(null,!0),!0):c.run(),A.pause=c.pause.bind(c),A.resume=c.resume.bind(c),A.stop=A,A}function on(e,t=1/0,n){if(t<=0||!Pe(e)||e.__v_skip||(n=n||new Set,n.has(e)))return e;if(n.add(e),t--,Ie(e))on(e.value,t,n);else if(ie(e))for(let r=0;r{on(r,t,n)});else if(bp(e)){for(const r in e)on(e[r],t,n);for(const r of Object.getOwnPropertySymbols(e))Object.prototype.propertyIsEnumerable.call(e,r)&&on(e[r],t,n)}return e}/** +* @vue/runtime-core v3.5.12 +* (c) 2018-present Yuxi (Evan) You and Vue contributors +* @license MIT +**/const br=[];let ri=!1;function Qt(e,...t){if(ri)return;ri=!0,jt();const n=br.length?br[br.length-1].component:null,r=n&&n.appContext.config.warnHandler,o=hm();if(r)nr(r,n,11,[e+t.map(i=>{var a,l;return(l=(a=i.toString)==null?void 0:a.call(i))!=null?l:JSON.stringify(i)}).join(""),n&&n.proxy,o.map(({vnode:i})=>`at <${zc(n,i.type)}>`).join(` +`),o]);else{const i=[`[Vue warn]: ${e}`,...t];o.length&&i.push(` +`,...vm(o)),console.warn(...i)}zt(),ri=!1}function hm(){let e=br[br.length-1];if(!e)return[];const t=[];for(;e;){const n=t[0];n&&n.vnode===e?n.recurseCount++:t.push({vnode:e,recurseCount:0});const r=e.component&&e.component.parent;e=r&&r.vnode}return t}function vm(e){const t=[];return e.forEach((n,r)=>{t.push(...r===0?[]:[` +`],..._m(n))}),t}function _m({vnode:e,recurseCount:t}){const n=t>0?`... (${t} recursive calls)`:"",r=e.component?e.component.parent==null:!1,o=` at <${zc(e.component,e.type,r)}`,i=">"+n;return e.props?[o,...gm(e.props),i]:[o+i]}function gm(e){const t=[],n=Object.keys(e);return n.slice(0,3).forEach(r=>{t.push(...nc(r,e[r]))}),n.length>3&&t.push(" ..."),t}function nc(e,t,n){return xe(t)?(t=JSON.stringify(t),n?t:[`${e}=${t}`]):typeof t=="number"||typeof t=="boolean"||t==null?n?t:[`${e}=${t}`]:Ie(t)?(t=nc(e,le(t.value),!0),n?t:[`${e}=Ref<`,t,">"]):oe(t)?[`${e}=fn${t.name?`<${t.name}>`:""}`]:(t=le(t),n?t:[`${e}=`,t])}function nr(e,t,n,r){try{return r?e(...r):e()}catch(o){jr(o,t,n)}}function yt(e,t,n,r){if(oe(e)){const o=nr(e,t,n,r);return o&&Vu(o)&&o.catch(i=>{jr(i,t,n)}),o}if(ie(e)){const o=[];for(let i=0;i>>1,o=Ge[r],i=Ir(o);i=Ir(n)?Ge.push(e):Ge.splice(ym(t),0,e),e.flags|=1,oc()}}function oc(){go||(go=rc.then(ic))}function bm(e){ie(e)?Bn.push(...e):en&&e.id===-1?en.splice(Fn+1,0,e):e.flags&1||(Bn.push(e),e.flags|=1),oc()}function ml(e,t,n=xt+1){for(;nIr(n)-Ir(r));if(Bn.length=0,en){en.push(...t);return}for(en=t,Fn=0;Fne.id==null?e.flags&2?-1:1/0:e.id;function ic(e){try{for(xt=0;xtCt.emit(o,...i)),fr=[]):typeof window<"u"&&window.HTMLElement&&!((r=(n=window.navigator)==null?void 0:n.userAgent)!=null&&r.includes("jsdom"))?((t.__VUE_DEVTOOLS_HOOK_REPLAY__=t.__VUE_DEVTOOLS_HOOK_REPLAY__||[]).push(i=>{ac(i,t)}),setTimeout(()=>{Ct||(t.__VUE_DEVTOOLS_HOOK_REPLAY__=null,Ri=!0,fr=[])},3e3)):(Ri=!0,fr=[])}function Am(e,t){Fo("app:init",e,t,{Fragment:Ye,Text:sn,Comment:Je,Static:jn})}function Tm(e){Fo("app:unmount",e)}const xm=ya("component:added"),lc=ya("component:updated"),Pm=ya("component:removed"),Om=e=>{Ct&&typeof Ct.cleanupBuffer=="function"&&!Ct.cleanupBuffer(e)&&Pm(e)};/*! #__NO_SIDE_EFFECTS__ */function ya(e){return t=>{Fo(e,t.appContext.app,t.uid,t.parent?t.parent.uid:void 0,t)}}function Cm(e,t,n){Fo("component:emit",e.appContext.app,e,t,n)}let pt=null,sc=null;function yo(e){const t=pt;return pt=e,sc=e&&e.type.__scopeId||null,t}function Dm(e,t=pt,n){if(!t||e._n)return e;const r=(...o)=>{r._d&&Dl(-1);const i=yo(t);let a;try{a=e(...o)}finally{yo(i),r._d&&Dl(1)}return lc(t),a};return r._n=!0,r._c=!0,r._d=!0,r}function Pt(e,t,n,r){const o=e.dirs,i=t&&t.dirs;for(let a=0;ae.__isTeleport,tn=Symbol("_leaveCb"),to=Symbol("_enterCb");function cc(){const e={isMounted:!1,isLeaving:!1,isUnmounting:!1,leavingVNodes:new Map};return Oe(()=>{e.isMounted=!0}),Ta(()=>{e.isUnmounting=!0}),e}const ut=[Function,Array],dc={mode:String,appear:Boolean,persisted:Boolean,onBeforeEnter:ut,onEnter:ut,onAfterEnter:ut,onEnterCancelled:ut,onBeforeLeave:ut,onLeave:ut,onAfterLeave:ut,onLeaveCancelled:ut,onBeforeAppear:ut,onAppear:ut,onAfterAppear:ut,onAppearCancelled:ut},fc=e=>{const t=e.subTree;return t.component?fc(t.component):t},Rm={name:"BaseTransition",props:dc,setup(e,{slots:t}){const n=In(),r=cc();return()=>{const o=t.default&&ba(t.default(),!0);if(!o||!o.length)return;const i=pc(o),a=le(e),{mode:l}=a;if(r.isLeaving)return oi(i);const s=hl(i);if(!s)return oi(i);let u=Rr(s,a,r,n,p=>u=p);s.type!==Je&&Cn(s,u);const c=n.subTree,d=c&&hl(c);if(d&&d.type!==Je&&!yn(s,d)&&fc(n).type!==Je){const p=Rr(d,a,r,n);if(Cn(d,p),l==="out-in"&&s.type!==Je)return r.isLeaving=!0,p.afterLeave=()=>{r.isLeaving=!1,n.job.flags&8||n.update(),delete p.afterLeave},oi(i);l==="in-out"&&s.type!==Je&&(p.delayLeave=(m,v,y)=>{const E=mc(r,d);E[String(d.key)]=d,m[tn]=()=>{v(),m[tn]=void 0,delete u.delayedLeave},u.delayedLeave=y})}return i}}};function pc(e){let t=e[0];if(e.length>1){for(const n of e)if(n.type!==Je){t=n;break}}return t}const Sm=Rm;function mc(e,t){const{leavingVNodes:n}=e;let r=n.get(t.type);return r||(r=Object.create(null),n.set(t.type,r)),r}function Rr(e,t,n,r,o){const{appear:i,mode:a,persisted:l=!1,onBeforeEnter:s,onEnter:u,onAfterEnter:c,onEnterCancelled:d,onBeforeLeave:p,onLeave:m,onAfterLeave:v,onLeaveCancelled:y,onBeforeAppear:E,onAppear:A,onAfterAppear:T,onAppearCancelled:g}=t,x=String(e.key),V=mc(n,e),H=($,S)=>{$&&yt($,r,9,S)},N=($,S)=>{const G=S[1];H($,S),ie($)?$.every(L=>L.length<=1)&&G():$.length<=1&&G()},Q={mode:a,persisted:l,beforeEnter($){let S=s;if(!n.isMounted)if(i)S=E||s;else return;$[tn]&&$[tn](!0);const G=V[x];G&&yn(e,G)&&G.el[tn]&&G.el[tn](),H(S,[$])},enter($){let S=u,G=c,L=d;if(!n.isMounted)if(i)S=A||u,G=T||c,L=g||d;else return;let Z=!1;const ae=$[to]=he=>{Z||(Z=!0,he?H(L,[$]):H(G,[$]),Q.delayedLeave&&Q.delayedLeave(),$[to]=void 0)};S?N(S,[$,ae]):ae()},leave($,S){const G=String(e.key);if($[to]&&$[to](!0),n.isUnmounting)return S();H(p,[$]);let L=!1;const Z=$[tn]=ae=>{L||(L=!0,S(),ae?H(y,[$]):H(v,[$]),$[tn]=void 0,V[G]===e&&delete V[G])};V[G]=e,m?N(m,[$,Z]):Z()},clone($){const S=Rr($,t,n,r,o);return o&&o(S),S}};return Q}function oi(e){if(zr(e))return e=un(e),e.children=null,e}function hl(e){if(!zr(e))return uc(e.type)&&e.children?pc(e.children):e;const{shapeFlag:t,children:n}=e;if(n){if(t&16)return n[0];if(t&32&&oe(n.default))return n.default()}}function Cn(e,t){e.shapeFlag&6&&e.component?(e.transition=t,Cn(e.component.subTree,t)):e.shapeFlag&128?(e.ssContent.transition=t.clone(e.ssContent),e.ssFallback.transition=t.clone(e.ssFallback)):e.transition=t}function ba(e,t=!1,n){let r=[],o=0;for(let i=0;i1)for(let i=0;ibo(v,t&&(ie(t)?t[y]:t),n,r,o));return}if(Hn(r)&&!o)return;const i=r.shapeFlag&4?Ia(r.component):r.el,a=o?null:i,{i:l,r:s}=e,u=t&&t.r,c=l.refs===Ee?l.refs={}:l.refs,d=l.setupState,p=le(d),m=d===Ee?()=>!1:v=>pe(p,v);if(u!=null&&u!==s&&(xe(u)?(c[u]=null,m(u)&&(d[u]=null)):Ie(u)&&(u.value=null)),oe(s))nr(s,l,12,[a,c]);else{const v=xe(s),y=Ie(s);if(v||y){const E=()=>{if(e.f){const A=v?m(s)?d[s]:c[s]:s.value;o?ie(A)&&ua(A,i):ie(A)?A.includes(i)||A.push(i):v?(c[s]=[i],m(s)&&(d[s]=c[s])):(s.value=[i],e.k&&(c[e.k]=s.value))}else v?(c[s]=a,m(s)&&(d[s]=a)):y&&(s.value=a,e.k&&(c[e.k]=a))};a?(E.id=-1,rt(E,n)):E()}}}let vl=!1;const mn=()=>{vl||(console.error("Hydration completed but contains mismatches."),vl=!0)},km=e=>e.namespaceURI.includes("svg")&&e.tagName!=="foreignObject",wm=e=>e.namespaceURI.includes("MathML"),no=e=>{if(e.nodeType===1){if(km(e))return"svg";if(wm(e))return"mathml"}},En=e=>e.nodeType===8;function Lm(e){const{mt:t,p:n,o:{patchProp:r,createText:o,nextSibling:i,parentNode:a,remove:l,insert:s,createComment:u}}=e,c=(g,x)=>{if(!x.hasChildNodes()){Qt("Attempting to hydrate existing markup but container is empty. Performing full mount instead."),n(null,g,x),Eo(),x._vnode=g;return}d(x.firstChild,g,null,null,null),Eo(),x._vnode=g},d=(g,x,V,H,N,Q=!1)=>{Q=Q||!!x.dynamicChildren;const $=En(g)&&g.data==="[",S=()=>y(g,x,V,H,N,$),{type:G,ref:L,shapeFlag:Z,patchFlag:ae}=x;let he=g.nodeType;x.el=g,Kn(g,"__vnode",x,!0),Kn(g,"__vueParentComponent",V,!0),ae===-2&&(Q=!1,x.dynamicChildren=null);let q=null;switch(G){case sn:he!==3?x.children===""?(s(x.el=o(""),a(g),g),q=g):q=S():(g.data!==x.children&&(Qt("Hydration text mismatch in",g.parentNode,` + - rendered on server: ${JSON.stringify(g.data)} + - expected on client: ${JSON.stringify(x.children)}`),mn(),g.data=x.children),q=i(g));break;case Je:T(g)?(q=i(g),A(x.el=g.content.firstChild,g,V)):he!==8||$?q=S():q=i(g);break;case jn:if($&&(g=i(g),he=g.nodeType),he===1||he===3){q=g;const B=!x.children.length;for(let Y=0;Y{Q=Q||!!x.dynamicChildren;const{type:$,props:S,patchFlag:G,shapeFlag:L,dirs:Z,transition:ae}=x,he=$==="input"||$==="option";if(he||G!==-1){Z&&Pt(x,null,V,"created");let q=!1;if(T(g)){q=Sc(null,ae)&&V&&V.vnode.props&&V.vnode.props.appear;const Y=g.content.firstChild;q&&ae.beforeEnter(Y),A(Y,g,V),x.el=g=Y}if(L&16&&!(S&&(S.innerHTML||S.textContent))){let Y=m(g.firstChild,x,g,V,H,N,Q),ce=!1;for(;Y;){pr(g,1)||(ce||(Qt("Hydration children mismatch on",g,` +Server rendered element contains more child nodes than client vdom.`),ce=!0),mn());const ke=Y;Y=Y.nextSibling,l(ke)}}else if(L&8){let Y=x.children;Y[0]===` +`&&(g.tagName==="PRE"||g.tagName==="TEXTAREA")&&(Y=Y.slice(1)),g.textContent!==Y&&(pr(g,0)||(Qt("Hydration text content mismatch on",g,` + - rendered on server: ${g.textContent} + - expected on client: ${x.children}`),mn()),g.textContent=x.children)}if(S){const Y=g.tagName.includes("-");for(const ce in S)!(Z&&Z.some(ke=>ke.dir.created))&&Vm(g,ce,S[ce],x,V)&&mn(),(he&&(ce.endsWith("value")||ce==="indeterminate")||Br(ce)&&!$n(ce)||ce[0]==="."||Y)&&r(g,ce,null,S[ce],void 0,V)}let B;(B=S&&S.onVnodeBeforeMount)&&ct(B,V,x),Z&&Pt(x,null,V,"beforeMount"),((B=S&&S.onVnodeMounted)||Z||q)&&Mc(()=>{B&&ct(B,V,x),q&&ae.enter(g),Z&&Pt(x,null,V,"mounted")},H)}return g.nextSibling},m=(g,x,V,H,N,Q,$)=>{$=$||!!x.dynamicChildren;const S=x.children,G=S.length;let L=!1;for(let Z=0;Z{const{slotScopeIds:$}=x;$&&(N=N?N.concat($):$);const S=a(g),G=m(i(g),x,S,V,H,N,Q);return G&&En(G)&&G.data==="]"?i(x.anchor=G):(mn(),s(x.anchor=u("]"),S,G),G)},y=(g,x,V,H,N,Q)=>{if(pr(g.parentElement,1)||(Qt(`Hydration node mismatch: +- rendered on server:`,g,g.nodeType===3?"(text)":En(g)&&g.data==="["?"(start of fragment)":"",` +- expected on client:`,x.type),mn()),x.el=null,Q){const G=E(g);for(;;){const L=i(g);if(L&&L!==G)l(L);else break}}const $=i(g),S=a(g);return l(g),n(null,x,S,$,V,H,no(S),N),$},E=(g,x="[",V="]")=>{let H=0;for(;g;)if(g=i(g),g&&En(g)&&(g.data===x&&H++,g.data===V)){if(H===0)return i(g);H--}return g},A=(g,x,V)=>{const H=x.parentNode;H&&H.replaceChild(g,x);let N=V;for(;N;)N.vnode.el===x&&(N.vnode.el=N.subTree.el=g),N=N.parent},T=g=>g.nodeType===1&&g.tagName==="TEMPLATE";return[c,d]}function Vm(e,t,n,r,o){let i,a,l,s;if(t==="class")l=e.getAttribute("class"),s=wo(n),Fm(_l(l||""),_l(s))||(i=2,a="class");else if(t==="style"){l=e.getAttribute("style")||"",s=xe(n)?n:Rp(ko(n));const u=gl(l),c=gl(s);if(r.dirs)for(const{dir:d,value:p}of r.dirs)d.name==="show"&&!p&&c.set("display","none");o&&hc(o,r,c),Mm(u,c)||(i=3,a="style")}else(e instanceof SVGElement&&wp(t)||e instanceof HTMLElement&&(dl(t)||kp(t)))&&(dl(t)?(l=e.hasAttribute(t),s=da(n)):n==null?(l=e.hasAttribute(t),s=!1):(e.hasAttribute(t)?l=e.getAttribute(t):t==="value"&&e.tagName==="TEXTAREA"?l=e.value:l=!1,s=Lp(n)?String(n):!1),l!==s&&(i=4,a=t));if(i!=null&&!pr(e,i)){const u=p=>p===!1?"(not rendered)":`${a}="${p}"`,c=`Hydration ${vc[i]} mismatch on`,d=` + - rendered on server: ${u(l)} + - expected on client: ${u(s)} + Note: this mismatch is check-only. The DOM will not be rectified in production due to performance overhead. + You should fix the source of the mismatch.`;return Qt(c,e,d),!0}return!1}function _l(e){return new Set(e.trim().split(/\s+/))}function Fm(e,t){if(e.size!==t.size)return!1;for(const n of e)if(!t.has(n))return!1;return!0}function gl(e){const t=new Map;for(const n of e.split(";")){let[r,o]=n.split(":");r=r.trim(),o=o&&o.trim(),r&&o&&t.set(r,o)}return t}function Mm(e,t){if(e.size!==t.size)return!1;for(const[n,r]of e)if(r!==t.get(n))return!1;return!0}function hc(e,t,n){const r=e.subTree;if(e.getCssVars&&(t===r||r&&r.type===Ye&&r.children.includes(t))){const o=e.getCssVars();for(const i in o)n.set(`--${Fp(i)}`,String(o[i]))}t===r&&e.parent&&hc(e.parent,e.vnode,n)}const El="data-allow-mismatch",vc={0:"text",1:"children",2:"class",3:"style",4:"attribute"};function pr(e,t){if(t===0||t===1)for(;e&&!e.hasAttribute(El);)e=e.parentElement;const n=e&&e.getAttribute(El);if(n==null)return!1;if(n==="")return!0;{const r=n.split(",");return t===0&&r.includes("children")?!0:n.split(",").includes(vc[t])}}So().requestIdleCallback;So().cancelIdleCallback;function Nm(e,t){if(En(e)&&e.data==="["){let n=1,r=e.nextSibling;for(;r;){if(r.nodeType===1){if(t(r)===!1)break}else if(En(r))if(r.data==="]"){if(--n===0)break}else r.data==="["&&n++;r=r.nextSibling}}else t(e)}const Hn=e=>!!e.type.__asyncLoader;/*! #__NO_SIDE_EFFECTS__ */function _c(e){oe(e)&&(e={loader:e});const{loader:t,loadingComponent:n,errorComponent:r,delay:o=200,hydrate:i,timeout:a,suspensible:l=!0,onError:s}=e;let u=null,c,d=0;const p=()=>(d++,u=null,m()),m=()=>{let v;return u||(v=u=t().catch(y=>{if(y=y instanceof Error?y:new Error(String(y)),s)return new Promise((E,A)=>{s(y,()=>E(p()),()=>A(y),d+1)});throw y}).then(y=>v!==u&&u?u:(y&&(y.__esModule||y[Symbol.toStringTag]==="Module")&&(y=y.default),c=y,y)))};return X({name:"AsyncComponentWrapper",__asyncLoader:m,__asyncHydrate(v,y,E){const A=i?()=>{const T=i(E,g=>Nm(v,g));T&&(y.bum||(y.bum=[])).push(T)}:E;c?A():m().then(()=>!y.isUnmounted&&A())},get __asyncResolved(){return c},setup(){const v=Me;if(Aa(v),c)return()=>ii(c,v);const y=g=>{u=null,jr(g,v,13,!r)};if(l&&v.suspense||Wn)return m().then(g=>()=>ii(g,v)).catch(g=>(y(g),()=>r?Le(r,{error:g}):null));const E=te(!1),A=te(),T=te(!!o);return o&&setTimeout(()=>{T.value=!1},o),a!=null&&setTimeout(()=>{if(!E.value&&!A.value){const g=new Error(`Async component timed out after ${a}ms.`);y(g),A.value=g}},a),m().then(()=>{E.value=!0,v.parent&&zr(v.parent.vnode)&&v.parent.update()}).catch(g=>{y(g),A.value=g}),()=>{if(E.value&&c)return ii(c,v);if(A.value&&r)return Le(r,{error:A.value});if(n&&!T.value)return Le(n)}}})}function ii(e,t){const{ref:n,props:r,children:o,ce:i}=t.vnode,a=Le(e,r,o);return a.ref=n,a.ce=i,delete t.vnode.ce,a}const zr=e=>e.type.__isKeepAlive;function $m(e,t){gc(e,"a",t)}function Bm(e,t){gc(e,"da",t)}function gc(e,t,n=Me){const r=e.__wdc||(e.__wdc=()=>{let o=n;for(;o;){if(o.isDeactivated)return;o=o.parent}return e()});if(Mo(t,r,n),n){let o=n.parent;for(;o&&o.parent;)zr(o.parent.vnode)&&Hm(r,t,n,o),o=o.parent}}function Hm(e,t,n,r){const o=Mo(t,e,r,!0);rr(()=>{ua(r[t],o)},n)}function Mo(e,t,n=Me,r=!1){if(n){const o=n[e]||(n[e]=[]),i=t.__weh||(t.__weh=(...a)=>{jt();const l=Kr(n),s=yt(t,n,e,a);return l(),zt(),s});return r?o.unshift(i):o.push(i),i}}const Wt=e=>(t,n=Me)=>{(!Wn||e==="sp")&&Mo(e,(...r)=>t(...r),n)},Um=Wt("bm"),Oe=Wt("m"),jm=Wt("bu"),Ec=Wt("u"),Ta=Wt("bum"),rr=Wt("um"),zm=Wt("sp"),Km=Wt("rtg"),Wm=Wt("rtc");function qm(e,t=Me){Mo("ec",e,t)}const Gm="components";function Rt(e,t){return Xm(Gm,e,!0,t)||e}const Ym=Symbol.for("v-ndc");function Xm(e,t,n=!0,r=!1){const o=pt||Me;if(o){const i=o.type;{const l=jc(i,!1);if(l&&(l===t||l===Ze(t)||l===Hr(Ze(t))))return i}const a=yl(o[e]||i[e],t)||yl(o.appContext[e],t);return!a&&r?i:a}}function yl(e,t){return e&&(e[t]||e[Ze(t)]||e[Hr(Ze(t))])}const Si=e=>e?Hc(e)?Ia(e):Si(e.parent):null,Ar=Re(Object.create(null),{$:e=>e,$el:e=>e.vnode.el,$data:e=>e.data,$props:e=>e.props,$attrs:e=>e.attrs,$slots:e=>e.slots,$refs:e=>e.refs,$parent:e=>Si(e.parent),$root:e=>Si(e.root),$host:e=>e.ce,$emit:e=>e.emit,$options:e=>xa(e),$forceUpdate:e=>e.f||(e.f=()=>{Ea(e.update)}),$nextTick:e=>e.n||(e.n=Kt.bind(e.proxy)),$watch:e=>vh.bind(e)}),ai=(e,t)=>e!==Ee&&!e.__isScriptSetup&&pe(e,t),Jm={get({_:e},t){if(t==="__v_skip")return!0;const{ctx:n,setupState:r,data:o,props:i,accessCache:a,type:l,appContext:s}=e;let u;if(t[0]!=="$"){const m=a[t];if(m!==void 0)switch(m){case 1:return r[t];case 2:return o[t];case 4:return n[t];case 3:return i[t]}else{if(ai(r,t))return a[t]=1,r[t];if(o!==Ee&&pe(o,t))return a[t]=2,o[t];if((u=e.propsOptions[0])&&pe(u,t))return a[t]=3,i[t];if(n!==Ee&&pe(n,t))return a[t]=4,n[t];ki&&(a[t]=0)}}const c=Ar[t];let d,p;if(c)return t==="$attrs"&&Ue(e.attrs,"get",""),c(e);if((d=l.__cssModules)&&(d=d[t]))return d;if(n!==Ee&&pe(n,t))return a[t]=4,n[t];if(p=s.config.globalProperties,pe(p,t))return p[t]},set({_:e},t,n){const{data:r,setupState:o,ctx:i}=e;return ai(o,t)?(o[t]=n,!0):r!==Ee&&pe(r,t)?(r[t]=n,!0):pe(e.props,t)||t[0]==="$"&&t.slice(1)in e?!1:(i[t]=n,!0)},has({_:{data:e,setupState:t,accessCache:n,ctx:r,appContext:o,propsOptions:i}},a){let l;return!!n[a]||e!==Ee&&pe(e,a)||ai(t,a)||(l=i[0])&&pe(l,a)||pe(r,a)||pe(Ar,a)||pe(o.config.globalProperties,a)},defineProperty(e,t,n){return n.get!=null?e._.accessCache[t]=0:pe(n,"value")&&this.set(e,t,n.value,null),Reflect.defineProperty(e,t,n)}};function bl(e){return ie(e)?e.reduce((t,n)=>(t[n]=null,t),{}):e}let ki=!0;function Qm(e){const t=xa(e),n=e.proxy,r=e.ctx;ki=!1,t.beforeCreate&&Al(t.beforeCreate,e,"bc");const{data:o,computed:i,methods:a,watch:l,provide:s,inject:u,created:c,beforeMount:d,mounted:p,beforeUpdate:m,updated:v,activated:y,deactivated:E,beforeDestroy:A,beforeUnmount:T,destroyed:g,unmounted:x,render:V,renderTracked:H,renderTriggered:N,errorCaptured:Q,serverPrefetch:$,expose:S,inheritAttrs:G,components:L,directives:Z,filters:ae}=t;if(u&&Zm(u,r,null),a)for(const B in a){const Y=a[B];oe(Y)&&(r[B]=Y.bind(n))}if(o){const B=o.call(n,n);Pe(B)&&(e.data=Ur(B))}if(ki=!0,i)for(const B in i){const Y=i[B],ce=oe(Y)?Y.bind(n,n):oe(Y.get)?Y.get.bind(n,n):It,ke=!oe(Y)&&oe(Y.set)?Y.set.bind(n):It,we=O({get:ce,set:ke});Object.defineProperty(r,B,{enumerable:!0,configurable:!0,get:()=>we.value,set:ve=>we.value=ve})}if(l)for(const B in l)yc(l[B],r,n,B);if(s){const B=oe(s)?s.call(n):s;Reflect.ownKeys(B).forEach(Y=>{xn(Y,B[Y])})}c&&Al(c,e,"c");function q(B,Y){ie(Y)?Y.forEach(ce=>B(ce.bind(n))):Y&&B(Y.bind(n))}if(q(Um,d),q(Oe,p),q(jm,m),q(Ec,v),q($m,y),q(Bm,E),q(qm,Q),q(Wm,H),q(Km,N),q(Ta,T),q(rr,x),q(zm,$),ie(S))if(S.length){const B=e.exposed||(e.exposed={});S.forEach(Y=>{Object.defineProperty(B,Y,{get:()=>n[Y],set:ce=>n[Y]=ce})})}else e.exposed||(e.exposed={});V&&e.render===It&&(e.render=V),G!=null&&(e.inheritAttrs=G),L&&(e.components=L),Z&&(e.directives=Z),$&&Aa(e)}function Zm(e,t,n=It){ie(e)&&(e=wi(e));for(const r in e){const o=e[r];let i;Pe(o)?"default"in o?i=Ve(o.from||r,o.default,!0):i=Ve(o.from||r):i=Ve(o),Ie(i)?Object.defineProperty(t,r,{enumerable:!0,configurable:!0,get:()=>i.value,set:a=>i.value=a}):t[r]=i}}function Al(e,t,n){yt(ie(e)?e.map(r=>r.bind(t.proxy)):e.bind(t.proxy),t,n)}function yc(e,t,n,r){let o=r.includes(".")?Lc(n,r):()=>n[r];if(xe(e)){const i=t[e];oe(i)&&se(o,i)}else if(oe(e))se(o,e.bind(n));else if(Pe(e))if(ie(e))e.forEach(i=>yc(i,t,n,r));else{const i=oe(e.handler)?e.handler.bind(n):t[e.handler];oe(i)&&se(o,i,e)}}function xa(e){const t=e.type,{mixins:n,extends:r}=t,{mixins:o,optionsCache:i,config:{optionMergeStrategies:a}}=e.appContext,l=i.get(t);let s;return l?s=l:!o.length&&!n&&!r?s=t:(s={},o.length&&o.forEach(u=>Ao(s,u,a,!0)),Ao(s,t,a)),Pe(t)&&i.set(t,s),s}function Ao(e,t,n,r=!1){const{mixins:o,extends:i}=t;i&&Ao(e,i,n,!0),o&&o.forEach(a=>Ao(e,a,n,!0));for(const a in t)if(!(r&&a==="expose")){const l=eh[a]||n&&n[a];e[a]=l?l(e[a],t[a]):t[a]}return e}const eh={data:Tl,props:xl,emits:xl,methods:mr,computed:mr,beforeCreate:Ke,created:Ke,beforeMount:Ke,mounted:Ke,beforeUpdate:Ke,updated:Ke,beforeDestroy:Ke,beforeUnmount:Ke,destroyed:Ke,unmounted:Ke,activated:Ke,deactivated:Ke,errorCaptured:Ke,serverPrefetch:Ke,components:mr,directives:mr,watch:nh,provide:Tl,inject:th};function Tl(e,t){return t?e?function(){return Re(oe(e)?e.call(this,this):e,oe(t)?t.call(this,this):t)}:t:e}function th(e,t){return mr(wi(e),wi(t))}function wi(e){if(ie(e)){const t={};for(let n=0;n1)return n&&oe(t)?t.call(r&&r.proxy):t}}const Ac={},Tc=()=>Object.create(Ac),xc=e=>Object.getPrototypeOf(e)===Ac;function ih(e,t,n,r=!1){const o={},i=Tc();e.propsDefaults=Object.create(null),Pc(e,t,o,i);for(const a in e.propsOptions[0])a in o||(o[a]=void 0);n?e.props=r?o:Qu(o):e.type.props?e.props=o:e.props=i,e.attrs=i}function ah(e,t,n,r){const{props:o,attrs:i,vnode:{patchFlag:a}}=e,l=le(o),[s]=e.propsOptions;let u=!1;if((r||a>0)&&!(a&16)){if(a&8){const c=e.vnode.dynamicProps;for(let d=0;d{s=!0;const[p,m]=Oc(d,t,!0);Re(a,p),m&&l.push(...m)};!n&&t.mixins.length&&t.mixins.forEach(c),e.extends&&c(e.extends),e.mixins&&e.mixins.forEach(c)}if(!i&&!s)return Pe(e)&&r.set(e,Nn),Nn;if(ie(i))for(let c=0;ce[0]==="_"||e==="$stable",Pa=e=>ie(e)?e.map(dt):[dt(e)],sh=(e,t,n)=>{if(t._n)return t;const r=Dm((...o)=>Pa(t(...o)),n);return r._c=!1,r},Dc=(e,t,n)=>{const r=e._ctx;for(const o in e){if(Cc(o))continue;const i=e[o];if(oe(i))t[o]=sh(o,i,r);else if(i!=null){const a=Pa(i);t[o]=()=>a}}},Ic=(e,t)=>{const n=Pa(t);e.slots.default=()=>n},Rc=(e,t,n)=>{for(const r in t)(n||r!=="_")&&(e[r]=t[r])},uh=(e,t,n)=>{const r=e.slots=Tc();if(e.vnode.shapeFlag&32){const o=t._;o?(Rc(r,t,n),n&&Kn(r,"_",o,!0)):Dc(t,r)}else t&&Ic(e,t)},ch=(e,t,n)=>{const{vnode:r,slots:o}=e;let i=!0,a=Ee;if(r.shapeFlag&32){const l=t._;l?n&&l===1?i=!1:Rc(o,t,n):(i=!t.$stable,Dc(t,o)),a=t}else t&&(Ic(e,t),a={default:1});if(i)for(const l in o)!Cc(l)&&a[l]==null&&delete o[l]},rt=Mc;function dh(e){return fh(e,Lm)}function fh(e,t){const n=So();n.__VUE__=!0,ac(n.__VUE_DEVTOOLS_GLOBAL_HOOK__,n);const{insert:r,remove:o,patchProp:i,createElement:a,createText:l,createComment:s,setText:u,setElementText:c,parentNode:d,nextSibling:p,setScopeId:m=It,insertStaticContent:v}=e,y=(_,b,P,I=null,C=null,k=null,U=void 0,M=null,F=!!b.dynamicChildren)=>{if(_===b)return;_&&!yn(_,b)&&(I=D(_),ve(_,C,k,!0),_=null),b.patchFlag===-2&&(F=!1,b.dynamicChildren=null);const{type:w,ref:ne,shapeFlag:z}=b;switch(w){case sn:E(_,b,P,I);break;case Je:A(_,b,P,I);break;case jn:_==null&&T(b,P,I,U);break;case Ye:L(_,b,P,I,C,k,U,M,F);break;default:z&1?V(_,b,P,I,C,k,U,M,F):z&6?Z(_,b,P,I,C,k,U,M,F):(z&64||z&128)&&w.process(_,b,P,I,C,k,U,M,F,J)}ne!=null&&C&&bo(ne,_&&_.ref,k,b||_,!b)},E=(_,b,P,I)=>{if(_==null)r(b.el=l(b.children),P,I);else{const C=b.el=_.el;b.children!==_.children&&u(C,b.children)}},A=(_,b,P,I)=>{_==null?r(b.el=s(b.children||""),P,I):b.el=_.el},T=(_,b,P,I)=>{[_.el,_.anchor]=v(_.children,b,P,I,_.el,_.anchor)},g=({el:_,anchor:b},P,I)=>{let C;for(;_&&_!==b;)C=p(_),r(_,P,I),_=C;r(b,P,I)},x=({el:_,anchor:b})=>{let P;for(;_&&_!==b;)P=p(_),o(_),_=P;o(b)},V=(_,b,P,I,C,k,U,M,F)=>{b.type==="svg"?U="svg":b.type==="math"&&(U="mathml"),_==null?H(b,P,I,C,k,U,M,F):$(_,b,C,k,U,M,F)},H=(_,b,P,I,C,k,U,M)=>{let F,w;const{props:ne,shapeFlag:z,transition:ee,dirs:re}=_;if(F=_.el=a(_.type,k,ne&&ne.is,ne),z&8?c(F,_.children):z&16&&Q(_.children,F,null,I,C,li(_,k),U,M),re&&Pt(_,null,I,"created"),N(F,_,_.scopeId,U,I),ne){for(const _e in ne)_e!=="value"&&!$n(_e)&&i(F,_e,null,ne[_e],k,I);"value"in ne&&i(F,"value",null,ne.value,k),(w=ne.onVnodeBeforeMount)&&ct(w,I,_)}Kn(F,"__vnode",_,!0),Kn(F,"__vueParentComponent",I,!0),re&&Pt(_,null,I,"beforeMount");const ue=Sc(C,ee);ue&&ee.beforeEnter(F),r(F,b,P),((w=ne&&ne.onVnodeMounted)||ue||re)&&rt(()=>{w&&ct(w,I,_),ue&&ee.enter(F),re&&Pt(_,null,I,"mounted")},C)},N=(_,b,P,I,C)=>{if(P&&m(_,P),I)for(let k=0;k{for(let w=F;w<_.length;w++){const ne=_[w]=M?nn(_[w]):dt(_[w]);y(null,ne,b,P,I,C,k,U,M)}},$=(_,b,P,I,C,k,U)=>{const M=b.el=_.el;M.__vnode=b;let{patchFlag:F,dynamicChildren:w,dirs:ne}=b;F|=_.patchFlag&16;const z=_.props||Ee,ee=b.props||Ee;let re;if(P&&hn(P,!1),(re=ee.onVnodeBeforeUpdate)&&ct(re,P,b,_),ne&&Pt(b,_,P,"beforeUpdate"),P&&hn(P,!0),(z.innerHTML&&ee.innerHTML==null||z.textContent&&ee.textContent==null)&&c(M,""),w?S(_.dynamicChildren,w,M,P,I,li(b,C),k):U||Y(_,b,M,null,P,I,li(b,C),k,!1),F>0){if(F&16)G(M,z,ee,P,C);else if(F&2&&z.class!==ee.class&&i(M,"class",null,ee.class,C),F&4&&i(M,"style",z.style,ee.style,C),F&8){const ue=b.dynamicProps;for(let _e=0;_e{re&&ct(re,P,b,_),ne&&Pt(b,_,P,"updated")},I)},S=(_,b,P,I,C,k,U)=>{for(let M=0;M{if(b!==P){if(b!==Ee)for(const k in b)!$n(k)&&!(k in P)&&i(_,k,b[k],null,C,I);for(const k in P){if($n(k))continue;const U=P[k],M=b[k];U!==M&&k!=="value"&&i(_,k,M,U,C,I)}"value"in P&&i(_,"value",b.value,P.value,C)}},L=(_,b,P,I,C,k,U,M,F)=>{const w=b.el=_?_.el:l(""),ne=b.anchor=_?_.anchor:l("");let{patchFlag:z,dynamicChildren:ee,slotScopeIds:re}=b;re&&(M=M?M.concat(re):re),_==null?(r(w,P,I),r(ne,P,I),Q(b.children||[],P,ne,C,k,U,M,F)):z>0&&z&64&&ee&&_.dynamicChildren?(S(_.dynamicChildren,ee,P,C,k,U,M),(b.key!=null||C&&b===C.subTree)&&kc(_,b,!0)):Y(_,b,P,ne,C,k,U,M,F)},Z=(_,b,P,I,C,k,U,M,F)=>{b.slotScopeIds=M,_==null?b.shapeFlag&512?C.ctx.activate(b,P,I,U,F):ae(b,P,I,C,k,U,F):he(_,b,F)},ae=(_,b,P,I,C,k,U)=>{const M=_.component=Rh(_,I,C);if(zr(_)&&(M.ctx.renderer=J),Sh(M,!1,U),M.asyncDep){if(C&&C.registerDep(M,q,U),!_.el){const F=M.subTree=Le(Je);A(null,F,b,P)}}else q(M,_,b,P,C,k,U)},he=(_,b,P)=>{const I=b.component=_.component;if(bh(_,b,P))if(I.asyncDep&&!I.asyncResolved){B(I,b,P);return}else I.next=b,I.update();else b.el=_.el,I.vnode=b},q=(_,b,P,I,C,k,U)=>{const M=()=>{if(_.isMounted){let{next:z,bu:ee,u:re,parent:ue,vnode:_e}=_;{const tt=wc(_);if(tt){z&&(z.el=_e.el,B(_,z,U)),tt.asyncDep.then(()=>{_.isUnmounted||M()});return}}let me=z,et;hn(_,!1),z?(z.el=_e.el,B(_,z,U)):z=_e,ee&&Zo(ee),(et=z.props&&z.props.onVnodeBeforeUpdate)&&ct(et,ue,z,_e),hn(_,!0);const He=si(_),vt=_.subTree;_.subTree=He,y(vt,He,d(vt.el),D(vt),_,C,k),z.el=He.el,me===null&&Ah(_,He.el),re&&rt(re,C),(et=z.props&&z.props.onVnodeUpdated)&&rt(()=>ct(et,ue,z,_e),C),lc(_)}else{let z;const{el:ee,props:re}=b,{bm:ue,m:_e,parent:me,root:et,type:He}=_,vt=Hn(b);if(hn(_,!1),ue&&Zo(ue),!vt&&(z=re&&re.onVnodeBeforeMount)&&ct(z,me,b),hn(_,!0),ee&&Ae){const tt=()=>{_.subTree=si(_),Ae(ee,_.subTree,_,C,null)};vt&&He.__asyncHydrate?He.__asyncHydrate(ee,_,tt):tt()}else{et.ce&&et.ce._injectChildStyle(He);const tt=_.subTree=si(_);y(null,tt,P,I,_,C,k),b.el=tt.el}if(_e&&rt(_e,C),!vt&&(z=re&&re.onVnodeMounted)){const tt=b;rt(()=>ct(z,me,tt),C)}(b.shapeFlag&256||me&&Hn(me.vnode)&&me.vnode.shapeFlag&256)&&_.a&&rt(_.a,C),_.isMounted=!0,xm(_),b=P=I=null}};_.scope.on();const F=_.effect=new Nu(M);_.scope.off();const w=_.update=F.run.bind(F),ne=_.job=F.runIfDirty.bind(F);ne.i=_,ne.id=_.uid,F.scheduler=()=>Ea(ne),hn(_,!0),w()},B=(_,b,P)=>{b.component=_;const I=_.vnode.props;_.vnode=b,_.next=null,ah(_,b.props,I,P),ch(_,b.children,P),jt(),ml(_),zt()},Y=(_,b,P,I,C,k,U,M,F=!1)=>{const w=_&&_.children,ne=_?_.shapeFlag:0,z=b.children,{patchFlag:ee,shapeFlag:re}=b;if(ee>0){if(ee&128){ke(w,z,P,I,C,k,U,M,F);return}else if(ee&256){ce(w,z,P,I,C,k,U,M,F);return}}re&8?(ne&16&&st(w,C,k),z!==w&&c(P,z)):ne&16?re&16?ke(w,z,P,I,C,k,U,M,F):st(w,C,k,!0):(ne&8&&c(P,""),re&16&&Q(z,P,I,C,k,U,M,F))},ce=(_,b,P,I,C,k,U,M,F)=>{_=_||Nn,b=b||Nn;const w=_.length,ne=b.length,z=Math.min(w,ne);let ee;for(ee=0;eene?st(_,C,k,!0,!1,z):Q(b,P,I,C,k,U,M,F,z)},ke=(_,b,P,I,C,k,U,M,F)=>{let w=0;const ne=b.length;let z=_.length-1,ee=ne-1;for(;w<=z&&w<=ee;){const re=_[w],ue=b[w]=F?nn(b[w]):dt(b[w]);if(yn(re,ue))y(re,ue,P,null,C,k,U,M,F);else break;w++}for(;w<=z&&w<=ee;){const re=_[z],ue=b[ee]=F?nn(b[ee]):dt(b[ee]);if(yn(re,ue))y(re,ue,P,null,C,k,U,M,F);else break;z--,ee--}if(w>z){if(w<=ee){const re=ee+1,ue=reee)for(;w<=z;)ve(_[w],C,k,!0),w++;else{const re=w,ue=w,_e=new Map;for(w=ue;w<=ee;w++){const nt=b[w]=F?nn(b[w]):dt(b[w]);nt.key!=null&&_e.set(nt.key,w)}let me,et=0;const He=ee-ue+1;let vt=!1,tt=0;const ar=new Array(He);for(w=0;w=He){ve(nt,C,k,!0);continue}let At;if(nt.key!=null)At=_e.get(nt.key);else for(me=ue;me<=ee;me++)if(ar[me-ue]===0&&yn(nt,b[me])){At=me;break}At===void 0?ve(nt,C,k,!0):(ar[At-ue]=w+1,At>=tt?tt=At:vt=!0,y(nt,b[At],P,null,C,k,U,M,F),et++)}const ll=vt?ph(ar):Nn;for(me=ll.length-1,w=He-1;w>=0;w--){const nt=ue+w,At=b[nt],sl=nt+1{const{el:k,type:U,transition:M,children:F,shapeFlag:w}=_;if(w&6){we(_.component.subTree,b,P,I);return}if(w&128){_.suspense.move(b,P,I);return}if(w&64){U.move(_,b,P,J);return}if(U===Ye){r(k,b,P);for(let z=0;zM.enter(k),C);else{const{leave:z,delayLeave:ee,afterLeave:re}=M,ue=()=>r(k,b,P),_e=()=>{z(k,()=>{ue(),re&&re()})};ee?ee(k,ue,_e):_e()}else r(k,b,P)},ve=(_,b,P,I=!1,C=!1)=>{const{type:k,props:U,ref:M,children:F,dynamicChildren:w,shapeFlag:ne,patchFlag:z,dirs:ee,cacheIndex:re}=_;if(z===-2&&(C=!1),M!=null&&bo(M,null,P,_,!0),re!=null&&(b.renderCache[re]=void 0),ne&256){b.ctx.deactivate(_);return}const ue=ne&1&&ee,_e=!Hn(_);let me;if(_e&&(me=U&&U.onVnodeBeforeUnmount)&&ct(me,b,_),ne&6)Xt(_.component,P,I);else{if(ne&128){_.suspense.unmount(P,I);return}ue&&Pt(_,null,b,"beforeUnmount"),ne&64?_.type.remove(_,b,P,J,I):w&&!w.hasOnce&&(k!==Ye||z>0&&z&64)?st(w,b,P,!1,!0):(k===Ye&&z&384||!C&&ne&16)&&st(F,b,P),I&<(_)}(_e&&(me=U&&U.onVnodeUnmounted)||ue)&&rt(()=>{me&&ct(me,b,_),ue&&Pt(_,null,b,"unmounted")},P)},lt=_=>{const{type:b,el:P,anchor:I,transition:C}=_;if(b===Ye){kt(P,I);return}if(b===jn){x(_);return}const k=()=>{o(P),C&&!C.persisted&&C.afterLeave&&C.afterLeave()};if(_.shapeFlag&1&&C&&!C.persisted){const{leave:U,delayLeave:M}=C,F=()=>U(P,k);M?M(_.el,k,F):F()}else k()},kt=(_,b)=>{let P;for(;_!==b;)P=p(_),o(_),_=P;o(b)},Xt=(_,b,P)=>{const{bum:I,scope:C,job:k,subTree:U,um:M,m:F,a:w}=_;Ol(F),Ol(w),I&&Zo(I),C.stop(),k&&(k.flags|=8,ve(U,_,b,P)),M&&rt(M,b),rt(()=>{_.isUnmounted=!0},b),b&&b.pendingBranch&&!b.isUnmounted&&_.asyncDep&&!_.asyncResolved&&_.suspenseId===b.pendingId&&(b.deps--,b.deps===0&&b.resolve()),Om(_)},st=(_,b,P,I=!1,C=!1,k=0)=>{for(let U=k;U<_.length;U++)ve(_[U],b,P,I,C)},D=_=>{if(_.shapeFlag&6)return D(_.component.subTree);if(_.shapeFlag&128)return _.suspense.next();const b=p(_.anchor||_.el),P=b&&b[Im];return P?p(P):b};let K=!1;const j=(_,b,P)=>{_==null?b._vnode&&ve(b._vnode,null,null,!0):y(b._vnode||null,_,b,null,null,null,P),b._vnode=_,K||(K=!0,ml(),Eo(),K=!1)},J={p:y,um:ve,m:we,r:lt,mt:ae,mc:Q,pc:Y,pbc:S,n:D,o:e};let de,Ae;return t&&([de,Ae]=t(J)),{render:j,hydrate:de,createApp:oh(j,de)}}function li({type:e,props:t},n){return n==="svg"&&e==="foreignObject"||n==="mathml"&&e==="annotation-xml"&&t&&t.encoding&&t.encoding.includes("html")?void 0:n}function hn({effect:e,job:t},n){n?(e.flags|=32,t.flags|=4):(e.flags&=-33,t.flags&=-5)}function Sc(e,t){return(!e||e&&!e.pendingBranch)&&t&&!t.persisted}function kc(e,t,n=!1){const r=e.children,o=t.children;if(ie(r)&&ie(o))for(let i=0;i>1,e[n[l]]0&&(t[r]=n[i-1]),n[i]=r)}}for(i=n.length,a=n[i-1];i-- >0;)n[i]=a,a=t[a];return n}function wc(e){const t=e.subTree.component;if(t)return t.asyncDep&&!t.asyncResolved?t:wc(t)}function Ol(e){if(e)for(let t=0;tVe(mh);function Oa(e,t){return Ca(e,null,t)}function se(e,t,n){return Ca(e,t,n)}function Ca(e,t,n=Ee){const{immediate:r,deep:o,flush:i,once:a}=n,l=Re({},n),s=t&&r||!t&&i!=="post";let u;if(Wn){if(i==="sync"){const m=hh();u=m.__watcherHandles||(m.__watcherHandles=[])}else if(!s){const m=()=>{};return m.stop=It,m.resume=It,m.pause=It,m}}const c=Me;l.call=(m,v,y)=>yt(m,c,v,y);let d=!1;i==="post"?l.scheduler=m=>{rt(m,c&&c.suspense)}:i!=="sync"&&(d=!0,l.scheduler=(m,v)=>{v?m():Ea(m)}),l.augmentJob=m=>{t&&(m.flags|=4),d&&(m.flags|=2,c&&(m.id=c.uid,m.i=c))};const p=mm(e,t,l);return Wn&&(u?u.push(p):s&&p()),p}function vh(e,t,n){const r=this.proxy,o=xe(e)?e.includes(".")?Lc(r,e):()=>r[e]:e.bind(r,r);let i;oe(t)?i=t:(i=t.handler,n=t);const a=Kr(this),l=Ca(o,i.bind(r),n);return a(),l}function Lc(e,t){const n=t.split(".");return()=>{let r=e;for(let o=0;ot==="modelValue"||t==="model-value"?e.modelModifiers:e[`${t}Modifiers`]||e[`${Ze(t)}Modifiers`]||e[`${fn(t)}Modifiers`];function gh(e,t,...n){if(e.isUnmounted)return;const r=e.vnode.props||Ee;let o=n;const i=t.startsWith("update:"),a=i&&_h(r,t.slice(7));a&&(a.trim&&(o=n.map(c=>xe(c)?c.trim():c)),a.number&&(o=n.map(xp))),Cm(e,t,o);let l,s=r[l=Qo(t)]||r[l=Qo(Ze(t))];!s&&i&&(s=r[l=Qo(fn(t))]),s&&yt(s,e,6,o);const u=r[l+"Once"];if(u){if(!e.emitted)e.emitted={};else if(e.emitted[l])return;e.emitted[l]=!0,yt(u,e,6,o)}}function Vc(e,t,n=!1){const r=t.emitsCache,o=r.get(e);if(o!==void 0)return o;const i=e.emits;let a={},l=!1;if(!oe(e)){const s=u=>{const c=Vc(u,t,!0);c&&(l=!0,Re(a,c))};!n&&t.mixins.length&&t.mixins.forEach(s),e.extends&&s(e.extends),e.mixins&&e.mixins.forEach(s)}return!i&&!l?(Pe(e)&&r.set(e,null),null):(ie(i)?i.forEach(s=>a[s]=null):Re(a,i),Pe(e)&&r.set(e,a),a)}function No(e,t){return!e||!Br(t)?!1:(t=t.slice(2).replace(/Once$/,""),pe(e,t[0].toLowerCase()+t.slice(1))||pe(e,fn(t))||pe(e,t))}function si(e){const{type:t,vnode:n,proxy:r,withProxy:o,propsOptions:[i],slots:a,attrs:l,emit:s,render:u,renderCache:c,props:d,data:p,setupState:m,ctx:v,inheritAttrs:y}=e,E=yo(e);let A,T;try{if(n.shapeFlag&4){const x=o||r,V=x;A=dt(u.call(V,x,c,d,m,p,v)),T=l}else{const x=t;A=dt(x.length>1?x(d,{attrs:l,slots:a,emit:s}):x(d,null)),T=t.props?l:Eh(l)}}catch(x){Tr.length=0,jr(x,e,1),A=Le(Je)}let g=A;if(T&&y!==!1){const x=Object.keys(T),{shapeFlag:V}=g;x.length&&V&7&&(i&&x.some(sa)&&(T=yh(T,i)),g=un(g,T,!1,!0))}return n.dirs&&(g=un(g,null,!1,!0),g.dirs=g.dirs?g.dirs.concat(n.dirs):n.dirs),n.transition&&Cn(g,n.transition),A=g,yo(E),A}const Eh=e=>{let t;for(const n in e)(n==="class"||n==="style"||Br(n))&&((t||(t={}))[n]=e[n]);return t},yh=(e,t)=>{const n={};for(const r in e)(!sa(r)||!(r.slice(9)in t))&&(n[r]=e[r]);return n};function bh(e,t,n){const{props:r,children:o,component:i}=e,{props:a,children:l,patchFlag:s}=t,u=i.emitsOptions;if(t.dirs||t.transition)return!0;if(n&&s>=0){if(s&1024)return!0;if(s&16)return r?Cl(r,a,u):!!a;if(s&8){const c=t.dynamicProps;for(let d=0;de.__isSuspense;function Mc(e,t){t&&t.pendingBranch?ie(e)?t.effects.push(...e):t.effects.push(e):bm(e)}const Ye=Symbol.for("v-fgt"),sn=Symbol.for("v-txt"),Je=Symbol.for("v-cmt"),jn=Symbol.for("v-stc"),Tr=[];let ot=null;function ly(e=!1){Tr.push(ot=e?null:[])}function Th(){Tr.pop(),ot=Tr[Tr.length-1]||null}let Sr=1;function Dl(e){Sr+=e,e<0&&ot&&(ot.hasOnce=!0)}function xh(e){return e.dynamicChildren=Sr>0?ot||Nn:null,Th(),Sr>0&&ot&&ot.push(e),e}function sy(e,t,n,r,o,i){return xh($c(e,t,n,r,o,i,!0))}function To(e){return e?e.__v_isVNode===!0:!1}function yn(e,t){return e.type===t.type&&e.key===t.key}const Nc=({key:e})=>e??null,co=({ref:e,ref_key:t,ref_for:n})=>(typeof e=="number"&&(e=""+e),e!=null?xe(e)||Ie(e)||oe(e)?{i:pt,r:e,k:t,f:!!n}:e:null);function $c(e,t=null,n=null,r=0,o=null,i=e===Ye?0:1,a=!1,l=!1){const s={__v_isVNode:!0,__v_skip:!0,type:e,props:t,key:t&&Nc(t),ref:t&&co(t),scopeId:sc,slotScopeIds:null,children:n,component:null,suspense:null,ssContent:null,ssFallback:null,dirs:null,transition:null,el:null,anchor:null,target:null,targetStart:null,targetAnchor:null,staticCount:0,shapeFlag:i,patchFlag:r,dynamicProps:o,dynamicChildren:null,appContext:null,ctx:pt};return l?(Da(s,n),i&128&&e.normalize(s)):n&&(s.shapeFlag|=xe(n)?8:16),Sr>0&&!a&&ot&&(s.patchFlag>0||i&6)&&s.patchFlag!==32&&ot.push(s),s}const Le=Ph;function Ph(e,t=null,n=null,r=0,o=null,i=!1){if((!e||e===Ym)&&(e=Je),To(e)){const l=un(e,t,!0);return n&&Da(l,n),Sr>0&&!i&&ot&&(l.shapeFlag&6?ot[ot.indexOf(e)]=l:ot.push(l)),l.patchFlag=-2,l}if(Mh(e)&&(e=e.__vccOpts),t){t=Oh(t);let{class:l,style:s}=t;l&&!xe(l)&&(t.class=wo(l)),Pe(s)&&(ga(s)&&!ie(s)&&(s=Re({},s)),t.style=ko(s))}const a=xe(e)?1:Fc(e)?128:uc(e)?64:Pe(e)?4:oe(e)?2:0;return $c(e,t,n,r,o,a,i,!0)}function Oh(e){return e?ga(e)||xc(e)?Re({},e):e:null}function un(e,t,n=!1,r=!1){const{props:o,ref:i,patchFlag:a,children:l,transition:s}=e,u=t?Ch(o||{},t):o,c={__v_isVNode:!0,__v_skip:!0,type:e.type,props:u,key:u&&Nc(u),ref:t&&t.ref?n&&i?ie(i)?i.concat(co(t)):[i,co(t)]:co(t):i,scopeId:e.scopeId,slotScopeIds:e.slotScopeIds,children:l,target:e.target,targetStart:e.targetStart,targetAnchor:e.targetAnchor,staticCount:e.staticCount,shapeFlag:e.shapeFlag,patchFlag:t&&e.type!==Ye?a===-1?16:a|16:a,dynamicProps:e.dynamicProps,dynamicChildren:e.dynamicChildren,appContext:e.appContext,dirs:e.dirs,transition:s,component:e.component,suspense:e.suspense,ssContent:e.ssContent&&un(e.ssContent),ssFallback:e.ssFallback&&un(e.ssFallback),el:e.el,anchor:e.anchor,ctx:e.ctx,ce:e.ce};return s&&r&&Cn(c,s.clone(c)),c}function Bc(e=" ",t=0){return Le(sn,null,e,t)}function uy(e,t){const n=Le(jn,null,e);return n.staticCount=t,n}function dt(e){return e==null||typeof e=="boolean"?Le(Je):ie(e)?Le(Ye,null,e.slice()):To(e)?nn(e):Le(sn,null,String(e))}function nn(e){return e.el===null&&e.patchFlag!==-1||e.memo?e:un(e)}function Da(e,t){let n=0;const{shapeFlag:r}=e;if(t==null)t=null;else if(ie(t))n=16;else if(typeof t=="object")if(r&65){const o=t.default;o&&(o._c&&(o._d=!1),Da(e,o()),o._c&&(o._d=!0));return}else{n=32;const o=t._;!o&&!xc(t)?t._ctx=pt:o===3&&pt&&(pt.slots._===1?t._=1:(t._=2,e.patchFlag|=1024))}else oe(t)?(t={default:t,_ctx:pt},n=32):(t=String(t),r&64?(n=16,t=[Bc(t)]):n=8);e.children=t,e.shapeFlag|=n}function Ch(...e){const t={};for(let n=0;nMe||pt;let xo,Vi;{const e=So(),t=(n,r)=>{let o;return(o=e[n])||(o=e[n]=[]),o.push(r),i=>{o.length>1?o.forEach(a=>a(i)):o[0](i)}};xo=t("__VUE_INSTANCE_SETTERS__",n=>Me=n),Vi=t("__VUE_SSR_SETTERS__",n=>Wn=n)}const Kr=e=>{const t=Me;return xo(e),e.scope.on(),()=>{e.scope.off(),xo(t)}},Il=()=>{Me&&Me.scope.off(),xo(null)};function Hc(e){return e.vnode.shapeFlag&4}let Wn=!1;function Sh(e,t=!1,n=!1){t&&Vi(t);const{props:r,children:o}=e.vnode,i=Hc(e);ih(e,r,i,t),uh(e,o,n);const a=i?kh(e,t):void 0;return t&&Vi(!1),a}function kh(e,t){const n=e.type;e.accessCache=Object.create(null),e.proxy=new Proxy(e.ctx,Jm);const{setup:r}=n;if(r){jt();const o=e.setupContext=r.length>1?Lh(e):null,i=Kr(e),a=nr(r,e,0,[e.props,o]),l=Vu(a);if(zt(),i(),(l||e.sp)&&!Hn(e)&&Aa(e),l){if(a.then(Il,Il),t)return a.then(s=>{Rl(e,s,t)}).catch(s=>{jr(s,e,0)});e.asyncDep=a}else Rl(e,a,t)}else Uc(e,t)}function Rl(e,t,n){oe(t)?e.type.__ssrInlineRender?e.ssrRender=t:e.render=t:Pe(t)&&(e.devtoolsRawSetupState=t,e.setupState=ec(t)),Uc(e,n)}let Sl;function Uc(e,t,n){const r=e.type;if(!e.render){if(!t&&Sl&&!r.render){const o=r.template||xa(e).template;if(o){const{isCustomElement:i,compilerOptions:a}=e.appContext.config,{delimiters:l,compilerOptions:s}=r,u=Re(Re({isCustomElement:i,delimiters:l},a),s);r.render=Sl(o,u)}}e.render=r.render||It}{const o=Kr(e);jt();try{Qm(e)}finally{zt(),o()}}}const wh={get(e,t){return Ue(e,"get",""),e[t]}};function Lh(e){const t=n=>{e.exposed=n||{}};return{attrs:new Proxy(e.attrs,wh),slots:e.slots,emit:e.emit,expose:t}}function Ia(e){return e.exposed?e.exposeProxy||(e.exposeProxy=new Proxy(ec(om(e.exposed)),{get(t,n){if(n in t)return t[n];if(n in Ar)return Ar[n](e)},has(t,n){return n in t||n in Ar}})):e.proxy}const Vh=/(?:^|[-_])(\w)/g,Fh=e=>e.replace(Vh,t=>t.toUpperCase()).replace(/[-_]/g,"");function jc(e,t=!0){return oe(e)?e.displayName||e.name:e.name||t&&e.__name}function zc(e,t,n=!1){let r=jc(t);if(!r&&t.__file){const o=t.__file.match(/([^/\\]+)\.\w+$/);o&&(r=o[1])}if(!r&&e&&e.parent){const o=i=>{for(const a in i)if(i[a]===t)return a};r=o(e.components||e.parent.type.components)||o(e.appContext.components)}return r?Fh(r):n?"App":"Anonymous"}function Mh(e){return oe(e)&&"__vccOpts"in e}const O=(e,t)=>fm(e,t,Wn);function f(e,t,n){const r=arguments.length;return r===2?Pe(t)&&!ie(t)?To(t)?Le(e,null,[t]):Le(e,t):Le(e,null,t):(r>3?n=Array.prototype.slice.call(arguments,2):r===3&&To(n)&&(n=[n]),Le(e,t,n))}const kl="3.5.12";/** +* @vue/runtime-dom v3.5.12 +* (c) 2018-present Yuxi (Evan) You and Vue contributors +* @license MIT +**/let Fi;const wl=typeof window<"u"&&window.trustedTypes;if(wl)try{Fi=wl.createPolicy("vue",{createHTML:e=>e})}catch{}const Kc=Fi?e=>Fi.createHTML(e):e=>e,Nh="http://www.w3.org/2000/svg",$h="http://www.w3.org/1998/Math/MathML",Nt=typeof document<"u"?document:null,Ll=Nt&&Nt.createElement("template"),Bh={insert:(e,t,n)=>{t.insertBefore(e,n||null)},remove:e=>{const t=e.parentNode;t&&t.removeChild(e)},createElement:(e,t,n,r)=>{const o=t==="svg"?Nt.createElementNS(Nh,e):t==="mathml"?Nt.createElementNS($h,e):n?Nt.createElement(e,{is:n}):Nt.createElement(e);return e==="select"&&r&&r.multiple!=null&&o.setAttribute("multiple",r.multiple),o},createText:e=>Nt.createTextNode(e),createComment:e=>Nt.createComment(e),setText:(e,t)=>{e.nodeValue=t},setElementText:(e,t)=>{e.textContent=t},parentNode:e=>e.parentNode,nextSibling:e=>e.nextSibling,querySelector:e=>Nt.querySelector(e),setScopeId(e,t){e.setAttribute(t,"")},insertStaticContent(e,t,n,r,o,i){const a=n?n.previousSibling:t.lastChild;if(o&&(o===i||o.nextSibling))for(;t.insertBefore(o.cloneNode(!0),n),!(o===i||!(o=o.nextSibling)););else{Ll.innerHTML=Kc(r==="svg"?`${e}`:r==="mathml"?`${e}`:e);const l=Ll.content;if(r==="svg"||r==="mathml"){const s=l.firstChild;for(;s.firstChild;)l.appendChild(s.firstChild);l.removeChild(s)}t.insertBefore(l,n)}return[a?a.nextSibling:t.firstChild,n?n.previousSibling:t.lastChild]}},Jt="transition",sr="animation",qn=Symbol("_vtc"),Wc={name:String,type:String,css:{type:Boolean,default:!0},duration:[String,Number,Object],enterFromClass:String,enterActiveClass:String,enterToClass:String,appearFromClass:String,appearActiveClass:String,appearToClass:String,leaveFromClass:String,leaveActiveClass:String,leaveToClass:String},qc=Re({},dc,Wc),Hh=e=>(e.displayName="Transition",e.props=qc,e),Gn=Hh((e,{slots:t})=>f(Sm,Gc(e),t)),vn=(e,t=[])=>{ie(e)?e.forEach(n=>n(...t)):e&&e(...t)},Vl=e=>e?ie(e)?e.some(t=>t.length>1):e.length>1:!1;function Gc(e){const t={};for(const L in e)L in Wc||(t[L]=e[L]);if(e.css===!1)return t;const{name:n="v",type:r,duration:o,enterFromClass:i=`${n}-enter-from`,enterActiveClass:a=`${n}-enter-active`,enterToClass:l=`${n}-enter-to`,appearFromClass:s=i,appearActiveClass:u=a,appearToClass:c=l,leaveFromClass:d=`${n}-leave-from`,leaveActiveClass:p=`${n}-leave-active`,leaveToClass:m=`${n}-leave-to`}=e,v=Uh(o),y=v&&v[0],E=v&&v[1],{onBeforeEnter:A,onEnter:T,onEnterCancelled:g,onLeave:x,onLeaveCancelled:V,onBeforeAppear:H=A,onAppear:N=T,onAppearCancelled:Q=g}=t,$=(L,Z,ae)=>{Zt(L,Z?c:l),Zt(L,Z?u:a),ae&&ae()},S=(L,Z)=>{L._isLeaving=!1,Zt(L,d),Zt(L,m),Zt(L,p),Z&&Z()},G=L=>(Z,ae)=>{const he=L?N:T,q=()=>$(Z,L,ae);vn(he,[Z,q]),Fl(()=>{Zt(Z,L?s:i),Ft(Z,L?c:l),Vl(he)||Ml(Z,r,y,q)})};return Re(t,{onBeforeEnter(L){vn(A,[L]),Ft(L,i),Ft(L,a)},onBeforeAppear(L){vn(H,[L]),Ft(L,s),Ft(L,u)},onEnter:G(!1),onAppear:G(!0),onLeave(L,Z){L._isLeaving=!0;const ae=()=>S(L,Z);Ft(L,d),Ft(L,p),Xc(),Fl(()=>{L._isLeaving&&(Zt(L,d),Ft(L,m),Vl(x)||Ml(L,r,E,ae))}),vn(x,[L,ae])},onEnterCancelled(L){$(L,!1),vn(g,[L])},onAppearCancelled(L){$(L,!0),vn(Q,[L])},onLeaveCancelled(L){S(L),vn(V,[L])}})}function Uh(e){if(e==null)return null;if(Pe(e))return[ui(e.enter),ui(e.leave)];{const t=ui(e);return[t,t]}}function ui(e){return Pp(e)}function Ft(e,t){t.split(/\s+/).forEach(n=>n&&e.classList.add(n)),(e[qn]||(e[qn]=new Set)).add(t)}function Zt(e,t){t.split(/\s+/).forEach(r=>r&&e.classList.remove(r));const n=e[qn];n&&(n.delete(t),n.size||(e[qn]=void 0))}function Fl(e){requestAnimationFrame(()=>{requestAnimationFrame(e)})}let jh=0;function Ml(e,t,n,r){const o=e._endId=++jh,i=()=>{o===e._endId&&r()};if(n!=null)return setTimeout(i,n);const{type:a,timeout:l,propCount:s}=Yc(e,t);if(!a)return r();const u=a+"end";let c=0;const d=()=>{e.removeEventListener(u,p),i()},p=m=>{m.target===e&&++c>=s&&d()};setTimeout(()=>{c(n[v]||"").split(", "),o=r(`${Jt}Delay`),i=r(`${Jt}Duration`),a=Nl(o,i),l=r(`${sr}Delay`),s=r(`${sr}Duration`),u=Nl(l,s);let c=null,d=0,p=0;t===Jt?a>0&&(c=Jt,d=a,p=i.length):t===sr?u>0&&(c=sr,d=u,p=s.length):(d=Math.max(a,u),c=d>0?a>u?Jt:sr:null,p=c?c===Jt?i.length:s.length:0);const m=c===Jt&&/\b(transform|all)(,|$)/.test(r(`${Jt}Property`).toString());return{type:c,timeout:d,propCount:p,hasTransform:m}}function Nl(e,t){for(;e.length$l(n)+$l(e[r])))}function $l(e){return e==="auto"?0:Number(e.slice(0,-1).replace(",","."))*1e3}function Xc(){return document.body.offsetHeight}function zh(e,t,n){const r=e[qn];r&&(t=(t?[t,...r]:[...r]).join(" ")),t==null?e.removeAttribute("class"):n?e.setAttribute("class",t):e.className=t}const Bl=Symbol("_vod"),Kh=Symbol("_vsh"),Wh=Symbol(""),qh=/(^|;)\s*display\s*:/;function Gh(e,t,n){const r=e.style,o=xe(n);let i=!1;if(n&&!o){if(t)if(xe(t))for(const a of t.split(";")){const l=a.slice(0,a.indexOf(":")).trim();n[l]==null&&fo(r,l,"")}else for(const a in t)n[a]==null&&fo(r,a,"");for(const a in n)a==="display"&&(i=!0),fo(r,a,n[a])}else if(o){if(t!==n){const a=r[Wh];a&&(n+=";"+a),r.cssText=n,i=qh.test(n)}}else t&&e.removeAttribute("style");Bl in e&&(e[Bl]=i?r.display:"",e[Kh]&&(r.display="none"))}const Hl=/\s*!important$/;function fo(e,t,n){if(ie(n))n.forEach(r=>fo(e,t,r));else if(n==null&&(n=""),t.startsWith("--"))e.setProperty(t,n);else{const r=Yh(e,t);Hl.test(n)?e.setProperty(fn(r),n.replace(Hl,""),"important"):e[r]=n}}const Ul=["Webkit","Moz","ms"],ci={};function Yh(e,t){const n=ci[t];if(n)return n;let r=Ze(t);if(r!=="filter"&&r in e)return ci[t]=r;r=Hr(r);for(let o=0;odi||(ev.then(()=>di=0),di=Date.now());function nv(e,t){const n=r=>{if(!r._vts)r._vts=Date.now();else if(r._vts<=n.attached)return;yt(rv(r,n.value),t,5,[r])};return n.value=e,n.attached=tv(),n}function rv(e,t){if(ie(t)){const n=e.stopImmediatePropagation;return e.stopImmediatePropagation=()=>{n.call(e),e._stopped=!0},t.map(r=>o=>!o._stopped&&r&&r(o))}else return t}const Gl=e=>e.charCodeAt(0)===111&&e.charCodeAt(1)===110&&e.charCodeAt(2)>96&&e.charCodeAt(2)<123,ov=(e,t,n,r,o,i)=>{const a=o==="svg";t==="class"?zh(e,r,a):t==="style"?Gh(e,n,r):Br(t)?sa(t)||Qh(e,t,n,r,i):(t[0]==="."?(t=t.slice(1),!0):t[0]==="^"?(t=t.slice(1),!1):iv(e,t,r,a))?(Kl(e,t,r),!e.tagName.includes("-")&&(t==="value"||t==="checked"||t==="selected")&&zl(e,t,r,a,i,t!=="value")):e._isVueCE&&(/[A-Z]/.test(t)||!xe(r))?Kl(e,Ze(t),r,i,t):(t==="true-value"?e._trueValue=r:t==="false-value"&&(e._falseValue=r),zl(e,t,r,a))};function iv(e,t,n,r){if(r)return!!(t==="innerHTML"||t==="textContent"||t in e&&Gl(t)&&oe(n));if(t==="spellcheck"||t==="draggable"||t==="translate"||t==="form"||t==="list"&&e.tagName==="INPUT"||t==="type"&&e.tagName==="TEXTAREA")return!1;if(t==="width"||t==="height"){const o=e.tagName;if(o==="IMG"||o==="VIDEO"||o==="CANVAS"||o==="SOURCE")return!1}return Gl(t)&&xe(n)?!1:t in e}const Jc=new WeakMap,Qc=new WeakMap,Po=Symbol("_moveCb"),Yl=Symbol("_enterCb"),av=e=>(delete e.props.mode,e),lv=av({name:"TransitionGroup",props:Re({},qc,{tag:String,moveClass:String}),setup(e,{slots:t}){const n=In(),r=cc();let o,i;return Ec(()=>{if(!o.length)return;const a=e.moveClass||`${e.name||"v"}-move`;if(!dv(o[0].el,n.vnode.el,a))return;o.forEach(sv),o.forEach(uv);const l=o.filter(cv);Xc(),l.forEach(s=>{const u=s.el,c=u.style;Ft(u,a),c.transform=c.webkitTransform=c.transitionDuration="";const d=u[Po]=p=>{p&&p.target!==u||(!p||/transform$/.test(p.propertyName))&&(u.removeEventListener("transitionend",d),u[Po]=null,Zt(u,a))};u.addEventListener("transitionend",d)})}),()=>{const a=le(e),l=Gc(a);let s=a.tag||Ye;if(o=[],i)for(let u=0;u{l.split(/\s+/).forEach(s=>s&&r.classList.remove(s))}),n.split(/\s+/).forEach(l=>l&&r.classList.add(l)),r.style.display="none";const i=t.nodeType===1?t:t.parentNode;i.appendChild(r);const{hasTransform:a}=Yc(r);return i.removeChild(r),a}const fv=Re({patchProp:ov},Bh);let fi,Xl=!1;function pv(){return fi=Xl?fi:dh(fv),Xl=!0,fi}const mv=(...e)=>{const t=pv().createApp(...e),{mount:n}=t;return t.mount=r=>{const o=vv(r);if(o)return n(o,!0,hv(o))},t};function hv(e){if(e instanceof SVGElement)return"svg";if(typeof MathMLElement=="function"&&e instanceof MathMLElement)return"mathml"}function vv(e){return xe(e)?document.querySelector(e):e}var Wr=e=>/^[a-z][a-z0-9+.-]*:/.test(e)||e.startsWith("//"),_v=/.md((\?|#).*)?$/,Ra=(e,t="/")=>Wr(e)||e.startsWith("/")&&!e.startsWith(t)&&!_v.test(e),qr=e=>/^(https?:)?\/\//.test(e),Jl=e=>{if(!e||e.endsWith("/"))return e;let t=e.replace(/(^|\/)README.md$/i,"$1index.html");return t.endsWith(".md")?t=`${t.substring(0,t.length-3)}.html`:t.endsWith(".html")||(t=`${t}.html`),t.endsWith("/index.html")&&(t=t.substring(0,t.length-10)),t},gv="http://.",Ev=(e,t)=>{if(!e.startsWith("/")&&t){const n=t.slice(0,t.lastIndexOf("/"));return Jl(new URL(`${n}/${e}`,gv).pathname)}return Jl(e)},yv=(e,t)=>{const n=Object.keys(e).sort((r,o)=>{const i=o.split("/").length-r.split("/").length;return i!==0?i:o.length-r.length});for(const r of n)if(t.startsWith(r))return r;return"/"},bv=/(#|\?)/,ed=e=>{const[t,...n]=e.split(bv);return{pathname:t,hashAndQueries:n.join("")}},Av=["link","meta","script","style","noscript","template"],Tv=["title","base"],xv=([e,t,n])=>Tv.includes(e)?e:Av.includes(e)?e==="meta"&&t.name?`${e}.${t.name}`:e==="template"&&t.id?`${e}.${t.id}`:JSON.stringify([e,Object.entries(t).map(([r,o])=>typeof o=="boolean"?o?[r,""]:null:[r,o]).filter(r=>r!=null).sort(([r],[o])=>r.localeCompare(o)),n]):null,Pv=e=>{const t=new Set,n=[];return e.forEach(r=>{const o=xv(r);o&&!t.has(o)&&(t.add(o),n.push(r))}),n},Ov=e=>e.startsWith("/")?e:`/${e}`,td=e=>e.endsWith("/")||e.endsWith(".html")?e:`${e}/`,Sa=e=>e.endsWith("/")?e.slice(0,-1):e,nd=e=>e.startsWith("/")?e.slice(1):e,$o=e=>Object.prototype.toString.call(e)==="[object Object]",Fe=e=>typeof e=="string";const Cv=JSON.parse("{}"),Dv=Object.fromEntries([["/",{loader:()=>h(()=>import("./index.html-CJqQIH24.js"),__vite__mapDeps([0,1,2])),meta:{t:"Data Sharing Framework",i:"home"}}],["/about/",{loader:()=>h(()=>import("./index.html-CEl0GMbE.js"),__vite__mapDeps([3,2])),meta:{t:"About",i:"creative"}}],["/for-you/",{loader:()=>h(()=>import("./index.html-tRP1yX-S.js"),__vite__mapDeps([4,2])),meta:{t:"DSF for your project",i:"creative"}}],["/for-you/learn.html",{loader:()=>h(()=>import("./learn.html-CN30f4q5.js"),__vite__mapDeps([5,2])),meta:{t:"How to implement your use-case",i:"creative"}}],["/hackathon/",{loader:()=>h(()=>import("./index.html-LTp7GwJa.js"),__vite__mapDeps([6,2])),meta:{t:"Hackathon",i:"guide"}}],["/intro/",{loader:()=>h(()=>import("./index.html-CCHXQ3qu.js"),__vite__mapDeps([7,2])),meta:{t:"Documentation",i:"info"}}],["/intro/publications.html",{loader:()=>h(()=>import("./publications.html-B4U9UGg2.js"),__vite__mapDeps([8,2])),meta:{t:"Publications and Talks",i:"blog"}}],["/oldstable/",{loader:()=>h(()=>import("./index.html-RXe6B_7F.js"),__vite__mapDeps([9,2])),meta:{t:"Version 0.9.x",i:"guide"}}],["/oldstable/introduction.html",{loader:()=>h(()=>import("./introduction.html-KmTMU4Pu.js"),__vite__mapDeps([10,2])),meta:{t:"Introduction",i:"info"}}],["/security/",{loader:()=>h(()=>import("./index.html-CKHbb906.js"),__vite__mapDeps([11,2])),meta:{t:"Security",i:"safe"}}],["/sprechstunde/",{loader:()=>h(()=>import("./index.html-D7PkCYZy.js"),__vite__mapDeps([12,2])),meta:{t:"Sprechstunde",i:"guide"}}],["/stable/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-Bfk0jIju.js"),__vite__mapDeps([13,2])),meta:{t:"DSF for Developers",i:"info"}}],["/stable/",{loader:()=>h(()=>import("./index.html-Y0e05cKm.js"),__vite__mapDeps([14,2])),meta:{t:"DSF 1.7.0",i:"guide"}}],["/stable/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-BXZYZl-l.js"),__vite__mapDeps([15,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.0.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-C9euuucY.js"),__vite__mapDeps([16,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.0.0/",{loader:()=>h(()=>import("./index.html-wVEnbcVC.js"),__vite__mapDeps([17,2])),meta:{t:"DSF 1.0.0",i:"guide"}}],["/v1.0.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-DrS0U-59.js"),__vite__mapDeps([18,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.1.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-x2O2enR2.js"),__vite__mapDeps([19,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.1.0/",{loader:()=>h(()=>import("./index.html-3D5twG1B.js"),__vite__mapDeps([20,2])),meta:{t:"DSF 1.1.0",i:"guide"}}],["/v1.1.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-CvYyNIjF.js"),__vite__mapDeps([21,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.2.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-BTVbCBjm.js"),__vite__mapDeps([22,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.2.0/",{loader:()=>h(()=>import("./index.html-BvjsjDex.js"),__vite__mapDeps([23,2])),meta:{t:"DSF 1.2.0",i:"guide"}}],["/v1.2.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-Gkd0KZn-.js"),__vite__mapDeps([24,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.3.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-C1_lZM3T.js"),__vite__mapDeps([25,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.3.0/",{loader:()=>h(()=>import("./index.html-Cndqnr5H.js"),__vite__mapDeps([26,2])),meta:{t:"DSF 1.3.0",i:"guide"}}],["/v1.3.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-CvfI-O1o.js"),__vite__mapDeps([27,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.3.1/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-LGq1G0a7.js"),__vite__mapDeps([28,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.3.1/",{loader:()=>h(()=>import("./index.html-CPm74umY.js"),__vite__mapDeps([29,2])),meta:{t:"DSF 1.3.1",i:"guide"}}],["/v1.3.1/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-DK2hR7GM.js"),__vite__mapDeps([30,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.3.2/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-FPawE1xG.js"),__vite__mapDeps([31,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.3.2/",{loader:()=>h(()=>import("./index.html-DfC4mUoD.js"),__vite__mapDeps([32,2])),meta:{t:"DSF 1.3.2",i:"guide"}}],["/v1.3.2/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-CryoSrgT.js"),__vite__mapDeps([33,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.4.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-Cb90i-uk.js"),__vite__mapDeps([34,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.4.0/",{loader:()=>h(()=>import("./index.html-CQIyjAbi.js"),__vite__mapDeps([35,2])),meta:{t:"DSF 1.4.0",i:"guide"}}],["/v1.4.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-uS_KMulc.js"),__vite__mapDeps([36,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.5.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-BEsPCGfN.js"),__vite__mapDeps([37,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.5.0/",{loader:()=>h(()=>import("./index.html-DQ3Nt6us.js"),__vite__mapDeps([38,2])),meta:{t:"DSF 1.5.0",i:"guide"}}],["/v1.5.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-DknbFNSU.js"),__vite__mapDeps([39,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.5.1/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-BbzdxZL5.js"),__vite__mapDeps([40,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.5.1/",{loader:()=>h(()=>import("./index.html-B2IxHHQk.js"),__vite__mapDeps([41,2])),meta:{t:"DSF 1.5.1",i:"guide"}}],["/v1.5.1/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-DEwVR5E2.js"),__vite__mapDeps([42,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.5.2/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-BHbqABzE.js"),__vite__mapDeps([43,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.5.2/",{loader:()=>h(()=>import("./index.html-EiZ7XLI5.js"),__vite__mapDeps([44,2])),meta:{t:"DSF 1.5.2",i:"guide"}}],["/v1.5.2/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-DDT8mKAK.js"),__vite__mapDeps([45,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.6.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-C7eEqNG_.js"),__vite__mapDeps([46,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.6.0/",{loader:()=>h(()=>import("./index.html-kMzNwla3.js"),__vite__mapDeps([47,2])),meta:{t:"DSF 1.6.0",i:"guide"}}],["/v1.6.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-Aiosif86.js"),__vite__mapDeps([48,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/v1.7.0/dsf-for-dev.html",{loader:()=>h(()=>import("./dsf-for-dev.html-C54H0sEh.js"),__vite__mapDeps([49,2])),meta:{t:"DSF for Developers",i:"info"}}],["/v1.7.0/",{loader:()=>h(()=>import("./index.html-BrXjYrIb.js"),__vite__mapDeps([50,2])),meta:{t:"DSF 1.7.0",i:"guide"}}],["/v1.7.0/process-plugins-advanced.html",{loader:()=>h(()=>import("./process-plugins-advanced.html-C4k17IeZ.js"),__vite__mapDeps([51,2])),meta:{t:"Process Plugins Advanced",i:"info"}}],["/about/learnmore/",{loader:()=>h(()=>import("./index.html-Cz99fyPG.js"),__vite__mapDeps([52,2])),meta:{t:"Learn more",i:"creative"}}],["/about/learnmore/contact.html",{loader:()=>h(()=>import("./contact.html--dlNXcVc.js"),__vite__mapDeps([53,2])),meta:{t:"Contact & Community",i:"call"}}],["/about/learnmore/partners.html",{loader:()=>h(()=>import("./partners.html-CNkEzyU2.js"),__vite__mapDeps([54,2])),meta:{t:"Partners",i:"proxy"}}],["/about/learnmore/public.html",{loader:()=>h(()=>import("./public.html-GIYlha5E.js"),__vite__mapDeps([55,56,2])),meta:{t:"Public Funding",i:"free"}}],["/about/learnmore/team.html",{loader:()=>h(()=>import("./team.html-DZAqBiTA.js"),__vite__mapDeps([57,2])),meta:{t:"Team",i:"group"}}],["/intro/info/allowList.html",{loader:()=>h(()=>import("./allowList.html-U0Ic9Agz.js"),__vite__mapDeps([58,2])),meta:{t:"Allow Lists",i:"share"}}],["/intro/info/architecture.html",{loader:()=>h(()=>import("./architecture.html-C-MxvfKL.js"),__vite__mapDeps([59,2])),meta:{t:"Architecture",i:"structure"}}],["/intro/info/basics.html",{loader:()=>h(()=>import("./basics.html-TQpBZp3U.js"),__vite__mapDeps([60,2])),meta:{t:"Basics and Standards",i:"study"}}],["/intro/info/introduction.html",{loader:()=>h(()=>import("./introduction.html-CrZ_Peog.js"),__vite__mapDeps([61,56,1,2])),meta:{t:"Introduction",i:"customize"}}],["/intro/info/networkSetup.html",{loader:()=>h(()=>import("./networkSetup.html-CAU1OxOw.js"),__vite__mapDeps([62,63,2])),meta:{t:"Network Setup and General Architecture",i:"customize"}}],["/intro/info/process-plugins.html",{loader:()=>h(()=>import("./process-plugins.html-BYVzwms7.js"),__vite__mapDeps([64,2])),meta:{t:"Process Plugins",i:"plugin"}}],["/intro/info/security.html",{loader:()=>h(()=>import("./security.html-DlCXhwuq.js"),__vite__mapDeps([65,2])),meta:{t:"Security by Design",i:"safe"}}],["/intro/tutorials/GMDS2022-dev.html",{loader:()=>h(()=>import("./GMDS2022-dev.html-7MTMzEUe.js"),__vite__mapDeps([66,2])),meta:{t:"GMDS2022 - Process Development",i:"code"}}],["/intro/tutorials/MIE2023.html",{loader:()=>h(()=>import("./MIE2023.html-DGWUgkfh.js"),__vite__mapDeps([67,2])),meta:{t:"MIE May 2023",i:"info"}}],["/intro/tutorials/",{loader:()=>h(()=>import("./index.html-D0klOcDH.js"),__vite__mapDeps([68,2])),meta:{t:"Tutorials",i:"edit"}}],["/intro/tutorials/Talks.html",{loader:()=>h(()=>import("./Talks.html-kC-8f0z0.js"),__vite__mapDeps([69,2])),meta:{t:"Recorded talks",i:"globe"}}],["/intro/use-cases/",{loader:()=>h(()=>import("./index.html-psdjpexw.js"),__vite__mapDeps([70,2])),meta:{t:"Use-Cases",i:"view"}}],["/intro/use-cases/feasibility.html",{loader:()=>h(()=>import("./feasibility.html-UPmBbOyd.js"),__vite__mapDeps([71,2])),meta:{t:"Feasibility",i:"diagram"}}],["/intro/use-cases/num.html",{loader:()=>h(()=>import("./num.html-DJf9-cNg.js"),__vite__mapDeps([72,2])),meta:{t:"Network University Medicine",i:"map"}}],["/oldstable/build/",{loader:()=>h(()=>import("./index.html-C044djId.js"),__vite__mapDeps([73,2])),meta:{t:"Build and Test",i:"back-stage"}}],["/oldstable/build/build.html",{loader:()=>h(()=>import("./build.html-CKvxinw6.js"),__vite__mapDeps([74,2])),meta:{t:"Build and Test",i:"back-stage"}}],["/oldstable/build/proxyTestTool.html",{loader:()=>h(()=>import("./proxyTestTool.html-C8I2FFKb.js"),__vite__mapDeps([75,2])),meta:{t:"Proxy Test Tool",i:"back-stage"}}],["/oldstable/build/releaseANewVersion.html",{loader:()=>h(()=>import("./releaseANewVersion.html-BMHv2Zkt.js"),__vite__mapDeps([76,2])),meta:{t:"Release a new version",i:"back-stage"}}],["/oldstable/code/",{loader:()=>h(()=>import("./index.html-DMDcxf3n.js"),__vite__mapDeps([77,2])),meta:{t:"Code",i:"code"}}],["/oldstable/code/addingANewFhirR.html",{loader:()=>h(()=>import("./addingANewFhirR.html-DAWjAGtu.js"),__vite__mapDeps([78,2])),meta:{t:"Adding FHIR Resources",i:"code"}}],["/oldstable/code/addingANewMpiClient.html",{loader:()=>h(()=>import("./addingANewMpiClient.html-CRNF7NJE.js"),__vite__mapDeps([79,2])),meta:{t:"Adding MPI Clients",i:"code"}}],["/oldstable/code/addingANewOpenEhrClient.html",{loader:()=>h(()=>import("./addingANewOpenEhrClient.html-DzNS4kmD.js"),__vite__mapDeps([80,2])),meta:{t:"Adding openEHR Clients",i:"code"}}],["/oldstable/code/changingBpmnProcesses.html",{loader:()=>h(()=>import("./changingBpmnProcesses.html-B14gOeU8.js"),__vite__mapDeps([81,2])),meta:{t:"Changing BPMN Processes by Service Task Overwrites",i:"code"}}],["/oldstable/code/code.html",{loader:()=>h(()=>import("./code.html-DedZSN5Z.js"),__vite__mapDeps([82,2])),meta:{t:"Writing Code",i:"code"}}],["/oldstable/code/eclipseContent.html",{loader:()=>h(()=>import("./eclipseContent.html-IrZvhAIP.js"),__vite__mapDeps([83,2])),meta:{t:"Eclipse code-style configurations",i:"code"}}],["/oldstable/code/intelliJContent.html",{loader:()=>h(()=>import("./intelliJContent.html-BmnP7ie4.js"),__vite__mapDeps([84,2])),meta:{t:"IntelliJ code-style configurations",i:"code"}}],["/oldstable/code/libraries.html",{loader:()=>h(()=>import("./libraries.html-CbHlGOgV.js"),__vite__mapDeps([85,2])),meta:{t:"Libraries",i:"folder"}}],["/oldstable/code/usingTheGitHubMaven.html",{loader:()=>h(()=>import("./usingTheGitHubMaven.html-Hb3vEwIO.js"),__vite__mapDeps([86,2])),meta:{t:"Using the Github Maven Package Registry",i:"code"}}],["/oldstable/generalinformation/",{loader:()=>h(()=>import("./index.html-BqCXzk3r.js"),__vite__mapDeps([87,2])),meta:{t:"General Information",i:"set"}}],["/oldstable/generalinformation/authentication.html",{loader:()=>h(()=>import("./authentication.html-6LTSdQiG.js"),__vite__mapDeps([88,2])),meta:{t:"Authentication",i:"lock"}}],["/oldstable/generalinformation/networkSetup.html",{loader:()=>h(()=>import("./networkSetup.html-BtZqgB-G.js"),__vite__mapDeps([89,63,2])),meta:{t:"Network Setup and General Architecture",i:"customize"}}],["/oldstable/releases/",{loader:()=>h(()=>import("./index.html-BPv7Yi_g.js"),__vite__mapDeps([90,2])),meta:{t:"Releases and Deployment",i:"install"}}],["/oldstable/releases/configBpe.html",{loader:()=>h(()=>import("./configBpe.html-DIUpo9iX.js"),__vite__mapDeps([91,2])),meta:{t:""}}],["/oldstable/releases/configFhir.html",{loader:()=>h(()=>import("./configFhir.html-BBQFAhE_.js"),__vite__mapDeps([92,2])),meta:{t:""}}],["/oldstable/releases/configFhirReverseProxy.html",{loader:()=>h(()=>import("./configFhirReverseProxy.html-DxL-rq4Y.js"),__vite__mapDeps([93,2])),meta:{t:""}}],["/oldstable/releases/highmedInstall.html",{loader:()=>h(()=>import("./highmedInstall.html-Gh-l_MIJ.js"),__vite__mapDeps([94,2])),meta:{t:""}}],["/oldstable/releases/num-codexInstall.html",{loader:()=>h(()=>import("./num-codexInstall.html-GtOtu3Li.js"),__vite__mapDeps([95,2])),meta:{t:""}}],["/oldstable/releases/upgradeFrom7.html",{loader:()=>h(()=>import("./upgradeFrom7.html-B6PaZf4F.js"),__vite__mapDeps([96,2])),meta:{t:"Upgrading from 0.7.0 to 0.9.0",i:"install"}}],["/oldstable/releases/upgradeFrom8.html",{loader:()=>h(()=>import("./upgradeFrom8.html-BiXdmn2Q.js"),__vite__mapDeps([97,2])),meta:{t:"Upgrading from 0.8.0 to 0.9.0",i:"install"}}],["/oldstable/releases/upgradeFrom90.html",{loader:()=>h(()=>import("./upgradeFrom90.html-DBOiKNdT.js"),__vite__mapDeps([98,2])),meta:{t:"Upgrading from 0.9.0 to 0.9.1",i:"install"}}],["/oldstable/releases/upgradeFrom91.html",{loader:()=>h(()=>import("./upgradeFrom91.html-BpKtvCHj.js"),__vite__mapDeps([99,2])),meta:{t:"Upgrading from 0.9.1"}}],["/oldstable/releases/upgradeFrom92.html",{loader:()=>h(()=>import("./upgradeFrom92.html-CUfALwuj.js"),__vite__mapDeps([100,2])),meta:{t:"Upgrading from 0.9.2"}}],["/oldstable/tutorial/",{loader:()=>h(()=>import("./index.html-S3T0mcfD.js"),__vite__mapDeps([101,2])),meta:{t:"DSF Process Plugin Tutorial",i:"slides"}}],["/oldstable/tutorial/ex11-docker-composeyml.html",{loader:()=>h(()=>import("./ex11-docker-composeyml.html-CaQz6qfp.js"),__vite__mapDeps([102,2])),meta:{t:"Exercise 1.1 - Process Debugging",i:"slides"}}],["/oldstable/tutorial/exercise1-simpleProcess.html",{loader:()=>h(()=>import("./exercise1-simpleProcess.html-BxXADBB1.js"),__vite__mapDeps([103,2])),meta:{t:"Exercise 1 - Simple Process",i:"slides"}}],["/oldstable/tutorial/exercise11-processDebugging.html",{loader:()=>h(()=>import("./exercise11-processDebugging.html-B5eMvcvL.js"),__vite__mapDeps([104,2])),meta:{t:"Exercise 1.1 - Process Debugging",i:"slides"}}],["/oldstable/tutorial/exercise2-inputParameters.html",{loader:()=>h(()=>import("./exercise2-inputParameters.html-BLlHrkE8.js"),__vite__mapDeps([105,2])),meta:{t:"Exercise 2 - Input Parameters",i:"slides"}}],["/oldstable/tutorial/exercise3-messageEvents.html",{loader:()=>h(()=>import("./exercise3-messageEvents.html-tI2HZN1H.js"),__vite__mapDeps([106,2])),meta:{t:"Exercise 3 - Message Events",i:"slides"}}],["/oldstable/tutorial/exercise4-exclusiveGateways.html",{loader:()=>h(()=>import("./exercise4-exclusiveGateways.html-BFc2qSSk.js"),__vite__mapDeps([107,2])),meta:{t:"Exercise 4 - Exclusive Gateways",i:"slides"}}],["/oldstable/tutorial/exercise5-eventBasedGateways.html",{loader:()=>h(()=>import("./exercise5-eventBasedGateways.html-DEvFgy-0.js"),__vite__mapDeps([108,2])),meta:{t:"Exercise 5 - Event Based Gateways and Intermediate Events",i:"slides"}}],["/oldstable/tutorial/prerequisites.html",{loader:()=>h(()=>import("./prerequisites.html-DWJBX7kG.js"),__vite__mapDeps([109,2])),meta:{t:"Prerequisites",i:"slides"}}],["/stable/contribute/code.html",{loader:()=>h(()=>import("./code.html-DFB-nvYv.js"),__vite__mapDeps([110,2])),meta:{t:"Contribute code",i:"info"}}],["/stable/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-Db26NjAn.js"),__vite__mapDeps([111,2])),meta:{t:"Contribute documentation",i:"info"}}],["/stable/contribute/",{loader:()=>h(()=>import("./index.html-CmYLzWSX.js"),__vite__mapDeps([112,2])),meta:{t:"Contribute",i:"info"}}],["/stable/develop/",{loader:()=>h(()=>import("./index.html-BKgt8rGq.js"),__vite__mapDeps([113,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/stable/develop/create.html",{loader:()=>h(()=>import("./create.html-B3zd-q7E.js"),__vite__mapDeps([114,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/stable/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-GTzYt6yH.js"),__vite__mapDeps([115,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/stable/maintain/",{loader:()=>h(()=>import("./index.html-By_2M9Eb.js"),__vite__mapDeps([116,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/stable/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-DQ0SCXIv.js"),__vite__mapDeps([117,2])),meta:{t:"Allow List Management",i:"share"}}],["/stable/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-BOVVyaxu.js"),__vite__mapDeps([118,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/stable/maintain/install.html",{loader:()=>h(()=>import("./install.html-Bu9lSmMr.js"),__vite__mapDeps([119,2])),meta:{t:"Install DSF 1.7.0",i:"install"}}],["/stable/maintain/passwords-secrets.html",{loader:()=>h(()=>import("./passwords-secrets.html-CwvsK-ST.js"),__vite__mapDeps([120,2])),meta:{t:"Passwords and Secrets",i:"safe"}}],["/stable/maintain/root-certificates.html",{loader:()=>h(()=>import("./root-certificates.html-DBTM8PxT.js"),__vite__mapDeps([121,2])),meta:{t:"Default Root Certificates",i:"safe"}}],["/stable/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-C84ezCmE.js"),__vite__mapDeps([122,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/stable/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-BakWeZYj.js"),__vite__mapDeps([123,2])),meta:{t:"Upgrade from DSF 1.6.0",i:"update"}}],["/v1.0.0/develop/",{loader:()=>h(()=>import("./index.html--WiMJ2-5.js"),__vite__mapDeps([124,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.0.0/develop/create.html",{loader:()=>h(()=>import("./create.html-UzmU0FOF.js"),__vite__mapDeps([125,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.0.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-CvOTkUrX.js"),__vite__mapDeps([126,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.0.0/maintain/",{loader:()=>h(()=>import("./index.html-BaDl1w7P.js"),__vite__mapDeps([127,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.0.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-kVH8jHoC.js"),__vite__mapDeps([128,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.0.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-WwnVh3au.js"),__vite__mapDeps([129,2])),meta:{t:"Install DSF 1.0.0",i:"install"}}],["/v1.0.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-Bc8Lyi5a.js"),__vite__mapDeps([130,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.1.0/develop/",{loader:()=>h(()=>import("./index.html-B_wNLcVr.js"),__vite__mapDeps([131,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.1.0/develop/create.html",{loader:()=>h(()=>import("./create.html-DfXNs7tA.js"),__vite__mapDeps([132,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.1.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DtQnIA8J.js"),__vite__mapDeps([133,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.1.0/maintain/",{loader:()=>h(()=>import("./index.html-bjuFvx66.js"),__vite__mapDeps([134,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.1.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-CQIC2n1m.js"),__vite__mapDeps([135,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.1.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-PX4TNhu_.js"),__vite__mapDeps([136,2])),meta:{t:"Install DSF 1.1.0",i:"install"}}],["/v1.1.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-g2sDnFxf.js"),__vite__mapDeps([137,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.1.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-I3a4-uzG.js"),__vite__mapDeps([138,2])),meta:{t:"Upgrade from DSF 1.x",i:"update"}}],["/v1.2.0/develop/",{loader:()=>h(()=>import("./index.html-XcF7NSzE.js"),__vite__mapDeps([139,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.2.0/develop/create.html",{loader:()=>h(()=>import("./create.html-DgtxAQYo.js"),__vite__mapDeps([140,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.2.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-PytT4X3s.js"),__vite__mapDeps([141,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.2.0/maintain/",{loader:()=>h(()=>import("./index.html-C6jX4zME.js"),__vite__mapDeps([142,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.2.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-DesR31sE.js"),__vite__mapDeps([143,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.2.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-4JkzqW05.js"),__vite__mapDeps([144,2])),meta:{t:"Install DSF 1.2.0",i:"install"}}],["/v1.2.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-Bpl0xGi5.js"),__vite__mapDeps([145,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.2.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-le86mUFE.js"),__vite__mapDeps([146,2])),meta:{t:"Upgrade from DSF 1.1.0",i:"update"}}],["/v1.3.0/develop/",{loader:()=>h(()=>import("./index.html-jdtoEAin.js"),__vite__mapDeps([147,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.3.0/develop/create.html",{loader:()=>h(()=>import("./create.html-DKW1RBR_.js"),__vite__mapDeps([148,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.3.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-D20VPAYx.js"),__vite__mapDeps([149,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.3.0/maintain/",{loader:()=>h(()=>import("./index.html-B6hfS6g4.js"),__vite__mapDeps([150,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.3.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-RGpFQJqM.js"),__vite__mapDeps([151,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.3.0/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-BNnNzW63.js"),__vite__mapDeps([152,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.3.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-C8E-85I9.js"),__vite__mapDeps([153,2])),meta:{t:"Install DSF 1.3.0",i:"install"}}],["/v1.3.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DJWodOM6.js"),__vite__mapDeps([154,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.3.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-Dj9m-NVD.js"),__vite__mapDeps([155,2])),meta:{t:"Upgrade from DSF 1.2.0",i:"update"}}],["/v1.3.1/develop/",{loader:()=>h(()=>import("./index.html-BQ1cFXBB.js"),__vite__mapDeps([156,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.3.1/develop/create.html",{loader:()=>h(()=>import("./create.html-Dhsfopdf.js"),__vite__mapDeps([157,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.3.1/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-HmQi5Tpk.js"),__vite__mapDeps([158,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.3.1/maintain/",{loader:()=>h(()=>import("./index.html-2BGvWDpf.js"),__vite__mapDeps([159,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.3.1/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-zpJcNu7t.js"),__vite__mapDeps([160,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.3.1/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-BrkJzu97.js"),__vite__mapDeps([161,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.3.1/maintain/install.html",{loader:()=>h(()=>import("./install.html-HcGcuX1k.js"),__vite__mapDeps([162,2])),meta:{t:"Install DSF 1.3.1",i:"install"}}],["/v1.3.1/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-BfIVWmGA.js"),__vite__mapDeps([163,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.3.1/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-KyVmiK2h.js"),__vite__mapDeps([164,2])),meta:{t:"Upgrade from DSF 1.3.0",i:"update"}}],["/v1.3.2/develop/",{loader:()=>h(()=>import("./index.html-DrZ50Pv0.js"),__vite__mapDeps([165,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.3.2/develop/create.html",{loader:()=>h(()=>import("./create.html-BX-19DEo.js"),__vite__mapDeps([166,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.3.2/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-C2OeT5jI.js"),__vite__mapDeps([167,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.3.2/maintain/",{loader:()=>h(()=>import("./index.html-CEXDY_Uk.js"),__vite__mapDeps([168,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.3.2/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-B6p2Ax_y.js"),__vite__mapDeps([169,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.3.2/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-uQEYkgRF.js"),__vite__mapDeps([170,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.3.2/maintain/install.html",{loader:()=>h(()=>import("./install.html-DT8BqM1K.js"),__vite__mapDeps([171,2])),meta:{t:"Install DSF 1.3.2",i:"install"}}],["/v1.3.2/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-1HiNaMpm.js"),__vite__mapDeps([172,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.3.2/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-CWtjTQLA.js"),__vite__mapDeps([173,2])),meta:{t:"Upgrade from DSF 1.3.1",i:"update"}}],["/v1.4.0/contribute/code.html",{loader:()=>h(()=>import("./code.html-BDpTAxf0.js"),__vite__mapDeps([174,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.4.0/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-Wn__5BQ5.js"),__vite__mapDeps([175,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.4.0/contribute/",{loader:()=>h(()=>import("./index.html-DRHY4Bbd.js"),__vite__mapDeps([176,2])),meta:{t:"Contribute",i:"info"}}],["/v1.4.0/develop/",{loader:()=>h(()=>import("./index.html-BV9sfGy7.js"),__vite__mapDeps([177,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.4.0/develop/create.html",{loader:()=>h(()=>import("./create.html-BpleBtB4.js"),__vite__mapDeps([178,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.4.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-CF476DnM.js"),__vite__mapDeps([179,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.4.0/maintain/",{loader:()=>h(()=>import("./index.html-Bca-G99b.js"),__vite__mapDeps([180,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.4.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-CZLnHuTV.js"),__vite__mapDeps([181,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.4.0/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-C10EMoFX.js"),__vite__mapDeps([182,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.4.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-CaWTETgA.js"),__vite__mapDeps([183,2])),meta:{t:"Install DSF 1.4.0",i:"install"}}],["/v1.4.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-D9wYfXqp.js"),__vite__mapDeps([184,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.4.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-BMtZHrEs.js"),__vite__mapDeps([185,2])),meta:{t:"Upgrade from DSF 1.3.2",i:"update"}}],["/v1.5.0/contribute/code.html",{loader:()=>h(()=>import("./code.html-DbFOsjtY.js"),__vite__mapDeps([186,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.5.0/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-KQtDStaD.js"),__vite__mapDeps([187,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.5.0/contribute/",{loader:()=>h(()=>import("./index.html-DOwz4jEO.js"),__vite__mapDeps([188,2])),meta:{t:"Contribute",i:"info"}}],["/v1.5.0/develop/",{loader:()=>h(()=>import("./index.html-zG09QC5j.js"),__vite__mapDeps([189,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.5.0/develop/create.html",{loader:()=>h(()=>import("./create.html-CBE8y_4a.js"),__vite__mapDeps([190,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.5.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-dRnDKi2b.js"),__vite__mapDeps([191,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.5.0/maintain/",{loader:()=>h(()=>import("./index.html-B_5_WvMB.js"),__vite__mapDeps([192,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.5.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-Cbz8uLvU.js"),__vite__mapDeps([193,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.5.0/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-CjpkZYU8.js"),__vite__mapDeps([194,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.5.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-C5JbEbto.js"),__vite__mapDeps([195,2])),meta:{t:"Install DSF 1.5.0",i:"install"}}],["/v1.5.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-C0DwKz8X.js"),__vite__mapDeps([196,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.5.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-B6nw0zTc.js"),__vite__mapDeps([197,2])),meta:{t:"Upgrade from DSF 1.4.0",i:"update"}}],["/v1.5.1/contribute/code.html",{loader:()=>h(()=>import("./code.html-wX-SuVoF.js"),__vite__mapDeps([198,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.5.1/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-DxrIQVyi.js"),__vite__mapDeps([199,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.5.1/contribute/",{loader:()=>h(()=>import("./index.html-QtMirOFG.js"),__vite__mapDeps([200,2])),meta:{t:"Contribute",i:"info"}}],["/v1.5.1/develop/",{loader:()=>h(()=>import("./index.html-Dnqh_ARi.js"),__vite__mapDeps([201,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.5.1/develop/create.html",{loader:()=>h(()=>import("./create.html-CEaaiT8A.js"),__vite__mapDeps([202,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.5.1/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DzHXV-5I.js"),__vite__mapDeps([203,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.5.1/maintain/",{loader:()=>h(()=>import("./index.html-DaJfQ08l.js"),__vite__mapDeps([204,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.5.1/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-CIu0ylPp.js"),__vite__mapDeps([205,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.5.1/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-Q8LC3tyN.js"),__vite__mapDeps([206,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.5.1/maintain/install.html",{loader:()=>h(()=>import("./install.html-B0D4qCui.js"),__vite__mapDeps([207,2])),meta:{t:"Install DSF 1.5.1",i:"install"}}],["/v1.5.1/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-Bvg37v8B.js"),__vite__mapDeps([208,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.5.1/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-DRWK4a79.js"),__vite__mapDeps([209,2])),meta:{t:"Upgrade from DSF 1.5.0",i:"update"}}],["/v1.5.2/contribute/code.html",{loader:()=>h(()=>import("./code.html-WJrc1cv8.js"),__vite__mapDeps([210,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.5.2/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-CyhCEMiv.js"),__vite__mapDeps([211,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.5.2/contribute/",{loader:()=>h(()=>import("./index.html-CGF3Du5r.js"),__vite__mapDeps([212,2])),meta:{t:"Contribute",i:"info"}}],["/v1.5.2/develop/",{loader:()=>h(()=>import("./index.html-OZBcTdV4.js"),__vite__mapDeps([213,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.5.2/develop/create.html",{loader:()=>h(()=>import("./create.html-Ce3lf9hk.js"),__vite__mapDeps([214,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.5.2/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DqBMBlca.js"),__vite__mapDeps([215,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.5.2/maintain/",{loader:()=>h(()=>import("./index.html--z6-FzwM.js"),__vite__mapDeps([216,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.5.2/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-IMzRqiGI.js"),__vite__mapDeps([217,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.5.2/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-BKYrmio5.js"),__vite__mapDeps([218,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.5.2/maintain/install.html",{loader:()=>h(()=>import("./install.html-CDyf6Qpa.js"),__vite__mapDeps([219,2])),meta:{t:"Install DSF 1.5.2",i:"install"}}],["/v1.5.2/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DqzXx2zx.js"),__vite__mapDeps([220,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.5.2/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-BSet6xf2.js"),__vite__mapDeps([221,2])),meta:{t:"Upgrade from DSF 1.5.1",i:"update"}}],["/v1.6.0/contribute/code.html",{loader:()=>h(()=>import("./code.html-CL2p7Hc-.js"),__vite__mapDeps([222,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.6.0/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-YtBXfQ4n.js"),__vite__mapDeps([223,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.6.0/contribute/",{loader:()=>h(()=>import("./index.html-Bu0T-_KJ.js"),__vite__mapDeps([224,2])),meta:{t:"Contribute",i:"info"}}],["/v1.6.0/develop/",{loader:()=>h(()=>import("./index.html-B4bLs14H.js"),__vite__mapDeps([225,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.6.0/develop/create.html",{loader:()=>h(()=>import("./create.html-B1E91RlH.js"),__vite__mapDeps([226,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.6.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DwBqJg50.js"),__vite__mapDeps([227,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.6.0/maintain/",{loader:()=>h(()=>import("./index.html-B1pXabiP.js"),__vite__mapDeps([228,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.6.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-bG96t5GT.js"),__vite__mapDeps([229,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.6.0/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-CETUdIzs.js"),__vite__mapDeps([230,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.6.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-DNNBSmYy.js"),__vite__mapDeps([231,2])),meta:{t:"Install DSF 1.6.0",i:"install"}}],["/v1.6.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-DN3ya3ja.js"),__vite__mapDeps([232,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.6.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-1Wof4LeJ.js"),__vite__mapDeps([233,2])),meta:{t:"Upgrade from DSF 1.5.2",i:"update"}}],["/v1.7.0/contribute/code.html",{loader:()=>h(()=>import("./code.html-OC-Q5B21.js"),__vite__mapDeps([234,2])),meta:{t:"Contribute code",i:"info"}}],["/v1.7.0/contribute/documentation.html",{loader:()=>h(()=>import("./documentation.html-ueGYR-fA.js"),__vite__mapDeps([235,2])),meta:{t:"Contribute documentation",i:"info"}}],["/v1.7.0/contribute/",{loader:()=>h(()=>import("./index.html-CvKg-5SJ.js"),__vite__mapDeps([236,2])),meta:{t:"Contribute",i:"info"}}],["/v1.7.0/develop/",{loader:()=>h(()=>import("./index.html-Cnxg1Eld.js"),__vite__mapDeps([237,2])),meta:{t:"Develop Process Plugins",i:"plugin"}}],["/v1.7.0/develop/create.html",{loader:()=>h(()=>import("./create.html-CSEOxnfr.js"),__vite__mapDeps([238,2])),meta:{t:"Create a new process plugin",i:"code"}}],["/v1.7.0/develop/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-BTr3Ngrn.js"),__vite__mapDeps([239,2])),meta:{t:"Upgrade processes from 0.9.x",i:"update"}}],["/v1.7.0/maintain/",{loader:()=>h(()=>import("./index.html-Dk8E3hDO.js"),__vite__mapDeps([240,2])),meta:{t:"Maintain a DSF instance",i:"tool"}}],["/v1.7.0/maintain/allowList-mgm.html",{loader:()=>h(()=>import("./allowList-mgm.html-DqHlTqXK.js"),__vite__mapDeps([241,2])),meta:{t:"Allow List Management",i:"share"}}],["/v1.7.0/maintain/install-plugins.html",{loader:()=>h(()=>import("./install-plugins.html-CUvVNWrv.js"),__vite__mapDeps([242,2])),meta:{t:"Install Plugins",i:"plugin"}}],["/v1.7.0/maintain/install.html",{loader:()=>h(()=>import("./install.html-CJSKxVy2.js"),__vite__mapDeps([243,2])),meta:{t:"Install DSF 1.7.0",i:"install"}}],["/v1.7.0/maintain/passwords-secrets.html",{loader:()=>h(()=>import("./passwords-secrets.html-D6qoNVZh.js"),__vite__mapDeps([244,2])),meta:{t:"Passwords and Secrets",i:"safe"}}],["/v1.7.0/maintain/root-certificates.html",{loader:()=>h(()=>import("./root-certificates.html-D3mbENfX.js"),__vite__mapDeps([245,2])),meta:{t:"Default Root Certificates",i:"safe"}}],["/v1.7.0/maintain/upgrade-from-0.html",{loader:()=>h(()=>import("./upgrade-from-0.html-CnqVdKUA.js"),__vite__mapDeps([246,2])),meta:{t:"Upgrade from DSF 0.9.x",i:"update"}}],["/v1.7.0/maintain/upgrade-from-1.html",{loader:()=>h(()=>import("./upgrade-from-1.html-li54FQ6Z.js"),__vite__mapDeps([247,2])),meta:{t:"Upgrade from DSF 1.6.0",i:"update"}}],["/stable/maintain/bpe/",{loader:()=>h(()=>import("./index.html-C71EusK-.js"),__vite__mapDeps([248,2])),meta:{t:"BPE Server",i:"module"}}],["/stable/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-CRP3chBx.js"),__vite__mapDeps([249,2])),meta:{t:"Access Control",i:"config"}}],["/stable/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-Dxnk3dN3.js"),__vite__mapDeps([250,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/stable/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-DyXjwCxs.js"),__vite__mapDeps([251,2])),meta:{t:"OpenID Connect",i:"config"}}],["/stable/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-w6bpU2pA.js"),__vite__mapDeps([252,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/stable/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-BerTbb3a.js"),__vite__mapDeps([253,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/stable/maintain/fhir/",{loader:()=>h(()=>import("./index.html-DrkOei-6.js"),__vite__mapDeps([254,2])),meta:{t:"FHIR Server",i:"module"}}],["/stable/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-OtE7EOFQ.js"),__vite__mapDeps([255,2])),meta:{t:"Access Control",i:"config"}}],["/stable/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-DVe4NUbp.js"),__vite__mapDeps([256,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/stable/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-BjNAiIJl.js"),__vite__mapDeps([257,2])),meta:{t:"OpenID Connect",i:"config"}}],["/stable/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-Br2SEoN8.js"),__vite__mapDeps([258,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/stable/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-U9VXgZ2T.js"),__vite__mapDeps([259,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.0.0/maintain/configuration/",{loader:()=>h(()=>import("./index.html-Cs2nfFpC.js"),__vite__mapDeps([260,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.0.0/maintain/configuration/bpe.html",{loader:()=>h(()=>import("./bpe.html-xUo025DH.js"),__vite__mapDeps([261,2])),meta:{t:"Parameters BPE Server"}}],["/v1.0.0/maintain/configuration/common.html",{loader:()=>h(()=>import("./common.html-it2o1u7D.js"),__vite__mapDeps([262,2])),meta:{t:"Common Parameters"}}],["/v1.0.0/maintain/configuration/fhir.html",{loader:()=>h(()=>import("./fhir.html-BWbIvPkF.js"),__vite__mapDeps([263,2])),meta:{t:"Parameters FHIR Server"}}],["/v1.0.0/maintain/configuration/reverseproxy.html",{loader:()=>h(()=>import("./reverseproxy.html-DQ5Ws39T.js"),__vite__mapDeps([264,2])),meta:{t:"Parameters FHIR Reverse Proxy"}}],["/v1.1.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-ZBhJuKM1.js"),__vite__mapDeps([265,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.1.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html--e0C5ZKV.js"),__vite__mapDeps([266,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.1.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-DbFAXAAQ.js"),__vite__mapDeps([267,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.1.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-B60MdMg4.js"),__vite__mapDeps([268,2])),meta:{t:"Access Control",i:"config"}}],["/v1.1.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-B9K0thH0.js"),__vite__mapDeps([269,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.1.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-BsSFj2Bs.js"),__vite__mapDeps([270,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.1.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-byhqdOu2.js"),__vite__mapDeps([271,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.1.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-DzsiotEB.js"),__vite__mapDeps([272,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.2.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-gVhE0Tph.js"),__vite__mapDeps([273,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.2.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-BVieb_qp.js"),__vite__mapDeps([274,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.2.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-CzGft21U.js"),__vite__mapDeps([275,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.2.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-CqlKT6aL.js"),__vite__mapDeps([276,2])),meta:{t:"Access Control",i:"config"}}],["/v1.2.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-9-gxWTsR.js"),__vite__mapDeps([277,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.2.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-CobvVxkW.js"),__vite__mapDeps([278,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.2.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-HyKBLJzv.js"),__vite__mapDeps([279,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.2.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-CxcVHTFL.js"),__vite__mapDeps([280,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-CqQT4XC6.js"),__vite__mapDeps([281,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.3.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-D2S40OOC.js"),__vite__mapDeps([282,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-Bur8W0e8.js"),__vite__mapDeps([283,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.3.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-CRKqChY6.js"),__vite__mapDeps([284,2])),meta:{t:"Access Control",i:"config"}}],["/v1.3.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-xk6crEob.js"),__vite__mapDeps([285,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-aVCCllMb.js"),__vite__mapDeps([286,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.3.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-BxLs337Z.js"),__vite__mapDeps([287,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.3.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-CqXemyhq.js"),__vite__mapDeps([288,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.1/maintain/bpe/",{loader:()=>h(()=>import("./index.html-BNbhkZ3e.js"),__vite__mapDeps([289,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.3.1/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-DcUurjxM.js"),__vite__mapDeps([290,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.1/maintain/fhir/",{loader:()=>h(()=>import("./index.html-TcOcP-Bq.js"),__vite__mapDeps([291,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.3.1/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-ChATt82A.js"),__vite__mapDeps([292,2])),meta:{t:"Access Control",i:"config"}}],["/v1.3.1/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-DOXO1lQO.js"),__vite__mapDeps([293,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.1/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-Cb81bVAU.js"),__vite__mapDeps([294,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.3.1/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-D2LbKSwg.js"),__vite__mapDeps([295,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.3.1/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-DzrhCnzW.js"),__vite__mapDeps([296,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.2/maintain/bpe/",{loader:()=>h(()=>import("./index.html-NnyYXI8c.js"),__vite__mapDeps([297,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.3.2/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-0NMspHep.js"),__vite__mapDeps([298,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.2/maintain/fhir/",{loader:()=>h(()=>import("./index.html-FXArYuCT.js"),__vite__mapDeps([299,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.3.2/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-CCsuodqK.js"),__vite__mapDeps([300,2])),meta:{t:"Access Control",i:"config"}}],["/v1.3.2/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-B22FewOX.js"),__vite__mapDeps([301,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.3.2/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-DbJNU4iG.js"),__vite__mapDeps([302,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.3.2/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-DWnbSWRp.js"),__vite__mapDeps([303,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.3.2/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-DfavBsiR.js"),__vite__mapDeps([304,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.4.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-DzD_HNEo.js"),__vite__mapDeps([305,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.4.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-gxiqEr2y.js"),__vite__mapDeps([306,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.4.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-_264En7g.js"),__vite__mapDeps([307,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.4.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-C_Ord2OL.js"),__vite__mapDeps([308,2])),meta:{t:"Access Control",i:"config"}}],["/v1.4.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-BCcYjJs7.js"),__vite__mapDeps([309,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.4.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-DlWufSfD.js"),__vite__mapDeps([310,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.4.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-BCmfWh4B.js"),__vite__mapDeps([311,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.4.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-CJGjidT6.js"),__vite__mapDeps([312,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-KOE2FyFa.js"),__vite__mapDeps([313,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.5.0/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-WxdBljNr.js"),__vite__mapDeps([314,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-AmHqBh1j.js"),__vite__mapDeps([315,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.0/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-Bgq1NlNy.js"),__vite__mapDeps([316,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.0/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-CAuA1qZF.js"),__vite__mapDeps([317,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/v1.5.0/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-BCKzibHN.js"),__vite__mapDeps([318,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-CIYI18oA.js"),__vite__mapDeps([319,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.5.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-DCPRLpIt.js"),__vite__mapDeps([320,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-C8C8eVoz.js"),__vite__mapDeps([321,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-rCbM1nU8.js"),__vite__mapDeps([322,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-CqJnCMPW.js"),__vite__mapDeps([323,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.5.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-BEgHxbLV.js"),__vite__mapDeps([324,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.1/maintain/bpe/",{loader:()=>h(()=>import("./index.html-D9-SkzFP.js"),__vite__mapDeps([325,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.5.1/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-DwvV-1yc.js"),__vite__mapDeps([326,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.1/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-CFTMHCPS.js"),__vite__mapDeps([327,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.1/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-BTDGYEv3.js"),__vite__mapDeps([328,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.1/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-CQ7vft6x.js"),__vite__mapDeps([329,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/v1.5.1/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-NzlYsJp8.js"),__vite__mapDeps([330,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.1/maintain/fhir/",{loader:()=>h(()=>import("./index.html-BmaGaBeY.js"),__vite__mapDeps([331,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.5.1/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-CNsKuzhW.js"),__vite__mapDeps([332,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.1/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-CT8qdJmH.js"),__vite__mapDeps([333,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.1/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-ROX4yxMZ.js"),__vite__mapDeps([334,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.1/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-CXzsHOSr.js"),__vite__mapDeps([335,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.5.1/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-B6x5Arla.js"),__vite__mapDeps([336,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.2/maintain/bpe/",{loader:()=>h(()=>import("./index.html-Czz42V9T.js"),__vite__mapDeps([337,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.5.2/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-CJEaNEvV.js"),__vite__mapDeps([338,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.2/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-CUNojr74.js"),__vite__mapDeps([339,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.2/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-CkSwjsiH.js"),__vite__mapDeps([340,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.2/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-BSAIHIgH.js"),__vite__mapDeps([341,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/v1.5.2/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-3bPj-iQy.js"),__vite__mapDeps([342,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.2/maintain/fhir/",{loader:()=>h(()=>import("./index.html-B8XYCKZS.js"),__vite__mapDeps([343,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.5.2/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-4BKEhf1P.js"),__vite__mapDeps([344,2])),meta:{t:"Access Control",i:"config"}}],["/v1.5.2/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-C__nH2Qj.js"),__vite__mapDeps([345,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.5.2/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-DLVYL_s-.js"),__vite__mapDeps([346,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.5.2/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-B5ugpUCb.js"),__vite__mapDeps([347,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.5.2/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-D1oz1N0T.js"),__vite__mapDeps([348,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.6.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-DSkgDhK5.js"),__vite__mapDeps([349,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.6.0/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-DgJ2jQps.js"),__vite__mapDeps([350,2])),meta:{t:"Access Control",i:"config"}}],["/v1.6.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-CzP8igmj.js"),__vite__mapDeps([351,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.6.0/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-D1q5Feuz.js"),__vite__mapDeps([352,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.6.0/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-DfXGbgMQ.js"),__vite__mapDeps([353,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/v1.6.0/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-2g2NV2bW.js"),__vite__mapDeps([354,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.6.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-C3Ia18VX.js"),__vite__mapDeps([355,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.6.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-L-bo7Caf.js"),__vite__mapDeps([356,2])),meta:{t:"Access Control",i:"config"}}],["/v1.6.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-DEel35nd.js"),__vite__mapDeps([357,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.6.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-eTv7P-ln.js"),__vite__mapDeps([358,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.6.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-lWF73U7W.js"),__vite__mapDeps([359,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.6.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-DgmMmxNu.js"),__vite__mapDeps([360,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.7.0/maintain/bpe/",{loader:()=>h(()=>import("./index.html-DsoDbkV8.js"),__vite__mapDeps([361,2])),meta:{t:"BPE Server",i:"module"}}],["/v1.7.0/maintain/bpe/access-control.html",{loader:()=>h(()=>import("./access-control.html-CP9FgeAe.js"),__vite__mapDeps([362,2])),meta:{t:"Access Control",i:"config"}}],["/v1.7.0/maintain/bpe/configuration.html",{loader:()=>h(()=>import("./configuration.html-BUB13-BB.js"),__vite__mapDeps([363,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.7.0/maintain/bpe/oidc.html",{loader:()=>h(()=>import("./oidc.html-ByT9fRor.js"),__vite__mapDeps([364,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.7.0/maintain/bpe-reverse-proxy/",{loader:()=>h(()=>import("./index.html-DHzXf-Ti.js"),__vite__mapDeps([365,2])),meta:{t:"BPE Reverse Proxy",i:"module"}}],["/v1.7.0/maintain/bpe-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-CX1SHh6p.js"),__vite__mapDeps([366,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.7.0/maintain/fhir/",{loader:()=>h(()=>import("./index.html-DB1QlrqO.js"),__vite__mapDeps([367,2])),meta:{t:"FHIR Server",i:"module"}}],["/v1.7.0/maintain/fhir/access-control.html",{loader:()=>h(()=>import("./access-control.html-Dk8_tU0U.js"),__vite__mapDeps([368,2])),meta:{t:"Access Control",i:"config"}}],["/v1.7.0/maintain/fhir/configuration.html",{loader:()=>h(()=>import("./configuration.html-C5rSSCzr.js"),__vite__mapDeps([369,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/v1.7.0/maintain/fhir/oidc.html",{loader:()=>h(()=>import("./oidc.html-DDUONRpW.js"),__vite__mapDeps([370,2])),meta:{t:"OpenID Connect",i:"config"}}],["/v1.7.0/maintain/fhir-reverse-proxy/",{loader:()=>h(()=>import("./index.html-DLMT2KGj.js"),__vite__mapDeps([371,2])),meta:{t:"FHIR Reverse Proxy",i:"module"}}],["/v1.7.0/maintain/fhir-reverse-proxy/configuration.html",{loader:()=>h(()=>import("./configuration.html-DHpvcZUz.js"),__vite__mapDeps([372,2])),meta:{t:"Configuration Parameters",i:"config"}}],["/404.html",{loader:()=>h(()=>import("./404.html-CippiRUx.js"),__vite__mapDeps([373,2])),meta:{t:""}}],["/intro/info/",{loader:()=>h(()=>import("./index.html-BWnQvp8W.js"),__vite__mapDeps([374,2])),meta:{t:"Info"}}]]);function Iv(){return rd().__VUE_DEVTOOLS_GLOBAL_HOOK__}function rd(){return typeof navigator<"u"&&typeof window<"u"?window:typeof globalThis<"u"?globalThis:{}}const Rv=typeof Proxy=="function",Sv="devtools-plugin:setup",kv="plugin:settings:set";let Vn,Mi;function wv(){var e;return Vn!==void 0||(typeof window<"u"&&window.performance?(Vn=!0,Mi=window.performance):typeof globalThis<"u"&&(!((e=globalThis.perf_hooks)===null||e===void 0)&&e.performance)?(Vn=!0,Mi=globalThis.perf_hooks.performance):Vn=!1),Vn}function Lv(){return wv()?Mi.now():Date.now()}class Vv{constructor(t,n){this.target=null,this.targetQueue=[],this.onQueue=[],this.plugin=t,this.hook=n;const r={};if(t.settings)for(const a in t.settings){const l=t.settings[a];r[a]=l.defaultValue}const o=`__vue-devtools-plugin-settings__${t.id}`;let i=Object.assign({},r);try{const a=localStorage.getItem(o),l=JSON.parse(a);Object.assign(i,l)}catch{}this.fallbacks={getSettings(){return i},setSettings(a){try{localStorage.setItem(o,JSON.stringify(a))}catch{}i=a},now(){return Lv()}},n&&n.on(kv,(a,l)=>{a===this.plugin.id&&this.fallbacks.setSettings(l)}),this.proxiedOn=new Proxy({},{get:(a,l)=>this.target?this.target.on[l]:(...s)=>{this.onQueue.push({method:l,args:s})}}),this.proxiedTarget=new Proxy({},{get:(a,l)=>this.target?this.target[l]:l==="on"?this.proxiedOn:Object.keys(this.fallbacks).includes(l)?(...s)=>(this.targetQueue.push({method:l,args:s,resolve:()=>{}}),this.fallbacks[l](...s)):(...s)=>new Promise(u=>{this.targetQueue.push({method:l,args:s,resolve:u})})})}async setRealTarget(t){this.target=t;for(const n of this.onQueue)this.target.on[n.method](...n.args);for(const n of this.targetQueue)n.resolve(await this.target[n.method](...n.args))}}function Fv(e,t){const n=e,r=rd(),o=Iv(),i=Rv&&n.enableEarlyProxy;if(o&&(r.__VUE_DEVTOOLS_PLUGIN_API_AVAILABLE__||!i))o.emit(Sv,e,t);else{const a=i?new Vv(n,o):null;(r.__VUE_DEVTOOLS_PLUGINS__=r.__VUE_DEVTOOLS_PLUGINS__||[]).push({pluginDescriptor:n,setupFn:t,proxy:a}),a&&t(a.proxiedTarget)}}/*! + * vue-router v4.4.5 + * (c) 2024 Eduardo San Martin Morote + * @license MIT + */const $t=typeof document<"u";function od(e){return typeof e=="object"||"displayName"in e||"props"in e||"__vccOpts"in e}function Mv(e){return e.__esModule||e[Symbol.toStringTag]==="Module"||e.default&&od(e.default)}const fe=Object.assign;function pi(e,t){const n={};for(const r in t){const o=t[r];n[r]=at(o)?o.map(e):e(o)}return n}const xr=()=>{},at=Array.isArray,id=/#/g,Nv=/&/g,$v=/\//g,Bv=/=/g,Hv=/\?/g,ad=/\+/g,Uv=/%5B/g,jv=/%5D/g,ld=/%5E/g,zv=/%60/g,sd=/%7B/g,Kv=/%7C/g,ud=/%7D/g,Wv=/%20/g;function ka(e){return encodeURI(""+e).replace(Kv,"|").replace(Uv,"[").replace(jv,"]")}function qv(e){return ka(e).replace(sd,"{").replace(ud,"}").replace(ld,"^")}function Ni(e){return ka(e).replace(ad,"%2B").replace(Wv,"+").replace(id,"%23").replace(Nv,"%26").replace(zv,"`").replace(sd,"{").replace(ud,"}").replace(ld,"^")}function Gv(e){return Ni(e).replace(Bv,"%3D")}function Yv(e){return ka(e).replace(id,"%23").replace(Hv,"%3F")}function Xv(e){return e==null?"":Yv(e).replace($v,"%2F")}function Yn(e){try{return decodeURIComponent(""+e)}catch{}return""+e}const Jv=/\/$/,Qv=e=>e.replace(Jv,"");function mi(e,t,n="/"){let r,o={},i="",a="";const l=t.indexOf("#");let s=t.indexOf("?");return l=0&&(s=-1),s>-1&&(r=t.slice(0,s),i=t.slice(s+1,l>-1?l:t.length),o=e(i)),l>-1&&(r=r||t.slice(0,l),a=t.slice(l,t.length)),r=n0(r??t,n),{fullPath:r+(i&&"?")+i+a,path:r,query:o,hash:Yn(a)}}function Zv(e,t){const n=t.query?e(t.query):"";return t.path+(n&&"?")+n+(t.hash||"")}function Ql(e,t){return!t||!e.toLowerCase().startsWith(t.toLowerCase())?e:e.slice(t.length)||"/"}function e0(e,t,n){const r=t.matched.length-1,o=n.matched.length-1;return r>-1&&r===o&&cn(t.matched[r],n.matched[o])&&cd(t.params,n.params)&&e(t.query)===e(n.query)&&t.hash===n.hash}function cn(e,t){return(e.aliasOf||e)===(t.aliasOf||t)}function cd(e,t){if(Object.keys(e).length!==Object.keys(t).length)return!1;for(const n in e)if(!t0(e[n],t[n]))return!1;return!0}function t0(e,t){return at(e)?Zl(e,t):at(t)?Zl(t,e):e===t}function Zl(e,t){return at(t)?e.length===t.length&&e.every((n,r)=>n===t[r]):e.length===1&&e[0]===t}function n0(e,t){if(e.startsWith("/"))return e;if(!e)return t;const n=t.split("/"),r=e.split("/"),o=r[r.length-1];(o===".."||o===".")&&r.push("");let i=n.length-1,a,l;for(a=0;a1&&i--;else break;return n.slice(0,i).join("/")+"/"+r.slice(a).join("/")}const Mt={path:"/",name:void 0,params:{},query:{},hash:"",fullPath:"/",matched:[],meta:{},redirectedFrom:void 0};var kr;(function(e){e.pop="pop",e.push="push"})(kr||(kr={}));var Pr;(function(e){e.back="back",e.forward="forward",e.unknown=""})(Pr||(Pr={}));function r0(e){if(!e)if($t){const t=document.querySelector("base");e=t&&t.getAttribute("href")||"/",e=e.replace(/^\w+:\/\/[^\/]+/,"")}else e="/";return e[0]!=="/"&&e[0]!=="#"&&(e="/"+e),Qv(e)}const o0=/^[^#]+#/;function i0(e,t){return e.replace(o0,"#")+t}function a0(e,t){const n=document.documentElement.getBoundingClientRect(),r=e.getBoundingClientRect();return{behavior:t.behavior,left:r.left-n.left-(t.left||0),top:r.top-n.top-(t.top||0)}}const Bo=()=>({left:window.scrollX,top:window.scrollY});function l0(e){let t;if("el"in e){const n=e.el,r=typeof n=="string"&&n.startsWith("#"),o=typeof n=="string"?r?document.getElementById(n.slice(1)):document.querySelector(n):n;if(!o)return;t=a0(o,e)}else t=e;"scrollBehavior"in document.documentElement.style?window.scrollTo(t):window.scrollTo(t.left!=null?t.left:window.scrollX,t.top!=null?t.top:window.scrollY)}function es(e,t){return(history.state?history.state.position-t:-1)+e}const $i=new Map;function s0(e,t){$i.set(e,t)}function u0(e){const t=$i.get(e);return $i.delete(e),t}let c0=()=>location.protocol+"//"+location.host;function dd(e,t){const{pathname:n,search:r,hash:o}=t,i=e.indexOf("#");if(i>-1){let l=o.includes(e.slice(i))?e.slice(i).length:1,s=o.slice(l);return s[0]!=="/"&&(s="/"+s),Ql(s,"")}return Ql(n,e)+r+o}function d0(e,t,n,r){let o=[],i=[],a=null;const l=({state:p})=>{const m=dd(e,location),v=n.value,y=t.value;let E=0;if(p){if(n.value=m,t.value=p,a&&a===v){a=null;return}E=y?p.position-y.position:0}else r(m);o.forEach(A=>{A(n.value,v,{delta:E,type:kr.pop,direction:E?E>0?Pr.forward:Pr.back:Pr.unknown})})};function s(){a=n.value}function u(p){o.push(p);const m=()=>{const v=o.indexOf(p);v>-1&&o.splice(v,1)};return i.push(m),m}function c(){const{history:p}=window;p.state&&p.replaceState(fe({},p.state,{scroll:Bo()}),"")}function d(){for(const p of i)p();i=[],window.removeEventListener("popstate",l),window.removeEventListener("beforeunload",c)}return window.addEventListener("popstate",l),window.addEventListener("beforeunload",c,{passive:!0}),{pauseListeners:s,listen:u,destroy:d}}function ts(e,t,n,r=!1,o=!1){return{back:e,current:t,forward:n,replaced:r,position:window.history.length,scroll:o?Bo():null}}function f0(e){const{history:t,location:n}=window,r={value:dd(e,n)},o={value:t.state};o.value||i(r.value,{back:null,current:r.value,forward:null,position:t.length-1,replaced:!0,scroll:null},!0);function i(s,u,c){const d=e.indexOf("#"),p=d>-1?(n.host&&document.querySelector("base")?e:e.slice(d))+s:c0()+e+s;try{t[c?"replaceState":"pushState"](u,"",p),o.value=u}catch(m){console.error(m),n[c?"replace":"assign"](p)}}function a(s,u){const c=fe({},t.state,ts(o.value.back,s,o.value.forward,!0),u,{position:o.value.position});i(s,c,!0),r.value=s}function l(s,u){const c=fe({},o.value,t.state,{forward:s,scroll:Bo()});i(c.current,c,!0);const d=fe({},ts(r.value,s,null),{position:c.position+1},u);i(s,d,!1),r.value=s}return{location:r,state:o,push:l,replace:a}}function p0(e){e=r0(e);const t=f0(e),n=d0(e,t.state,t.location,t.replace);function r(i,a=!0){a||n.pauseListeners(),history.go(i)}const o=fe({location:"",base:e,go:r,createHref:i0.bind(null,e)},t,n);return Object.defineProperty(o,"location",{enumerable:!0,get:()=>t.location.value}),Object.defineProperty(o,"state",{enumerable:!0,get:()=>t.state.value}),o}function fd(e){return typeof e=="string"||e&&typeof e=="object"}function pd(e){return typeof e=="string"||typeof e=="symbol"}const md=Symbol("");var ns;(function(e){e[e.aborted=4]="aborted",e[e.cancelled=8]="cancelled",e[e.duplicated=16]="duplicated"})(ns||(ns={}));function Xn(e,t){return fe(new Error,{type:e,[md]:!0},t)}function Lt(e,t){return e instanceof Error&&md in e&&(t==null||!!(e.type&t))}const rs="[^/]+?",m0={sensitive:!1,strict:!1,start:!0,end:!0},h0=/[.+*?^${}()[\]/\\]/g;function v0(e,t){const n=fe({},m0,t),r=[];let o=n.start?"^":"";const i=[];for(const u of e){const c=u.length?[]:[90];n.strict&&!u.length&&(o+="/");for(let d=0;dt.length?t.length===1&&t[0]===80?1:-1:0}function hd(e,t){let n=0;const r=e.score,o=t.score;for(;n0&&t[t.length-1]<0}const g0={type:0,value:""},E0=/[a-zA-Z0-9_]/;function y0(e){if(!e)return[[]];if(e==="/")return[[g0]];if(!e.startsWith("/"))throw new Error(`Invalid path "${e}"`);function t(m){throw new Error(`ERR (${n})/"${u}": ${m}`)}let n=0,r=n;const o=[];let i;function a(){i&&o.push(i),i=[]}let l=0,s,u="",c="";function d(){u&&(n===0?i.push({type:0,value:u}):n===1||n===2||n===3?(i.length>1&&(s==="*"||s==="+")&&t(`A repeatable param (${u}) must be alone in its segment. eg: '/:ids+.`),i.push({type:1,value:u,regexp:c,repeatable:s==="*"||s==="+",optional:s==="*"||s==="?"})):t("Invalid state to consume buffer"),u="")}function p(){u+=s}for(;l{a(g)}:xr}function a(d){if(pd(d)){const p=r.get(d);p&&(r.delete(d),n.splice(n.indexOf(p),1),p.children.forEach(a),p.alias.forEach(a))}else{const p=n.indexOf(d);p>-1&&(n.splice(p,1),d.record.name&&r.delete(d.record.name),d.children.forEach(a),d.alias.forEach(a))}}function l(){return n}function s(d){const p=P0(d,n);n.splice(p,0,d),d.record.name&&!ls(d)&&r.set(d.record.name,d)}function u(d,p){let m,v={},y,E;if("name"in d&&d.name){if(m=r.get(d.name),!m)throw Xn(1,{location:d});E=m.record.name,v=fe(is(p.params,m.keys.filter(g=>!g.optional).concat(m.parent?m.parent.keys.filter(g=>g.optional):[]).map(g=>g.name)),d.params&&is(d.params,m.keys.map(g=>g.name))),y=m.stringify(v)}else if(d.path!=null)y=d.path,m=n.find(g=>g.re.test(y)),m&&(v=m.parse(y),E=m.record.name);else{if(m=p.name?r.get(p.name):n.find(g=>g.re.test(p.path)),!m)throw Xn(1,{location:d,currentLocation:p});E=m.record.name,v=fe({},p.params,d.params),y=m.stringify(v)}const A=[];let T=m;for(;T;)A.unshift(T.record),T=T.parent;return{name:E,path:y,params:v,matched:A,meta:x0(A)}}e.forEach(d=>i(d));function c(){n.length=0,r.clear()}return{addRoute:i,resolve:u,removeRoute:a,clearRoutes:c,getRoutes:l,getRecordMatcher:o}}function is(e,t){const n={};for(const r of t)r in e&&(n[r]=e[r]);return n}function as(e){const t={path:e.path,redirect:e.redirect,name:e.name,meta:e.meta||{},aliasOf:e.aliasOf,beforeEnter:e.beforeEnter,props:T0(e),children:e.children||[],instances:{},leaveGuards:new Set,updateGuards:new Set,enterCallbacks:{},components:"components"in e?e.components||null:e.component&&{default:e.component}};return Object.defineProperty(t,"mods",{value:{}}),t}function T0(e){const t={},n=e.props||!1;if("component"in e)t.default=n;else for(const r in e.components)t[r]=typeof n=="object"?n[r]:n;return t}function ls(e){for(;e;){if(e.record.aliasOf)return!0;e=e.parent}return!1}function x0(e){return e.reduce((t,n)=>fe(t,n.meta),{})}function ss(e,t){const n={};for(const r in e)n[r]=r in t?t[r]:e[r];return n}function P0(e,t){let n=0,r=t.length;for(;n!==r;){const i=n+r>>1;hd(e,t[i])<0?r=i:n=i+1}const o=O0(e);return o&&(r=t.lastIndexOf(o,r-1)),r}function O0(e){let t=e;for(;t=t.parent;)if(vd(t)&&hd(e,t)===0)return t}function vd({record:e}){return!!(e.name||e.components&&Object.keys(e.components).length||e.redirect)}function C0(e){const t={};if(e===""||e==="?")return t;const r=(e[0]==="?"?e.slice(1):e).split("&");for(let o=0;oi&&Ni(i)):[r&&Ni(r)]).forEach(i=>{i!==void 0&&(t+=(t.length?"&":"")+n,i!=null&&(t+="="+i))})}return t}function D0(e){const t={};for(const n in e){const r=e[n];r!==void 0&&(t[n]=at(r)?r.map(o=>o==null?null:""+o):r==null?r:""+r)}return t}const I0=Symbol(""),cs=Symbol(""),Ho=Symbol(""),wa=Symbol(""),Bi=Symbol("");function ur(){let e=[];function t(r){return e.push(r),()=>{const o=e.indexOf(r);o>-1&&e.splice(o,1)}}function n(){e=[]}return{add:t,list:()=>e.slice(),reset:n}}function rn(e,t,n,r,o,i=a=>a()){const a=r&&(r.enterCallbacks[o]=r.enterCallbacks[o]||[]);return()=>new Promise((l,s)=>{const u=p=>{p===!1?s(Xn(4,{from:n,to:t})):p instanceof Error?s(p):fd(p)?s(Xn(2,{from:t,to:p})):(a&&r.enterCallbacks[o]===a&&typeof p=="function"&&a.push(p),l())},c=i(()=>e.call(r&&r.instances[o],t,n,u));let d=Promise.resolve(c);e.length<3&&(d=d.then(u)),d.catch(p=>s(p))})}function hi(e,t,n,r,o=i=>i()){const i=[];for(const a of e)for(const l in a.components){let s=a.components[l];if(!(t!=="beforeRouteEnter"&&!a.instances[l]))if(od(s)){const c=(s.__vccOpts||s)[t];c&&i.push(rn(c,n,r,a,l,o))}else{let u=s();i.push(()=>u.then(c=>{if(!c)throw new Error(`Couldn't resolve component "${l}" at "${a.path}"`);const d=Mv(c)?c.default:c;a.mods[l]=c,a.components[l]=d;const m=(d.__vccOpts||d)[t];return m&&rn(m,n,r,a,l,o)()}))}}return i}function ds(e){const t=Ve(Ho),n=Ve(wa),r=O(()=>{const s=an(e.to);return t.resolve(s)}),o=O(()=>{const{matched:s}=r.value,{length:u}=s,c=s[u-1],d=n.matched;if(!c||!d.length)return-1;const p=d.findIndex(cn.bind(null,c));if(p>-1)return p;const m=fs(s[u-2]);return u>1&&fs(c)===m&&d[d.length-1].path!==m?d.findIndex(cn.bind(null,s[u-2])):p}),i=O(()=>o.value>-1&&w0(n.params,r.value.params)),a=O(()=>o.value>-1&&o.value===n.matched.length-1&&cd(n.params,r.value.params));function l(s={}){return k0(s)?t[an(e.replace)?"replace":"push"](an(e.to)).catch(xr):Promise.resolve()}if($t){const s=In();if(s){const u={route:r.value,isActive:i.value,isExactActive:a.value,error:null};s.__vrl_devtools=s.__vrl_devtools||[],s.__vrl_devtools.push(u),Oa(()=>{u.route=r.value,u.isActive=i.value,u.isExactActive=a.value,u.error=fd(an(e.to))?null:'Invalid "to" value'},{flush:"post"})}}return{route:r,href:O(()=>r.value.href),isActive:i,isExactActive:a,navigate:l}}const R0=X({name:"RouterLink",compatConfig:{MODE:3},props:{to:{type:[String,Object],required:!0},replace:Boolean,activeClass:String,exactActiveClass:String,custom:Boolean,ariaCurrentValue:{type:String,default:"page"}},useLink:ds,setup(e,{slots:t}){const n=Ur(ds(e)),{options:r}=Ve(Ho),o=O(()=>({[ps(e.activeClass,r.linkActiveClass,"router-link-active")]:n.isActive,[ps(e.exactActiveClass,r.linkExactActiveClass,"router-link-exact-active")]:n.isExactActive}));return()=>{const i=t.default&&t.default(n);return e.custom?i:f("a",{"aria-current":n.isExactActive?e.ariaCurrentValue:null,href:n.href,onClick:n.navigate,class:o.value},i)}}}),S0=R0;function k0(e){if(!(e.metaKey||e.altKey||e.ctrlKey||e.shiftKey)&&!e.defaultPrevented&&!(e.button!==void 0&&e.button!==0)){if(e.currentTarget&&e.currentTarget.getAttribute){const t=e.currentTarget.getAttribute("target");if(/\b_blank\b/i.test(t))return}return e.preventDefault&&e.preventDefault(),!0}}function w0(e,t){for(const n in t){const r=t[n],o=e[n];if(typeof r=="string"){if(r!==o)return!1}else if(!at(o)||o.length!==r.length||r.some((i,a)=>i!==o[a]))return!1}return!0}function fs(e){return e?e.aliasOf?e.aliasOf.path:e.path:""}const ps=(e,t,n)=>e??t??n,L0=X({name:"RouterView",inheritAttrs:!1,props:{name:{type:String,default:"default"},route:Object},compatConfig:{MODE:3},setup(e,{attrs:t,slots:n}){const r=Ve(Bi),o=O(()=>e.route||r.value),i=Ve(cs,0),a=O(()=>{let u=an(i);const{matched:c}=o.value;let d;for(;(d=c[u])&&!d.components;)u++;return u}),l=O(()=>o.value.matched[a.value]);xn(cs,O(()=>a.value+1)),xn(I0,l),xn(Bi,o);const s=te();return se(()=>[s.value,l.value,e.name],([u,c,d],[p,m,v])=>{c&&(c.instances[d]=u,m&&m!==c&&u&&u===p&&(c.leaveGuards.size||(c.leaveGuards=m.leaveGuards),c.updateGuards.size||(c.updateGuards=m.updateGuards))),u&&c&&(!m||!cn(c,m)||!p)&&(c.enterCallbacks[d]||[]).forEach(y=>y(u))},{flush:"post"}),()=>{const u=o.value,c=e.name,d=l.value,p=d&&d.components[c];if(!p)return ms(n.default,{Component:p,route:u});const m=d.props[c],v=m?m===!0?u.params:typeof m=="function"?m(u):m:null,E=f(p,fe({},v,t,{onVnodeUnmounted:A=>{A.component.isUnmounted&&(d.instances[c]=null)},ref:s}));if($t&&E.ref){const A={depth:a.value,name:d.name,path:d.path,meta:d.meta};(at(E.ref)?E.ref.map(g=>g.i):[E.ref.i]).forEach(g=>{g.__vrv_devtools=A})}return ms(n.default,{Component:E,route:u})||E}}});function ms(e,t){if(!e)return null;const n=e(t);return n.length===1?n[0]:n}const V0=L0;function cr(e,t){const n=fe({},e,{matched:e.matched.map(r=>W0(r,["instances","children","aliasOf"]))});return{_custom:{type:null,readOnly:!0,display:e.fullPath,tooltip:t,value:n}}}function ro(e){return{_custom:{display:e}}}let F0=0;function M0(e,t,n){if(t.__hasDevtools)return;t.__hasDevtools=!0;const r=F0++;Fv({id:"org.vuejs.router"+(r?"."+r:""),label:"Vue Router",packageName:"vue-router",homepage:"https://router.vuejs.org",logo:"https://router.vuejs.org/logo.png",componentStateTypes:["Routing"],app:e},o=>{typeof o.now!="function"&&console.warn("[Vue Router]: You seem to be using an outdated version of Vue Devtools. Are you still using the Beta release instead of the stable one? You can find the links at https://devtools.vuejs.org/guide/installation.html."),o.on.inspectComponent((c,d)=>{c.instanceData&&c.instanceData.state.push({type:"Routing",key:"$route",editable:!1,value:cr(t.currentRoute.value,"Current Route")})}),o.on.visitComponentTree(({treeNode:c,componentInstance:d})=>{if(d.__vrv_devtools){const p=d.__vrv_devtools;c.tags.push({label:(p.name?`${p.name.toString()}: `:"")+p.path,textColor:0,tooltip:"This component is rendered by <router-view>",backgroundColor:_d})}at(d.__vrl_devtools)&&(d.__devtoolsApi=o,d.__vrl_devtools.forEach(p=>{let m=p.route.path,v=yd,y="",E=0;p.error?(m=p.error,v=U0,E=j0):p.isExactActive?(v=Ed,y="This is exactly active"):p.isActive&&(v=gd,y="This link is active"),c.tags.push({label:m,textColor:E,tooltip:y,backgroundColor:v})}))}),se(t.currentRoute,()=>{s(),o.notifyComponentUpdate(),o.sendInspectorTree(l),o.sendInspectorState(l)});const i="router:navigations:"+r;o.addTimelineLayer({id:i,label:`Router${r?" "+r:""} Navigations`,color:4237508}),t.onError((c,d)=>{o.addTimelineEvent({layerId:i,event:{title:"Error during Navigation",subtitle:d.fullPath,logType:"error",time:o.now(),data:{error:c},groupId:d.meta.__navigationId}})});let a=0;t.beforeEach((c,d)=>{const p={guard:ro("beforeEach"),from:cr(d,"Current Location during this navigation"),to:cr(c,"Target location")};Object.defineProperty(c.meta,"__navigationId",{value:a++}),o.addTimelineEvent({layerId:i,event:{time:o.now(),title:"Start of navigation",subtitle:c.fullPath,data:p,groupId:c.meta.__navigationId}})}),t.afterEach((c,d,p)=>{const m={guard:ro("afterEach")};p?(m.failure={_custom:{type:Error,readOnly:!0,display:p?p.message:"",tooltip:"Navigation Failure",value:p}},m.status=ro("❌")):m.status=ro("✅"),m.from=cr(d,"Current Location during this navigation"),m.to=cr(c,"Target location"),o.addTimelineEvent({layerId:i,event:{title:"End of navigation",subtitle:c.fullPath,time:o.now(),data:m,logType:p?"warning":"default",groupId:c.meta.__navigationId}})});const l="router-inspector:"+r;o.addInspector({id:l,label:"Routes"+(r?" "+r:""),icon:"book",treeFilterPlaceholder:"Search routes"});function s(){if(!u)return;const c=u;let d=n.getRoutes().filter(p=>!p.parent||!p.parent.record.components);d.forEach(Td),c.filter&&(d=d.filter(p=>Hi(p,c.filter.toLowerCase()))),d.forEach(p=>Ad(p,t.currentRoute.value)),c.rootNodes=d.map(bd)}let u;o.on.getInspectorTree(c=>{u=c,c.app===e&&c.inspectorId===l&&s()}),o.on.getInspectorState(c=>{if(c.app===e&&c.inspectorId===l){const p=n.getRoutes().find(m=>m.record.__vd_id===c.nodeId);p&&(c.state={options:$0(p)})}}),o.sendInspectorTree(l),o.sendInspectorState(l)})}function N0(e){return e.optional?e.repeatable?"*":"?":e.repeatable?"+":""}function $0(e){const{record:t}=e,n=[{editable:!1,key:"path",value:t.path}];return t.name!=null&&n.push({editable:!1,key:"name",value:t.name}),n.push({editable:!1,key:"regexp",value:e.re}),e.keys.length&&n.push({editable:!1,key:"keys",value:{_custom:{type:null,readOnly:!0,display:e.keys.map(r=>`${r.name}${N0(r)}`).join(" "),tooltip:"Param keys",value:e.keys}}}),t.redirect!=null&&n.push({editable:!1,key:"redirect",value:t.redirect}),e.alias.length&&n.push({editable:!1,key:"aliases",value:e.alias.map(r=>r.record.path)}),Object.keys(e.record.meta).length&&n.push({editable:!1,key:"meta",value:e.record.meta}),n.push({key:"score",editable:!1,value:{_custom:{type:null,readOnly:!0,display:e.score.map(r=>r.join(", ")).join(" | "),tooltip:"Score used to sort routes",value:e.score}}}),n}const _d=15485081,gd=2450411,Ed=8702998,B0=2282478,yd=16486972,H0=6710886,U0=16704226,j0=12131356;function bd(e){const t=[],{record:n}=e;n.name!=null&&t.push({label:String(n.name),textColor:0,backgroundColor:B0}),n.aliasOf&&t.push({label:"alias",textColor:0,backgroundColor:yd}),e.__vd_match&&t.push({label:"matches",textColor:0,backgroundColor:_d}),e.__vd_exactActive&&t.push({label:"exact",textColor:0,backgroundColor:Ed}),e.__vd_active&&t.push({label:"active",textColor:0,backgroundColor:gd}),n.redirect&&t.push({label:typeof n.redirect=="string"?`redirect: ${n.redirect}`:"redirects",textColor:16777215,backgroundColor:H0});let r=n.__vd_id;return r==null&&(r=String(z0++),n.__vd_id=r),{id:r,label:n.path,tags:t,children:e.children.map(bd)}}let z0=0;const K0=/^\/(.*)\/([a-z]*)$/;function Ad(e,t){const n=t.matched.length&&cn(t.matched[t.matched.length-1],e.record);e.__vd_exactActive=e.__vd_active=n,n||(e.__vd_active=t.matched.some(r=>cn(r,e.record))),e.children.forEach(r=>Ad(r,t))}function Td(e){e.__vd_match=!1,e.children.forEach(Td)}function Hi(e,t){const n=String(e.re).match(K0);if(e.__vd_match=!1,!n||n.length<3)return!1;if(new RegExp(n[1].replace(/\$$/,""),n[2]).test(t))return e.children.forEach(a=>Hi(a,t)),e.record.path!=="/"||t==="/"?(e.__vd_match=e.re.test(t),!0):!1;const o=e.record.path.toLowerCase(),i=Yn(o);return!t.startsWith("/")&&(i.includes(t)||o.includes(t))||i.startsWith(t)||o.startsWith(t)||e.record.name&&String(e.record.name).includes(t)?!0:e.children.some(a=>Hi(a,t))}function W0(e,t){const n={};for(const r in e)t.includes(r)||(n[r]=e[r]);return n}function q0(e){const t=A0(e.routes,e),n=e.parseQuery||C0,r=e.stringifyQuery||us,o=e.history,i=ur(),a=ur(),l=ur(),s=Be(Mt);let u=Mt;$t&&e.scrollBehavior&&"scrollRestoration"in history&&(history.scrollRestoration="manual");const c=pi.bind(null,D=>""+D),d=pi.bind(null,Xv),p=pi.bind(null,Yn);function m(D,K){let j,J;return pd(D)?(j=t.getRecordMatcher(D),J=K):J=D,t.addRoute(J,j)}function v(D){const K=t.getRecordMatcher(D);K&&t.removeRoute(K)}function y(){return t.getRoutes().map(D=>D.record)}function E(D){return!!t.getRecordMatcher(D)}function A(D,K){if(K=fe({},K||s.value),typeof D=="string"){const b=mi(n,D,K.path),P=t.resolve({path:b.path},K),I=o.createHref(b.fullPath);return fe(b,P,{params:p(P.params),hash:Yn(b.hash),redirectedFrom:void 0,href:I})}let j;if(D.path!=null)j=fe({},D,{path:mi(n,D.path,K.path).path});else{const b=fe({},D.params);for(const P in b)b[P]==null&&delete b[P];j=fe({},D,{params:d(b)}),K.params=d(K.params)}const J=t.resolve(j,K),de=D.hash||"";J.params=c(p(J.params));const Ae=Zv(r,fe({},D,{hash:qv(de),path:J.path})),_=o.createHref(Ae);return fe({fullPath:Ae,hash:de,query:r===us?D0(D.query):D.query||{}},J,{redirectedFrom:void 0,href:_})}function T(D){return typeof D=="string"?mi(n,D,s.value.path):fe({},D)}function g(D,K){if(u!==D)return Xn(8,{from:K,to:D})}function x(D){return N(D)}function V(D){return x(fe(T(D),{replace:!0}))}function H(D){const K=D.matched[D.matched.length-1];if(K&&K.redirect){const{redirect:j}=K;let J=typeof j=="function"?j(D):j;return typeof J=="string"&&(J=J.includes("?")||J.includes("#")?J=T(J):{path:J},J.params={}),fe({query:D.query,hash:D.hash,params:J.path!=null?{}:D.params},J)}}function N(D,K){const j=u=A(D),J=s.value,de=D.state,Ae=D.force,_=D.replace===!0,b=H(j);if(b)return N(fe(T(b),{state:typeof b=="object"?fe({},de,b.state):de,force:Ae,replace:_}),K||j);const P=j;P.redirectedFrom=K;let I;return!Ae&&e0(r,J,j)&&(I=Xn(16,{to:P,from:J}),we(J,J,!0,!1)),(I?Promise.resolve(I):S(P,J)).catch(C=>Lt(C)?Lt(C,2)?C:ke(C):Y(C,P,J)).then(C=>{if(C){if(Lt(C,2))return N(fe({replace:_},T(C.to),{state:typeof C.to=="object"?fe({},de,C.to.state):de,force:Ae}),K||P)}else C=L(P,J,!0,_,de);return G(P,J,C),C})}function Q(D,K){const j=g(D,K);return j?Promise.reject(j):Promise.resolve()}function $(D){const K=kt.values().next().value;return K&&typeof K.runWithContext=="function"?K.runWithContext(D):D()}function S(D,K){let j;const[J,de,Ae]=G0(D,K);j=hi(J.reverse(),"beforeRouteLeave",D,K);for(const b of J)b.leaveGuards.forEach(P=>{j.push(rn(P,D,K))});const _=Q.bind(null,D,K);return j.push(_),st(j).then(()=>{j=[];for(const b of i.list())j.push(rn(b,D,K));return j.push(_),st(j)}).then(()=>{j=hi(de,"beforeRouteUpdate",D,K);for(const b of de)b.updateGuards.forEach(P=>{j.push(rn(P,D,K))});return j.push(_),st(j)}).then(()=>{j=[];for(const b of Ae)if(b.beforeEnter)if(at(b.beforeEnter))for(const P of b.beforeEnter)j.push(rn(P,D,K));else j.push(rn(b.beforeEnter,D,K));return j.push(_),st(j)}).then(()=>(D.matched.forEach(b=>b.enterCallbacks={}),j=hi(Ae,"beforeRouteEnter",D,K,$),j.push(_),st(j))).then(()=>{j=[];for(const b of a.list())j.push(rn(b,D,K));return j.push(_),st(j)}).catch(b=>Lt(b,8)?b:Promise.reject(b))}function G(D,K,j){l.list().forEach(J=>$(()=>J(D,K,j)))}function L(D,K,j,J,de){const Ae=g(D,K);if(Ae)return Ae;const _=K===Mt,b=$t?history.state:{};j&&(J||_?o.replace(D.fullPath,fe({scroll:_&&b&&b.scroll},de)):o.push(D.fullPath,de)),s.value=D,we(D,K,j,_),ke()}let Z;function ae(){Z||(Z=o.listen((D,K,j)=>{if(!Xt.listening)return;const J=A(D),de=H(J);if(de){N(fe(de,{replace:!0}),J).catch(xr);return}u=J;const Ae=s.value;$t&&s0(es(Ae.fullPath,j.delta),Bo()),S(J,Ae).catch(_=>Lt(_,12)?_:Lt(_,2)?(N(_.to,J).then(b=>{Lt(b,20)&&!j.delta&&j.type===kr.pop&&o.go(-1,!1)}).catch(xr),Promise.reject()):(j.delta&&o.go(-j.delta,!1),Y(_,J,Ae))).then(_=>{_=_||L(J,Ae,!1),_&&(j.delta&&!Lt(_,8)?o.go(-j.delta,!1):j.type===kr.pop&&Lt(_,20)&&o.go(-1,!1)),G(J,Ae,_)}).catch(xr)}))}let he=ur(),q=ur(),B;function Y(D,K,j){ke(D);const J=q.list();return J.length?J.forEach(de=>de(D,K,j)):console.error(D),Promise.reject(D)}function ce(){return B&&s.value!==Mt?Promise.resolve():new Promise((D,K)=>{he.add([D,K])})}function ke(D){return B||(B=!D,ae(),he.list().forEach(([K,j])=>D?j(D):K()),he.reset()),D}function we(D,K,j,J){const{scrollBehavior:de}=e;if(!$t||!de)return Promise.resolve();const Ae=!j&&u0(es(D.fullPath,0))||(J||!j)&&history.state&&history.state.scroll||null;return Kt().then(()=>de(D,K,Ae)).then(_=>_&&l0(_)).catch(_=>Y(_,D,K))}const ve=D=>o.go(D);let lt;const kt=new Set,Xt={currentRoute:s,listening:!0,addRoute:m,removeRoute:v,clearRoutes:t.clearRoutes,hasRoute:E,getRoutes:y,resolve:A,options:e,push:x,replace:V,go:ve,back:()=>ve(-1),forward:()=>ve(1),beforeEach:i.add,beforeResolve:a.add,afterEach:l.add,onError:q.add,isReady:ce,install(D){const K=this;D.component("RouterLink",S0),D.component("RouterView",V0),D.config.globalProperties.$router=K,Object.defineProperty(D.config.globalProperties,"$route",{enumerable:!0,get:()=>an(s)}),$t&&!lt&&s.value===Mt&&(lt=!0,x(o.location).catch(de=>{}));const j={};for(const de in Mt)Object.defineProperty(j,de,{get:()=>s.value[de],enumerable:!0});D.provide(Ho,K),D.provide(wa,Qu(j)),D.provide(Bi,s);const J=D.unmount;kt.add(D),D.unmount=function(){kt.delete(D),kt.size<1&&(u=Mt,Z&&Z(),Z=null,s.value=Mt,lt=!1,B=!1),J()},$t&&M0(D,K,t)}};function st(D){return D.reduce((K,j)=>K.then(()=>$(j)),Promise.resolve())}return Xt}function G0(e,t){const n=[],r=[],o=[],i=Math.max(t.matched.length,e.matched.length);for(let a=0;acn(u,l))?r.push(l):n.push(l));const s=e.matched[a];s&&(t.matched.find(u=>cn(u,s))||o.push(s))}return[n,r,o]}function Rn(){return Ve(Ho)}function qt(e){return Ve(wa)}var La=Symbol(""),bt=()=>{const e=Ve(La);if(!e)throw new Error("useClientData() is called without provider.");return e},Y0=()=>bt().pageComponent,Ne=()=>bt().pageData,Se=()=>bt().pageFrontmatter,X0=()=>bt().pageHead,xd=()=>bt().pageLang,J0=()=>bt().pageLayout,Gt=()=>bt().routeLocale,Pd=()=>bt().routePath,Q0=()=>bt().routes,Od=()=>bt().siteData,Uo=()=>bt().siteLocaleData,Z0=Symbol(""),Ui=Be(Cv),zn=Be(Dv),Cd=(e,t)=>{const n=Ev(e,t);if(zn.value[n])return n;const r=encodeURI(n);if(zn.value[r])return r;const o=Ui.value[n]||Ui.value[r];return o||n},Ut=(e,t)=>{const{pathname:n,hashAndQueries:r}=ed(e),o=Cd(n,t),i=o+r;return zn.value[o]?{...zn.value[o],path:i,notFound:!1}:{...zn.value["/404.html"],path:i,notFound:!0}},e_=(e,t)=>{const{pathname:n,hashAndQueries:r}=ed(e);return Cd(n,t)+r},t_=e=>{if(!(e.metaKey||e.altKey||e.ctrlKey||e.shiftKey)&&!e.defaultPrevented&&!(e.button!==void 0&&e.button!==0)){if(e.currentTarget){const t=e.currentTarget.getAttribute("target");if(t!=null&&t.match(/\b_blank\b/i))return}return e.preventDefault(),!0}},_t=X({name:"RouteLink",props:{to:{type:String,required:!0},active:Boolean,activeClass:{type:String,default:"route-link-active"}},slots:Object,setup(e,{slots:t}){const n=Rn(),r=qt(),o=O(()=>e.to.startsWith("#")||e.to.startsWith("?")?e.to:`/${e_(e.to,r.path).substring(1)}`);return()=>f("a",{class:["route-link",{[e.activeClass]:e.active}],href:o.value,onClick:(i={})=>{t_(i)&&n.push(e.to).catch()}},t.default())}}),n_=X({name:"AutoLink",props:{config:{type:Object,required:!0}},slots:Object,setup(e,{slots:t}){const n=Vo(e,"config"),r=qt(),o=Od(),i=O(()=>Wr(n.value.link)),a=O(()=>n.value.target||(i.value?"_blank":void 0)),l=O(()=>a.value==="_blank"),s=O(()=>!i.value&&!l.value),u=O(()=>n.value.rel||(l.value?"noopener noreferrer":null)),c=O(()=>n.value.ariaLabel??n.value.text),d=O(()=>{if(n.value.exact)return!1;const m=Object.keys(o.value.locales);return m.length?m.every(v=>v!==n.value.link):n.value.link!=="/"}),p=O(()=>s.value?n.value.activeMatch?(n.value.activeMatch instanceof RegExp?n.value.activeMatch:new RegExp(n.value.activeMatch,"u")).test(r.path):d.value?r.path.startsWith(n.value.link):r.path===n.value.link:!1);return()=>{const{before:m,after:v,default:y}=t,E=(y==null?void 0:y(n.value))??[m==null?void 0:m(n.value),n.value.text,v==null?void 0:v(n.value)];return s.value?f(_t,{class:"auto-link",to:n.value.link,active:p.value,"aria-label":c.value},()=>E):f("a",{class:"auto-link external-link",href:n.value.link,"aria-label":c.value,rel:u.value,target:a.value},E)}}}),Dd=X({name:"ClientOnly",setup(e,t){const n=te(!1);return Oe(()=>{n.value=!0}),()=>{var r,o;return n.value?(o=(r=t.slots).default)==null?void 0:o.call(r):null}}}),Id=X({name:"Content",props:{path:{type:String,required:!1,default:""}},setup(e){const t=Y0(),n=O(()=>{if(!e.path)return t.value;const r=Ut(e.path);return _c(async()=>r.loader().then(({comp:o})=>o))});return()=>f(n.value)}}),r_="Layout",o_="en-US",_n=Ur({resolveLayouts:e=>e.reduce((t,n)=>({...t,...n.layouts}),{}),resolvePageHead:(e,t,n)=>{const r=Fe(t.description)?t.description:n.description,o=[...Array.isArray(t.head)?t.head:[],...n.head,["title",{},e],["meta",{name:"description",content:r}]];return Pv(o)},resolvePageHeadTitle:(e,t)=>[e.title,t.title].filter(n=>!!n).join(" | "),resolvePageLang:(e,t)=>e.lang||t.lang||o_,resolvePageLayout:(e,t)=>{const n=Fe(e.frontmatter.layout)?e.frontmatter.layout:r_;if(!t[n])throw new Error(`[vuepress] Cannot resolve layout: ${n}`);return t[n]},resolveRouteLocale:(e,t)=>yv(e,decodeURI(t)),resolveSiteLocaleData:({base:e,locales:t,...n},r)=>{var o;return{...n,...t[r],head:[...((o=t[r])==null?void 0:o.head)??[],...n.head]}}}),Yt=(e={})=>e,$e=e=>qr(e)?e:`/${nd(e)}`;const i_=Object.freeze(Object.defineProperty({__proto__:null},Symbol.toStringTag,{value:"Module"})),a_=Object.freeze(Object.defineProperty({__proto__:null},Symbol.toStringTag,{value:"Module"}));function Sn(e){return Mu()?(Np(e),!0):!1}function je(e){return typeof e=="function"?e():an(e)}const Gr=typeof window<"u"&&typeof document<"u";typeof WorkerGlobalScope<"u"&&globalThis instanceof WorkerGlobalScope;const l_=Object.prototype.toString,s_=e=>l_.call(e)==="[object Object]",Ht=()=>{},ji=u_();function u_(){var e,t;return Gr&&((e=window==null?void 0:window.navigator)==null?void 0:e.userAgent)&&(/iP(?:ad|hone|od)/.test(window.navigator.userAgent)||((t=window==null?void 0:window.navigator)==null?void 0:t.maxTouchPoints)>2&&/iPad|Macintosh/.test(window==null?void 0:window.navigator.userAgent))}function Va(e,t){function n(...r){return new Promise((o,i)=>{Promise.resolve(e(()=>t.apply(this,r),{fn:t,thisArg:this,args:r})).then(o).catch(i)})}return n}const Rd=e=>e();function c_(e,t={}){let n,r,o=Ht;const i=l=>{clearTimeout(l),o(),o=Ht};return l=>{const s=je(e),u=je(t.maxWait);return n&&i(n),s<=0||u!==void 0&&u<=0?(r&&(i(r),r=null),Promise.resolve(l())):new Promise((c,d)=>{o=t.rejectOnCancel?d:c,u&&!r&&(r=setTimeout(()=>{n&&i(n),r=null,c(l())},u)),n=setTimeout(()=>{r&&i(r),r=null,c(l())},s)})}}function d_(...e){let t=0,n,r=!0,o=Ht,i,a,l,s,u;!Ie(e[0])&&typeof e[0]=="object"?{delay:a,trailing:l=!0,leading:s=!0,rejectOnCancel:u=!1}=e[0]:[a,l=!0,s=!0,u=!1]=e;const c=()=>{n&&(clearTimeout(n),n=void 0,o(),o=Ht)};return p=>{const m=je(a),v=Date.now()-t,y=()=>i=p();return c(),m<=0?(t=Date.now(),y()):(v>m&&(s||!r)?(t=Date.now(),y()):l&&(i=new Promise((E,A)=>{o=u?A:E,n=setTimeout(()=>{t=Date.now(),r=!0,E(y()),c()},Math.max(0,m-v))})),!s&&!n&&(n=setTimeout(()=>r=!0,m)),r=!1,i)}}function f_(e=Rd){const t=te(!0);function n(){t.value=!1}function r(){t.value=!0}const o=(...i)=>{t.value&&e(...i)};return{isActive:tr(t),pause:n,resume:r,eventFilter:o}}function p_(e){let t;function n(){return t||(t=e()),t}return n.reset=async()=>{const r=t;t=void 0,r&&await r},n}function m_(e){return In()}function h_(...e){if(e.length!==1)return Vo(...e);const t=e[0];return typeof t=="function"?tr(tc(()=>({get:t,set:Ht}))):te(t)}function Sd(e,t=200,n={}){return Va(c_(t,n),e)}function v_(e,t=200,n=!1,r=!0,o=!1){return Va(d_(t,n,r,o),e)}function __(e,t,n={}){const{eventFilter:r=Rd,...o}=n;return se(e,Va(r,t),o)}function g_(e,t,n={}){const{eventFilter:r,...o}=n,{eventFilter:i,pause:a,resume:l,isActive:s}=f_(r);return{stop:__(e,t,{...o,eventFilter:i}),pause:a,resume:l,isActive:s}}function jo(e,t=!0,n){m_()?Oe(e,n):t?e():Kt(e)}function E_(e,t,n={}){const{immediate:r=!0}=n,o=te(!1);let i=null;function a(){i&&(clearTimeout(i),i=null)}function l(){o.value=!1,a()}function s(...u){a(),o.value=!0,i=setTimeout(()=>{o.value=!1,i=null,e(...u)},je(t))}return r&&(o.value=!0,Gr&&s()),Sn(l),{isPending:tr(o),start:s,stop:l}}function zi(e=!1,t={}){const{truthyValue:n=!0,falsyValue:r=!1}=t,o=Ie(e),i=te(e);function a(l){if(arguments.length)return i.value=l,i.value;{const s=je(n);return i.value=i.value===s?je(r):s,i.value}}return o?a:[i,a]}const mt=Gr?window:void 0,kd=Gr?window.document:void 0,wd=Gr?window.navigator:void 0;function it(e){var t;const n=je(e);return(t=n==null?void 0:n.$el)!=null?t:n}function De(...e){let t,n,r,o;if(typeof e[0]=="string"||Array.isArray(e[0])?([n,r,o]=e,t=mt):[t,n,r,o]=e,!t)return Ht;Array.isArray(n)||(n=[n]),Array.isArray(r)||(r=[r]);const i=[],a=()=>{i.forEach(c=>c()),i.length=0},l=(c,d,p,m)=>(c.addEventListener(d,p,m),()=>c.removeEventListener(d,p,m)),s=se(()=>[it(t),je(o)],([c,d])=>{if(a(),!c)return;const p=s_(d)?{...d}:d;i.push(...n.flatMap(m=>r.map(v=>l(c,m,v,p))))},{immediate:!0,flush:"post"}),u=()=>{s(),a()};return Sn(u),u}let hs=!1;function y_(e,t,n={}){const{window:r=mt,ignore:o=[],capture:i=!0,detectIframe:a=!1}=n;if(!r)return Ht;ji&&!hs&&(hs=!0,Array.from(r.document.body.children).forEach(m=>m.addEventListener("click",Ht)),r.document.documentElement.addEventListener("click",Ht));let l=!0;const s=m=>je(o).some(v=>{if(typeof v=="string")return Array.from(r.document.querySelectorAll(v)).some(y=>y===m.target||m.composedPath().includes(y));{const y=it(v);return y&&(m.target===y||m.composedPath().includes(y))}}),u=m=>{const v=it(e);if(!(!v||v===m.target||m.composedPath().includes(v))){if(m.detail===0&&(l=!s(m)),!l){l=!0;return}t(m)}};let c=!1;const d=[De(r,"click",m=>{c||(c=!0,setTimeout(()=>{c=!1},0),u(m))},{passive:!0,capture:i}),De(r,"pointerdown",m=>{const v=it(e);l=!s(m)&&!!(v&&!m.composedPath().includes(v))},{passive:!0}),a&&De(r,"blur",m=>{setTimeout(()=>{var v;const y=it(e);((v=r.document.activeElement)==null?void 0:v.tagName)==="IFRAME"&&!(y!=null&&y.contains(r.document.activeElement))&&t(m)},0)})].filter(Boolean);return()=>d.forEach(m=>m())}function b_(){const e=te(!1),t=In();return t&&Oe(()=>{e.value=!0},t),e}function Yr(e){const t=b_();return O(()=>(t.value,!!e()))}function Fa(e,t={}){const{window:n=mt}=t,r=Yr(()=>n&&"matchMedia"in n&&typeof n.matchMedia=="function");let o;const i=te(!1),a=u=>{i.value=u.matches},l=()=>{o&&("removeEventListener"in o?o.removeEventListener("change",a):o.removeListener(a))},s=Oa(()=>{r.value&&(l(),o=n.matchMedia(je(e)),"addEventListener"in o?o.addEventListener("change",a):o.addListener(a),i.value=o.matches)});return Sn(()=>{s(),l(),o=void 0}),i}function vs(e,t={}){const{controls:n=!1,navigator:r=wd}=t,o=Yr(()=>r&&"permissions"in r),i=Be(),a=typeof e=="string"?{name:e}:e,l=Be(),s=()=>{var c,d;l.value=(d=(c=i.value)==null?void 0:c.state)!=null?d:"prompt"};De(i,"change",s);const u=p_(async()=>{if(o.value){if(!i.value)try{i.value=await r.permissions.query(a)}catch{i.value=void 0}finally{s()}if(n)return le(i.value)}});return u(),n?{state:l,isSupported:o,query:u}:l}function A_(e={}){const{navigator:t=wd,read:n=!1,source:r,copiedDuring:o=1500,legacy:i=!1}=e,a=Yr(()=>t&&"clipboard"in t),l=vs("clipboard-read"),s=vs("clipboard-write"),u=O(()=>a.value||i),c=te(""),d=te(!1),p=E_(()=>d.value=!1,o);function m(){a.value&&A(l.value)?t.clipboard.readText().then(T=>{c.value=T}):c.value=E()}u.value&&n&&De(["copy","cut"],m);async function v(T=je(r)){u.value&&T!=null&&(a.value&&A(s.value)?await t.clipboard.writeText(T):y(T),c.value=T,d.value=!0,p.start())}function y(T){const g=document.createElement("textarea");g.value=T??"",g.style.position="absolute",g.style.opacity="0",document.body.appendChild(g),g.select(),document.execCommand("copy"),g.remove()}function E(){var T,g,x;return(x=(g=(T=document==null?void 0:document.getSelection)==null?void 0:T.call(document))==null?void 0:g.toString())!=null?x:""}function A(T){return T==="granted"||T==="prompt"}return{isSupported:u,text:c,copied:d,copy:v}}const oo=typeof globalThis<"u"?globalThis:typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{},io="__vueuse_ssr_handlers__",T_=x_();function x_(){return io in oo||(oo[io]=oo[io]||{}),oo[io]}function P_(e,t){return T_[e]||t}function O_(e){return Fa("(prefers-color-scheme: dark)",e)}function C_(e){return e==null?"any":e instanceof Set?"set":e instanceof Map?"map":e instanceof Date?"date":typeof e=="boolean"?"boolean":typeof e=="string"?"string":typeof e=="object"?"object":Number.isNaN(e)?"any":"number"}const D_={boolean:{read:e=>e==="true",write:e=>String(e)},object:{read:e=>JSON.parse(e),write:e=>JSON.stringify(e)},number:{read:e=>Number.parseFloat(e),write:e=>String(e)},any:{read:e=>e,write:e=>String(e)},string:{read:e=>e,write:e=>String(e)},map:{read:e=>new Map(JSON.parse(e)),write:e=>JSON.stringify(Array.from(e.entries()))},set:{read:e=>new Set(JSON.parse(e)),write:e=>JSON.stringify(Array.from(e))},date:{read:e=>new Date(e),write:e=>e.toISOString()}},_s="vueuse-storage";function zo(e,t,n,r={}){var o;const{flush:i="pre",deep:a=!0,listenToStorageChanges:l=!0,writeDefaults:s=!0,mergeDefaults:u=!1,shallow:c,window:d=mt,eventFilter:p,onError:m=S=>{console.error(S)},initOnMounted:v}=r,y=(c?Be:te)(typeof t=="function"?t():t);if(!n)try{n=P_("getDefaultStorage",()=>{var S;return(S=mt)==null?void 0:S.localStorage})()}catch(S){m(S)}if(!n)return y;const E=je(t),A=C_(E),T=(o=r.serializer)!=null?o:D_[A],{pause:g,resume:x}=g_(y,()=>H(y.value),{flush:i,deep:a,eventFilter:p});d&&l&&jo(()=>{n instanceof Storage?De(d,"storage",Q):De(d,_s,$),v&&Q()}),v||Q();function V(S,G){if(d){const L={key:e,oldValue:S,newValue:G,storageArea:n};d.dispatchEvent(n instanceof Storage?new StorageEvent("storage",L):new CustomEvent(_s,{detail:L}))}}function H(S){try{const G=n.getItem(e);if(S==null)V(G,null),n.removeItem(e);else{const L=T.write(S);G!==L&&(n.setItem(e,L),V(G,L))}}catch(G){m(G)}}function N(S){const G=S?S.newValue:n.getItem(e);if(G==null)return s&&E!=null&&n.setItem(e,T.write(E)),E;if(!S&&u){const L=T.read(G);return typeof u=="function"?u(L,E):A==="object"&&!Array.isArray(L)?{...E,...L}:L}else return typeof G!="string"?G:T.read(G)}function Q(S){if(!(S&&S.storageArea!==n)){if(S&&S.key==null){y.value=E;return}if(!(S&&S.key!==e)){g();try{(S==null?void 0:S.newValue)!==T.write(y.value)&&(y.value=N(S))}catch(G){m(G)}finally{S?Kt(x):x()}}}}function $(S){Q(S.detail)}return y}function I_(e,t,n={}){const{window:r=mt,...o}=n;let i;const a=Yr(()=>r&&"ResizeObserver"in r),l=()=>{i&&(i.disconnect(),i=void 0)},s=O(()=>{const d=je(e);return Array.isArray(d)?d.map(p=>it(p)):[it(d)]}),u=se(s,d=>{if(l(),a.value&&r){i=new ResizeObserver(t);for(const p of d)p&&i.observe(p,o)}},{immediate:!0,flush:"post"}),c=()=>{l(),u()};return Sn(c),{isSupported:a,stop:c}}function R_(e,t={width:0,height:0},n={}){const{window:r=mt,box:o="content-box"}=n,i=O(()=>{var d,p;return(p=(d=it(e))==null?void 0:d.namespaceURI)==null?void 0:p.includes("svg")}),a=te(t.width),l=te(t.height),{stop:s}=I_(e,([d])=>{const p=o==="border-box"?d.borderBoxSize:o==="content-box"?d.contentBoxSize:d.devicePixelContentBoxSize;if(r&&i.value){const m=it(e);if(m){const v=m.getBoundingClientRect();a.value=v.width,l.value=v.height}}else if(p){const m=Array.isArray(p)?p:[p];a.value=m.reduce((v,{inlineSize:y})=>v+y,0),l.value=m.reduce((v,{blockSize:y})=>v+y,0)}else a.value=d.contentRect.width,l.value=d.contentRect.height},n);jo(()=>{const d=it(e);d&&(a.value="offsetWidth"in d?d.offsetWidth:t.width,l.value="offsetHeight"in d?d.offsetHeight:t.height)});const u=se(()=>it(e),d=>{a.value=d?t.width:0,l.value=d?t.height:0});function c(){s(),u()}return{width:a,height:l,stop:c}}const gs=["fullscreenchange","webkitfullscreenchange","webkitendfullscreen","mozfullscreenchange","MSFullscreenChange"];function Ma(e,t={}){const{document:n=kd,autoExit:r=!1}=t,o=O(()=>{var A;return(A=it(e))!=null?A:n==null?void 0:n.querySelector("html")}),i=te(!1),a=O(()=>["requestFullscreen","webkitRequestFullscreen","webkitEnterFullscreen","webkitEnterFullScreen","webkitRequestFullScreen","mozRequestFullScreen","msRequestFullscreen"].find(A=>n&&A in n||o.value&&A in o.value)),l=O(()=>["exitFullscreen","webkitExitFullscreen","webkitExitFullScreen","webkitCancelFullScreen","mozCancelFullScreen","msExitFullscreen"].find(A=>n&&A in n||o.value&&A in o.value)),s=O(()=>["fullScreen","webkitIsFullScreen","webkitDisplayingFullscreen","mozFullScreen","msFullscreenElement"].find(A=>n&&A in n||o.value&&A in o.value)),u=["fullscreenElement","webkitFullscreenElement","mozFullScreenElement","msFullscreenElement"].find(A=>n&&A in n),c=Yr(()=>o.value&&n&&a.value!==void 0&&l.value!==void 0&&s.value!==void 0),d=()=>u?(n==null?void 0:n[u])===o.value:!1,p=()=>{if(s.value){if(n&&n[s.value]!=null)return n[s.value];{const A=o.value;if((A==null?void 0:A[s.value])!=null)return!!A[s.value]}}return!1};async function m(){if(!(!c.value||!i.value)){if(l.value)if((n==null?void 0:n[l.value])!=null)await n[l.value]();else{const A=o.value;(A==null?void 0:A[l.value])!=null&&await A[l.value]()}i.value=!1}}async function v(){if(!c.value||i.value)return;p()&&await m();const A=o.value;a.value&&(A==null?void 0:A[a.value])!=null&&(await A[a.value](),i.value=!0)}async function y(){await(i.value?m():v())}const E=()=>{const A=p();(!A||A&&d())&&(i.value=A)};return De(n,gs,E,!1),De(()=>it(o),gs,E,!1),r&&Sn(m),{isSupported:c,isFullscreen:i,enter:v,exit:m,toggle:y}}function vi(e){return typeof Window<"u"&&e instanceof Window?e.document.documentElement:typeof Document<"u"&&e instanceof Document?e.documentElement:e}function S_(e,t,n={}){const{window:r=mt}=n;return zo(e,t,r==null?void 0:r.localStorage,n)}function k_(e={}){const{window:t=mt}=e;if(!t)return te(["en"]);const n=t.navigator,r=te(n.languages);return De(t,"languagechange",()=>{r.value=n.languages}),r}function Ld(e){const t=window.getComputedStyle(e);if(t.overflowX==="scroll"||t.overflowY==="scroll"||t.overflowX==="auto"&&e.clientWidth1?!0:(t.preventDefault&&t.preventDefault(),!1)}const _i=new WeakMap;function Ko(e,t=!1){const n=te(t);let r=null,o="";se(h_(e),l=>{const s=vi(je(l));if(s){const u=s;if(_i.get(u)||_i.set(u,u.style.overflow),u.style.overflow!=="hidden"&&(o=u.style.overflow),u.style.overflow==="hidden")return n.value=!0;if(n.value)return u.style.overflow="hidden"}},{immediate:!0});const i=()=>{const l=vi(je(e));!l||n.value||(ji&&(r=De(l,"touchmove",s=>{w_(s)},{passive:!1})),l.style.overflow="hidden",n.value=!0)},a=()=>{const l=vi(je(e));!l||!n.value||(ji&&(r==null||r()),l.style.overflow=o,_i.delete(l),n.value=!1)};return Sn(a),O({get(){return n.value},set(l){l?i():a()}})}function L_(e,t,n={}){const{window:r=mt}=n;return zo(e,t,r==null?void 0:r.sessionStorage,n)}let V_=0;function F_(e,t={}){const n=te(!1),{document:r=kd,immediate:o=!0,manual:i=!1,id:a=`vueuse_styletag_${++V_}`}=t,l=te(e);let s=()=>{};const u=()=>{if(!r)return;const d=r.getElementById(a)||r.createElement("style");d.isConnected||(d.id=a,t.media&&(d.media=t.media),r.head.appendChild(d)),!n.value&&(s=se(l,p=>{d.textContent=p},{immediate:!0}),n.value=!0)},c=()=>{!r||!n.value||(s(),r.head.removeChild(r.getElementById(a)),n.value=!1)};return o&&!i&&jo(u),i||Sn(c),{id:a,css:l,unload:c,load:u,isLoaded:tr(n)}}function M_(e={}){const{window:t=mt,behavior:n="auto"}=e;if(!t)return{x:te(0),y:te(0)};const r=te(t.scrollX),o=te(t.scrollY),i=O({get(){return r.value},set(l){scrollTo({left:l,behavior:n})}}),a=O({get(){return o.value},set(l){scrollTo({top:l,behavior:n})}});return De(t,"scroll",()=>{r.value=t.scrollX,o.value=t.scrollY},{capture:!1,passive:!0}),{x:i,y:a}}function N_(e={}){const{window:t=mt,initialWidth:n=Number.POSITIVE_INFINITY,initialHeight:r=Number.POSITIVE_INFINITY,listenOrientation:o=!0,includeScrollbar:i=!0,type:a="inner"}=e,l=te(n),s=te(r),u=()=>{t&&(a==="outer"?(l.value=t.outerWidth,s.value=t.outerHeight):i?(l.value=t.innerWidth,s.value=t.innerHeight):(l.value=t.document.documentElement.clientWidth,s.value=t.document.documentElement.clientHeight))};if(u(),jo(u),De("resize",u,{passive:!0}),o){const c=Fa("(orientation: portrait)");se(c,()=>u())}return{width:l,height:s}}const St=(e,t)=>{var r;const n=(r=(t==null?void 0:t._instance)??In())==null?void 0:r.appContext.components;return n?e in n||Ze(e)in n||Hr(Ze(e))in n:!1},$_=e=>new Promise(t=>{setTimeout(t,e)}),kn=e=>{const t=Gt();return O(()=>e[t.value]??{})},Vd=e=>typeof e<"u",gi=e=>typeof e=="number",{isArray:Ki}=Array,wr=(e,t)=>Fe(e)&&e.startsWith(t),B_=(e,t)=>Fe(e)&&e.endsWith(t),{entries:Fd}=Object,{keys:Na}=Object,{values:H_}=Object,U_=e=>{if(e){if(typeof e=="number")return new Date(e);const t=Date.parse(e.toString());if(!Number.isNaN(t))return new Date(t)}return null},$a=e=>wr(e,"/");var j_=X({name:"FontIcon",props:{icon:{type:String,default:""},color:{type:String,default:""},size:{type:[String,Number],default:""}},setup(e){const t=O(()=>{const r=["font-icon icon"],o=`iconfont icon-${e.icon}`;return r.push(o),r}),n=O(()=>{const r={};return e.color&&(r.color=e.color),e.size&&(r["font-size"]=Number.isNaN(Number(e.size))?e.size:`${e.size}px`),Na(r).length?r:null});return()=>e.icon?f("span",{key:e.icon,class:t.value,style:n.value}):null}});const z_={enhance:({app:e})=>{St("FontIcon")||e.component("FontIcon",j_)},setup:()=>{F_(`@import url("/assets/font/font.css"); +`)},rootComponents:[]},K_=Object.freeze(Object.defineProperty({__proto__:null,default:z_},Symbol.toStringTag,{value:"Module"})),Es=async(e,t)=>{const{path:n,query:r}=e.currentRoute.value,{scrollBehavior:o}=e.options;e.options.scrollBehavior=void 0,await e.replace({path:n,query:r,hash:t}),e.options.scrollBehavior=o},W_=({headerLinkSelector:e,headerAnchorSelector:t,delay:n,offset:r=5})=>{const o=Rn();De("scroll",Sd(()=>{var v,y;const a=Math.max(window.scrollY,document.documentElement.scrollTop,document.body.scrollTop);if(Math.abs(a-0)d.some(A=>A.hash===E.hash));for(let E=0;E=(((v=A.parentElement)==null?void 0:v.offsetTop)??0)-r,x=!T||a<(((y=T.parentElement)==null?void 0:y.offsetTop)??0)-r;if(!(g&&x))continue;const H=decodeURIComponent(o.currentRoute.value.hash),N=decodeURIComponent(A.hash);if(H===N)return;if(c){for(let Q=E+1;QFe(e.title)?{title:e.title}:null;const Nd=Symbol(""),Z_=e=>{Md=e},eg=()=>Ve(Nd),tg=e=>{e.provide(Nd,Md)};var ng={"/":{title:"Catalog",empty:"No catalog"}},rg=X({name:"Catalog",props:{base:{type:String,default:""},level:{type:Number,default:3},index:Boolean,hideHeading:Boolean},setup(e){const t=eg(),n=kn(ng),r=Ne(),o=Q0(),i=Od(),a=Be(Fd(o.value).map(([s,{meta:u}])=>{const c=t(u);if(!c)return null;const d=s.split("/").length;return{level:B_(s,"/")?d-2:d-1,base:s.replace(/\/[^/]+\/?$/,"/"),path:s,...c}}).filter(s=>$o(s)&&Fe(s.title))),l=O(()=>{const s=e.base?Ov(td(e.base)):r.value.path.replace(/\/[^/]+$/,"/"),u=s.split("/").length-2,c=[];return a.value.filter(({level:d,path:p})=>{if(!wr(p,s)||p===s)return!1;if(s==="/"){const m=Na(i.value.locales).filter(v=>v!=="/");if(p==="/404.html"||m.some(v=>wr(p,v)))return!1}return d-u<=e.level}).sort(({title:d,level:p,order:m},{title:v,level:y,order:E})=>p-y||(gi(m)?gi(E)?m>0?E>0?m-E:-1:E<0?m-E:1:m:gi(E)?E:d.localeCompare(v))).forEach(d=>{var v;const{base:p,level:m}=d;switch(m-u){case 1:{c.push(d);break}case 2:{const y=c.find(E=>E.path===p);y&&(y.children??(y.children=[])).push(d);break}default:{const y=c.find(E=>E.path===p.replace(/\/[^/]+\/$/,"/"));if(y){const E=(v=y.children)==null?void 0:v.find(A=>A.path===p);E&&(E.children??(E.children=[])).push(d)}}}}),c});return()=>{const s=l.value.some(u=>u.children);return f("div",{class:["vp-catalog",{index:e.index}]},[e.hideHeading?null:f("h2",{class:"vp-catalog-main-title"},n.value.title),l.value.length?f(e.index?"ol":"ul",{class:["vp-catalog-list",{deep:s}]},l.value.map(({children:u=[],title:c,path:d,content:p})=>{const m=f(_t,{class:"vp-catalog-title",to:d},()=>p?f(p):c);return f("li",{class:"vp-catalog-item"},s?[f("h3",{id:c,class:["vp-catalog-child-title",{"has-children":u.length}]},[f("a",{href:`#${c}`,class:"vp-catalog-header-anchor","aria-hidden":!0},"#"),m]),u.length?f(e.index?"ol":"ul",{class:"vp-child-catalogs"},u.map(({children:v=[],content:y,path:E,title:A})=>f("li",{class:"vp-child-catalog"},[f("div",{class:["vp-catalog-sub-title",{"has-children":v.length}]},[f("a",{href:`#${A}`,class:"vp-catalog-header-anchor"},"#"),f(_t,{class:"vp-catalog-title",to:E},()=>y?f(y):A)]),v.length?f(e.index?"ol":"div",{class:e.index?"vp-sub-catalogs":"vp-sub-catalogs-wrapper"},v.map(({content:T,path:g,title:x})=>e.index?f("li",{class:"vp-sub-catalog"},f(_t,{to:g},()=>T?f(T):x)):f(_t,{class:"vp-sub-catalog-link",to:g},()=>T?f(T):x))):null]))):null]:f("div",{class:"vp-catalog-child-title"},m))})):f("p",{class:"vp-empty-catalog"},n.value.empty)])}}}),og=Yt({enhance:({app:e})=>{tg(e),St("Catalog",e)||e.component("Catalog",rg)}});const ig=Object.freeze(Object.defineProperty({__proto__:null,default:og},Symbol.toStringTag,{value:"Module"}));var ag={"/":{backToTop:"Back to top"}};const lg=X({name:"BackToTop",setup(){const e=Se(),t=kn(ag),n=Be(),{height:r}=R_(n),{height:o}=N_(),{y:i}=M_(),a=O(()=>e.value.backToTop!==!1&&i.value>100),l=O(()=>i.value/(r.value-o.value)*100);return Oe(()=>{n.value=document.body}),()=>f(Gn,{name:"back-to-top"},()=>a.value?f("button",{type:"button",class:"vp-back-to-top-button","aria-label":t.value.backToTop,onClick:()=>{window.scrollTo({top:0,behavior:"smooth"})}},[f("span",{class:"vp-scroll-progress",role:"progressbar","aria-labelledby":"loadinglabel","aria-valuenow":l.value},f("svg",f("circle",{cx:"26",cy:"26",r:"24",fill:"none",stroke:"currentColor","stroke-width":"4","stroke-dasharray":`${Math.PI*l.value*.48} ${Math.PI*(100-l.value)*.48}`}))),f("div",{class:"back-to-top-icon"})]):null)}}),sg=Yt({rootComponents:[lg]}),ug=Object.freeze(Object.defineProperty({__proto__:null,default:sg},Symbol.toStringTag,{value:"Module"}));/** + * NProgress, (c) 2013, 2014 Rico Sta. Cruz - http://ricostacruz.com/nprogress + * @license MIT + */const ys=(e,t)=>{e.classList.add(t)},bs=(e,t)=>{e.classList.remove(t)},cg=e=>{var t;(t=e==null?void 0:e.parentNode)==null||t.removeChild(e)},Ei=(e,t,n)=>en?n:e,As=e=>(-1+e)*100,dg=(()=>{const e=[],t=()=>{const n=e.shift();n&&n(t)};return n=>{e.push(n),e.length===1&&t()}})(),fg=e=>e.replace(/^-ms-/,"ms-").replace(/-([\da-z])/gi,(t,n)=>n.toUpperCase()),ao=(()=>{const e=["Webkit","O","Moz","ms"],t={},n=i=>{const{style:a}=document.body;if(i in a)return i;const l=i.charAt(0).toUpperCase()+i.slice(1);let s=e.length;for(;s--;){const u=`${e[s]}${l}`;if(u in a)return u}return i},r=i=>{const a=fg(i);return t[a]??(t[a]=n(a))},o=(i,a,l)=>{i.style[r(a)]=l};return(i,a)=>{for(const l in a){const s=a[l];Object.hasOwn(a,l)&&Vd(s)&&o(i,l,s)}}})(),Vt={minimum:.08,easing:"ease",speed:200,trickle:!0,trickleRate:.02,trickleSpeed:800,barSelector:'[role="bar"]',parent:"body",template:'
'},Ce={percent:null,isRendered:()=>!!document.getElementById("nprogress"),set:e=>{const{speed:t,easing:n}=Vt,r=Ce.isStarted(),o=Ei(e,Vt.minimum,1);Ce.percent=o===1?null:o;const i=Ce.render(!r),a=i.querySelector(Vt.barSelector);return i.offsetWidth,dg(l=>{ao(a,{transform:`translate3d(${As(o)}%,0,0)`,transition:`all ${t}ms ${n}`}),o===1?(ao(i,{transition:"none",opacity:"1"}),i.offsetWidth,setTimeout(()=>{ao(i,{transition:`all ${t}ms linear`,opacity:"0"}),setTimeout(()=>{Ce.remove(),l()},t)},t)):setTimeout(()=>{l()},t)}),Ce},isStarted:()=>typeof Ce.percent=="number",start:()=>{Ce.percent||Ce.set(0);const e=()=>{setTimeout(()=>{Ce.percent&&(Ce.trickle(),e())},Vt.trickleSpeed)};return e(),Ce},done:e=>!e&&!Ce.percent?Ce:Ce.increase(.3+.5*Math.random()).set(1),increase:e=>{let{percent:t}=Ce;return t?(t=Ei(t+(typeof e=="number"?e:(1-t)*Ei(Math.random()*t,.1,.95)),0,.994),Ce.set(t)):Ce.start()},trickle:()=>Ce.increase(Math.random()*Vt.trickleRate),render:e=>{if(Ce.isRendered())return document.getElementById("nprogress");ys(document.documentElement,"nprogress-busy");const t=document.createElement("div");t.id="nprogress",t.innerHTML=Vt.template;const n=t.querySelector(Vt.barSelector),r=document.querySelector(Vt.parent),o=e?"-100":As(Ce.percent??0);return ao(n,{transition:"all 0 linear",transform:`translate3d(${o}%,0,0)`}),r&&(r!==document.body&&ys(r,"nprogress-custom-parent"),r.appendChild(t)),t},remove:()=>{bs(document.documentElement,"nprogress-busy"),bs(document.querySelector(Vt.parent),"nprogress-custom-parent"),cg(document.getElementById("nprogress"))}},pg=()=>{Oe(()=>{const e=Rn(),t=new Set;t.add(e.currentRoute.value.path),e.beforeEach(n=>{t.has(n.path)||Ce.start()}),e.afterEach(n=>{t.add(n.path),Ce.done()})})},mg=Yt({setup(){pg()}}),hg=Object.freeze(Object.defineProperty({__proto__:null,default:mg},Symbol.toStringTag,{value:"Module"}));var vg=Object.create,$d=Object.defineProperty,_g=Object.getOwnPropertyDescriptor,Ba=Object.getOwnPropertyNames,gg=Object.getPrototypeOf,Eg=Object.prototype.hasOwnProperty,yg=(e,t)=>function(){return e&&(t=(0,e[Ba(e)[0]])(e=0)),t},bg=(e,t)=>function(){return t||(0,e[Ba(e)[0]])((t={exports:{}}).exports,t),t.exports},Ag=(e,t,n,r)=>{if(t&&typeof t=="object"||typeof t=="function")for(let o of Ba(t))!Eg.call(e,o)&&o!==n&&$d(e,o,{get:()=>t[o],enumerable:!(r=_g(t,o))||r.enumerable});return e},Tg=(e,t,n)=>(n=e!=null?vg(gg(e)):{},Ag($d(n,"default",{value:e,enumerable:!0}),e)),Xr=yg({"../../node_modules/.pnpm/tsup@8.3.0_@microsoft+api-extractor@7.43.0_@types+node@20.16.5__@swc+core@1.5.29_jiti@1.21.6__ldnw4a7r4ccknnz6q542psuydy/node_modules/tsup/assets/esm_shims.js"(){}}),xg=bg({"../../node_modules/.pnpm/rfdc@1.4.1/node_modules/rfdc/index.js"(e,t){Xr(),t.exports=r;function n(i){return i instanceof Buffer?Buffer.from(i):new i.constructor(i.buffer.slice(),i.byteOffset,i.length)}function r(i){if(i=i||{},i.circles)return o(i);const a=new Map;if(a.set(Date,d=>new Date(d)),a.set(Map,(d,p)=>new Map(s(Array.from(d),p))),a.set(Set,(d,p)=>new Set(s(Array.from(d),p))),i.constructorHandlers)for(const d of i.constructorHandlers)a.set(d[0],d[1]);let l=null;return i.proto?c:u;function s(d,p){const m=Object.keys(d),v=new Array(m.length);for(let y=0;ynew Date(m)),s.set(Map,(m,v)=>new Map(c(Array.from(m),v))),s.set(Set,(m,v)=>new Set(c(Array.from(m),v))),i.constructorHandlers)for(const m of i.constructorHandlers)s.set(m[0],m[1]);let u=null;return i.proto?p:d;function c(m,v){const y=Object.keys(m),E=new Array(y.length);for(let A=0;A(a=kg(e,u,c),a.finally(()=>{if(a=null,n.trailing&&l&&!o){const d=s(u,l);return l=null,d}}),a);return function(...u){return a?(n.trailing&&(l=u),a):new Promise(c=>{const d=!o&&n.leading;clearTimeout(o),o=setTimeout(()=>{o=null;const p=n.leading?r:s(this,u);for(const m of i)m(p);i=[]},t),d?(r=s(this,u),c(r)):i.push(c)})}}async function kg(e,t,n){return await e.apply(t,n)}function Wi(e,t={},n){for(const r in e){const o=e[r],i=n?`${n}:${r}`:r;typeof o=="object"&&o!==null?Wi(o,t,i):typeof o=="function"&&(t[i]=o)}return t}const wg={run:e=>e()},Lg=()=>wg,Bd=typeof console.createTask<"u"?console.createTask:Lg;function Vg(e,t){const n=t.shift(),r=Bd(n);return e.reduce((o,i)=>o.then(()=>r.run(()=>i(...t))),Promise.resolve())}function Fg(e,t){const n=t.shift(),r=Bd(n);return Promise.all(e.map(o=>r.run(()=>o(...t))))}function yi(e,t){for(const n of[...e])n(t)}class Mg{constructor(){this._hooks={},this._before=void 0,this._after=void 0,this._deprecatedMessages=void 0,this._deprecatedHooks={},this.hook=this.hook.bind(this),this.callHook=this.callHook.bind(this),this.callHookWith=this.callHookWith.bind(this)}hook(t,n,r={}){if(!t||typeof n!="function")return()=>{};const o=t;let i;for(;this._deprecatedHooks[t];)i=this._deprecatedHooks[t],t=i.to;if(i&&!r.allowDeprecated){let a=i.message;a||(a=`${o} hook has been deprecated`+(i.to?`, please use ${i.to}`:"")),this._deprecatedMessages||(this._deprecatedMessages=new Set),this._deprecatedMessages.has(a)||(console.warn(a),this._deprecatedMessages.add(a))}if(!n.name)try{Object.defineProperty(n,"name",{get:()=>"_"+t.replace(/\W+/g,"_")+"_hook_cb",configurable:!0})}catch{}return this._hooks[t]=this._hooks[t]||[],this._hooks[t].push(n),()=>{n&&(this.removeHook(t,n),n=void 0)}}hookOnce(t,n){let r,o=(...i)=>(typeof r=="function"&&r(),r=void 0,o=void 0,n(...i));return r=this.hook(t,o),r}removeHook(t,n){if(this._hooks[t]){const r=this._hooks[t].indexOf(n);r!==-1&&this._hooks[t].splice(r,1),this._hooks[t].length===0&&delete this._hooks[t]}}deprecateHook(t,n){this._deprecatedHooks[t]=typeof n=="string"?{to:n}:n;const r=this._hooks[t]||[];delete this._hooks[t];for(const o of r)this.hook(t,o)}deprecateHooks(t){Object.assign(this._deprecatedHooks,t);for(const n in t)this.deprecateHook(n,t[n])}addHooks(t){const n=Wi(t),r=Object.keys(n).map(o=>this.hook(o,n[o]));return()=>{for(const o of r.splice(0,r.length))o()}}removeHooks(t){const n=Wi(t);for(const r in n)this.removeHook(r,n[r])}removeAllHooks(){for(const t in this._hooks)delete this._hooks[t]}callHook(t,...n){return n.unshift(t),this.callHookWith(Vg,t,...n)}callHookParallel(t,...n){return n.unshift(t),this.callHookWith(Fg,t,...n)}callHookWith(t,n,...r){const o=this._before||this._after?{name:n,args:r,context:{}}:void 0;this._before&&yi(this._before,o);const i=t(n in this._hooks?[...this._hooks[n]]:[],r);return i instanceof Promise?i.finally(()=>{this._after&&o&&yi(this._after,o)}):(this._after&&o&&yi(this._after,o),i)}beforeEach(t){return this._before=this._before||[],this._before.push(t),()=>{if(this._before!==void 0){const n=this._before.indexOf(t);n!==-1&&this._before.splice(n,1)}}}afterEach(t){return this._after=this._after||[],this._after.push(t),()=>{if(this._after!==void 0){const n=this._after.indexOf(t);n!==-1&&this._after.splice(n,1)}}}}function Hd(){return new Mg}var Ng=Object.create,Ud=Object.defineProperty,$g=Object.getOwnPropertyDescriptor,Ha=Object.getOwnPropertyNames,Bg=Object.getPrototypeOf,Hg=Object.prototype.hasOwnProperty,Ug=(e,t)=>function(){return e&&(t=(0,e[Ha(e)[0]])(e=0)),t},jd=(e,t)=>function(){return t||(0,e[Ha(e)[0]])((t={exports:{}}).exports,t),t.exports},jg=(e,t,n,r)=>{if(t&&typeof t=="object"||typeof t=="function")for(let o of Ha(t))!Hg.call(e,o)&&o!==n&&Ud(e,o,{get:()=>t[o],enumerable:!(r=$g(t,o))||r.enumerable});return e},zg=(e,t,n)=>(n=e!=null?Ng(Bg(e)):{},jg(Ud(n,"default",{value:e,enumerable:!0}),e)),R=Ug({"../../node_modules/.pnpm/tsup@8.3.0_@microsoft+api-extractor@7.43.0_@types+node@20.16.5__@swc+core@1.5.29_jiti@1.21.6__ldnw4a7r4ccknnz6q542psuydy/node_modules/tsup/assets/esm_shims.js"(){}}),Kg=jd({"../../node_modules/.pnpm/speakingurl@14.0.1/node_modules/speakingurl/lib/speakingurl.js"(e,t){R(),function(n){var r={À:"A",Á:"A",Â:"A",Ã:"A",Ä:"Ae",Å:"A",Æ:"AE",Ç:"C",È:"E",É:"E",Ê:"E",Ë:"E",Ì:"I",Í:"I",Î:"I",Ï:"I",Ð:"D",Ñ:"N",Ò:"O",Ó:"O",Ô:"O",Õ:"O",Ö:"Oe",Ő:"O",Ø:"O",Ù:"U",Ú:"U",Û:"U",Ü:"Ue",Ű:"U",Ý:"Y",Þ:"TH",ß:"ss",à:"a",á:"a",â:"a",ã:"a",ä:"ae",å:"a",æ:"ae",ç:"c",è:"e",é:"e",ê:"e",ë:"e",ì:"i",í:"i",î:"i",ï:"i",ð:"d",ñ:"n",ò:"o",ó:"o",ô:"o",õ:"o",ö:"oe",ő:"o",ø:"o",ù:"u",ú:"u",û:"u",ü:"ue",ű:"u",ý:"y",þ:"th",ÿ:"y","ẞ":"SS",ا:"a",أ:"a",إ:"i",آ:"aa",ؤ:"u",ئ:"e",ء:"a",ب:"b",ت:"t",ث:"th",ج:"j",ح:"h",خ:"kh",د:"d",ذ:"th",ر:"r",ز:"z",س:"s",ش:"sh",ص:"s",ض:"dh",ط:"t",ظ:"z",ع:"a",غ:"gh",ف:"f",ق:"q",ك:"k",ل:"l",م:"m",ن:"n",ه:"h",و:"w",ي:"y",ى:"a",ة:"h",ﻻ:"la",ﻷ:"laa",ﻹ:"lai",ﻵ:"laa",گ:"g",چ:"ch",پ:"p",ژ:"zh",ک:"k",ی:"y","َ":"a","ً":"an","ِ":"e","ٍ":"en","ُ":"u","ٌ":"on","ْ":"","٠":"0","١":"1","٢":"2","٣":"3","٤":"4","٥":"5","٦":"6","٧":"7","٨":"8","٩":"9","۰":"0","۱":"1","۲":"2","۳":"3","۴":"4","۵":"5","۶":"6","۷":"7","۸":"8","۹":"9",က:"k",ခ:"kh",ဂ:"g",ဃ:"ga",င:"ng",စ:"s",ဆ:"sa",ဇ:"z","စျ":"za",ည:"ny",ဋ:"t",ဌ:"ta",ဍ:"d",ဎ:"da",ဏ:"na",တ:"t",ထ:"ta",ဒ:"d",ဓ:"da",န:"n",ပ:"p",ဖ:"pa",ဗ:"b",ဘ:"ba",မ:"m",ယ:"y",ရ:"ya",လ:"l",ဝ:"w",သ:"th",ဟ:"h",ဠ:"la",အ:"a","ြ":"y","ျ":"ya","ွ":"w","ြွ":"yw","ျွ":"ywa","ှ":"h",ဧ:"e","၏":"-e",ဣ:"i",ဤ:"-i",ဉ:"u",ဦ:"-u",ဩ:"aw","သြော":"aw",ဪ:"aw","၀":"0","၁":"1","၂":"2","၃":"3","၄":"4","၅":"5","၆":"6","၇":"7","၈":"8","၉":"9","္":"","့":"","း":"",č:"c",ď:"d",ě:"e",ň:"n",ř:"r",š:"s",ť:"t",ů:"u",ž:"z",Č:"C",Ď:"D",Ě:"E",Ň:"N",Ř:"R",Š:"S",Ť:"T",Ů:"U",Ž:"Z",ހ:"h",ށ:"sh",ނ:"n",ރ:"r",ބ:"b",ޅ:"lh",ކ:"k",އ:"a",ވ:"v",މ:"m",ފ:"f",ދ:"dh",ތ:"th",ލ:"l",ގ:"g",ޏ:"gn",ސ:"s",ޑ:"d",ޒ:"z",ޓ:"t",ޔ:"y",ޕ:"p",ޖ:"j",ޗ:"ch",ޘ:"tt",ޙ:"hh",ޚ:"kh",ޛ:"th",ޜ:"z",ޝ:"sh",ޞ:"s",ޟ:"d",ޠ:"t",ޡ:"z",ޢ:"a",ޣ:"gh",ޤ:"q",ޥ:"w","ަ":"a","ާ":"aa","ި":"i","ީ":"ee","ު":"u","ޫ":"oo","ެ":"e","ޭ":"ey","ޮ":"o","ޯ":"oa","ް":"",ა:"a",ბ:"b",გ:"g",დ:"d",ე:"e",ვ:"v",ზ:"z",თ:"t",ი:"i",კ:"k",ლ:"l",მ:"m",ნ:"n",ო:"o",პ:"p",ჟ:"zh",რ:"r",ს:"s",ტ:"t",უ:"u",ფ:"p",ქ:"k",ღ:"gh",ყ:"q",შ:"sh",ჩ:"ch",ც:"ts",ძ:"dz",წ:"ts",ჭ:"ch",ხ:"kh",ჯ:"j",ჰ:"h",α:"a",β:"v",γ:"g",δ:"d",ε:"e",ζ:"z",η:"i",θ:"th",ι:"i",κ:"k",λ:"l",μ:"m",ν:"n",ξ:"ks",ο:"o",π:"p",ρ:"r",σ:"s",τ:"t",υ:"y",φ:"f",χ:"x",ψ:"ps",ω:"o",ά:"a",έ:"e",ί:"i",ό:"o",ύ:"y",ή:"i",ώ:"o",ς:"s",ϊ:"i",ΰ:"y",ϋ:"y",ΐ:"i",Α:"A",Β:"B",Γ:"G",Δ:"D",Ε:"E",Ζ:"Z",Η:"I",Θ:"TH",Ι:"I",Κ:"K",Λ:"L",Μ:"M",Ν:"N",Ξ:"KS",Ο:"O",Π:"P",Ρ:"R",Σ:"S",Τ:"T",Υ:"Y",Φ:"F",Χ:"X",Ψ:"PS",Ω:"O",Ά:"A",Έ:"E",Ί:"I",Ό:"O",Ύ:"Y",Ή:"I",Ώ:"O",Ϊ:"I",Ϋ:"Y",ā:"a",ē:"e",ģ:"g",ī:"i",ķ:"k",ļ:"l",ņ:"n",ū:"u",Ā:"A",Ē:"E",Ģ:"G",Ī:"I",Ķ:"k",Ļ:"L",Ņ:"N",Ū:"U",Ќ:"Kj",ќ:"kj",Љ:"Lj",љ:"lj",Њ:"Nj",њ:"nj",Тс:"Ts",тс:"ts",ą:"a",ć:"c",ę:"e",ł:"l",ń:"n",ś:"s",ź:"z",ż:"z",Ą:"A",Ć:"C",Ę:"E",Ł:"L",Ń:"N",Ś:"S",Ź:"Z",Ż:"Z",Є:"Ye",І:"I",Ї:"Yi",Ґ:"G",є:"ye",і:"i",ї:"yi",ґ:"g",ă:"a",Ă:"A",ș:"s",Ș:"S",ț:"t",Ț:"T",ţ:"t",Ţ:"T",а:"a",б:"b",в:"v",г:"g",д:"d",е:"e",ё:"yo",ж:"zh",з:"z",и:"i",й:"i",к:"k",л:"l",м:"m",н:"n",о:"o",п:"p",р:"r",с:"s",т:"t",у:"u",ф:"f",х:"kh",ц:"c",ч:"ch",ш:"sh",щ:"sh",ъ:"",ы:"y",ь:"",э:"e",ю:"yu",я:"ya",А:"A",Б:"B",В:"V",Г:"G",Д:"D",Е:"E",Ё:"Yo",Ж:"Zh",З:"Z",И:"I",Й:"I",К:"K",Л:"L",М:"M",Н:"N",О:"O",П:"P",Р:"R",С:"S",Т:"T",У:"U",Ф:"F",Х:"Kh",Ц:"C",Ч:"Ch",Ш:"Sh",Щ:"Sh",Ъ:"",Ы:"Y",Ь:"",Э:"E",Ю:"Yu",Я:"Ya",ђ:"dj",ј:"j",ћ:"c",џ:"dz",Ђ:"Dj",Ј:"j",Ћ:"C",Џ:"Dz",ľ:"l",ĺ:"l",ŕ:"r",Ľ:"L",Ĺ:"L",Ŕ:"R",ş:"s",Ş:"S",ı:"i",İ:"I",ğ:"g",Ğ:"G",ả:"a",Ả:"A",ẳ:"a",Ẳ:"A",ẩ:"a",Ẩ:"A",đ:"d",Đ:"D",ẹ:"e",Ẹ:"E",ẽ:"e",Ẽ:"E",ẻ:"e",Ẻ:"E",ế:"e",Ế:"E",ề:"e",Ề:"E",ệ:"e",Ệ:"E",ễ:"e",Ễ:"E",ể:"e",Ể:"E",ỏ:"o",ọ:"o",Ọ:"o",ố:"o",Ố:"O",ồ:"o",Ồ:"O",ổ:"o",Ổ:"O",ộ:"o",Ộ:"O",ỗ:"o",Ỗ:"O",ơ:"o",Ơ:"O",ớ:"o",Ớ:"O",ờ:"o",Ờ:"O",ợ:"o",Ợ:"O",ỡ:"o",Ỡ:"O",Ở:"o",ở:"o",ị:"i",Ị:"I",ĩ:"i",Ĩ:"I",ỉ:"i",Ỉ:"i",ủ:"u",Ủ:"U",ụ:"u",Ụ:"U",ũ:"u",Ũ:"U",ư:"u",Ư:"U",ứ:"u",Ứ:"U",ừ:"u",Ừ:"U",ự:"u",Ự:"U",ữ:"u",Ữ:"U",ử:"u",Ử:"ư",ỷ:"y",Ỷ:"y",ỳ:"y",Ỳ:"Y",ỵ:"y",Ỵ:"Y",ỹ:"y",Ỹ:"Y",ạ:"a",Ạ:"A",ấ:"a",Ấ:"A",ầ:"a",Ầ:"A",ậ:"a",Ậ:"A",ẫ:"a",Ẫ:"A",ắ:"a",Ắ:"A",ằ:"a",Ằ:"A",ặ:"a",Ặ:"A",ẵ:"a",Ẵ:"A","⓪":"0","①":"1","②":"2","③":"3","④":"4","⑤":"5","⑥":"6","⑦":"7","⑧":"8","⑨":"9","⑩":"10","⑪":"11","⑫":"12","⑬":"13","⑭":"14","⑮":"15","⑯":"16","⑰":"17","⑱":"18","⑲":"18","⑳":"18","⓵":"1","⓶":"2","⓷":"3","⓸":"4","⓹":"5","⓺":"6","⓻":"7","⓼":"8","⓽":"9","⓾":"10","⓿":"0","⓫":"11","⓬":"12","⓭":"13","⓮":"14","⓯":"15","⓰":"16","⓱":"17","⓲":"18","⓳":"19","⓴":"20","Ⓐ":"A","Ⓑ":"B","Ⓒ":"C","Ⓓ":"D","Ⓔ":"E","Ⓕ":"F","Ⓖ":"G","Ⓗ":"H","Ⓘ":"I","Ⓙ":"J","Ⓚ":"K","Ⓛ":"L","Ⓜ":"M","Ⓝ":"N","Ⓞ":"O","Ⓟ":"P","Ⓠ":"Q","Ⓡ":"R","Ⓢ":"S","Ⓣ":"T","Ⓤ":"U","Ⓥ":"V","Ⓦ":"W","Ⓧ":"X","Ⓨ":"Y","Ⓩ":"Z","ⓐ":"a","ⓑ":"b","ⓒ":"c","ⓓ":"d","ⓔ":"e","ⓕ":"f","ⓖ":"g","ⓗ":"h","ⓘ":"i","ⓙ":"j","ⓚ":"k","ⓛ":"l","ⓜ":"m","ⓝ":"n","ⓞ":"o","ⓟ":"p","ⓠ":"q","ⓡ":"r","ⓢ":"s","ⓣ":"t","ⓤ":"u","ⓦ":"v","ⓥ":"w","ⓧ":"x","ⓨ":"y","ⓩ":"z","“":'"',"”":'"',"‘":"'","’":"'","∂":"d",ƒ:"f","™":"(TM)","©":"(C)",œ:"oe",Œ:"OE","®":"(R)","†":"+","℠":"(SM)","…":"...","˚":"o",º:"o",ª:"a","•":"*","၊":",","။":".",$:"USD","€":"EUR","₢":"BRN","₣":"FRF","£":"GBP","₤":"ITL","₦":"NGN","₧":"ESP","₩":"KRW","₪":"ILS","₫":"VND","₭":"LAK","₮":"MNT","₯":"GRD","₱":"ARS","₲":"PYG","₳":"ARA","₴":"UAH","₵":"GHS","¢":"cent","¥":"CNY",元:"CNY",円:"YEN","﷼":"IRR","₠":"EWE","฿":"THB","₨":"INR","₹":"INR","₰":"PF","₺":"TRY","؋":"AFN","₼":"AZN",лв:"BGN","៛":"KHR","₡":"CRC","₸":"KZT",ден:"MKD",zł:"PLN","₽":"RUB","₾":"GEL"},o=["်","ް"],i={"ာ":"a","ါ":"a","ေ":"e","ဲ":"e","ိ":"i","ီ":"i","ို":"o","ု":"u","ူ":"u","ေါင်":"aung","ော":"aw","ော်":"aw","ေါ":"aw","ေါ်":"aw","်":"်","က်":"et","ိုက်":"aik","ောက်":"auk","င်":"in","ိုင်":"aing","ောင်":"aung","စ်":"it","ည်":"i","တ်":"at","ိတ်":"eik","ုတ်":"ok","ွတ်":"ut","ေတ်":"it","ဒ်":"d","ိုဒ်":"ok","ုဒ်":"ait","န်":"an","ာန်":"an","ိန်":"ein","ုန်":"on","ွန်":"un","ပ်":"at","ိပ်":"eik","ုပ်":"ok","ွပ်":"ut","န်ုပ်":"nub","မ်":"an","ိမ်":"ein","ုမ်":"on","ွမ်":"un","ယ်":"e","ိုလ်":"ol","ဉ်":"in","ံ":"an","ိံ":"ein","ုံ":"on","ައް":"ah","ަށް":"ah"},a={en:{},az:{ç:"c",ə:"e",ğ:"g",ı:"i",ö:"o",ş:"s",ü:"u",Ç:"C",Ə:"E",Ğ:"G",İ:"I",Ö:"O",Ş:"S",Ü:"U"},cs:{č:"c",ď:"d",ě:"e",ň:"n",ř:"r",š:"s",ť:"t",ů:"u",ž:"z",Č:"C",Ď:"D",Ě:"E",Ň:"N",Ř:"R",Š:"S",Ť:"T",Ů:"U",Ž:"Z"},fi:{ä:"a",Ä:"A",ö:"o",Ö:"O"},hu:{ä:"a",Ä:"A",ö:"o",Ö:"O",ü:"u",Ü:"U",ű:"u",Ű:"U"},lt:{ą:"a",č:"c",ę:"e",ė:"e",į:"i",š:"s",ų:"u",ū:"u",ž:"z",Ą:"A",Č:"C",Ę:"E",Ė:"E",Į:"I",Š:"S",Ų:"U",Ū:"U"},lv:{ā:"a",č:"c",ē:"e",ģ:"g",ī:"i",ķ:"k",ļ:"l",ņ:"n",š:"s",ū:"u",ž:"z",Ā:"A",Č:"C",Ē:"E",Ģ:"G",Ī:"i",Ķ:"k",Ļ:"L",Ņ:"N",Š:"S",Ū:"u",Ž:"Z"},pl:{ą:"a",ć:"c",ę:"e",ł:"l",ń:"n",ó:"o",ś:"s",ź:"z",ż:"z",Ą:"A",Ć:"C",Ę:"e",Ł:"L",Ń:"N",Ó:"O",Ś:"S",Ź:"Z",Ż:"Z"},sv:{ä:"a",Ä:"A",ö:"o",Ö:"O"},sk:{ä:"a",Ä:"A"},sr:{љ:"lj",њ:"nj",Љ:"Lj",Њ:"Nj",đ:"dj",Đ:"Dj"},tr:{Ü:"U",Ö:"O",ü:"u",ö:"o"}},l={ar:{"∆":"delta","∞":"la-nihaya","♥":"hob","&":"wa","|":"aw","<":"aqal-men",">":"akbar-men","∑":"majmou","¤":"omla"},az:{},ca:{"∆":"delta","∞":"infinit","♥":"amor","&":"i","|":"o","<":"menys que",">":"mes que","∑":"suma dels","¤":"moneda"},cs:{"∆":"delta","∞":"nekonecno","♥":"laska","&":"a","|":"nebo","<":"mensi nez",">":"vetsi nez","∑":"soucet","¤":"mena"},de:{"∆":"delta","∞":"unendlich","♥":"Liebe","&":"und","|":"oder","<":"kleiner als",">":"groesser als","∑":"Summe von","¤":"Waehrung"},dv:{"∆":"delta","∞":"kolunulaa","♥":"loabi","&":"aai","|":"noonee","<":"ah vure kuda",">":"ah vure bodu","∑":"jumula","¤":"faisaa"},en:{"∆":"delta","∞":"infinity","♥":"love","&":"and","|":"or","<":"less than",">":"greater than","∑":"sum","¤":"currency"},es:{"∆":"delta","∞":"infinito","♥":"amor","&":"y","|":"u","<":"menos que",">":"mas que","∑":"suma de los","¤":"moneda"},fa:{"∆":"delta","∞":"bi-nahayat","♥":"eshgh","&":"va","|":"ya","<":"kamtar-az",">":"bishtar-az","∑":"majmooe","¤":"vahed"},fi:{"∆":"delta","∞":"aarettomyys","♥":"rakkaus","&":"ja","|":"tai","<":"pienempi kuin",">":"suurempi kuin","∑":"summa","¤":"valuutta"},fr:{"∆":"delta","∞":"infiniment","♥":"Amour","&":"et","|":"ou","<":"moins que",">":"superieure a","∑":"somme des","¤":"monnaie"},ge:{"∆":"delta","∞":"usasruloba","♥":"siqvaruli","&":"da","|":"an","<":"naklebi",">":"meti","∑":"jami","¤":"valuta"},gr:{},hu:{"∆":"delta","∞":"vegtelen","♥":"szerelem","&":"es","|":"vagy","<":"kisebb mint",">":"nagyobb mint","∑":"szumma","¤":"penznem"},it:{"∆":"delta","∞":"infinito","♥":"amore","&":"e","|":"o","<":"minore di",">":"maggiore di","∑":"somma","¤":"moneta"},lt:{"∆":"delta","∞":"begalybe","♥":"meile","&":"ir","|":"ar","<":"maziau nei",">":"daugiau nei","∑":"suma","¤":"valiuta"},lv:{"∆":"delta","∞":"bezgaliba","♥":"milestiba","&":"un","|":"vai","<":"mazak neka",">":"lielaks neka","∑":"summa","¤":"valuta"},my:{"∆":"kwahkhyaet","∞":"asaonasme","♥":"akhyait","&":"nhin","|":"tho","<":"ngethaw",">":"kyithaw","∑":"paungld","¤":"ngwekye"},mk:{},nl:{"∆":"delta","∞":"oneindig","♥":"liefde","&":"en","|":"of","<":"kleiner dan",">":"groter dan","∑":"som","¤":"valuta"},pl:{"∆":"delta","∞":"nieskonczonosc","♥":"milosc","&":"i","|":"lub","<":"mniejsze niz",">":"wieksze niz","∑":"suma","¤":"waluta"},pt:{"∆":"delta","∞":"infinito","♥":"amor","&":"e","|":"ou","<":"menor que",">":"maior que","∑":"soma","¤":"moeda"},ro:{"∆":"delta","∞":"infinit","♥":"dragoste","&":"si","|":"sau","<":"mai mic ca",">":"mai mare ca","∑":"suma","¤":"valuta"},ru:{"∆":"delta","∞":"beskonechno","♥":"lubov","&":"i","|":"ili","<":"menshe",">":"bolshe","∑":"summa","¤":"valjuta"},sk:{"∆":"delta","∞":"nekonecno","♥":"laska","&":"a","|":"alebo","<":"menej ako",">":"viac ako","∑":"sucet","¤":"mena"},sr:{},tr:{"∆":"delta","∞":"sonsuzluk","♥":"ask","&":"ve","|":"veya","<":"kucuktur",">":"buyuktur","∑":"toplam","¤":"para birimi"},uk:{"∆":"delta","∞":"bezkinechnist","♥":"lubov","&":"i","|":"abo","<":"menshe",">":"bilshe","∑":"suma","¤":"valjuta"},vn:{"∆":"delta","∞":"vo cuc","♥":"yeu","&":"va","|":"hoac","<":"nho hon",">":"lon hon","∑":"tong","¤":"tien te"}},s=[";","?",":","@","&","=","+","$",",","/"].join(""),u=[";","?",":","@","&","=","+","$",","].join(""),c=[".","!","~","*","'","(",")"].join(""),d=function(E,A){var T="-",g="",x="",V=!0,H={},N,Q,$,S,G,L,Z,ae,he,q,B,Y,ce,ke,we="";if(typeof E!="string")return"";if(typeof A=="string"&&(T=A),Z=l.en,ae=a.en,typeof A=="object"){N=A.maintainCase||!1,H=A.custom&&typeof A.custom=="object"?A.custom:H,$=+A.truncate>1&&A.truncate||!1,S=A.uric||!1,G=A.uricNoSlash||!1,L=A.mark||!1,V=!(A.symbols===!1||A.lang===!1),T=A.separator||T,S&&(we+=s),G&&(we+=u),L&&(we+=c),Z=A.lang&&l[A.lang]&&V?l[A.lang]:V?l.en:{},ae=A.lang&&a[A.lang]?a[A.lang]:A.lang===!1||A.lang===!0?{}:a.en,A.titleCase&&typeof A.titleCase.length=="number"&&Array.prototype.toString.call(A.titleCase)?(A.titleCase.forEach(function(ve){H[ve+""]=ve+""}),Q=!0):Q=!!A.titleCase,A.custom&&typeof A.custom.length=="number"&&Array.prototype.toString.call(A.custom)&&A.custom.forEach(function(ve){H[ve+""]=ve+""}),Object.keys(H).forEach(function(ve){var lt;ve.length>1?lt=new RegExp("\\b"+m(ve)+"\\b","gi"):lt=new RegExp(m(ve),"gi"),E=E.replace(lt,H[ve])});for(B in H)we+=B}for(we+=T,we=m(we),E=E.replace(/(^\s+|\s+$)/g,""),ce=!1,ke=!1,q=0,Y=E.length;q=0?(x+=B,B=""):ke===!0?(B=i[x]+r[B],x=""):B=ce&&r[B].match(/[A-Za-z0-9]/)?" "+r[B]:r[B],ce=!1,ke=!1):B in i?(x+=B,B="",q===Y-1&&(B=i[x]),ke=!0):Z[B]&&!(S&&s.indexOf(B)!==-1)&&!(G&&u.indexOf(B)!==-1)?(B=ce||g.substr(-1).match(/[A-Za-z0-9]/)?T+Z[B]:Z[B],B+=E[q+1]!==void 0&&E[q+1].match(/[A-Za-z0-9]/)?T:"",ce=!0):(ke===!0?(B=i[x]+B,x="",ke=!1):ce&&(/[A-Za-z0-9]/.test(B)||g.substr(-1).match(/A-Za-z0-9]/))&&(B=" "+B),ce=!1),g+=B.replace(new RegExp("[^\\w\\s"+we+"_-]","g"),T);return Q&&(g=g.replace(/(\w)(\S*)/g,function(ve,lt,kt){var Xt=lt.toUpperCase()+(kt!==null?kt:"");return Object.keys(H).indexOf(Xt.toLowerCase())<0?Xt:Xt.toLowerCase()})),g=g.replace(/\s+/g,T).replace(new RegExp("\\"+T+"+","g"),T).replace(new RegExp("(^\\"+T+"+|\\"+T+"+$)","g"),""),$&&g.length>$&&(he=g.charAt($)===T,g=g.slice(0,$),he||(g=g.slice(0,g.lastIndexOf(T)))),!N&&!Q&&(g=g.toLowerCase()),g},p=function(E){return function(T){return d(T,E)}},m=function(E){return E.replace(/[-\\^$*+?.()|[\]{}\/]/g,"\\$&")},v=function(y,E){for(var A in E)if(E[A]===y)return!0};if(typeof t<"u"&&t.exports)t.exports=d,t.exports.createSlug=p;else if(typeof define<"u"&&define.amd)define([],function(){return d});else try{if(n.getSlug||n.createSlug)throw"speakingurl: globals exists /(getSlug|createSlug)/";n.getSlug=d,n.createSlug=p}catch{}}(e)}}),Wg=jd({"../../node_modules/.pnpm/speakingurl@14.0.1/node_modules/speakingurl/index.js"(e,t){R(),t.exports=Kg()}});R();R();R();R();R();R();R();function qg(e){return!!(e&&e.__v_isReadonly)}function zd(e){return qg(e)?zd(e.__v_raw):!!(e&&e.__v_isReactive)}function bi(e){return!!(e&&e.__v_isRef===!0)}function hr(e){const t=e&&e.__v_raw;return t?hr(t):e}var Gg=Symbol.for("v-fgt");R();function Yg(e){return e.name||e._componentTag||e.__VUE_DEVTOOLS_COMPONENT_GUSSED_NAME__||e.__name}function Xg(e){const t=e.__file;if(t)return Ig(Rg(t,".vue"))}function xs(e,t){return e.type.__VUE_DEVTOOLS_COMPONENT_GUSSED_NAME__=t,t}function Ua(e){if(e.__VUE_DEVTOOLS_NEXT_APP_RECORD__)return e.__VUE_DEVTOOLS_NEXT_APP_RECORD__;if(e.root)return e.appContext.app.__VUE_DEVTOOLS_NEXT_APP_RECORD__}async function Jg(e){const{app:t,uid:n,instance:r}=e;try{if(r.__VUE_DEVTOOLS_NEXT_UID__)return r.__VUE_DEVTOOLS_NEXT_UID__;const o=await Ua(t);if(!o)return null;const i=o.rootInstance===r;return`${o.id}:${i?"root":n}`}catch{}}function Kd(e){var t;return((t=e.subTree)==null?void 0:t.type)===Gg}function qo(e){var t,n,r;const o=Yg((e==null?void 0:e.type)||{});if(o)return o;if((e==null?void 0:e.root)===e)return"Root";for(const a in(n=(t=e.parent)==null?void 0:t.type)==null?void 0:n.components)if(e.parent.type.components[a]===(e==null?void 0:e.type))return xs(e,a);for(const a in(r=e.appContext)==null?void 0:r.components)if(e.appContext.components[a]===(e==null?void 0:e.type))return xs(e,a);const i=Xg((e==null?void 0:e.type)||{});return i||"Anonymous Component"}function qi(e,t){return t=t||`${e.id}:root`,e.instanceMap.get(t)||e.instanceMap.get(":root")}var Qg=class{constructor(){this.refEditor=new Zg}set(e,t,n,r){const o=Array.isArray(t)?t:t.split(".");for(;o.length>1;){const l=o.shift();e instanceof Map&&(e=e.get(l)),e instanceof Set?e=Array.from(e.values())[l]:e=e[l],this.refEditor.isRef(e)&&(e=this.refEditor.get(e))}const i=o[0],a=this.refEditor.get(e)[i];r?r(e,i,n):this.refEditor.isRef(a)?this.refEditor.set(a,n):e[i]=n}get(e,t){const n=Array.isArray(t)?t:t.split(".");for(let r=0;r"u")return!1;const r=Array.isArray(t)?t.slice():t.split("."),o=n?2:1;for(;e&&r.length>o;){const i=r.shift();e=e[i],this.refEditor.isRef(e)&&(e=this.refEditor.get(e))}return e!=null&&Object.prototype.hasOwnProperty.call(e,r[0])}createDefaultSetCallback(e){return(t,n,r)=>{if((e.remove||e.newKey)&&(Array.isArray(t)?t.splice(n,1):hr(t)instanceof Map?t.delete(n):hr(t)instanceof Set?t.delete(Array.from(t.values())[n]):Reflect.deleteProperty(t,n)),!e.remove){const o=t[e.newKey||n];this.refEditor.isRef(o)?this.refEditor.set(o,r):hr(t)instanceof Map?t.set(e.newKey||n,r):hr(t)instanceof Set?t.add(r):t[e.newKey||n]=r}}}},Zg=class{set(e,t){if(bi(e))e.value=t;else{if(e instanceof Set&&Array.isArray(t)){e.clear(),t.forEach(o=>e.add(o));return}const n=Object.keys(t);if(e instanceof Map){const o=new Set(e.keys());n.forEach(i=>{e.set(i,Reflect.get(t,i)),o.delete(i)}),o.forEach(i=>e.delete(i));return}const r=new Set(Object.keys(e));n.forEach(o=>{Reflect.set(e,o,Reflect.get(t,o)),r.delete(o)}),r.forEach(o=>Reflect.deleteProperty(e,o))}}get(e){return bi(e)?e.value:e}isRef(e){return bi(e)||zd(e)}};R();function ja(e){return Kd(e)?e1(e.subTree):e.subTree?[e.subTree.el]:[]}function e1(e){if(!e.children)return[];const t=[];return e.children.forEach(n=>{n.component?t.push(...ja(n.component)):n!=null&&n.el&&t.push(n.el)}),t}R();R();function t1(){const e={top:0,bottom:0,left:0,right:0,get width(){return e.right-e.left},get height(){return e.bottom-e.top}};return e}var lo;function n1(e){return lo||(lo=document.createRange()),lo.selectNode(e),lo.getBoundingClientRect()}function r1(e){const t=t1();if(!e.children)return t;for(let n=0,r=e.children.length;ne.bottom)&&(e.bottom=t.bottom),(!e.left||t.lefte.right)&&(e.right=t.right),e}var Ps={top:0,left:0,right:0,bottom:0,width:0,height:0};function Dn(e){const t=e.subTree.el;return typeof window>"u"?Ps:Kd(e)?r1(e.subTree):(t==null?void 0:t.nodeType)===1?t==null?void 0:t.getBoundingClientRect():e.subTree.component?Dn(e.subTree.component):Ps}var Wd="__vue-devtools-component-inspector__",qd="__vue-devtools-component-inspector__card__",Gd="__vue-devtools-component-inspector__name__",Yd="__vue-devtools-component-inspector__indicator__",Xd={display:"block",zIndex:2147483640,position:"fixed",backgroundColor:"#42b88325",border:"1px solid #42b88350",borderRadius:"5px",transition:"all 0.1s ease-in",pointerEvents:"none"},i1={fontFamily:"Arial, Helvetica, sans-serif",padding:"5px 8px",borderRadius:"4px",textAlign:"left",position:"absolute",left:0,color:"#e9e9e9",fontSize:"14px",fontWeight:600,lineHeight:"24px",backgroundColor:"#42b883",boxShadow:"0 1px 3px 0 rgba(0, 0, 0, 0.1), 0 1px 2px -1px rgba(0, 0, 0, 0.1)"},a1={display:"inline-block",fontWeight:400,fontStyle:"normal",fontSize:"12px",opacity:.7};function or(){return document.getElementById(Wd)}function l1(){return document.getElementById(qd)}function s1(){return document.getElementById(Yd)}function u1(){return document.getElementById(Gd)}function za(e){return{left:`${Math.round(e.left*100)/100}px`,top:`${Math.round(e.top*100)/100}px`,width:`${Math.round(e.width*100)/100}px`,height:`${Math.round(e.height*100)/100}px`}}function Ka(e){var t;const n=document.createElement("div");n.id=(t=e.elementId)!=null?t:Wd,Object.assign(n.style,{...Xd,...za(e.bounds),...e.style});const r=document.createElement("span");r.id=qd,Object.assign(r.style,{...i1,top:e.bounds.top<35?0:"-35px"});const o=document.createElement("span");o.id=Gd,o.innerHTML=`<${e.name}>  `;const i=document.createElement("i");return i.id=Yd,i.innerHTML=`${Math.round(e.bounds.width*100)/100} x ${Math.round(e.bounds.height*100)/100}`,Object.assign(i.style,a1),r.appendChild(o),r.appendChild(i),n.appendChild(r),document.body.appendChild(n),n}function Wa(e){const t=or(),n=l1(),r=u1(),o=s1();t&&(Object.assign(t.style,{...Xd,...za(e.bounds)}),Object.assign(n.style,{top:e.bounds.top<35?0:"-35px"}),r.innerHTML=`<${e.name}>  `,o.innerHTML=`${Math.round(e.bounds.width*100)/100} x ${Math.round(e.bounds.height*100)/100}`)}function c1(e){const t=Dn(e),n=qo(e);or()?Wa({bounds:t,name:n}):Ka({bounds:t,name:n})}function Jd(){const e=or();e&&(e.style.display="none")}var Gi=null;function Yi(e){const t=e.target;if(t){const n=t.__vueParentComponent;if(n&&(Gi=n,n.vnode.el)){const o=Dn(n),i=qo(n);or()?Wa({bounds:o,name:i}):Ka({bounds:o,name:i})}}}function d1(e,t){var n;if(e.preventDefault(),e.stopPropagation(),Gi){const r=(n=Xe.value)==null?void 0:n.app;Jg({app:r,uid:r.uid,instance:Gi}).then(o=>{t(o)})}}var Oo=null;function f1(){Jd(),window.removeEventListener("mouseover",Yi),window.removeEventListener("click",Oo,!0),Oo=null}function p1(){return window.addEventListener("mouseover",Yi),new Promise(e=>{function t(n){n.preventDefault(),n.stopPropagation(),d1(n,r=>{window.removeEventListener("click",t,!0),Oo=null,window.removeEventListener("mouseover",Yi);const o=or();o&&(o.style.display="none"),e(JSON.stringify({id:r}))})}Oo=t,window.addEventListener("click",t,!0)})}function m1(e){const t=qi(Xe.value,e.id);if(t){const[n]=ja(t);if(typeof n.scrollIntoView=="function")n.scrollIntoView({behavior:"smooth"});else{const r=Dn(t),o=document.createElement("div"),i={...za(r),position:"absolute"};Object.assign(o.style,i),document.body.appendChild(o),o.scrollIntoView({behavior:"smooth"}),setTimeout(()=>{document.body.removeChild(o)},2e3)}setTimeout(()=>{const r=Dn(t);if(r.width||r.height){const o=qo(t),i=or();i?Wa({...e,name:o,bounds:r}):Ka({...e,name:o,bounds:r}),setTimeout(()=>{i&&(i.style.display="none")},1500)}},1200)}}R();var Os,Cs;(Cs=(Os=W).__VUE_DEVTOOLS_COMPONENT_INSPECTOR_ENABLED__)!=null||(Os.__VUE_DEVTOOLS_COMPONENT_INSPECTOR_ENABLED__=!0);function h1(e){let t=0;const n=setInterval(()=>{W.__VUE_INSPECTOR__&&(clearInterval(n),t+=30,e()),t>=5e3&&clearInterval(n)},30)}function v1(){const e=W.__VUE_INSPECTOR__,t=e.openInEditor;e.openInEditor=async(...n)=>{e.disable(),t(...n)}}function _1(){return new Promise(e=>{function t(){v1(),e(W.__VUE_INSPECTOR__)}W.__VUE_INSPECTOR__?t():h1(()=>{t()})})}R();R();R();R();R();var Ds,Is;(Is=(Ds=W).__VUE_DEVTOOLS_KIT_TIMELINE_LAYERS)!=null||(Ds.__VUE_DEVTOOLS_KIT_TIMELINE_LAYERS=[]);var g1=new Proxy(W.__VUE_DEVTOOLS_KIT_TIMELINE_LAYERS,{get(e,t,n){return Reflect.get(e,t,n)}});function E1(e,t){g1.push({...e,descriptorId:t.id,appRecord:Ua(t.app)})}var Rs,Ss;(Ss=(Rs=W).__VUE_DEVTOOLS_KIT_INSPECTOR__)!=null||(Rs.__VUE_DEVTOOLS_KIT_INSPECTOR__=[]);var qa=new Proxy(W.__VUE_DEVTOOLS_KIT_INSPECTOR__,{get(e,t,n){return Reflect.get(e,t,n)}}),Qd=Wo(()=>{ir.hooks.callHook("sendInspectorToClient",Zd())});function y1(e,t){qa.push({options:e,descriptor:t,treeFilter:"",selectedNodeId:"",appRecord:Ua(t.app)}),Qd()}function Zd(){return qa.filter(e=>e.descriptor.app===Xe.value.app).filter(e=>e.descriptor.id!=="components").map(e=>{var t;const n=e.descriptor,r=e.options;return{id:r.id,label:r.label,logo:n.logo,icon:`custom-ic-baseline-${(t=r==null?void 0:r.icon)==null?void 0:t.replace(/_/g,"-")}`,packageName:n.packageName,homepage:n.homepage,pluginId:n.id}})}function po(e,t){return qa.find(n=>n.options.id===e&&(t?n.descriptor.app===t:!0))}function b1(){const e=Hd();return e.hook("addInspector",({inspector:t,plugin:n})=>{y1(t,n.descriptor)}),e.hook("sendInspectorTree",async({inspectorId:t,plugin:n})=>{var r;if(!t||!((r=n==null?void 0:n.descriptor)!=null&&r.app))return;const o=po(t,n.descriptor.app),i={app:n.descriptor.app,inspectorId:t,filter:(o==null?void 0:o.treeFilter)||"",rootNodes:[]};await new Promise(a=>{e.callHookWith(async l=>{await Promise.all(l.map(s=>s(i))),a()},"getInspectorTree")}),e.callHookWith(async a=>{await Promise.all(a.map(l=>l({inspectorId:t,rootNodes:i.rootNodes})))},"sendInspectorTreeToClient")}),e.hook("sendInspectorState",async({inspectorId:t,plugin:n})=>{var r;if(!t||!((r=n==null?void 0:n.descriptor)!=null&&r.app))return;const o=po(t,n.descriptor.app),i={app:n.descriptor.app,inspectorId:t,nodeId:(o==null?void 0:o.selectedNodeId)||"",state:null},a={currentTab:`custom-inspector:${t}`};i.nodeId&&await new Promise(l=>{e.callHookWith(async s=>{await Promise.all(s.map(u=>u(i,a))),l()},"getInspectorState")}),e.callHookWith(async l=>{await Promise.all(l.map(s=>s({inspectorId:t,nodeId:i.nodeId,state:i.state})))},"sendInspectorStateToClient")}),e.hook("customInspectorSelectNode",({inspectorId:t,nodeId:n,plugin:r})=>{const o=po(t,r.descriptor.app);o&&(o.selectedNodeId=n)}),e.hook("timelineLayerAdded",({options:t,plugin:n})=>{E1(t,n.descriptor)}),e.hook("timelineEventAdded",({options:t,plugin:n})=>{e.callHookWith(async r=>{await Promise.all(r.map(o=>o(t)))},"sendTimelineEventToClient")}),e.hook("getComponentInstances",async({app:t})=>{const n=t.__VUE_DEVTOOLS_NEXT_APP_RECORD__;if(!n)return null;const r=n.id.toString();return[...n.instanceMap].filter(([i])=>i.split(":")[0]===r).map(([,i])=>i)}),e.hook("getComponentBounds",async({instance:t})=>Dn(t)),e.hook("getComponentName",({instance:t})=>qo(t)),e.hook("componentHighlight",({uid:t})=>{const n=Xe.value.instanceMap.get(t);n&&c1(n)}),e.hook("componentUnhighlight",()=>{Jd()}),e}var ks,ws;(ws=(ks=W).__VUE_DEVTOOLS_KIT_APP_RECORDS__)!=null||(ks.__VUE_DEVTOOLS_KIT_APP_RECORDS__=[]);var Ls,Vs;(Vs=(Ls=W).__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__)!=null||(Ls.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__={});var Fs,Ms;(Ms=(Fs=W).__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD_ID__)!=null||(Fs.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD_ID__="");var Ns,$s;($s=(Ns=W).__VUE_DEVTOOLS_KIT_CUSTOM_TABS__)!=null||(Ns.__VUE_DEVTOOLS_KIT_CUSTOM_TABS__=[]);var Bs,Hs;(Hs=(Bs=W).__VUE_DEVTOOLS_KIT_CUSTOM_COMMANDS__)!=null||(Bs.__VUE_DEVTOOLS_KIT_CUSTOM_COMMANDS__=[]);var bn="__VUE_DEVTOOLS_KIT_GLOBAL_STATE__";function A1(){return{connected:!1,clientConnected:!1,vitePluginDetected:!0,appRecords:[],activeAppRecordId:"",tabs:[],commands:[],highPerfModeEnabled:!0,devtoolsClientDetected:{}}}var Us,js;(js=(Us=W)[bn])!=null||(Us[bn]=A1());var T1=Wo(e=>{ir.hooks.callHook("devtoolsStateUpdated",{state:e})});Wo((e,t)=>{ir.hooks.callHook("devtoolsConnectedUpdated",{state:e,oldState:t})});var Go=new Proxy(W.__VUE_DEVTOOLS_KIT_APP_RECORDS__,{get(e,t,n){return t==="value"?W.__VUE_DEVTOOLS_KIT_APP_RECORDS__:W.__VUE_DEVTOOLS_KIT_APP_RECORDS__[t]}}),Xe=new Proxy(W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__,{get(e,t,n){return t==="value"?W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__:t==="id"?W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD_ID__:W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__[t]}});function ef(){T1({...W[bn],appRecords:Go.value,activeAppRecordId:Xe.id,tabs:W.__VUE_DEVTOOLS_KIT_CUSTOM_TABS__,commands:W.__VUE_DEVTOOLS_KIT_CUSTOM_COMMANDS__})}function x1(e){W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD__=e,ef()}function P1(e){W.__VUE_DEVTOOLS_KIT_ACTIVE_APP_RECORD_ID__=e,ef()}var Pn=new Proxy(W[bn],{get(e,t){return t==="appRecords"?Go:t==="activeAppRecordId"?Xe.id:t==="tabs"?W.__VUE_DEVTOOLS_KIT_CUSTOM_TABS__:t==="commands"?W.__VUE_DEVTOOLS_KIT_CUSTOM_COMMANDS__:W[bn][t]},deleteProperty(e,t){return delete e[t],!0},set(e,t,n){return{...W[bn]},e[t]=n,W[bn][t]=n,!0}});function O1(e={}){var t,n,r;const{file:o,host:i,baseUrl:a=window.location.origin,line:l=0,column:s=0}=e;if(o){if(i==="chrome-extension"){const u=o.replace(/\\/g,"\\\\"),c=(n=(t=window.VUE_DEVTOOLS_CONFIG)==null?void 0:t.openInEditorHost)!=null?n:"/";fetch(`${c}__open-in-editor?file=${encodeURI(o)}`).then(d=>{if(!d.ok){const p=`Opening component ${u} failed`;console.log(`%c${p}`,"color:red")}})}else if(Pn.vitePluginDetected){const u=(r=W.__VUE_DEVTOOLS_OPEN_IN_EDITOR_BASE_URL__)!=null?r:a;W.__VUE_INSPECTOR__.openInEditor(u,o,l,s)}}}R();R();R();R();R();var zs,Ks;(Ks=(zs=W).__VUE_DEVTOOLS_KIT_PLUGIN_BUFFER__)!=null||(zs.__VUE_DEVTOOLS_KIT_PLUGIN_BUFFER__=[]);var Ga=new Proxy(W.__VUE_DEVTOOLS_KIT_PLUGIN_BUFFER__,{get(e,t,n){return Reflect.get(e,t,n)}});function Xi(e){const t={};return Object.keys(e).forEach(n=>{t[n]=e[n].defaultValue}),t}function Ya(e){return`__VUE_DEVTOOLS_NEXT_PLUGIN_SETTINGS__${e}__`}function C1(e){var t,n,r;const o=(n=(t=Ga.find(i=>{var a;return i[0].id===e&&!!((a=i[0])!=null&&a.settings)}))==null?void 0:t[0])!=null?n:null;return(r=o==null?void 0:o.settings)!=null?r:null}function tf(e,t){var n,r,o;const i=Ya(e);if(i){const a=localStorage.getItem(i);if(a)return JSON.parse(a)}if(e){const a=(r=(n=Ga.find(l=>l[0].id===e))==null?void 0:n[0])!=null?r:null;return Xi((o=a==null?void 0:a.settings)!=null?o:{})}return Xi(t)}function D1(e,t){const n=Ya(e);localStorage.getItem(n)||localStorage.setItem(n,JSON.stringify(Xi(t)))}function I1(e,t,n){const r=Ya(e),o=localStorage.getItem(r),i=JSON.parse(o||"{}"),a={...i,[t]:n};localStorage.setItem(r,JSON.stringify(a)),ir.hooks.callHookWith(l=>{l.forEach(s=>s({pluginId:e,key:t,oldValue:i[t],newValue:n,settings:a}))},"setPluginSettings")}R();R();R();R();R();R();R();R();R();R();R();var Ws,qs,Ot=(qs=(Ws=W).__VUE_DEVTOOLS_HOOK)!=null?qs:Ws.__VUE_DEVTOOLS_HOOK=Hd(),R1={vueAppInit(e){Ot.hook("app:init",e)},vueAppUnmount(e){Ot.hook("app:unmount",e)},vueAppConnected(e){Ot.hook("app:connected",e)},componentAdded(e){return Ot.hook("component:added",e)},componentUpdated(e){return Ot.hook("component:updated",e)},componentRemoved(e){return Ot.hook("component:removed",e)},setupDevtoolsPlugin(e){Ot.hook("devtools-plugin:setup",e)}},nf={on:R1,setupDevToolsPlugin(e,t){return Ot.callHook("devtools-plugin:setup",e,t)}},S1=class{constructor({plugin:e,ctx:t}){this.hooks=t.hooks,this.plugin=e}get on(){return{visitComponentTree:e=>{this.hooks.hook("visitComponentTree",e)},inspectComponent:e=>{this.hooks.hook("inspectComponent",e)},editComponentState:e=>{this.hooks.hook("editComponentState",e)},getInspectorTree:e=>{this.hooks.hook("getInspectorTree",e)},getInspectorState:e=>{this.hooks.hook("getInspectorState",e)},editInspectorState:e=>{this.hooks.hook("editInspectorState",e)},inspectTimelineEvent:e=>{this.hooks.hook("inspectTimelineEvent",e)},timelineCleared:e=>{this.hooks.hook("timelineCleared",e)},setPluginSettings:e=>{this.hooks.hook("setPluginSettings",e)}}}notifyComponentUpdate(e){var t;const n=Zd().find(r=>r.packageName===this.plugin.descriptor.packageName);if(n!=null&&n.id){if(e){const r=[e.appContext.app,e.uid,(t=e.parent)==null?void 0:t.uid,e];Ot.callHook("component:updated",...r)}else Ot.callHook("component:updated");this.hooks.callHook("sendInspectorState",{inspectorId:n.id,plugin:this.plugin})}}addInspector(e){this.hooks.callHook("addInspector",{inspector:e,plugin:this.plugin}),this.plugin.descriptor.settings&&D1(e.id,this.plugin.descriptor.settings)}sendInspectorTree(e){this.hooks.callHook("sendInspectorTree",{inspectorId:e,plugin:this.plugin})}sendInspectorState(e){this.hooks.callHook("sendInspectorState",{inspectorId:e,plugin:this.plugin})}selectInspectorNode(e,t){this.hooks.callHook("customInspectorSelectNode",{inspectorId:e,nodeId:t,plugin:this.plugin})}now(){return Date.now()}addTimelineLayer(e){this.hooks.callHook("timelineLayerAdded",{options:e,plugin:this.plugin})}addTimelineEvent(e){this.hooks.callHook("timelineEventAdded",{options:e,plugin:this.plugin})}getSettings(e){return tf(e??this.plugin.descriptor.id,this.plugin.descriptor.settings)}getComponentInstances(e){return this.hooks.callHook("getComponentInstances",{app:e})}getComponentBounds(e){return this.hooks.callHook("getComponentBounds",{instance:e})}getComponentName(e){return this.hooks.callHook("getComponentName",{instance:e})}highlightElement(e){const t=e.__VUE_DEVTOOLS_NEXT_UID__;return this.hooks.callHook("componentHighlight",{uid:t})}unhighlightElement(){return this.hooks.callHook("componentUnhighlight")}},k1=S1;R();R();R();R();var w1="__vue_devtool_undefined__",L1="__vue_devtool_infinity__",V1="__vue_devtool_negative_infinity__",F1="__vue_devtool_nan__";R();R();var M1={[w1]:"undefined",[F1]:"NaN",[L1]:"Infinity",[V1]:"-Infinity"};Object.entries(M1).reduce((e,[t,n])=>(e[n]=t,e),{});R();R();R();var Gs,Ys;(Ys=(Gs=W).__VUE_DEVTOOLS_KIT__REGISTERED_PLUGIN_APPS__)!=null||(Gs.__VUE_DEVTOOLS_KIT__REGISTERED_PLUGIN_APPS__=new Set);function N1(e,t){return nf.setupDevToolsPlugin(e,t)}function $1(e,t){const[n,r]=e;if(n.app!==t)return;const o=new k1({plugin:{setupFn:r,descriptor:n},ctx:ir});n.packageName==="vuex"&&o.on.editInspectorState(i=>{o.sendInspectorState(i.inspectorId)}),r(o)}function B1(e){W.__VUE_DEVTOOLS_KIT__REGISTERED_PLUGIN_APPS__.has(e)||(W.__VUE_DEVTOOLS_KIT__REGISTERED_PLUGIN_APPS__.add(e),Ga.forEach(t=>{$1(t,e)}))}R();R();var Lr="__VUE_DEVTOOLS_ROUTER__",Jn="__VUE_DEVTOOLS_ROUTER_INFO__",Xs,Js;(Js=(Xs=W)[Jn])!=null||(Xs[Jn]={currentRoute:null,routes:[]});var Qs,Zs;(Zs=(Qs=W)[Lr])!=null||(Qs[Lr]={});new Proxy(W[Jn],{get(e,t){return W[Jn][t]}});new Proxy(W[Lr],{get(e,t){if(t==="value")return W[Lr]}});function H1(e){const t=new Map;return((e==null?void 0:e.getRoutes())||[]).filter(n=>!t.has(n.path)&&t.set(n.path,1))}function Xa(e){return e.map(t=>{let{path:n,name:r,children:o,meta:i}=t;return o!=null&&o.length&&(o=Xa(o)),{path:n,name:r,children:o,meta:i}})}function U1(e){if(e){const{fullPath:t,hash:n,href:r,path:o,name:i,matched:a,params:l,query:s}=e;return{fullPath:t,hash:n,href:r,path:o,name:i,params:l,query:s,matched:Xa(a)}}return e}function j1(e,t){function n(){var r;const o=(r=e.app)==null?void 0:r.config.globalProperties.$router,i=U1(o==null?void 0:o.currentRoute.value),a=Xa(H1(o)),l=console.warn;console.warn=()=>{},W[Jn]={currentRoute:i?Ts(i):{},routes:Ts(a)},W[Lr]=o,console.warn=l}n(),nf.on.componentUpdated(Wo(()=>{var r;((r=t.value)==null?void 0:r.app)===e.app&&(n(),ir.hooks.callHook("routerInfoUpdated",{state:W[Jn]}))},200))}function z1(e){return{async getInspectorTree(t){const n={...t,app:Xe.value.app,rootNodes:[]};return await new Promise(r=>{e.callHookWith(async o=>{await Promise.all(o.map(i=>i(n))),r()},"getInspectorTree")}),n.rootNodes},async getInspectorState(t){const n={...t,app:Xe.value.app,state:null},r={currentTab:`custom-inspector:${t.inspectorId}`};return await new Promise(o=>{e.callHookWith(async i=>{await Promise.all(i.map(a=>a(n,r))),o()},"getInspectorState")}),n.state},editInspectorState(t){const n=new Qg,r={...t,app:Xe.value.app,set:(o,i=t.path,a=t.state.value,l)=>{n.set(o,i,a,l||n.createDefaultSetCallback(t.state))}};e.callHookWith(o=>{o.forEach(i=>i(r))},"editInspectorState")},sendInspectorState(t){const n=po(t);e.callHook("sendInspectorState",{inspectorId:t,plugin:{descriptor:n.descriptor,setupFn:()=>({})}})},inspectComponentInspector(){return p1()},cancelInspectComponentInspector(){return f1()},getComponentRenderCode(t){const n=qi(Xe.value,t);if(n)return(n==null?void 0:n.type)instanceof Function?n.type.toString():n.render.toString()},scrollToComponent(t){return m1({id:t})},openInEditor:O1,getVueInspector:_1,toggleApp(t){const n=Go.value.find(r=>r.id===t);n&&(P1(t),x1(n),j1(n,Xe),Qd(),B1(n.app))},inspectDOM(t){const n=qi(Xe.value,t);if(n){const[r]=ja(n);r&&(W.__VUE_DEVTOOLS_INSPECT_DOM_TARGET__=r)}},updatePluginSettings(t,n,r){I1(t,n,r)},getPluginSettings(t){return{options:C1(t),values:tf(t)}}}}R();var eu,tu;(tu=(eu=W).__VUE_DEVTOOLS_ENV__)!=null||(eu.__VUE_DEVTOOLS_ENV__={vitePluginDetected:!1});var nu=b1(),ru,ou;(ou=(ru=W).__VUE_DEVTOOLS_KIT_CONTEXT__)!=null||(ru.__VUE_DEVTOOLS_KIT_CONTEXT__={hooks:nu,get state(){return{...Pn,activeAppRecordId:Xe.id,activeAppRecord:Xe.value,appRecords:Go.value}},api:z1(nu)});var ir=W.__VUE_DEVTOOLS_KIT_CONTEXT__;R();zg(Wg());var iu,au;(au=(iu=W).__VUE_DEVTOOLS_NEXT_APP_RECORD_INFO__)!=null||(iu.__VUE_DEVTOOLS_NEXT_APP_RECORD_INFO__={id:0,appIds:new Set});R();function K1(e){Pn.highPerfModeEnabled=e??!Pn.highPerfModeEnabled}R();R();R();function W1(e){Pn.devtoolsClientDetected={...Pn.devtoolsClientDetected,...e};const t=Object.values(Pn.devtoolsClientDetected).some(Boolean);K1(!t)}var lu,su;(su=(lu=W).__VUE_DEVTOOLS_UPDATE_CLIENT_DETECTED__)!=null||(lu.__VUE_DEVTOOLS_UPDATE_CLIENT_DETECTED__=W1);R();R();R();R();R();R();R();var q1=class{constructor(){this.keyToValue=new Map,this.valueToKey=new Map}set(e,t){this.keyToValue.set(e,t),this.valueToKey.set(t,e)}getByKey(e){return this.keyToValue.get(e)}getByValue(e){return this.valueToKey.get(e)}clear(){this.keyToValue.clear(),this.valueToKey.clear()}},rf=class{constructor(e){this.generateIdentifier=e,this.kv=new q1}register(e,t){this.kv.getByValue(e)||(t||(t=this.generateIdentifier(e)),this.kv.set(t,e))}clear(){this.kv.clear()}getIdentifier(e){return this.kv.getByValue(e)}getValue(e){return this.kv.getByKey(e)}},G1=class extends rf{constructor(){super(e=>e.name),this.classToAllowedProps=new Map}register(e,t){typeof t=="object"?(t.allowProps&&this.classToAllowedProps.set(e,t.allowProps),super.register(e,t.identifier)):super.register(e,t)}getAllowedProps(e){return this.classToAllowedProps.get(e)}};R();R();function Y1(e){if("values"in Object)return Object.values(e);const t=[];for(const n in e)e.hasOwnProperty(n)&&t.push(e[n]);return t}function X1(e,t){const n=Y1(e);if("find"in n)return n.find(t);const r=n;for(let o=0;ot(r,n))}function mo(e,t){return e.indexOf(t)!==-1}function uu(e,t){for(let n=0;nt.isApplicable(e))}findByName(e){return this.transfomers[e]}};R();R();var Q1=e=>Object.prototype.toString.call(e).slice(8,-1),of=e=>typeof e>"u",Z1=e=>e===null,Vr=e=>typeof e!="object"||e===null||e===Object.prototype?!1:Object.getPrototypeOf(e)===null?!0:Object.getPrototypeOf(e)===Object.prototype,Ji=e=>Vr(e)&&Object.keys(e).length===0,dn=e=>Array.isArray(e),e2=e=>typeof e=="string",t2=e=>typeof e=="number"&&!isNaN(e),n2=e=>typeof e=="boolean",r2=e=>e instanceof RegExp,Fr=e=>e instanceof Map,Mr=e=>e instanceof Set,af=e=>Q1(e)==="Symbol",o2=e=>e instanceof Date&&!isNaN(e.valueOf()),i2=e=>e instanceof Error,cu=e=>typeof e=="number"&&isNaN(e),a2=e=>n2(e)||Z1(e)||of(e)||t2(e)||e2(e)||af(e),l2=e=>typeof e=="bigint",s2=e=>e===1/0||e===-1/0,u2=e=>ArrayBuffer.isView(e)&&!(e instanceof DataView),c2=e=>e instanceof URL;R();var lf=e=>e.replace(/\./g,"\\."),Ai=e=>e.map(String).map(lf).join("."),Or=e=>{const t=[];let n="";for(let o=0;onull,()=>{}),Tt(l2,"bigint",e=>e.toString(),e=>typeof BigInt<"u"?BigInt(e):(console.error("Please add a BigInt polyfill."),e)),Tt(o2,"Date",e=>e.toISOString(),e=>new Date(e)),Tt(i2,"Error",(e,t)=>{const n={name:e.name,message:e.message};return t.allowedErrorProps.forEach(r=>{n[r]=e[r]}),n},(e,t)=>{const n=new Error(e.message);return n.name=e.name,n.stack=e.stack,t.allowedErrorProps.forEach(r=>{n[r]=e[r]}),n}),Tt(r2,"regexp",e=>""+e,e=>{const t=e.slice(1,e.lastIndexOf("/")),n=e.slice(e.lastIndexOf("/")+1);return new RegExp(t,n)}),Tt(Mr,"set",e=>[...e.values()],e=>new Set(e)),Tt(Fr,"map",e=>[...e.entries()],e=>new Map(e)),Tt(e=>cu(e)||s2(e),"number",e=>cu(e)?"NaN":e>0?"Infinity":"-Infinity",Number),Tt(e=>e===0&&1/e===-1/0,"number",()=>"-0",Number),Tt(c2,"URL",e=>e.toString(),e=>new URL(e))];function Yo(e,t,n,r){return{isApplicable:e,annotation:t,transform:n,untransform:r}}var uf=Yo((e,t)=>af(e)?!!t.symbolRegistry.getIdentifier(e):!1,(e,t)=>["symbol",t.symbolRegistry.getIdentifier(e)],e=>e.description,(e,t,n)=>{const r=n.symbolRegistry.getValue(t[1]);if(!r)throw new Error("Trying to deserialize unknown symbol");return r}),d2=[Int8Array,Uint8Array,Int16Array,Uint16Array,Int32Array,Uint32Array,Float32Array,Float64Array,Uint8ClampedArray].reduce((e,t)=>(e[t.name]=t,e),{}),cf=Yo(u2,e=>["typed-array",e.constructor.name],e=>[...e],(e,t)=>{const n=d2[t[1]];if(!n)throw new Error("Trying to deserialize unknown typed array");return new n(e)});function df(e,t){return e!=null&&e.constructor?!!t.classRegistry.getIdentifier(e.constructor):!1}var ff=Yo(df,(e,t)=>["class",t.classRegistry.getIdentifier(e.constructor)],(e,t)=>{const n=t.classRegistry.getAllowedProps(e.constructor);if(!n)return{...e};const r={};return n.forEach(o=>{r[o]=e[o]}),r},(e,t,n)=>{const r=n.classRegistry.getValue(t[1]);if(!r)throw new Error("Trying to deserialize unknown class - check https://github.com/blitz-js/superjson/issues/116#issuecomment-773996564");return Object.assign(Object.create(r.prototype),e)}),pf=Yo((e,t)=>!!t.customTransformerRegistry.findApplicable(e),(e,t)=>["custom",t.customTransformerRegistry.findApplicable(e).name],(e,t)=>t.customTransformerRegistry.findApplicable(e).serialize(e),(e,t,n)=>{const r=n.customTransformerRegistry.findByName(t[1]);if(!r)throw new Error("Trying to deserialize unknown custom value");return r.deserialize(e)}),f2=[ff,uf,pf,cf],du=(e,t)=>{const n=uu(f2,o=>o.isApplicable(e,t));if(n)return{value:n.transform(e,t),type:n.annotation(e,t)};const r=uu(sf,o=>o.isApplicable(e,t));if(r)return{value:r.transform(e,t),type:r.annotation}},mf={};sf.forEach(e=>{mf[e.annotation]=e});var p2=(e,t,n)=>{if(dn(t))switch(t[0]){case"symbol":return uf.untransform(e,t,n);case"class":return ff.untransform(e,t,n);case"custom":return pf.untransform(e,t,n);case"typed-array":return cf.untransform(e,t,n);default:throw new Error("Unknown transformation: "+t)}else{const r=mf[t];if(!r)throw new Error("Unknown transformation: "+t);return r.untransform(e,n)}};R();var Mn=(e,t)=>{const n=e.keys();for(;t>0;)n.next(),t--;return n.next().value};function hf(e){if(mo(e,"__proto__"))throw new Error("__proto__ is not allowed as a property");if(mo(e,"prototype"))throw new Error("prototype is not allowed as a property");if(mo(e,"constructor"))throw new Error("constructor is not allowed as a property")}var m2=(e,t)=>{hf(t);for(let n=0;n{if(hf(t),t.length===0)return n(e);let r=e;for(let i=0;iZi(i,t,[...n,...Or(a)]));return}const[r,o]=e;o&&Qn(o,(i,a)=>{Zi(i,t,[...n,...Or(a)])}),t(r,n)}function h2(e,t,n){return Zi(t,(r,o)=>{e=Qi(e,o,i=>p2(i,r,n))}),e}function v2(e,t){function n(r,o){const i=m2(e,Or(o));r.map(Or).forEach(a=>{e=Qi(e,a,()=>i)})}if(dn(t)){const[r,o]=t;r.forEach(i=>{e=Qi(e,Or(i),()=>e)}),o&&Qn(o,n)}else Qn(t,n);return e}var _2=(e,t)=>Vr(e)||dn(e)||Fr(e)||Mr(e)||df(e,t);function g2(e,t,n){const r=n.get(e);r?r.push(t):n.set(e,[t])}function E2(e,t){const n={};let r;return e.forEach(o=>{if(o.length<=1)return;t||(o=o.map(l=>l.map(String)).sort((l,s)=>l.length-s.length));const[i,...a]=o;i.length===0?r=a.map(Ai):n[Ai(i)]=a.map(Ai)}),r?Ji(n)?[r]:[r,n]:Ji(n)?void 0:n}var vf=(e,t,n,r,o=[],i=[],a=new Map)=>{var l;const s=a2(e);if(!s){g2(e,o,t);const v=a.get(e);if(v)return r?{transformedValue:null}:v}if(!_2(e,n)){const v=du(e,n),y=v?{transformedValue:v.value,annotations:[v.type]}:{transformedValue:e};return s||a.set(e,y),y}if(mo(i,e))return{transformedValue:null};const u=du(e,n),c=(l=u==null?void 0:u.value)!=null?l:e,d=dn(c)?[]:{},p={};Qn(c,(v,y)=>{if(y==="__proto__"||y==="constructor"||y==="prototype")throw new Error(`Detected property ${y}. This is a prototype pollution risk, please remove it from your object.`);const E=vf(v,t,n,r,[...o,y],[...i,e],a);d[y]=E.transformedValue,dn(E.annotations)?p[y]=E.annotations:Vr(E.annotations)&&Qn(E.annotations,(A,T)=>{p[lf(y)+"."+T]=A})});const m=Ji(p)?{transformedValue:d,annotations:u?[u.type]:void 0}:{transformedValue:d,annotations:u?[u.type,p]:p};return s||a.set(e,m),m};R();R();function _f(e){return Object.prototype.toString.call(e).slice(8,-1)}function fu(e){return _f(e)==="Array"}function y2(e){if(_f(e)!=="Object")return!1;const t=Object.getPrototypeOf(e);return!!t&&t.constructor===Object&&t===Object.prototype}function b2(e,t,n,r,o){const i={}.propertyIsEnumerable.call(r,t)?"enumerable":"nonenumerable";i==="enumerable"&&(e[t]=n),o&&i==="nonenumerable"&&Object.defineProperty(e,t,{value:n,enumerable:!1,writable:!0,configurable:!0})}function ea(e,t={}){if(fu(e))return e.map(o=>ea(o,t));if(!y2(e))return e;const n=Object.getOwnPropertyNames(e),r=Object.getOwnPropertySymbols(e);return[...n,...r].reduce((o,i)=>{if(fu(t.props)&&!t.props.includes(i))return o;const a=e[i],l=ea(a,t);return b2(o,i,l,e,t.nonenumerable),o},{})}var ye=class{constructor({dedupe:e=!1}={}){this.classRegistry=new G1,this.symbolRegistry=new rf(t=>{var n;return(n=t.description)!=null?n:""}),this.customTransformerRegistry=new J1,this.allowedErrorProps=[],this.dedupe=e}serialize(e){const t=new Map,n=vf(e,t,this,this.dedupe),r={json:n.transformedValue};n.annotations&&(r.meta={...r.meta,values:n.annotations});const o=E2(t,this.dedupe);return o&&(r.meta={...r.meta,referentialEqualities:o}),r}deserialize(e){const{json:t,meta:n}=e;let r=ea(t);return n!=null&&n.values&&(r=h2(r,n.values,this)),n!=null&&n.referentialEqualities&&(r=v2(r,n.referentialEqualities)),r}stringify(e){return JSON.stringify(this.serialize(e))}parse(e){return this.deserialize(JSON.parse(e))}registerClass(e,t){this.classRegistry.register(e,t)}registerSymbol(e,t){this.symbolRegistry.register(e,t)}registerCustom(e,t){this.customTransformerRegistry.register({name:t,...e})}allowErrorProps(...e){this.allowedErrorProps.push(...e)}};ye.defaultInstance=new ye;ye.serialize=ye.defaultInstance.serialize.bind(ye.defaultInstance);ye.deserialize=ye.defaultInstance.deserialize.bind(ye.defaultInstance);ye.stringify=ye.defaultInstance.stringify.bind(ye.defaultInstance);ye.parse=ye.defaultInstance.parse.bind(ye.defaultInstance);ye.registerClass=ye.defaultInstance.registerClass.bind(ye.defaultInstance);ye.registerSymbol=ye.defaultInstance.registerSymbol.bind(ye.defaultInstance);ye.registerCustom=ye.defaultInstance.registerCustom.bind(ye.defaultInstance);ye.allowErrorProps=ye.defaultInstance.allowErrorProps.bind(ye.defaultInstance);R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();R();var pu,mu;(mu=(pu=W).__VUE_DEVTOOLS_KIT_MESSAGE_CHANNELS__)!=null||(pu.__VUE_DEVTOOLS_KIT_MESSAGE_CHANNELS__=[]);var hu,vu;(vu=(hu=W).__VUE_DEVTOOLS_KIT_RPC_CLIENT__)!=null||(hu.__VUE_DEVTOOLS_KIT_RPC_CLIENT__=null);var _u,gu;(gu=(_u=W).__VUE_DEVTOOLS_KIT_RPC_SERVER__)!=null||(_u.__VUE_DEVTOOLS_KIT_RPC_SERVER__=null);var Eu,yu;(yu=(Eu=W).__VUE_DEVTOOLS_KIT_VITE_RPC_CLIENT__)!=null||(Eu.__VUE_DEVTOOLS_KIT_VITE_RPC_CLIENT__=null);var bu,Au;(Au=(bu=W).__VUE_DEVTOOLS_KIT_VITE_RPC_SERVER__)!=null||(bu.__VUE_DEVTOOLS_KIT_VITE_RPC_SERVER__=null);var Tu,xu;(xu=(Tu=W).__VUE_DEVTOOLS_KIT_BROADCAST_RPC_SERVER__)!=null||(Tu.__VUE_DEVTOOLS_KIT_BROADCAST_RPC_SERVER__=null);R();R();R();R();R();R();R();const A2=JSON.parse(`{"encrypt":{},"author":{"name":"DSF-Team","url":"/about/learnmore/team.html"},"logo":"/photos/home/logo-small.svg","darkmode":"toggle","contributors":false,"footer":"ImprintData Privacy","copyright":false,"displayFooter":true,"locales":{"/":{"lang":"en-US","navbarLocales":{"langName":"English","selectLangAriaLabel":"Select language"},"metaLocales":{"author":"Author","date":"Writing Date","origin":"Original","views":"Page views","category":"Category","tag":"Tag","readingTime":"Reading Time","words":"Words","toc":"On This Page","prev":"Prev","next":"Next","lastUpdated":"Last update","contributors":"Contributors","editLink":"Edit this page","print":"Print"},"outlookLocales":{"themeColor":"Theme Color","darkmode":"Theme Mode","fullscreen":"Full Screen"},"routeLocales":{"skipToContent":"Skip to main content","notFoundTitle":"Page not found","notFoundMsg":["There’s nothing here.","How did we get here?","That’s a Four-Oh-Four.","Looks like we've got some broken links."],"back":"Go back","home":"Take me home"},"navbar":[{"text":"Home","icon":"home","link":"/"},{"text":"Docs","icon":"info","prefix":"","children":[{"text":"Introduction","icon":"info","children":["/intro/info/introduction","/intro/use-cases/","/intro/publications","/intro/tutorials/"]},{"text":"Security","icon":"safe","link":"/security/"}]},{"text":"Get Started","icon":"launch","prefix":"/stable/","children":[{"text":"Guideline v1.7.0 (stable)","icon":"info","children":["index","maintain/install","maintain/upgrade-from-0","maintain/allowList-mgm","maintain/install-plugins","develop/create","contribute/"]}]},{"text":"About","icon":"creative","prefix":"/about/","children":[{"text":"Learn More","icon":"creative","prefix":"learnmore/","children":["contact","team","partners","public"]}]},{"text":"Versions","icon":"note","children":[{"text":"v1.7.0 (stable)","link":"/stable/"},{"text":"v1.6.0","link":"/v1.6.0/"},{"text":"v1.5.2","link":"/v1.5.2/"},{"text":"v1.5.1","link":"/v1.5.1/"},{"text":"v1.5.0","link":"/v1.5.0/"},{"text":"v1.4.0","link":"/v1.4.0/"},{"text":"v1.3.2","link":"/v1.3.2/"},{"text":"v1.3.1","link":"/v1.3.1/"},{"text":"v1.3.0","link":"/v1.3.0/"},{"text":"v1.2.0","link":"/v1.2.0/"},{"text":"v1.1.0","link":"/v1.1.0/"},{"text":"v1.0.0","link":"/v1.0.0/"},{"text":"v0.9.3 (archived)","link":"/oldstable/"}]},{"text":"","icon":"github","link":"https://github.com/datasharingframework/dsf"}],"sidebar":{"/":[{"text":"Home","icon":"home","link":"/"},{"text":"Docs","icon":"info","prefix":"intro/","link":"intro/","children":["info/introduction.md","info/basics","info/architecture","info/security","info/allowList","info/process-plugins"]},{"text":"Security","icon":"safe","link":"/security/"},{"text":"Use-Cases","icon":"any","prefix":"intro/use-cases/","link":"intro/use-cases/","children":["feasibility","num"]},{"text":"Publications","icon":"blog","link":"/intro/publications"},{"text":"Tutorials","icon":"edit","link":"/intro/tutorials/"}],"/hackathon":[],"/stable/":[{"text":"Home","icon":"home","link":"/"},"",{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm","root-certificates","passwords-secrets",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]},{"text":"Contribute","icon":"info","link":"contribute/","prefix":"contribute/","children":[{"text":"Code","link":"code","icon":"code"},{"text":"Documentation","link":"documentation","icon":"info"}]}],"/v1.7.0/":[{"text":"Home","icon":"home","link":"/"},"",{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm","root-certificates","passwords-secrets",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.6.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.5.2/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.5.1/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.5.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Reverse Proxy","icon":"module","prefix":"bpe-reverse-proxy/","link":"bpe-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.4.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.3.2/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.3.1/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.3.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"Install Plugins","icon":"plugin","link":"install-plugins"}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.2.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.1.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-1","upgrade-from-0","allowList-mgm",{"text":"FHIR Reverse Proxy","icon":"module","prefix":"fhir-reverse-proxy/","link":"fhir-reverse-proxy/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]},{"text":"FHIR Server","icon":"module","prefix":"fhir/","link":"fhir/","children":[{"icon":"config","text":"Configuration","link":"configuration"},{"icon":"config","text":"Access Control","link":"access-control"},{"icon":"config","text":"OpenID Connect","link":"oidc"}]},{"text":"BPE Server","icon":"module","prefix":"bpe/","link":"bpe/","children":[{"icon":"config","text":"Configuration","link":"configuration"}]}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/v1.0.0/":[{"text":"Home","icon":"home","link":"/"},{"text":"Current version","icon":"update","link":"/stable/"},{"text":"Maintain a DSF instance","icon":"tool","prefix":"maintain/","link":"maintain/","children":["install","upgrade-from-0","allowList-mgm",{"text":"Configuration parameters","icon":"config","prefix":"configuration/","link":"configuration/","children":["common","fhir","bpe","reverseproxy"]}]},{"text":"Develop process plugins","icon":"plugin","prefix":"develop/","link":"develop/","children":["create","upgrade-from-0"]}],"/about/":[{"text":"Home","icon":"home","link":"/"},{"text":"About","icon":"creative","prefix":"learnmore/","link":"learnmore/","children":["contact","team","partners","public"]}],"/oldstable/":[{"text":"Home","icon":"home","link":"/"},{"text":"Version 0.9.x","icon":"guide","children":["introduction","generalinformation/","code/","build/","releases/","tutorial/"]}]}}}}`),T2=te(A2),gf=()=>T2,Ef=Symbol(""),x2=()=>{const e=Ve(Ef);if(!e)throw new Error("useThemeLocaleData() is called without provider.");return e},P2=(e,t)=>{const{locales:n,...r}=e;return{...r,...n==null?void 0:n[t]}},O2=Yt({enhance({app:e}){const t=gf(),n=e._context.provides[La],r=O(()=>P2(t.value,n.routeLocale.value));e.provide(Ef,r),Object.defineProperties(e.config.globalProperties,{$theme:{get(){return t.value}},$themeLocale:{get(){return r.value}}}),N1({app:e,id:"org.vuejs.vuepress.plugin-theme-data",label:"VuePress Theme Data Plugin",packageName:"@vuepress/plugin-theme-data",homepage:"https://v2.vuepress.vuejs.org",logo:"https://v2.vuepress.vuejs.org/images/hero.png",componentStateTypes:["VuePress"]},o=>{o.on.inspectComponent(i=>{i.instanceData.state.push({type:"VuePress",key:"themeData",editable:!1,value:t.value},{type:"VuePress",key:"themeLocaleData",editable:!1,value:r.value})})})}}),C2=Object.freeze(Object.defineProperty({__proto__:null,default:O2},Symbol.toStringTag,{value:"Module"})),D2=/language-(shellscript|shell|bash|sh|zsh)/,I2=({delay:e=500,duration:t=2e3,locales:n,selector:r,showInMobile:o,ignoreSelector:i=[],transform:a})=>{const l=Fa("(max-width: 419px)"),s=O(()=>!l.value||o),u=kn(n),c=Ne(),d=E=>{var T;if(E.hasAttribute("copy-code"))return;const A=document.createElement("button");A.type="button",A.classList.add("vp-copy-code-button"),A.setAttribute("aria-label",u.value.copy),A.setAttribute("data-copied",u.value.copied),(T=E.parentElement)==null||T.insertBefore(A,E),E.setAttribute("copy-code","")};se(()=>[c.value.path,s.value],async()=>{document.body.classList.toggle("no-copy-code",!s.value),s.value&&(await Kt(),await $_(e),document.querySelectorAll(r.join(",")).forEach(d))},{immediate:!0});const{copy:m}=A_({legacy:!0}),v=new WeakMap,y=async(E,A,T)=>{const g=A.cloneNode(!0);i.length&&g.querySelectorAll(i.join(",")).forEach(H=>{H.remove()}),a&&a(g);let x=g.textContent||"";if(D2.test(E.className)&&(x=x.replace(/^ *(\$|>) /gm,"")),await m(x),t<=0)return;T.classList.add("copied"),clearTimeout(v.get(T));const V=setTimeout(()=>{T.classList.remove("copied"),T.blur(),v.delete(T)},t);v.set(T,V)};De("click",E=>{const A=E.target;if(s.value&&A.matches('div[class*="language-"] > button.vp-copy-code-button')){const T=A.parentElement,g=A.nextElementSibling;if(!T||!g)return;y(T,g,A)}})};var R2=[],S2={"/":{copy:"Copy code",copied:"Copied"}},k2=['[vp-content] div[class*="language-"] pre'];const w2=Yt({setup:()=>{I2({selector:k2,ignoreSelector:R2,locales:S2,duration:2e3,delay:500,showInMobile:!1})}}),L2=Object.freeze(Object.defineProperty({__proto__:null,default:w2},Symbol.toStringTag,{value:"Module"})),V2=Yt({setup(){De("beforeprint",()=>{document.querySelectorAll("details").forEach(e=>{e.open=!0})})}}),F2=Object.freeze(Object.defineProperty({__proto__:null,default:V2},Symbol.toStringTag,{value:"Module"})),M2=Object.freeze(Object.defineProperty({__proto__:null},Symbol.toStringTag,{value:"Module"})),N2=Object.freeze(Object.defineProperty({__proto__:null},Symbol.toStringTag,{value:"Module"})),$2="VUEPRESS_CODE_TAB_STORE",so=zo($2,{}),B2=X({name:"CodeTabs",props:{active:{type:Number,default:0},data:{type:Array,required:!0},id:{type:String,required:!0},tabId:{type:String,default:""}},slots:Object,setup(e,{slots:t}){const n=te(e.active),r=Be([]),o=()=>{e.tabId&&(so.value[e.tabId]=e.data[n.value].id)},i=(u=n.value)=>{n.value=u{n.value=u>0?u-1:r.value.length-1,r.value[n.value].focus()},l=(u,c)=>{u.key===" "||u.key==="Enter"?(u.preventDefault(),n.value=c):u.key==="ArrowRight"?(u.preventDefault(),i()):u.key==="ArrowLeft"&&(u.preventDefault(),a()),e.tabId&&(so.value[e.tabId]=e.data[n.value].id)},s=()=>{if(e.tabId){const u=e.data.findIndex(({id:c})=>so.value[e.tabId]===c);if(u!==-1)return u}return e.active};return Oe(()=>{n.value=s(),se(()=>so.value[e.tabId],(u,c)=>{if(e.tabId&&u!==c){const d=e.data.findIndex(({id:p})=>p===u);d!==-1&&(n.value=d)}})}),()=>e.data.length?f("div",{class:"vp-code-tabs"},[f("div",{class:"vp-code-tabs-nav",role:"tablist"},e.data.map(({id:u},c)=>{const d=c===n.value;return f("button",{type:"button",ref:p=>{p&&(r.value[c]=p)},class:["vp-code-tab-nav",{active:d}],role:"tab","aria-controls":`codetab-${e.id}-${c}`,"aria-selected":d,onClick:()=>{n.value=c,o()},onKeydown:p=>{l(p,c)}},t[`title${c}`]({value:u,isActive:d}))})),e.data.map(({id:u},c)=>{const d=c===n.value;return f("div",{class:["vp-code-tab",{active:d}],id:`codetab-${e.id}-${c}`,role:"tabpanel","aria-expanded":d},[f("div",{class:"vp-code-tab-title"},t[`title${c}`]({value:u,isActive:d})),t[`tab${c}`]({value:u,isActive:d})])})]):null}}),H2={enhance:({app:e})=>{e.component("CodeTabs",B2)}},U2=Object.freeze(Object.defineProperty({__proto__:null,default:H2},Symbol.toStringTag,{value:"Module"})),j2='',yf=({title:e="",link:t})=>f("div",{class:"vp-container vp-playground"},[f("div",{class:"vp-container-header"},[e?f("div",{class:"vp-container-title"},decodeURIComponent(e)):null,f("div",{class:"vp-playground-actions"},[f("a",{class:"vp-playground-action no-external-link-icon",href:decodeURIComponent(t),target:"_blank",innerHTML:j2})])]),f("div",{class:"vp-playground-container"},f("iframe",{src:decodeURIComponent(t)}))]);yf.displayName="Playground";const z2={enhance:({app:e})=>{e.component("Playground",yf)}},K2=Object.freeze(Object.defineProperty({__proto__:null,default:z2},Symbol.toStringTag,{value:"Module"})),Te=({name:e="",color:t="currentColor",ariaLabel:n},{attrs:r,slots:o})=>{var i;return f("svg",{xmlns:"http://www.w3.org/2000/svg",class:["icon",`${e}-icon`],viewBox:"0 0 1024 1024",fill:t,"aria-label":n??`${e} icon`,...r},(i=o.default)==null?void 0:i.call(o))};Te.displayName="IconBase";const Ja=(e,{slots:t})=>{var n;return(n=t.default)==null?void 0:n.call(t)},W2=e=>qr(e)?e:`https://github.com/${e}`,Qa=(e="")=>!qr(e)||e.includes("github.com")?"GitHub":e.includes("bitbucket.org")?"Bitbucket":e.includes("gitlab.com")?"GitLab":e.includes("gitee.com")?"Gitee":null,bf=()=>f(Te,{name:"github"},()=>f("path",{d:"M511.957 21.333C241.024 21.333 21.333 240.981 21.333 512c0 216.832 140.544 400.725 335.574 465.664 24.49 4.395 32.256-10.07 32.256-23.083 0-11.69.256-44.245 0-85.205-136.448 29.61-164.736-64.64-164.736-64.64-22.315-56.704-54.4-71.765-54.4-71.765-44.587-30.464 3.285-29.824 3.285-29.824 49.195 3.413 75.179 50.517 75.179 50.517 43.776 75.008 114.816 53.333 142.762 40.79 4.523-31.66 17.152-53.377 31.19-65.537-108.971-12.458-223.488-54.485-223.488-242.602 0-53.547 19.114-97.323 50.517-131.67-5.035-12.33-21.93-62.293 4.779-129.834 0 0 41.258-13.184 134.912 50.346a469.803 469.803 0 0 1 122.88-16.554c41.642.213 83.626 5.632 122.88 16.554 93.653-63.488 134.784-50.346 134.784-50.346 26.752 67.541 9.898 117.504 4.864 129.834 31.402 34.347 50.474 78.123 50.474 131.67 0 188.586-114.73 230.016-224.042 242.09 17.578 15.232 33.578 44.672 33.578 90.454v135.85c0 13.142 7.936 27.606 32.854 22.87C862.25 912.597 1002.667 728.747 1002.667 512c0-271.019-219.648-490.667-490.71-490.667z"}));bf.displayName="GitHubIcon";const Af=()=>f(Te,{name:"gitee"},()=>f("path",{d:"M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm242.97-533.34H482.39a23.7 23.7 0 0 0-23.7 23.7l-.03 59.28c0 13.08 10.59 23.7 23.7 23.7h165.96a23.7 23.7 0 0 1 23.7 23.7v11.85a71.1 71.1 0 0 1-71.1 71.1H375.71a23.7 23.7 0 0 1-23.7-23.7V423.11a71.1 71.1 0 0 1 71.1-71.1h331.8a23.7 23.7 0 0 0 23.7-23.7l.06-59.25a23.73 23.73 0 0 0-23.7-23.73H423.11a177.78 177.78 0 0 0-177.78 177.75v331.83c0 13.08 10.62 23.7 23.7 23.7h349.62a159.99 159.99 0 0 0 159.99-159.99V482.33a23.7 23.7 0 0 0-23.7-23.7z"}));Af.displayName="GiteeIcon";const Tf=()=>f(Te,{name:"bitbucket"},()=>f("path",{d:"M575.256 490.862c6.29 47.981-52.005 85.723-92.563 61.147-45.714-20.004-45.714-92.562-1.133-113.152 38.29-23.442 93.696 7.424 93.696 52.005zm63.451-11.996c-10.276-81.152-102.29-134.839-177.152-101.156-47.433 21.138-79.433 71.424-77.129 124.562 2.853 69.705 69.157 126.866 138.862 120.576S647.3 548.571 638.708 478.83zm136.558-309.723c-25.161-33.134-67.986-38.839-105.728-45.13-106.862-17.151-216.576-17.7-323.438 1.134-35.438 5.706-75.447 11.996-97.719 43.996 36.572 34.304 88.576 39.424 135.424 45.129 84.553 10.862 171.447 11.447 256 .585 47.433-5.705 99.987-10.276 135.424-45.714zm32.585 591.433c-16.018 55.99-6.839 131.438-66.304 163.986-102.29 56.576-226.304 62.867-338.87 42.862-59.43-10.862-129.135-29.696-161.72-85.723-14.3-54.858-23.442-110.848-32.585-166.84l3.438-9.142 10.276-5.157c170.277 112.567 408.576 112.567 579.438 0 26.844 8.01 6.84 40.558 6.29 60.014zm103.424-549.157c-19.42 125.148-41.728 249.71-63.415 374.272-6.29 36.572-41.728 57.162-71.424 72.558-106.862 53.724-231.424 62.866-348.562 50.286-79.433-8.558-160.585-29.696-225.134-79.433-30.28-23.443-30.28-63.415-35.986-97.134-20.005-117.138-42.862-234.277-57.161-352.585 6.839-51.42 64.585-73.728 107.447-89.71 57.16-21.138 118.272-30.866 178.87-36.571 129.134-12.58 261.157-8.01 386.304 28.562 44.581 13.13 92.563 31.415 122.844 69.705 13.714 17.7 9.143 40.01 6.29 60.014z"}));Tf.displayName="BitbucketIcon";const xf=()=>f(Te,{name:"source"},()=>f("path",{d:"M601.92 475.2c0 76.428-8.91 83.754-28.512 99.594-14.652 11.88-43.956 14.058-78.012 16.434-18.81 1.386-40.392 2.97-62.172 6.534-18.612 2.97-36.432 9.306-53.064 17.424V299.772c37.818-21.978 63.36-62.766 63.36-109.692 0-69.894-56.826-126.72-126.72-126.72S190.08 120.186 190.08 190.08c0 46.926 25.542 87.714 63.36 109.692v414.216c-37.818 21.978-63.36 62.766-63.36 109.692 0 69.894 56.826 126.72 126.72 126.72s126.72-56.826 126.72-126.72c0-31.086-11.286-59.598-29.7-81.576 13.266-9.504 27.522-17.226 39.996-19.206 16.038-2.574 32.868-3.762 50.688-5.148 48.312-3.366 103.158-7.326 148.896-44.55 61.182-49.698 74.25-103.158 75.24-187.902V475.2h-126.72zM316.8 126.72c34.848 0 63.36 28.512 63.36 63.36s-28.512 63.36-63.36 63.36-63.36-28.512-63.36-63.36 28.512-63.36 63.36-63.36zm0 760.32c-34.848 0-63.36-28.512-63.36-63.36s28.512-63.36 63.36-63.36 63.36 28.512 63.36 63.36-28.512 63.36-63.36 63.36zM823.68 158.4h-95.04V63.36h-126.72v95.04h-95.04v126.72h95.04v95.04h126.72v-95.04h95.04z"}));xf.displayName="SourceIcon";const q2=({link:e,type:t=Qa(e??"")})=>{if(!t)return null;const n=t.toLowerCase();return f(n==="bitbucket"?Tf:n==="github"?bf:n==="gitlab"?"GitLab":n==="gitee"?Af:xf)};function G2(){const e=te(!1),t=In();return t&&Oe(()=>{e.value=!0},t),e}function Y2(e){return G2(),O(()=>!!e())}const X2=()=>Y2(()=>typeof window<"u"&&window.navigator&&"userAgent"in window.navigator),J2=()=>{const e=X2();return O(()=>e.value&&/\b(?:Android|iPhone)/i.test(navigator.userAgent))},Q2=e=>[/\((ipad);[-\w),; ]+apple/i,/applecoremedia\/[\w.]+ \((ipad)/i,/\b(ipad)\d\d?,\d\d?[;\]].+ios/i].some(t=>t.test(e)),Z2=e=>[/ip[honead]{2,4}\b(?:.*os ([\w]+) like mac|; opera)/i,/cfnetwork\/.+darwin/i].some(t=>t.test(e)),eE=e=>[/(mac os x) ?([\w. ]*)/i,/(macintosh|mac_powerpc\b)(?!.+haiku)/i].some(t=>t.test(e)),tE=(e,t=0)=>{let n=3735928559^t,r=1103547991^t;for(let o=0,i;o>>16,2246822507),n^=Math.imul(r^r>>>13,3266489909),r=Math.imul(r^r>>>16,2246822507),r^=Math.imul(n^n>>>13,3266489909),4294967296*(2097151&r)+(n>>>0)},Pf=(e,t)=>tE(e)%t,Of=/#.*$/u,nE=e=>{const t=Of.exec(e);return t?t[0]:""},Pu=e=>decodeURI(e).replace(Of,"").replace(/\/index\.html$/iu,"/").replace(/\/(README|index)\.md$/iu,"/").replace(/\.(?:html|md)$/iu,""),Cf=(e,t)=>{if(!Vd(t))return!1;const n=Pu(e.path),r=Pu(t),o=nE(t);return o?o===e.hash&&(!r||n===r):n===r};var rE=e=>Object.prototype.toString.call(e)==="[object Object]",Nr=e=>typeof e=="string";const{isArray:Df}=Array,Ou=e=>rE(e)&&Nr(e.name),Cu=(e,t=!1)=>e?Df(e)?e.map(n=>Nr(n)?{name:n}:Ou(n)?n:null).filter(n=>n!==null):Nr(e)?[{name:e}]:Ou(e)?[e]:(console.error(`Expect "author" to be \`AuthorInfo[] | AuthorInfo | string[] | string ${t?"":"| false"} | undefined\`, but got`,e),[]):[],If=(e,t)=>{if(e){if(Df(e)&&e.every(Nr))return e;if(Nr(e))return[e];console.error(`Expect ${t} to be \`string[] | string | undefined\`, but got`,e)}return[]},oE=e=>If(e,"category"),iE=e=>If(e,"tag"),aE=()=>f(Te,{name:"heading"},()=>f("path",{d:"M250.4 704.6H64V595.4h202.4l26.2-166.6H94V319.6h214.4L352 64h127.8l-43.6 255.4h211.2L691 64h126.2l-43.6 255.4H960v109.2H756.2l-24.6 166.6H930v109.2H717L672 960H545.8l43.6-255.4H376.6L333 960H206.8l43.6-255.4zm168.4-276L394 595.4h211.2l24.6-166.6h-211z"}));aE.displayName="HeadingIcon";const lE=()=>f(Te,{name:"heart"},()=>f("path",{d:"M1024 358.156C1024 195.698 892.3 64 729.844 64c-86.362 0-164.03 37.218-217.844 96.49C458.186 101.218 380.518 64 294.156 64 131.698 64 0 195.698 0 358.156 0 444.518 37.218 522.186 96.49 576H96l320 320c32 32 64 64 96 64s64-32 96-64l320-320h-.49c59.272-53.814 96.49-131.482 96.49-217.844zM841.468 481.232 517.49 805.49a2981.962 2981.962 0 0 1-5.49 5.48c-1.96-1.95-3.814-3.802-5.49-5.48L182.532 481.234C147.366 449.306 128 405.596 128 358.156 128 266.538 202.538 192 294.156 192c47.44 0 91.15 19.366 123.076 54.532L512 350.912l94.768-104.378C638.696 211.366 682.404 192 729.844 192 821.462 192 896 266.538 896 358.156c0 47.44-19.368 91.15-54.532 123.076z"}));lE.displayName="HeartIcon";const sE=()=>f(Te,{name:"history"},()=>f("path",{d:"M512 1024a512 512 0 1 1 512-512 512 512 0 0 1-512 512zm0-896a384 384 0 1 0 384 384 384 384 0 0 0-384-384zm192 448H512a64 64 0 0 1-64-64V320a64 64 0 0 1 128 0v128h128a64 64 0 0 1 0 128z"}));sE.displayName="HistoryIcon";const uE=()=>f(Te,{name:"title"},()=>f("path",{d:"M512 256c70.656 0 134.656 28.672 180.992 75.008A254.933 254.933 0 0 1 768 512c0 83.968-41.024 157.888-103.488 204.48C688.96 748.736 704 788.48 704 832c0 105.984-86.016 192-192 192-106.048 0-192-86.016-192-192h128a64 64 0 1 0 128 0 64 64 0 0 0-64-64 255.19 255.19 0 0 1-181.056-75.008A255.403 255.403 0 0 1 256 512c0-83.968 41.024-157.824 103.488-204.544C335.04 275.264 320 235.584 320 192A192 192 0 0 1 512 0c105.984 0 192 85.952 192 192H576a64.021 64.021 0 0 0-128 0c0 35.328 28.672 64 64 64zM384 512c0 70.656 57.344 128 128 128s128-57.344 128-128-57.344-128-128-128-128 57.344-128 128z"}));uE.displayName="TitleIcon";const Za=()=>f(Te,{name:"search"},()=>f("path",{d:"M192 480a256 256 0 1 1 512 0 256 256 0 0 1-512 0m631.776 362.496-143.2-143.168A318.464 318.464 0 0 0 768 480c0-176.736-143.264-320-320-320S128 303.264 128 480s143.264 320 320 320a318.016 318.016 0 0 0 184.16-58.592l146.336 146.368c12.512 12.48 32.768 12.48 45.28 0 12.48-12.512 12.48-32.768 0-45.28"}));Za.displayName="SearchIcon";const Rf=()=>f("svg",{xmlns:"http://www.w3.org/2000/svg",width:"32",height:"32",preserveAspectRatio:"xMidYMid",viewBox:"0 0 100 100"},[f("circle",{cx:"28",cy:"75",r:"11",fill:"currentColor"},f("animate",{attributeName:"fill-opacity",begin:"0s",dur:"1s",keyTimes:"0;0.2;1",repeatCount:"indefinite",values:"0;1;1"})),f("path",{fill:"none",stroke:"#88baf0","stroke-width":"10",d:"M28 47a28 28 0 0 1 28 28"},f("animate",{attributeName:"stroke-opacity",begin:"0.1s",dur:"1s",keyTimes:"0;0.2;1",repeatCount:"indefinite",values:"0;1;1"})),f("path",{fill:"none",stroke:"#88baf0","stroke-width":"10",d:"M28 25a50 50 0 0 1 50 50"},f("animate",{attributeName:"stroke-opacity",begin:"0.2s",dur:"1s",keyTimes:"0;0.2;1",repeatCount:"indefinite",values:"0;1;1"}))]);Rf.displayName="LoadingIcon";const Sf=({hint:e})=>f("div",{class:"search-pro-result-wrapper loading"},[f(Rf),e]);Sf.displayName="SearchLoading";const cE='';var dE={0:{"/":{0:"C",1:"a",2:"t",3:"e",4:"g",5:"o",6:"r",7:"y",8:":",9:" ",10:"$",11:"c",12:"o",13:"n",14:"t",15:"e",16:"n",17:"t"}},1:{"/":{0:"T",1:"a",2:"g",3:":",4:" ",5:"$",6:"c",7:"o",8:"n",9:"t",10:"e",11:"n",12:"t"}}},fE={"/":{cancel:"Cancel",placeholder:"Search",search:"Search",searching:"Searching",defaultTitle:"Documentation",select:"to select",navigate:"to navigate",autocomplete:"to autocomplete",exit:"to exit",queryHistory:"Search History",resultHistory:"Result History",emptyHistory:"Empty Search History",emptyResult:"No results found",loading:"Loading search indexes..."}},pE={searchDelay:150,suggestDelay:0,queryHistoryCount:5,resultHistoryCount:5,hotKeys:[{key:"k",ctrl:!0},{key:"/",ctrl:!0}],worker:"search-pro.worker.js"};const Co=pE,cy=dE,kf=Co.hotKeys,el=fE,Ti="Canceled because of new search request.",mE=()=>{const e=new Worker(`/${Co.worker}`,{}),t={suggest:null,search:null,all:null};return e.addEventListener("message",({data:n})=>{const[r,o,i]=n,a=t[r];(a==null?void 0:a.id)===o&&a.resolve(i)}),e.addEventListener("error",n=>{console.error("Search Worker error:",n)}),{suggest:(n,r,o)=>new Promise((i,a)=>{var s;(s=t.suggest)==null||s.reject(new Error(Ti));const l=Date.now();e.postMessage({type:"suggest",id:l,query:n,locale:r,options:o}),t.suggest={id:l,resolve:i,reject:a}}),search:(n,r,o)=>new Promise((i,a)=>{var s;(s=t.search)==null||s.reject(new Error(Ti));const l=Date.now();e.postMessage({type:"search",id:l,query:n,locale:r,options:o}),t.search={id:l,resolve:i,reject:a}}),all:(n,r,o)=>new Promise((i,a)=>{var s;(s=t.all)==null||s.reject(new Error(Ti));const l=Date.now();e.postMessage({type:"all",id:l,query:n,locale:r,options:o}),t.all={id:l,resolve:i,reject:a}}),terminate:()=>{e.terminate(),H_(t).forEach(n=>{n==null||n.reject(new Error("Worker has been terminated."))})}}};let hE={};const wf=Symbol(""),Lf=()=>{const e=Gt(),{locales:t={},...n}=Ve(wf);return O(()=>({...n,...t[e.value]}))},vE=e=>{e.provide(wf,hE)},_E=(e,t=!1)=>{const n=te(0),r=O(()=>e.value[n.value]),o=()=>{n.value=n.value>0?n.value-1:e.value.length-1},i=()=>{n.value=n.value{t||(n.value=0)}),{index:n,item:r,prev:o,next:i}},gE=e=>e instanceof Element?document.activeElement===e&&(["TEXTAREA","SELECT","INPUT"].includes(e.tagName)||e.hasAttribute("contenteditable")):!1,EE=e=>kf.some(t=>{const{key:n,ctrl:r=!1,shift:o=!1,alt:i=!1,meta:a=!1}=t;return n===e.key&&r===e.ctrlKey&&o===e.shiftKey&&i===e.altKey&&a===e.metaKey}),yE='',bE='',AE='',TE='',tl=Symbol(""),xE=()=>{const e=te(!1);xn(tl,e)},PE=e=>{const t=te([]);{const n=Lf(),r=Ne(),o=Gt();Oe(()=>{const{suggest:i,terminate:a}=mE(),l=s=>{const u=s.join(" "),{searchFilter:c,splitWord:d,suggestionsFilter:p=v=>v,...m}=n.value;u?i(u,o.value,m).then(v=>p(v,u,o.value,r.value)).then(v=>{t.value=v.length?wr(v[0],u)&&!v[0].slice(u.length).includes(" ")?v:[u,...v]:[]}).catch(v=>{console.warn(v)}):t.value=[]};se([e,o],([s])=>l(s),{immediate:!0}),rr(()=>{a()})})}return{suggestions:t}},xi=kf[0];var OE=X({name:"SearchBox",setup(){const e=kn(el),t=Ve(tl),n=te(!1),r=O(()=>xi?[(n.value?["⌃","⇧","⌥","⌘"]:["Ctrl","Shift","Alt","Win"]).filter((o,i)=>xi[["ctrl","shift","alt","meta"][i]]),xi.key.toUpperCase()]:null);return De("keydown",o=>{!t.value&&EE(o)&&!gE(o.target)&&(o.preventDefault(),t.value=!0)}),Oe(()=>{const{userAgent:o}=navigator;n.value=eE(o)||Z2(o)||Q2(o)}),()=>[f("button",{type:"button",class:"search-pro-button","aria-label":e.value.search,onClick:()=>{t.value=!0}},[f(Za),f("div",{class:"search-pro-placeholder"},e.value.search),r.value?f("div",{class:"search-pro-key-hints"},r.value.map(o=>f("kbd",{class:"search-pro-key"},o))):null])]}});const CE=_c({loader:()=>h(()=>import("./SearchResult-DDOJWxca.js"),[]),loadingComponent:()=>{const e=kn(el);return f(Sf,{hint:e.value.loading})}});var DE=X({name:"SearchModal",setup(){const e=Ve(tl),t=Uo(),n=J2(),r=kn(el),o=Lf(),i=te(""),a=te([]),{suggestions:l}=PE(a),s=te(!1),{index:u,prev:c,next:d}=_E(l),p=Be(),m=Be(),v=(E=u.value)=>{i.value=l.value[E],s.value=!1};De("keydown",E=>{s.value?E.key==="ArrowUp"?c():E.key==="ArrowDown"?d():E.key==="Enter"?v():E.key==="Escape"&&(s.value=!1):E.key==="Escape"&&(e.value=!1)});const y=Sd(()=>{var E,A;(((A=(E=o.value).splitWord)==null?void 0:A.call(E,i.value))??Promise.resolve(i.value.split(" "))).then(T=>{a.value=T})},Math.min(Co.searchDelay,Co.suggestDelay));return se(i,y,{immediate:!0}),Oe(()=>{const E=Ko(document.body);se(e,async A=>{var T;E.value=A,A&&(await Kt(),(T=p.value)==null||T.focus())}),y_(m,()=>{s.value=!1}),rr(()=>{E.value=!1})}),()=>e.value?f("div",{class:"search-pro-modal-wrapper"},[f("div",{class:"search-pro-mask",onClick:()=>{e.value=!1,i.value=""}}),f("div",{class:"search-pro-modal"},[f("div",{class:"search-pro-box"},[f("form",[f("label",{for:"search-pro","aria-label":r.value.search},f(Za)),f("input",{ref:p,type:"search",class:"search-pro-input",id:"search-pro",placeholder:r.value.placeholder,spellcheck:"false",autocapitalize:"off",autocomplete:"off",autocorrect:"off",name:`${t.value.title}-search`,value:i.value,"aria-controls":"search-pro-results",onKeydown:E=>{const{key:A}=E;l.value.length&&(A==="Tab"?(v(),E.preventDefault()):(A==="ArrowDown"||A==="ArrowUp"||A==="Escape")&&E.preventDefault())},onInput:({target:E})=>{i.value=E.value,s.value=!0,u.value=0}}),i.value?f("button",{type:"reset",class:"search-pro-clear-button",innerHTML:cE,onClick:()=>{i.value=""}}):null,s.value&&l.value.length?f("ul",{class:"search-pro-suggestions",ref:m},l.value.map((E,A)=>f("li",{class:["search-pro-suggestion",{active:A===u.value}],onClick:()=>{v(A)}},[f("kbd",{class:"search-pro-auto-complete",title:`Tab ${r.value.autocomplete}`},"Tab"),E]))):null]),f("button",{type:"button",class:"search-pro-close-button",onClick:()=>{e.value=!1,i.value=""}},r.value.cancel)]),f(CE,{queries:a.value,isFocusing:!s.value,onClose:()=>{e.value=!1},onUpdateQuery:E=>{i.value=E}}),n.value?null:f("div",{class:"search-pro-hints"},[f("span",{class:"search-pro-hint"},[f("kbd",{innerHTML:yE}),r.value.select]),f("span",{class:"search-pro-hint"},[f("kbd",{innerHTML:AE}),f("kbd",{innerHTML:bE}),r.value.navigate]),f("span",{class:"search-pro-hint"},[f("kbd",{innerHTML:TE}),r.value.exit])])])]):null}}),IE=Yt({enhance({app:e}){vE(e),e.component("SearchBox",OE)},setup(){xE()},rootComponents:[DE]});const RE=Object.freeze(Object.defineProperty({__proto__:null,default:IE},Symbol.toStringTag,{value:"Module"})),Vf="VUEPRESS_REDIRECT_STATUS",Du=S_(Vf,{}),Iu=L_(Vf,{}),SE=e=>{const t=k_(),n=Gt(),r=Fd(e.config);return O(()=>{if(r.some(([o])=>n.value===o)){for(const o of t.value)for(const[i,a]of r)if(a.includes(o))return i===n.value?null:{lang:o,localePath:i}}return null})};var kE=X({name:"RedirectModal",props:{config:{type:Object,required:!0},locales:{type:Object,required:!0}},setup(e){const t=Rn(),n=Pd(),r=Gt(),o=SE(e.config),i=te(),a=Ko(i),l=te(!1),s=O(()=>{if(!o.value)return null;const{lang:c,localePath:d}=o.value,p=[e.locales[d],e.locales[r.value]];return{hint:p.map(({hint:m})=>m.replace("$1",c)),switch:p.map(({switch:m})=>m.replace("$1",c)).join(" / "),cancel:p.map(({cancel:m})=>m).join(" / "),remember:p.map(({remember:m})=>m).join(" / ")}}),u=()=>{Iu.value[r.value]=!0,l.value&&(Du.value[r.value]=!0),a.value=!1};return se(n,()=>{a.value=!1}),Oe(async()=>{i.value=document.body,await Kt(),o.value&&!Iu.value[r.value]&&!Du.value[r.value]&&(a.value=!0)}),Ta(()=>{a.value=!1}),()=>f(Zc,{name:"redirect-modal-fade"},()=>{var c,d,p,m;return a.value?f("div",{key:"mask",class:"redirect-modal-mask"},f("div",{key:"popup",class:"redirect-modal-wrapper"},[f("div",{class:"redirect-modal-content"},(c=s.value)==null?void 0:c.hint.map(v=>f("p",v))),f("div",{class:"redirect-modal-hint"},[f("input",{id:"remember-redirect",type:"checkbox",value:l.value,onChange:()=>{l.value=!l.value}}),f("label",{for:"remember-redirect"},(d=s.value)==null?void 0:d.remember)]),f("button",{type:"button",class:"redirect-modal-action primary",onClick:()=>{u(),t.replace(n.value.replace(r.value,o.value.localePath))}},(p=s.value)==null?void 0:p.switch),f("button",{type:"button",class:"redirect-modal-action",onClick:()=>{u()}},(m=s.value)==null?void 0:m.cancel)])):null})}}),wE={config:{},autoLocale:!1,localeFallback:!0,defaultBehavior:"defaultLocale"},LE={"/":{name:"English",hint:"Your primary language is $1, do you want to switch to it?",switch:"Switch to $1",cancel:"Cancel",remember:"Remember my choice"}};const Ff=wE;var VE=Yt({setup(){},rootComponents:[()=>f(kE,{config:Ff,locales:LE})]});const FE=Object.freeze(Object.defineProperty({__proto__:null,config:Ff,default:VE},Symbol.toStringTag,{value:"Module"}));var Ru={"/":{word:"About $word words",less1Minute:"Less than 1 minute",time:"About $time min"}};const Mf=()=>{const e=Ne();return O(()=>e.value.readingTime??null)},ME=(e,t)=>{const{minutes:n,words:r}=e,{less1Minute:o,word:i,time:a}=t;return{time:n<1?o:a.replace("$time",Math.round(n).toString()),words:i.replace("$word",r.toString())}},Su={words:"",time:""},ta=typeof Ru>"u"?null:Ru,NE=()=>ta?kn(ta):O(()=>null),$E=()=>{if(typeof ta>"u")return O(()=>Su);const e=Mf(),t=NE();return O(()=>e.value&&t.value?ME(e.value,t.value):Su)},wn=()=>gf(),be=()=>x2(),ht=()=>{const e=wn();return O(()=>!!e.value.pure)},ho=()=>null,BE="719px",HE="1440px",UE="false",jE="9",Xo={mobileBreakPoint:BE,pcBreakPoint:HE,enableThemeColor:UE,colorNumber:jE},nl={},ze=e=>{const{icon:t="",color:n,size:r}=e,o=n||r?{}:null;return n&&(o.color=n),r&&(o.height=Number.isNaN(Number(r))?r:`${r}px`),qr(t)?f("img",{class:"icon",src:t,alt:"","no-view":"",style:o}):$a(t)?f("img",{class:"icon",src:$e(t),alt:"","aria-hidden":"","no-view":"",style:o}):f(Rt("FontIcon"),e)};ze.displayName="HopeIcon";const Nf=()=>{const e=be();return O(()=>e.value.author)},zE="http://.",rl=()=>{const e=Rn(),t=qt();return n=>{if(n)if($a(n))t.path!==n&&e.push(n);else if(Wr(n))window&&window.open(n);else{const r=t.path.slice(0,t.path.lastIndexOf("/"));e.push(new URL(`${r}/${encodeURI(n)}`,zE).pathname)}}},$f=()=>{const e=Se(),t=Nf();return O(()=>{const{author:n}=e.value;return n?Cu(n):n===!1?[]:Cu(t.value,!1)})},KE=()=>{const e=Se();return O(()=>oE(e.value.category??e.value.categories).map(t=>({name:t,path:""})))},WE=()=>{const e=Se();return O(()=>iE(e.value.tag??e.value.tags).map(t=>({name:t,path:""})))},qE=()=>{const e=Se(),t=Ne();return O(()=>{const n=U_(e.value.date);if(n)return n;const{createdTime:r}=t.value.git??{};return r?new Date(r):null})},GE=()=>{const e=be(),t=Ne(),n=Se(),r=$f(),o=KE(),i=WE(),a=qE(),l=Mf(),s=$E(),u=O(()=>({author:r.value,category:o.value,date:a.value,localizedDate:t.value.localizedDate,tag:i.value,isOriginal:n.value.isOriginal??!1,readingTime:l.value,readingTimeLocale:s.value,pageview:n.value.pageview??!0})),c=O(()=>n.value.pageInfo??e.value.pageInfo??null);return{info:u,items:c}},ol=(e,t)=>"activeMatch"in t?new RegExp(t.activeMatch,"u").test(e.path):Cf(e,t.link),il=(e,t)=>"children"in t?!!t.prefix&&Cf(e,t.prefix)||t.children.some(n=>il(e,n)):ol(e,t),na=e=>!Ra(e)&&!Wr(e);var Dt=(e=>(e.title="t",e.shortTitle="s",e.icon="i",e.index="I",e.order="O",e.breadcrumbExclude="b",e))(Dt||{}),YE=(e=>(e.type="y",e.author="a",e.date="d",e.localizedDate="l",e.category="c",e.tag="g",e.isEncrypted="n",e.isOriginal="o",e.readingTime="r",e.excerpt="e",e.sticky="u",e.cover="v",e))(YE||{}),XE=(e=>(e.article="a",e.home="h",e.slide="s",e.page="p",e))(XE||{});const Do=(e,t=!1,n)=>{const{meta:r,path:o,notFound:i}=Ut(e,n);return i?{text:o,link:o}:{text:!t&&r[Dt.shortTitle]?r[Dt.shortTitle]:r[Dt.title]||o,link:o,...r[Dt.icon]?{icon:r[Dt.icon]}:{}}},An=(e="",t="")=>$a(t)||Wr(t)?t:`${td(e)}${t}`,Bf=(e,t)=>{const n=Fe(e)?Do(An(t,e)):e.link?{...e,link:na(e.link)?Ut(An(t,e.link)).path:e.link}:e;if("children"in n){const r=An(t,n.prefix),o=n.children==="structure"?nl[r]:n.children;return{...n,prefix:r,children:o.map(i=>Bf(i,r))}}return{...n}},ra=({config:e,prefix:t=""})=>e.map(n=>Bf(n,t)),JE=({config:e,routePath:t,headerDepth:n})=>{const r=Na(e).sort((o,i)=>i.length-o.length);for(const o of r)if(wr(decodeURI(t),o)){const i=e[o];return ra({config:i==="structure"?nl[o]:i||[],headerDepth:n,prefix:o})}return console.warn(`${decodeURI(t)} is missing sidebar config.`),[]},QE=({config:e,headerDepth:t,routeLocale:n,routePath:r})=>e==="structure"?ra({config:nl[n],headerDepth:t,prefix:n}):Ki(e)?ra({config:e,headerDepth:t}):$o(e)?JE({config:e,routePath:r,headerDepth:t}):[],Hf=Symbol(""),ZE=()=>{const e=Se(),t=be(),n=Gt(),r=Pd(),o=O(()=>e.value.home?!1:e.value.sidebar??t.value.sidebar??"structure"),i=O(()=>e.value.headerDepth??t.value.headerDepth??2),a=O(()=>QE({config:o.value,headerDepth:i.value,routeLocale:n.value,routePath:r.value}));xn(Hf,a)},al=()=>{const e=Ve(Hf);if(!e)throw new Error("useSidebarItems() is called without provider.");return e},{mobileBreakPoint:e4,pcBreakPoint:t4}=Xo,ku=e=>e.endsWith("px")?Number(e.slice(0,-2)):null,Jo=()=>{const e=te(!1),t=te(!1),n=()=>{e.value=window.innerWidth<=(ku(e4)??719),t.value=window.innerWidth>=(ku(t4)??1440)};return De("resize",n,!1),De("orientationchange",n,!1),Oe(()=>{n()}),{isMobile:e,isPC:t}},Uf=Symbol(""),Jr=()=>{const e=Ve(Uf);if(!e)throw new Error("useDarkmode() is called without provider.");return e},n4=e=>{const t=wn(),n=O_(),r=O(()=>t.value.darkmode??"switch"),o=zo("vuepress-theme-hope-scheme","auto"),i=O(()=>{const l=r.value;return l==="disable"?!1:l==="enable"?!0:l==="auto"?n.value:l==="toggle"?o.value==="dark":o.value==="dark"||o.value==="auto"&&n.value}),a=O(()=>{const l=r.value;return l==="switch"||l==="toggle"});e.provide(Uf,{canToggle:a,config:r,isDarkmode:i,status:o}),Object.defineProperties(e.config.globalProperties,{$isDarkmode:{get:()=>i.value}})},r4=()=>{const{config:e,isDarkmode:t,status:n}=Jr();Oa(()=>{e.value==="disable"?n.value="light":e.value==="enable"?n.value="dark":e.value==="toggle"&&n.value==="auto"&&(n.value="light")}),Oe(()=>{se(t,r=>document.documentElement.setAttribute("data-theme",r?"dark":"light"),{immediate:!0})})};var o4=X({name:"PageFooter",setup(){const e=wn(),t=be(),n=Se(),r=$f(),o=O(()=>{const{copyright:u,footer:c}=n.value;return c!==!1&&!!(u||c||t.value.displayFooter)}),i=O(()=>{const{footer:u}=n.value;return u===!1?!1:Fe(u)?u:t.value.footer??""}),a=O(()=>r.value.map(({name:u})=>u).join(", ")),l=u=>`Copyright © ${new Date().getFullYear()} ${a.value} ${u?`${u} Licensed`:""}`,s=O(()=>{const{copyright:u,license:c=""}=n.value,{license:d}=e.value,{copyright:p}=t.value;return u??(c?l(c):p??(a.value||d?l(d):!1))});return()=>o.value?f("footer",{class:"vp-footer-wrapper","vp-footer":""},[i.value?f("div",{class:"vp-footer",innerHTML:i.value}):null,s.value?f("div",{class:"vp-copyright",innerHTML:s.value}):null]):null}}),Qe=X({name:"AutoLink",props:{config:{type:Object,required:!0}},emits:["focusout"],slots:Object,setup(e,{emit:t,slots:n}){return()=>{const{icon:r}=e.config;return f(n_,{...e,onFocusout:()=>t("focusout")},{default:n.default?()=>n.default():null,before:n.before?()=>n.before():r?()=>f(ze,{icon:r}):null,after:n.after?()=>n.after():null})}}}),i4=X({name:"NavbarDropdown",props:{config:{type:Object,required:!0}},slots:Object,setup(e,{slots:t}){const n=Ne(),r=Vo(e,"config"),o=O(()=>r.value.ariaLabel??r.value.text),i=te(!1);se(()=>n.value.path,()=>{i.value=!1});const a=l=>{l.detail===0&&(i.value=!i.value)};return()=>{var l;return f("div",{class:["vp-dropdown-wrapper",{open:i.value}]},[f("button",{type:"button",class:"vp-dropdown-title","aria-label":o.value,onClick:a},[((l=t.title)==null?void 0:l.call(t))||[f(ze,{icon:r.value.icon}),e.config.text],f("span",{class:"arrow"}),f("ul",{class:"vp-dropdown"},r.value.children.map((s,u)=>{const c=u===r.value.children.length-1;return f("li",{class:"vp-dropdown-item"},"children"in s?[f("h4",{class:"vp-dropdown-subtitle"},s.link?f(Qe,{config:s,onFocusout:()=>{s.children.length===0&&c&&(i.value=!1)}}):s.text),f("ul",{class:"vp-dropdown-subitems"},s.children.map((d,p)=>f("li",{class:"vp-dropdown-subitem"},f(Qe,{config:d,onFocusout:()=>{p===s.children.length-1&&c&&(i.value=!1)}}))))]:f(Qe,{config:s,onFocusout:()=>{c&&(i.value=!1)}}))}))])])}}});const jf=(e,t="")=>Fe(e)?Do(An(t,e)):"children"in e?{...e,...e.link&&na(e.link)?{link:Ut(An(t,e.link)).path}:{},children:e.children.map(n=>jf(n,An(t,e.prefix)))}:{...e,link:na(e.link)?Ut(An(t,e.link)).path:e.link},zf=()=>{const e=be();return O(()=>(e.value.navbar||[]).map(t=>jf(t)))},a4=()=>{const e=be(),t=O(()=>e.value.repo),n=O(()=>t.value?W2(t.value):null),r=O(()=>t.value?Qa(t.value):null),o=O(()=>n.value?e.value.repoLabel??r.value??"Source":null);return O(()=>!n.value||!o.value||e.value.repoDisplay===!1?null:{type:r.value??"Source",label:o.value,link:n.value})};var l4=X({name:"NavScreenMenu",props:{config:{type:Object,required:!0}},setup(e){const t=Ne(),n=Vo(e,"config"),r=O(()=>n.value.ariaLabel??n.value.text),o=te(!1);se(()=>t.value.path,()=>{o.value=!1});const i=(a,l)=>l[l.length-1]===a;return()=>[f("button",{type:"button",class:["vp-nav-screen-menu-title",{active:o.value}],"aria-label":r.value,onClick:()=>{o.value=!o.value}},[f("span",{class:"text"},[f(ze,{icon:n.value.icon}),e.config.text]),f("span",{class:["arrow",o.value?"down":"end"]})]),f("ul",{class:["vp-nav-screen-menu",{hide:!o.value}]},n.value.children.map(a=>f("li",{class:"vp-nav-screen-menu-item"},"children"in a?[f("h4",{class:"vp-nav-screen-menu-subtitle"},a.link?f(Qe,{config:a,onFocusout:()=>{i(a,n.value.children)&&a.children.length===0&&(o.value=!1)}}):a.text),f("ul",{class:"vp-nav-screen-menu-subitems"},a.children.map(l=>f("li",{class:"vp-nav-screen-menu-subitem"},f(Qe,{config:l,onFocusout:()=>{i(l,a.children)&&i(a,n.value.children)&&(o.value=!1)}}))))]:f(Qe,{config:a,onFocusout:()=>{i(a,n.value.children)&&(o.value=!1)}}))))]}}),s4=X({name:"NavScreenLinks",setup(){const e=zf();return()=>e.value.length?f("nav",{class:"nav-screen-links"},e.value.map(t=>f("div",{class:"navbar-links-item"},"children"in t?f(l4,{config:t}):f(Qe,{config:t})))):null}});const Kf=()=>f(Te,{name:"dark"},()=>f("path",{d:"M524.8 938.667h-4.267a439.893 439.893 0 0 1-313.173-134.4 446.293 446.293 0 0 1-11.093-597.334A432.213 432.213 0 0 1 366.933 90.027a42.667 42.667 0 0 1 45.227 9.386 42.667 42.667 0 0 1 10.24 42.667 358.4 358.4 0 0 0 82.773 375.893 361.387 361.387 0 0 0 376.747 82.774 42.667 42.667 0 0 1 54.187 55.04 433.493 433.493 0 0 1-99.84 154.88 438.613 438.613 0 0 1-311.467 128z"}));Kf.displayName="DarkIcon";const Wf=()=>f(Te,{name:"light"},()=>f("path",{d:"M952 552h-80a40 40 0 0 1 0-80h80a40 40 0 0 1 0 80zM801.88 280.08a41 41 0 0 1-57.96-57.96l57.96-58a41.04 41.04 0 0 1 58 58l-58 57.96zM512 752a240 240 0 1 1 0-480 240 240 0 0 1 0 480zm0-560a40 40 0 0 1-40-40V72a40 40 0 0 1 80 0v80a40 40 0 0 1-40 40zm-289.88 88.08-58-57.96a41.04 41.04 0 0 1 58-58l57.96 58a41 41 0 0 1-57.96 57.96zM192 512a40 40 0 0 1-40 40H72a40 40 0 0 1 0-80h80a40 40 0 0 1 40 40zm30.12 231.92a41 41 0 0 1 57.96 57.96l-57.96 58a41.04 41.04 0 0 1-58-58l58-57.96zM512 832a40 40 0 0 1 40 40v80a40 40 0 0 1-80 0v-80a40 40 0 0 1 40-40zm289.88-88.08 58 57.96a41.04 41.04 0 0 1-58 58l-57.96-58a41 41 0 0 1 57.96-57.96z"}));Wf.displayName="LightIcon";const qf=()=>f(Te,{name:"auto"},()=>f("path",{d:"M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm0-840c-198.78 0-360 161.22-360 360 0 198.84 161.22 360 360 360s360-161.16 360-360c0-198.78-161.22-360-360-360zm0 660V212c165.72 0 300 134.34 300 300 0 165.72-134.28 300-300 300z"}));qf.displayName="AutoIcon";const Gf=()=>f(Te,{name:"enter-fullscreen"},()=>f("path",{d:"M762.773 90.24h-497.28c-96.106 0-174.4 78.293-174.4 174.4v497.28c0 96.107 78.294 174.4 174.4 174.4h497.28c96.107 0 175.04-78.293 174.4-174.4V264.64c0-96.213-78.186-174.4-174.4-174.4zm-387.2 761.173H215.04c-21.867 0-40.427-17.92-41.067-41.066V649.92c0-22.507 17.92-40.427 40.427-40.427 11.307 0 21.227 4.694 28.48 11.947 7.253 7.253 11.947 17.92 11.947 28.48v62.293l145.28-145.28c15.893-15.893 41.813-15.893 57.706 0 15.894 15.894 15.894 41.814 0 57.707l-145.28 145.28h62.294c22.506 0 40.426 17.92 40.426 40.427s-17.173 41.066-39.68 41.066zM650.24 165.76h160.427c21.866 0 40.426 17.92 41.066 41.067v160.426c0 22.507-17.92 40.427-40.426 40.427-11.307 0-21.227-4.693-28.48-11.947-7.254-7.253-11.947-17.92-11.947-28.48v-62.186L625.6 450.347c-15.893 15.893-41.813 15.893-57.707 0-15.893-15.894-15.893-41.814 0-57.707l145.28-145.28H650.88c-22.507 0-40.427-17.92-40.427-40.427s17.174-41.173 39.787-41.173z"}));Gf.displayName="EnterFullScreenIcon";const Yf=()=>f(Te,{name:"cancel-fullscreen"},()=>f("path",{d:"M778.468 78.62H247.922c-102.514 0-186.027 83.513-186.027 186.027V795.08c0 102.514 83.513 186.027 186.027 186.027h530.432c102.514 0 186.71-83.513 186.026-186.027V264.647C964.494 162.02 880.981 78.62 778.468 78.62zM250.88 574.35h171.122c23.324 0 43.122 19.115 43.804 43.805v171.121c0 24.008-19.114 43.122-43.122 43.122-12.06 0-22.641-5.006-30.378-12.743s-12.743-19.115-12.743-30.379V722.83L224.597 877.91c-16.953 16.952-44.6 16.952-61.553 0-16.953-16.954-16.953-44.602 0-61.554L318.009 661.39h-66.446c-24.007 0-43.122-19.114-43.122-43.122 0-24.12 18.432-43.918 42.439-43.918zm521.899-98.873H601.657c-23.325 0-43.122-19.114-43.805-43.804V260.55c0-24.007 19.115-43.122 43.122-43.122 12.06 0 22.642 5.007 30.379 12.743s12.743 19.115 12.743 30.38v66.445l154.965-154.965c16.953-16.953 44.601-16.953 61.554 0 16.953 16.953 16.953 44.6 0 61.554L705.536 388.55h66.446c24.007 0 43.122 19.115 43.122 43.122.114 24.007-18.318 43.804-42.325 43.804z"}));Yf.displayName="CancelFullScreenIcon";const Xf=()=>f(Te,{name:"outlook"},()=>[f("path",{d:"M224 800c0 9.6 3.2 44.8 6.4 54.4 6.4 48-48 76.8-48 76.8s80 41.6 147.2 0 134.4-134.4 38.4-195.2c-22.4-12.8-41.6-19.2-57.6-19.2C259.2 716.8 227.2 761.6 224 800zM560 675.2l-32 51.2c-51.2 51.2-83.2 32-83.2 32 25.6 67.2 0 112-12.8 128 25.6 6.4 51.2 9.6 80 9.6 54.4 0 102.4-9.6 150.4-32l0 0c3.2 0 3.2-3.2 3.2-3.2 22.4-16 12.8-35.2 6.4-44.8-9.6-12.8-12.8-25.6-12.8-41.6 0-54.4 60.8-99.2 137.6-99.2 6.4 0 12.8 0 22.4 0 12.8 0 38.4 9.6 48-25.6 0-3.2 0-3.2 3.2-6.4 0-3.2 3.2-6.4 3.2-6.4 6.4-16 6.4-16 6.4-19.2 9.6-35.2 16-73.6 16-115.2 0-105.6-41.6-198.4-108.8-268.8C704 396.8 560 675.2 560 675.2zM224 419.2c0-28.8 22.4-51.2 51.2-51.2 28.8 0 51.2 22.4 51.2 51.2 0 28.8-22.4 51.2-51.2 51.2C246.4 470.4 224 448 224 419.2zM320 284.8c0-22.4 19.2-41.6 41.6-41.6 22.4 0 41.6 19.2 41.6 41.6 0 22.4-19.2 41.6-41.6 41.6C339.2 326.4 320 307.2 320 284.8zM457.6 208c0-12.8 12.8-25.6 25.6-25.6 12.8 0 25.6 12.8 25.6 25.6 0 12.8-12.8 25.6-25.6 25.6C470.4 233.6 457.6 220.8 457.6 208zM128 505.6C128 592 153.6 672 201.6 736c28.8-60.8 112-60.8 124.8-60.8-16-51.2 16-99.2 16-99.2l316.8-422.4c-48-19.2-99.2-32-150.4-32C297.6 118.4 128 291.2 128 505.6zM764.8 86.4c-22.4 19.2-390.4 518.4-390.4 518.4-22.4 28.8-12.8 76.8 22.4 99.2l9.6 6.4c35.2 22.4 80 12.8 99.2-25.6 0 0 6.4-12.8 9.6-19.2 54.4-105.6 275.2-524.8 288-553.6 6.4-19.2-3.2-32-19.2-32C777.6 76.8 771.2 80 764.8 86.4z"})]);Xf.displayName="OutlookIcon";var Jf=X({name:"ColorModeSwitch",setup(){const{config:e,isDarkmode:t,status:n}=Jr(),r=ht(),o=()=>{e.value==="switch"?n.value={light:"dark",dark:"auto",auto:"light"}[n.value]:n.value=n.value==="light"?"dark":"light"},i=async a=>{if(!(document.startViewTransition&&!window.matchMedia("(prefers-reduced-motion: reduce)").matches&&!r.value)||!a){o();return}const l=a.clientX,s=a.clientY,u=Math.hypot(Math.max(l,innerWidth-l),Math.max(s,innerHeight-s)),c=t.value;await document.startViewTransition(async()=>{o(),await Kt()}).ready,t.value!==c&&document.documentElement.animate({clipPath:t.value?[`circle(${u}px at ${l}px ${s}px)`,`circle(0px at ${l}px ${s}px)`]:[`circle(0px at ${l}px ${s}px)`,`circle(${u}px at ${l}px ${s}px)`]},{duration:400,pseudoElement:t.value?"::view-transition-old(root)":"::view-transition-new(root)"})};return()=>f("button",{type:"button",class:"vp-color-mode-switch",id:"color-mode-switch",onClick:i},[f(qf,{style:{display:n.value==="auto"?"block":"none"}}),f(Kf,{style:{display:n.value==="dark"?"block":"none"}}),f(Wf,{style:{display:n.value==="light"?"block":"none"}})])}}),u4=X({name:"ColorMode",setup(){const e=be(),{canToggle:t}=Jr(),n=O(()=>e.value.outlookLocales.darkmode);return()=>t.value?f("div",{class:"vp-color-mode"},[f("label",{class:"vp-color-mode-title",for:"color-mode-switch"},n.value),f(Jf)]):null}});const wu=Xo.enableThemeColor==="true";var c4=X({name:"ToggleFullScreenButton",setup(){const{isSupported:e,isFullscreen:t,toggle:n}=Ma();return()=>e?f("button",{type:"button",id:"full-screen-switch",class:"full-screen",ariaPressed:t.value,onClick:()=>n()},t.value?f(Yf):f(Gf)):null}}),Qf=X({name:"ToggleFullScreenButton",setup(){const e=be(),{isSupported:t}=Ma(),n=O(()=>e.value.outlookLocales.fullscreen);return()=>t?f("div",{class:"full-screen-wrapper"},[f("label",{class:"full-screen-title",for:"full-screen-switch"},n.value),f(c4)]):null}}),Zf=X({name:"OutlookSettings",setup(){const e=wn(),t=ht(),n=O(()=>!t.value&&e.value.fullscreen);return()=>f(Dd,()=>[null,f(u4),n.value?f(Qf):null])}}),d4=X({name:"NavScreen",props:{show:Boolean},emits:["close"],slots:Object,setup(e,{emit:t,slots:n}){const r=Ne(),{isMobile:o}=Jo(),i=Be(),a=Ko(i);return Oe(()=>{i.value=document.body,se(o,l=>{!l&&e.show&&(a.value=!1,t("close"))}),se(()=>r.value.path,()=>{a.value=!1,t("close")})}),rr(()=>{a.value=!1}),()=>f(Gn,{name:"fade",onEnter:()=>{a.value=!0},onAfterLeave:()=>{a.value=!1}},()=>{var l,s;return e.show?f("div",{id:"nav-screen",class:"vp-nav-screen"},f("div",{class:"vp-nav-screen-container"},[(l=n.before)==null?void 0:l.call(n),f(s4),f("div",{class:"vp-outlook-wrapper"},f(Zf)),(s=n.after)==null?void 0:s.call(n)])):null})}}),f4=X({name:"NavbarBrand",setup(){const e=Gt(),t=Uo(),n=be(),r=O(()=>n.value.home??e.value),o=O(()=>t.value.title),i=O(()=>n.value.navbarTitle??o.value),a=O(()=>n.value.logo?$e(n.value.logo):null),l=O(()=>n.value.logoDark?$e(n.value.logoDark):null);return()=>f(_t,{to:r.value,class:"vp-brand","aria-label":n.value.routeLocales.home},()=>[a.value?f("img",{class:["vp-nav-logo",{light:!!l.value}],src:a.value,alt:""}):null,l.value?f("img",{class:["vp-nav-logo dark"],src:l.value,alt:""}):null,i.value?f("span",{class:["vp-site-name",{"hide-in-pad":a.value&&(n.value.hideSiteNameOnMobile??!0)}]},i.value):null])}}),p4=X({name:"NavbarLinks",setup(){const e=zf();return()=>e.value.length?f("nav",{class:"vp-nav-links"},e.value.map(t=>f("div",{class:"vp-nav-item hide-in-mobile"},"children"in t?f(i4,{config:t}):f(Qe,{config:t})))):null}}),m4=X({name:"RepoLink",setup(){const e=a4();return()=>e.value?f("div",{class:"vp-nav-item vp-action"},f("a",{class:"vp-action-link",href:e.value.link,target:"_blank",rel:"noopener noreferrer","aria-label":e.value.label},f(q2,{type:e.value.type,style:{width:"1.25rem",height:"1.25rem",verticalAlign:"middle"}}))):null}});const ep=({active:e=!1},{emit:t})=>f("button",{type:"button",class:["vp-toggle-navbar-button",{"is-active":e}],"aria-label":"Toggle Navbar","aria-expanded":e,"aria-controls":"nav-screen",onClick:()=>t("toggle")},f("span",[f("span",{class:"vp-top"}),f("span",{class:"vp-middle"}),f("span",{class:"vp-bottom"})]));ep.displayName="ToggleNavbarButton";const oa=(e,{emit:t})=>f("button",{type:"button",class:"vp-toggle-sidebar-button",title:"Toggle Sidebar",onClick:()=>t("toggle")},f("span",{class:"icon"}));oa.displayName="ToggleSidebarButton",oa.emits=["toggle"];var h4=X({name:"OutlookButton",setup(){const e=wn(),t=Ne(),{canToggle:n}=Jr(),{isSupported:r}=Ma(),o=ht(),i=te(!1),a=O(()=>!o.value&&e.value.fullscreen&&r),l=O(()=>n.value||a.value);return se(()=>t.value.path,()=>{i.value=!1}),()=>l.value?f("div",{class:"vp-nav-item hide-in-mobile"},n.value&&!a.value&&!wu?f(Jf):a.value&&!n.value&&!wu?f(Qf):f("button",{type:"button",class:["vp-outlook-button",{open:i.value}],tabindex:"-1","aria-hidden":!0},[f(Xf),f("div",{class:"vp-outlook-dropdown"},f(Zf))])):null}}),v4=X({name:"NavBar",emits:["toggleSidebar"],slots:Object,setup(e,{emit:t,slots:n}){const r=be(),{isMobile:o}=Jo(),i=te(!1),a=O(()=>{const{navbarAutoHide:c="mobile"}=r.value;return c!=="none"&&(c==="always"||o.value)}),l=O(()=>r.value.navbarLayout??{start:["Brand"],center:["Links"],end:["Language","Repo","Outlook","Search"]}),s={Brand:f4,Language:ho,Links:p4,Repo:m4,Outlook:h4,Search:St("SearchBox")?Rt("SearchBox"):ho},u=c=>s[c]??(St(c)?Rt(c):ho);return()=>{var c,d,p,m,v,y,E,A,T;return[f("header",{key:"navbar",id:"navbar",class:["vp-navbar",{"auto-hide":a.value}],"vp-navbar":""},[f("div",{class:"vp-navbar-start"},[f(oa,{onToggle:()=>{i.value&&(i.value=!1),t("toggleSidebar")}}),(c=n.startBefore)==null?void 0:c.call(n),(d=l.value.start)==null?void 0:d.map(g=>f(u(g))),(p=n.startAfter)==null?void 0:p.call(n)]),f("div",{class:"vp-navbar-center"},[(m=n.centerBefore)==null?void 0:m.call(n),(v=l.value.center)==null?void 0:v.map(g=>f(u(g))),(y=n.centerAfter)==null?void 0:y.call(n)]),f("div",{class:"vp-navbar-end"},[(E=n.endBefore)==null?void 0:E.call(n),(A=l.value.end)==null?void 0:A.map(g=>f(u(g))),(T=n.endAfter)==null?void 0:T.call(n),f(ep,{active:i.value,onToggle:()=>{i.value=!i.value}})])]),f(d4,{show:i.value,onClose:()=>{i.value=!1}},{before:n.screenTop?()=>n.screenTop():null,after:n.screenBottom?()=>n.screenBottom():null})]}}}),_4=X({name:"SidebarChild",props:{config:{type:Object,required:!0}},setup(e){const t=qt();return()=>Fe(e.config.link)?f(Qe,{class:["vp-sidebar-link",{active:ol(t,e.config)}],config:{...e.config,exact:!0}}):f("p",e,[f(ze,{icon:e.config.icon}),e.config.text])}}),g4=X({name:"SidebarGroup",props:{config:{type:Object,required:!0},open:{type:Boolean,required:!0}},emits:["toggle"],setup(e,{emit:t}){const n=qt(),r=te(!1),o=O(()=>il(n,e.config)),i=O(()=>ol(n,e.config)),a=O(()=>e.open||e.config.expanded&&!r.value);return()=>{const{collapsible:l,children:s=[],icon:u,prefix:c,link:d,text:p}=e.config;return f("section",{class:"vp-sidebar-group"},[f(l?"button":"p",{class:["vp-sidebar-header",{clickable:l||d,exact:i.value,active:o.value}],...l?{type:"button",onClick:()=>{r.value=!0,t("toggle")}}:{}},[f(ze,{icon:u}),d?f(Qe,{class:"vp-sidebar-title no-external-link-icon",config:{text:p,link:d}}):f("span",{class:"vp-sidebar-title"},p),l?f("span",{class:["vp-arrow",a.value?"down":"end"]}):null]),a.value||!l?f(tp,{key:c,config:s}):null])}}}),tp=X({name:"SidebarLinks",props:{config:{type:Array,required:!0}},setup(e){const t=qt(),n=te(-1),r=o=>{n.value=o===n.value?-1:o};return se(()=>t.path,()=>{const o=e.config.findIndex(i=>il(t,i));n.value=o},{immediate:!0,flush:"post"}),()=>f("ul",{class:"vp-sidebar-links"},e.config.map((o,i)=>f("li","children"in o?f(g4,{config:o,open:i===n.value,onToggle:()=>r(i)}):f(_4,{config:o}))))}}),E4=X({name:"SideBar",slots:Object,setup(e,{slots:t}){const n=qt(),r=al(),o=Be();return Oe(()=>{se(()=>n.hash,i=>{const a=document.querySelector(`.vp-sidebar a.vp-sidebar-link[href="${n.path}${i}"]`);if(!a)return;const{top:l,height:s}=o.value.getBoundingClientRect(),{top:u,height:c}=a.getBoundingClientRect();ul+s&&a.scrollIntoView(!1)},{immediate:!0})}),()=>{var i,a,l;return f("aside",{ref:o,key:"sidebar",id:"sidebar",class:"vp-sidebar","vp-sidebar":""},[(i=t.top)==null?void 0:i.call(t),((a=t.default)==null?void 0:a.call(t))??f(tp,{config:r.value}),(l=t.bottom)==null?void 0:l.call(t)])}}}),np=X({name:"CommonWrapper",props:{containerClass:{type:String,default:""},noNavbar:Boolean,noSidebar:Boolean,noToc:Boolean},slots:Object,setup(e,{slots:t}){const n=Rn(),r=Se(),o=wn(),i=be(),{isMobile:a,isPC:l}=Jo(),s=ht(),[u,c]=zi(!1),[d,p]=zi(!1),m=al(),v=te(!1),y=O(()=>e.noNavbar||r.value.navbar===!1||i.value.navbar===!1?!1:!!(i.value.logo??i.value.repo??i.value.navbar)),E=O(()=>e.noSidebar?!1:r.value.sidebar!==!1&&m.value.length!==0&&!r.value.home),A=O(()=>r.value.externalLinkIcon??o.value.externalLinkIcon??!0),T=O(()=>!e.noToc&&!r.value.home&&(r.value.toc??i.value.toc??!0)),g={x:0,y:0},x=N=>{g.x=N.changedTouches[0].clientX,g.y=N.changedTouches[0].clientY},V=N=>{const Q=N.changedTouches[0].clientX-g.x,$=N.changedTouches[0].clientY-g.y;Math.abs(Q)>Math.abs($)*1.5&&Math.abs(Q)>40&&(Q>0&&g.x<=80?c(!0):c(!1))};let H=0;return De("scroll",v_(()=>{const N=window.scrollY;N<=58||N{N||c(!1)}),Oe(()=>{const N=Ko(document.body);se(u,$=>{N.value=$});const Q=n.afterEach(()=>{c(!1)});rr(()=>{N.value=!1,Q()})}),()=>f(St("GlobalEncrypt")?Rt("GlobalEncrypt"):Ja,()=>f("div",{class:["theme-container",{"hide-navbar":v.value,"no-navbar":!y.value,"sidebar-collapsed":!a.value&&!l.value&&d.value,"sidebar-open":a.value&&u.value,"no-sidebar":!E.value&&!t.sidebar&&!t.sidebarTop&&!t.sidebarBottom,"external-link-icon":A.value,pure:s.value,"has-toc":T.value},e.containerClass,r.value.containerClass??""],"vp-container":"",onTouchStart:x,onTouchEnd:V},[y.value?f(v4,{onToggleSidebar:()=>c()},{startBefore:t.navbarStartBefore?()=>t.navbarStartBefore():null,startAfter:t.navbarStartAfter?()=>t.navbarStartAfter():null,centerBefore:t.navbarCenterBefore?()=>t.navbarCenterBefore():null,centerAfter:t.navbarCenterAfter?()=>t.navbarCenterAfter():null,endBefore:t.navbarEndBefore?()=>t.navbarEndBefore():null,endAfter:t.navbarEndAfter?()=>t.navbarEndAfter():null,screenTop:t.navScreenTop?()=>t.navScreenTop():null,screenBottom:t.navScreenBottom?()=>t.navScreenBottom():null}):null,f(Gn,{name:"fade"},()=>u.value?f("div",{class:"vp-sidebar-mask",onClick:()=>c(!1)}):null),f(Gn,{name:"fade"},()=>a.value?null:f("div",{class:"toggle-sidebar-wrapper",onClick:()=>p()},f("span",{class:["arrow",d.value?"end":"start"]}))),f(E4,{},{default:t.sidebar?()=>t.sidebar():null,top:t.sidebarTop?()=>t.sidebarTop():null,bottom:t.sidebarBottom?()=>t.sidebarBottom():null}),t.default(),f(o4)]))}});const ft=X({name:"DropTransition",props:{type:{type:String,default:"single"},delay:{type:Number,default:0},duration:{type:Number,default:.25},appear:Boolean},slots:Object,setup(e,{slots:t}){const n=o=>{o.style.transition=`transform ${e.duration}s ease-in-out ${e.delay}s, opacity ${e.duration}s ease-in-out ${e.delay}s`,o.style.transform="translateY(-20px)",o.style.opacity="0"},r=o=>{o.style.transform="translateY(0)",o.style.opacity="1"};return()=>{const o={name:"drop",appear:e.appear,onAppear:n,onAfterAppear:r,onEnter:n,onAfterEnter:r,onBeforeLeave:n},i=()=>t.default();return e.type==="group"?f(Zc,o,i):f(Gn,o,i)}}}),$r=({custom:e})=>f(Id,{class:["theme-hope-content",{custom:e}],"vp-content":""});$r.displayName="MarkdownContent",$r.props={custom:Boolean};const rp=()=>f(Te,{name:"author"},()=>f("path",{d:"M649.6 633.6c86.4-48 147.2-144 147.2-249.6 0-160-128-288-288-288s-288 128-288 288c0 108.8 57.6 201.6 147.2 249.6-121.6 48-214.4 153.6-240 288-3.2 9.6 0 19.2 6.4 25.6 3.2 9.6 12.8 12.8 22.4 12.8h704c9.6 0 19.2-3.2 25.6-12.8 6.4-6.4 9.6-16 6.4-25.6-25.6-134.4-121.6-240-243.2-288z"}));rp.displayName="AuthorIcon";const op=()=>f(Te,{name:"calendar"},()=>f("path",{d:"M716.4 110.137c0-18.753-14.72-33.473-33.472-33.473-18.753 0-33.473 14.72-33.473 33.473v33.473h66.993v-33.473zm-334.87 0c0-18.753-14.72-33.473-33.473-33.473s-33.52 14.72-33.52 33.473v33.473h66.993v-33.473zm468.81 33.52H716.4v100.465c0 18.753-14.72 33.473-33.472 33.473a33.145 33.145 0 01-33.473-33.473V143.657H381.53v100.465c0 18.753-14.72 33.473-33.473 33.473a33.145 33.145 0 01-33.473-33.473V143.657H180.6A134.314 134.314 0 0046.66 277.595v535.756A134.314 134.314 0 00180.6 947.289h669.74a134.36 134.36 0 00133.94-133.938V277.595a134.314 134.314 0 00-133.94-133.938zm33.473 267.877H147.126a33.145 33.145 0 01-33.473-33.473c0-18.752 14.72-33.473 33.473-33.473h736.687c18.752 0 33.472 14.72 33.472 33.473a33.145 33.145 0 01-33.472 33.473z"}));op.displayName="CalendarIcon";const ip=()=>f(Te,{name:"category"},()=>f("path",{d:"M148.41 106.992h282.176c22.263 0 40.31 18.048 40.31 40.31V429.48c0 22.263-18.047 40.31-40.31 40.31H148.41c-22.263 0-40.311-18.047-40.311-40.31V147.302c0-22.263 18.048-40.31 40.311-40.31zM147.556 553.478H429.73c22.263 0 40.311 18.048 40.311 40.31v282.176c0 22.263-18.048 40.312-40.31 40.312H147.555c-22.263 0-40.311-18.049-40.311-40.312V593.79c0-22.263 18.048-40.311 40.31-40.311zM593.927 106.992h282.176c22.263 0 40.31 18.048 40.31 40.31V429.48c0 22.263-18.047 40.31-40.31 40.31H593.927c-22.263 0-40.311-18.047-40.311-40.31V147.302c0-22.263 18.048-40.31 40.31-40.31zM730.22 920.502H623.926c-40.925 0-74.22-33.388-74.22-74.425V623.992c0-41.038 33.387-74.424 74.425-74.424h222.085c41.038 0 74.424 33.226 74.424 74.067v114.233c0 10.244-8.304 18.548-18.547 18.548s-18.548-8.304-18.548-18.548V623.635c0-20.388-16.746-36.974-37.33-36.974H624.13c-20.585 0-37.331 16.747-37.331 37.33v222.086c0 20.585 16.654 37.331 37.126 37.331H730.22c10.243 0 18.547 8.304 18.547 18.547 0 10.244-8.304 18.547-18.547 18.547z"}));ip.displayName="CategoryIcon";const ap=()=>f(Te,{name:"print"},()=>f("path",{d:"M819.2 364.8h-44.8V128c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v236.8h-44.8C145.067 364.8 96 413.867 96 473.6v192c0 59.733 49.067 108.8 108.8 108.8h44.8V896c0 17.067 14.933 32 32 32h460.8c17.067 0 32-14.933 32-32V774.4h44.8c59.733 0 108.8-49.067 108.8-108.8v-192c0-59.733-49.067-108.8-108.8-108.8zM313.6 160h396.8v204.8H313.6V160zm396.8 704H313.6V620.8h396.8V864zM864 665.6c0 25.6-19.2 44.8-44.8 44.8h-44.8V588.8c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v121.6h-44.8c-25.6 0-44.8-19.2-44.8-44.8v-192c0-25.6 19.2-44.8 44.8-44.8h614.4c25.6 0 44.8 19.2 44.8 44.8v192z"}));ap.displayName="PrintIcon";const lp=()=>f(Te,{name:"tag"},()=>f("path",{d:"M939.902 458.563L910.17 144.567c-1.507-16.272-14.465-29.13-30.737-30.737L565.438 84.098h-.402c-3.215 0-5.726 1.005-7.634 2.913l-470.39 470.39a10.004 10.004 0 000 14.164l365.423 365.424c1.909 1.908 4.42 2.913 7.132 2.913s5.223-1.005 7.132-2.913l470.39-470.39c2.01-2.11 3.014-5.023 2.813-8.036zm-240.067-72.121c-35.458 0-64.286-28.828-64.286-64.286s28.828-64.285 64.286-64.285 64.286 28.828 64.286 64.285-28.829 64.286-64.286 64.286z"}));lp.displayName="TagIcon";const sp=()=>f(Te,{name:"timer"},()=>f("path",{d:"M799.387 122.15c4.402-2.978 7.38-7.897 7.38-13.463v-1.165c0-8.933-7.38-16.312-16.312-16.312H256.33c-8.933 0-16.311 7.38-16.311 16.312v1.165c0 5.825 2.977 10.874 7.637 13.592 4.143 194.44 97.22 354.963 220.201 392.763-122.204 37.542-214.893 196.511-220.2 389.397-4.661 5.049-7.638 11.651-7.638 19.03v5.825h566.49v-5.825c0-7.379-2.849-13.981-7.509-18.9-5.049-193.016-97.867-351.985-220.2-389.527 123.24-37.67 216.446-198.453 220.588-392.892zM531.16 450.445v352.632c117.674 1.553 211.787 40.778 211.787 88.676H304.097c0-48.286 95.149-87.382 213.728-88.676V450.445c-93.077-3.107-167.901-81.297-167.901-177.093 0-8.803 6.99-15.793 15.793-15.793 8.803 0 15.794 6.99 15.794 15.793 0 80.261 63.69 145.635 142.01 145.635s142.011-65.374 142.011-145.635c0-8.803 6.99-15.793 15.794-15.793s15.793 6.99 15.793 15.793c0 95.019-73.789 172.82-165.96 177.093z"}));sp.displayName="TimerIcon";const up=()=>f(Te,{name:"word"},()=>[f("path",{d:"M518.217 432.64V73.143A73.143 73.143 0 01603.43 1.097a512 512 0 01419.474 419.474 73.143 73.143 0 01-72.046 85.212H591.36a73.143 73.143 0 01-73.143-73.143z"}),f("path",{d:"M493.714 566.857h340.297a73.143 73.143 0 0173.143 85.577A457.143 457.143 0 11371.566 117.76a73.143 73.143 0 0185.577 73.143v339.383a36.571 36.571 0 0036.571 36.571z"})]);up.displayName="WordIcon";const pn=()=>{const e=be();return O(()=>e.value.metaLocales)};var y4=X({name:"AuthorInfo",inheritAttrs:!1,props:{author:{type:Array,required:!0}},setup(e){const t=pn(),n=ht();return()=>e.author.length?f("span",{class:"page-author-info","aria-label":`${t.value.author}${n.value?"":"🖊"}`,...n.value?{}:{"data-balloon-pos":"up"}},[f(rp),f("span",e.author.map(r=>r.url?f("a",{class:"page-author-item",href:r.url,target:"_blank",rel:"noopener noreferrer"},r.name):f("span",{class:"page-author-item"},r.name))),f("span",{property:"author",content:e.author.map(r=>r.name).join(", ")})]):null}}),b4=X({name:"CategoryInfo",inheritAttrs:!1,props:{category:{type:Array,required:!0}},setup(e){const t=pn(),n=rl(),r=ht();return()=>e.category.length?f("span",{class:"page-category-info","aria-label":`${t.value.category}${r.value?"":"🌈"}`,...r.value?{}:{"data-balloon-pos":"up"}},[f(ip),e.category.map(({name:o,path:i})=>f("span",{class:["page-category-item",{[`color${Pf(o,Number(Xo.colorNumber))}`]:!r.value,clickable:i}],role:i?"navigation":"",onClick:()=>{i&&n(i)}},o)),f("meta",{property:"articleSection",content:e.category.map(({name:o})=>o).join(",")})]):null}}),A4=X({name:"DateInfo",inheritAttrs:!1,props:{date:{type:Object,default:null},localizedDate:{type:String,default:""}},setup(e){const t=xd(),n=pn(),r=ht();return()=>e.date?f("span",{class:"page-date-info","aria-label":`${n.value.date}${r.value?"":"📅"}`,...r.value?{}:{"data-balloon-pos":"up"}},[f(op),f("span",{"data-allow-mismatch":"text"},e.localizedDate||e.date.toLocaleDateString(t.value)),f("meta",{property:"datePublished",content:e.date.toISOString()||""})]):null}}),T4=X({name:"OriginalInfo",inheritAttrs:!1,props:{isOriginal:Boolean},setup(e){const t=pn();return()=>e.isOriginal?f("span",{class:"page-original-info"},t.value.origin):null}}),x4=X({name:"ReadingTimeInfo",inheritAttrs:!1,props:{readingTime:{type:Object,default:()=>null},readingTimeLocale:{type:Object,default:()=>null}},setup(e){const t=pn(),n=ht(),r=O(()=>{if(!e.readingTime)return null;const{minutes:o}=e.readingTime;return o<1?"PT1M":`PT${Math.round(o)}M`});return()=>{var o,i;return(o=e.readingTimeLocale)!=null&&o.time?f("span",{class:"page-reading-time-info","aria-label":`${t.value.readingTime}${n.value?"":"⌛"}`,...n.value?{}:{"data-balloon-pos":"up"}},[f(sp),f("span",(i=e.readingTimeLocale)==null?void 0:i.time),f("meta",{property:"timeRequired",content:r.value})]):null}}}),P4=X({name:"TagInfo",inheritAttrs:!1,props:{tag:{type:Array,default:()=>[]}},setup(e){const t=pn(),n=rl(),r=ht();return()=>e.tag.length?f("span",{class:"page-tag-info","aria-label":`${t.value.tag}${r.value?"":"🏷"}`,...r.value?{}:{"data-balloon-pos":"up"}},[f(lp),e.tag.map(({name:o,path:i})=>f("span",{class:["page-tag-item",{[`color${Pf(o,Number(Xo.colorNumber))}`]:!r.value,clickable:i}],role:i?"navigation":"",onClick:()=>{i&&n(i)}},o)),f("meta",{property:"keywords",content:e.tag.map(({name:o})=>o).join(",")})]):null}}),O4=X({name:"ReadTimeInfo",inheritAttrs:!1,props:{readingTime:{type:Object,default:()=>null},readingTimeLocale:{type:Object,default:()=>null}},setup(e){const t=pn(),n=ht();return()=>{var r,o,i;return(r=e.readingTimeLocale)!=null&&r.words?f("span",{class:"page-word-info","aria-label":`${t.value.words}${n.value?"":"🔠"}`,...n.value?{}:{"data-balloon-pos":"up"}},[f(up),f("span",(o=e.readingTimeLocale)==null?void 0:o.words),f("meta",{property:"wordCount",content:(i=e.readingTime)==null?void 0:i.words})]):null}}}),C4=X({name:"PageInfo",components:{AuthorInfo:y4,CategoryInfo:b4,DateInfo:A4,OriginalInfo:T4,PageViewInfo:ho,ReadingTimeInfo:x4,TagInfo:P4,WordInfo:O4},props:{items:{type:[Array,Boolean],default:()=>["Author","Original","Date","PageView","ReadingTime","Category","Tag"]},info:{type:Object,required:!0}},setup(e){const t=ht();return()=>e.items?f("div",{class:"page-info"},e.items.map(n=>f(Rt(`${n}Info`),{...e.info,isPure:t.value}))):null}}),D4=X({name:"PrintButton",setup(){const e=wn(),t=be();return()=>e.value.print===!1?null:f("button",{type:"button",class:"print-button",title:t.value.metaLocales.print,onClick:()=>{window.print()}},f(ap))}}),I4=X({name:"TOC",props:{items:{type:Array,default:()=>[]},headerDepth:{type:Number,default:2}},slots:Object,setup(e,{slots:t}){const n=qt(),r=Ne(),o=pn(),[i,a]=zi(),l=Be(),s=te("-1.7rem"),u=d=>{var p;(p=l.value)==null||p.scrollTo({top:d,behavior:"smooth"})},c=()=>{if(l.value){const d=document.querySelector(".vp-toc-item.active");d?s.value=`${d.getBoundingClientRect().top-l.value.getBoundingClientRect().top+l.value.scrollTop}px`:s.value="-1.7rem"}else s.value="-1.7rem"};return Oe(()=>{se(()=>n.hash,d=>{if(l.value){const p=document.querySelector(`#toc a.vp-toc-link[href$="${d}"]`);if(!p)return;const{top:m,height:v}=l.value.getBoundingClientRect(),{top:y,height:E}=p.getBoundingClientRect();ym+v&&u(l.value.scrollTop+y+E-m-v)}}),se(()=>n.fullPath,c,{flush:"post",immediate:!0})}),()=>{var v,y;const d=({title:E,level:A,slug:T})=>f(_t,{to:`#${T}`,class:["vp-toc-link",`level${A}`],onClick:()=>{a()}},()=>E),p=(E,A)=>E.length&&A>0?f("ul",{class:"vp-toc-list"},E.map(T=>{const g=p(T.children,A-1);return[f("li",{class:["vp-toc-item",{active:n.hash===`#${T.slug}`}]},d(T)),g?f("li",g):null]})):null,m=e.items.length?p(e.items,e.headerDepth):r.value.headers?p(r.value.headers,e.headerDepth):null;return m?f("div",{class:"vp-toc-placeholder"},[f("aside",{id:"toc"},[(v=t.before)==null?void 0:v.call(t),f("div",{class:"vp-toc-header",onClick:()=>{a()}},[o.value.toc,f(D4),f("div",{class:["arrow",i.value?"down":"end"]})]),f("div",{class:["vp-toc-wrapper",i.value?"open":""],ref:l},[m,f("div",{class:"vp-toc-marker",style:{top:s.value}})]),(y=t.after)==null?void 0:y.call(t)])]):null}}}),cp=X({name:"SkipLink",props:{content:{type:String,default:"main-content"}},setup(e){const t=Ne(),n=be(),r=Be(),o=({target:i})=>{const a=document.querySelector(i.hash);if(a){const l=()=>{a.removeAttribute("tabindex"),a.removeEventListener("blur",l)};a.setAttribute("tabindex","-1"),a.addEventListener("blur",l),a.focus(),window.scrollTo(0,0)}};return Oe(()=>{se(()=>t.value.path,()=>r.value.focus())}),()=>[f("span",{ref:r,tabindex:"-1"}),f("a",{href:`#${e.content}`,class:"vp-skip-link sr-only",onClick:o},n.value.routeLocales.skipToContent)]}});let Pi=null,dr=null;const ia={wait:()=>Pi,pending:()=>{Pi=new Promise(e=>{dr=e})},resolve:()=>{dr==null||dr(),Pi=null,dr=null}},dp=(e,{slots:t})=>f(Gn,{name:"fade-slide-y",mode:"out-in",onBeforeEnter:ia.resolve,onBeforeLeave:ia.pending},()=>t.default());dp.displayName="FadeSlideY";const R4=(e,t)=>{const n=e.replace(t,"/").split("/"),r=[];let o=Sa(t);return n.forEach((i,a)=>{a!==n.length-1?(o+=`${i}/`,r.push({link:o,name:i||"Home"})):i!==""&&(o+=i,r.push({link:o,name:i}))}),r},Lu=(e,t)=>e===!1?e:$o(e)?{...e,link:Do(e.link,!0,t).link}:Fe(e)?Do(e,!0,t):null,aa=(e,t,n)=>{const r=e.findIndex(i=>i.link===t);if(r!==-1){const i=e[r+n];return i?i.link?i:"prefix"in i&&!Ut(i.prefix).notFound?{...i,link:i.prefix}:null:null}for(const i of e)if("children"in i){const a=aa(i.children,t,n);if(a)return a}const o=e.findIndex(i=>"prefix"in i&&i.prefix===t);if(o!==-1){const i=e[o+n];return i?i.link?i:"prefix"in i&&!Ut(i.prefix).notFound?{...i,link:i.prefix}:null:null}return null},S4=()=>{const e=Se(),t=be(),n=al(),r=qt(),o=O(()=>{const a=Lu(e.value.prev,r.path);return a===!1?null:a??(t.value.prevLink===!1?null:aa(n.value,r.path,-1))}),i=O(()=>{const a=Lu(e.value.next,r.path);return a===!1?null:a??(t.value.nextLink===!1?null:aa(n.value,r.path,1))});return{prevLink:o,nextLink:i}},la=(e,{slots:t})=>{var d,p;const{bgImage:n,bgImageDark:r,bgImageStyle:o,color:i,description:a,image:l,imageDark:s,header:u,features:c=[]}=e;return f("div",{class:"vp-feature-wrapper"},[n?f("div",{class:["vp-feature-bg",{light:r}],style:[{"background-image":`url(${n})`},o]}):null,r?f("div",{class:"vp-feature-bg dark",style:[{"background-image":`url(${r})`},o]}):null,f("div",{class:"vp-feature",style:i?{color:i}:{}},[((d=t.image)==null?void 0:d.call(t,e))??[l?f("img",{class:["vp-feature-image",{light:s}],src:$e(l),alt:""}):null,s?f("img",{class:"vp-feature-image dark",src:$e(s),alt:""}):null],((p=t.info)==null?void 0:p.call(t,e))??[u?f("h2",{class:"vp-feature-header"},u):null,a?f("p",{class:"vp-feature-description",innerHTML:a}):null],c.length?f("div",{class:"vp-features"},c.map(({icon:m,title:v,details:y,link:E})=>{const A=[f("h3",{class:"vp-feature-title"},[f(ze,{icon:m}),f("span",{innerHTML:v})]),f("p",{class:"vp-feature-details",innerHTML:y})];return E?Ra(E)?f("a",{class:"vp-feature-item link",href:E,"aria-label":v,target:"_blank"},A):f(_t,{class:"vp-feature-item link",to:E,"aria-label":v},()=>A):f("div",{class:"vp-feature-item"},A)})):null])])};la.displayName="FeaturePanel";var k4=X({name:"HeroInfo",slots:Object,setup(e,{slots:t}){const n=Se(),r=Uo(),o=O(()=>n.value.heroFullScreen??!1),i=O(()=>{const{heroText:u,tagline:c}=n.value;return{text:u??r.value.title??"Hello",tagline:c??r.value.description??"",isFullScreen:o.value}}),a=O(()=>{const{heroText:u,heroImage:c,heroImageDark:d,heroAlt:p,heroImageStyle:m}=n.value;return{image:c?$e(c):null,imageDark:d?$e(d):null,imageStyle:m,alt:p??u??"",isFullScreen:o.value}}),l=O(()=>{const{bgImage:u,bgImageDark:c,bgImageStyle:d}=n.value;return{image:Fe(u)?$e(u):null,imageDark:Fe(c)?$e(c):null,bgStyle:d,isFullScreen:o.value}}),s=O(()=>n.value.actions??[]);return()=>{var u,c,d;return f("header",{class:["vp-hero-info-wrapper",{fullscreen:o.value}]},[((u=t.bg)==null?void 0:u.call(t,l.value))??[l.value.image?f("div",{class:["vp-hero-mask",{light:l.value.imageDark}],style:[{"background-image":`url(${l.value.image})`},l.value.bgStyle]}):null,l.value.imageDark?f("div",{class:"vp-hero-mask dark",style:[{"background-image":`url(${l.value.imageDark})`},l.value.bgStyle]}):null],f("div",{class:"vp-hero-info"},[((c=t.logo)==null?void 0:c.call(t,a.value))??f(ft,{appear:!0,type:"group"},()=>{const{image:p,imageDark:m,imageStyle:v,alt:y}=a.value;return[p?f("img",{key:"light",class:["vp-hero-image",{light:m}],style:v,src:p,alt:y}):null,m?f("img",{key:"dark",class:"vp-hero-image dark",style:v,src:m,alt:y}):null]}),((d=t.info)==null?void 0:d.call(t,i.value))??f("div",{class:"vp-hero-infos"},[i.value.text?f(ft,{appear:!0,delay:.04},()=>f("h1",{id:"main-title",class:"vp-hero-title"},i.value.text)):null,i.value.tagline?f(ft,{appear:!0,delay:.08},()=>f("p",{id:"main-description",innerHTML:i.value.tagline})):null,s.value.length?f(ft,{appear:!0,delay:.12},()=>f("p",{class:"vp-hero-actions"},s.value.map(p=>f(Qe,{class:["vp-hero-action",p.type??"default","no-external-link-icon"],config:p},p.icon?{before:()=>f(ze,{icon:p.icon})}:{})))):null])])])}}});const fp=(e,{slots:t})=>{var p,m,v;const{bgImage:n,bgImageDark:r,bgImageStyle:o,color:i,description:a,image:l,imageDark:s,header:u,highlights:c=[],type:d="un-order"}=e;return f("div",{class:"vp-highlight-wrapper",style:i?{color:i}:{}},[n?f("div",{class:["vp-highlight-bg",{light:r}],style:[{"background-image":`url(${n})`},o]}):null,r?f("div",{class:"vp-highlight-bg dark",style:[{"background-image":`url(${r})`},o]}):null,f("div",{class:"vp-highlight"},[((p=t.image)==null?void 0:p.call(t,e))??[l?f("img",{class:["vp-highlight-image",{light:s}],src:$e(l),alt:""}):null,s?f("img",{class:"vp-highlight-image dark",src:$e(s),alt:""}):null],((m=t.info)==null?void 0:m.call(t,e))??[f("div",{class:"vp-highlight-info-wrapper"},f("div",{class:"vp-highlight-info"},[u?f("h2",{class:"vp-highlight-header",innerHTML:u}):null,a?f("p",{class:"vp-highlight-description",innerHTML:a}):null,((v=t.highlights)==null?void 0:v.call(t,c))??f(d==="order"?"ol":d==="no-order"?"dl":"ul",{class:"vp-highlights"},c.map(({icon:y,title:E,details:A,link:T})=>{const g=[f(d==="no-order"?"dt":"h3",{class:"vp-highlight-title"},[y?f(ze,{class:"vp-highlight-icon",icon:y}):null,f("span",{innerHTML:E})]),A?f(d==="no-order"?"dd":"p",{class:"vp-highlight-details",innerHTML:A}):null];return f(d==="no-order"?"div":"li",{class:["vp-highlight-item-wrapper",{link:T}]},T?Ra(T)?f("a",{class:"vp-highlight-item link",href:T,"aria-label":E,target:"_blank"},g):f(_t,{class:"vp-highlight-item link",to:T,"aria-label":E},()=>g):f("div",{class:"vp-highlight-item"},g))}))]))]])])};fp.displayName="HighlightPanel";var w4=X({name:"HomePage",slots:Object,setup(e,{slots:t}){const n=Se(),r=O(()=>{const{features:i}=n.value;return Ki(i)?i:null}),o=O(()=>{const{highlights:i}=n.value;return Ki(i)?i:null});return()=>{var i,a,l,s;return f("main",{id:"main-content",class:"vp-page vp-project-home","aria-labelledby":n.value.heroText===null?"":"main-title"},[(i=t.top)==null?void 0:i.call(t),f(k4),((a=o.value)==null?void 0:a.map(u=>"features"in u?f(la,u):f(fp,u)))??(r.value?f(ft,{appear:!0,delay:.24},()=>f(la,{features:r.value})):null),(l=t.center)==null?void 0:l.call(t),f(ft,{appear:!0,delay:.32},()=>f($r)),(s=t.bottom)==null?void 0:s.call(t)])}}}),L4=X({name:"BreadCrumb",setup(){const e=Ne(),t=Gt(),n=Se(),r=be(),o=Be([]),i=O(()=>(n.value.breadcrumb??r.value.breadcrumb??!0)&&o.value.length>1),a=O(()=>n.value.breadcrumbIcon??r.value.breadcrumbIcon??!0),l=()=>{const s=R4(e.value.path,t.value).map(({link:u,name:c})=>{const{path:d,meta:p,notFound:m}=Ut(u);return m||p[Dt.breadcrumbExclude]?null:{title:p[Dt.shortTitle]||p[Dt.title]||c,icon:p[Dt.icon],path:d}}).filter(u=>u!==null);s.length>1&&(o.value=s)};return Oe(()=>{se(()=>e.value.path,l,{immediate:!0})}),()=>f("nav",{class:["vp-breadcrumb",{disable:!i.value}]},i.value?f("ol",{vocab:"https://schema.org/",typeof:"BreadcrumbList"},o.value.map((s,u)=>f("li",{class:{"is-active":o.value.length-1===u},property:"itemListElement",typeof:"ListItem"},[f(_t,{to:s.path,property:"item",typeof:"WebPage"},()=>[a.value?f(ze,{icon:s.icon}):null,f("span",{property:"name"},s.title||"Unknown")]),f("meta",{property:"position",content:u+1})]))):[])}}),V4=X({name:"PageNav",setup(){const e=be(),t=rl(),{prevLink:n,nextLink:r}=S4();return De("keydown",o=>{o.altKey&&(o.key==="ArrowRight"?r.value&&(t(r.value.link),o.preventDefault()):o.key==="ArrowLeft"&&n.value&&(t(n.value.link),o.preventDefault()))}),()=>n.value||r.value?f("nav",{class:"vp-page-nav"},[n.value?f(Qe,{class:"prev",config:n.value},()=>{var o,i;return[f("div",{class:"hint"},[f("span",{class:"arrow start"}),e.value.metaLocales.prev]),f("div",{class:"link"},[f(ze,{icon:(o=n.value)==null?void 0:o.icon}),(i=n.value)==null?void 0:i.text])]}):null,r.value?f(Qe,{class:"next",config:r.value},()=>{var o,i;return[f("div",{class:"hint"},[e.value.metaLocales.next,f("span",{class:"arrow end"})]),f("div",{class:"link"},[(o=r.value)==null?void 0:o.text,f(ze,{icon:(i=r.value)==null?void 0:i.icon})])]}):null]):null}});const F4=()=>{const e=be(),t=Ne(),n=Se();return O(()=>{var r;return n.value.contributors??e.value.contributors??!0?((r=t.value.git)==null?void 0:r.contributors)??null:null})},M4={GitHub:":repo/edit/:branch/:path",GitLab:":repo/-/edit/:branch/:path",Gitee:":repo/edit/:branch/:path",Bitbucket:":repo/src/:branch/:path?mode=edit&spa=0&at=:branch&fileviewer=file-view-default"},N4=({docsRepo:e,docsBranch:t,docsDir:n,filePathRelative:r,editLinkPattern:o})=>{if(!r)return null;const i=Qa(e);let a;return o?a=o:i!==null&&(a=M4[i]),a?a.replace(/:repo/u,qr(e)?e:`https://github.com/${e}`).replace(/:branch/u,t).replace(/:path/u,nd(`${Sa(n)}/${r}`)):null},$4=()=>{const e=be(),t=Ne(),n=Se();return O(()=>{const{repo:r,docsRepo:o=r,docsBranch:i="main",docsDir:a="",editLink:l,editLinkPattern:s=""}=e.value;if(!(n.value.editLink??l??!0)||!o)return null;const u=N4({docsRepo:o,docsBranch:i,docsDir:a,editLinkPattern:s,filePathRelative:t.value.filePathRelative});return u?{text:e.value.metaLocales.editLink,link:u}:null})},B4=()=>{const e=Uo(),t=be(),n=Ne(),r=Se();return O(()=>{var o,i;return!(r.value.lastUpdated??t.value.lastUpdated??!0)||!((o=n.value.git)!=null&&o.updatedTime)?null:new Date((i=n.value.git)==null?void 0:i.updatedTime).toLocaleString(e.value.lang)})};var H4=X({name:"PageTitle",setup(){const e=Ne(),t=Se(),n=be(),{info:r,items:o}=GE();return()=>f("div",{class:"vp-page-title"},[f("h1",[n.value.titleIcon===!1?null:f(ze,{icon:t.value.icon}),e.value.title]),f(C4,{info:r.value,...o.value===null?{}:{items:o.value}}),f("hr")])}});const pp=()=>f(Te,{name:"edit"},()=>[f("path",{d:"M430.818 653.65a60.46 60.46 0 0 1-50.96-93.281l71.69-114.012 7.773-10.365L816.038 80.138A60.46 60.46 0 0 1 859.225 62a60.46 60.46 0 0 1 43.186 18.138l43.186 43.186a60.46 60.46 0 0 1 0 86.373L588.879 565.55l-8.637 8.637-117.466 68.234a60.46 60.46 0 0 1-31.958 11.229z"}),f("path",{d:"M728.802 962H252.891A190.883 190.883 0 0 1 62.008 771.98V296.934a190.883 190.883 0 0 1 190.883-192.61h267.754a60.46 60.46 0 0 1 0 120.92H252.891a69.962 69.962 0 0 0-69.098 69.099V771.98a69.962 69.962 0 0 0 69.098 69.098h475.911A69.962 69.962 0 0 0 797.9 771.98V503.363a60.46 60.46 0 1 1 120.922 0V771.98A190.883 190.883 0 0 1 728.802 962z"})]);pp.displayName="EditIcon";var U4=X({name:"PageMeta",setup(){const e=be(),t=$4(),n=B4(),r=F4();return()=>{var i;const{metaLocales:o}=e.value;return f("footer",{class:"vp-page-meta"},[t.value?f("div",{class:"vp-meta-item edit-link"},f(Qe,{class:"vp-meta-label",config:t.value},{before:()=>f(pp)})):null,f("div",{class:"vp-meta-item git-info"},[n.value?f("div",{class:"update-time"},[f("span",{class:"vp-meta-label"},`${o.lastUpdated}: `),f("span",{class:"vp-meta-info","data-allow-mismatch":"text"},n.value)]):null,(i=r.value)!=null&&i.length?f("div",{class:"contributors"},[f("span",{class:"vp-meta-label"},`${o.contributors}: `),r.value.map(({email:a,name:l},s)=>[f("span",{class:"vp-meta-info",title:`email: ${a}`},l),s!==r.value.length-1?",":""])]):null])])}}}),j4=X({name:"NormalPage",slots:Object,setup(e,{slots:t}){const n=Se(),{isDarkmode:r}=Jr(),o=be(),i=O(()=>n.value.toc??o.value.toc??!0),a=O(()=>n.value.headerDepth??o.value.headerDepth??2);return()=>f("main",{id:"main-content",class:"vp-page"},f(St("LocalEncrypt")?Rt("LocalEncrypt"):Ja,()=>{var l,s,u,c;return[(l=t.top)==null?void 0:l.call(t),n.value.cover?f("div",{class:"page-cover"},f("img",{src:$e(n.value.cover),alt:"","no-view":""})):null,f(L4),f(H4),i.value?f(I4,{headerDepth:a.value},{before:t.tocBefore?()=>t.tocBefore():null,after:t.tocAfter?()=>t.tocAfter():null}):null,(s=t.contentBefore)==null?void 0:s.call(t),f($r),(u=t.contentAfter)==null?void 0:u.call(t),f(U4),f(V4),St("CommentService")?f(Rt("CommentService"),{darkmode:r.value}):null,(c=t.bottom)==null?void 0:c.call(t)]}))}}),z4=X({name:"PortfolioHero",slots:Object,setup(e,{slots:t}){const n=Nf(),r=Se(),o=te(0),i=O(()=>{var p;return((p=r.value.titles)==null?void 0:p[o.value])??""}),a=te(""),l=O(()=>{const{name:p,avatar:m,avatarDark:v,avatarAlt:y,avatarStyle:E}=r.value;return{name:p??n.value.name,avatar:m?$e(m):null,avatarDark:v?$e(v):null,avatarStyle:E,alt:(y||p)??""}}),s=O(()=>{const{bgImage:p,bgImageDark:m,bgImageStyle:v}=r.value;return{image:Fe(p)?$e(p):null,imageDark:Fe(m)?$e(m):null,bgStyle:v}}),u=O(()=>{const{welcome:p,name:m,titles:v,medias:y}=r.value;return{name:m??n.value.name,welcome:p??"👋 Hi There, I'm",title:a.value,titles:v??[],medias:y??[]}}),c=()=>{a.value="";let p=0,m=!1;const v=async()=>{if(!m)if(a.value+=i.value[p],p+=1,await Kt(),p{v()},150);else{const y=u.value.titles.length;setTimeout(()=>{o.value=y<=1||o.value===u.value.titles.length-1?0:o.value+1},1e3)}};return v(),()=>{m=!0}};let d;return Oe(()=>{se(i,()=>{d==null||d(),d=c()},{immediate:!0})}),()=>{var p,m,v;return f("section",{id:"portfolio",class:["vp-portfolio",{bg:s.value.image}]},[((p=t.bg)==null?void 0:p.call(t,s.value))??[s.value.image?f("div",{class:["vp-portfolio-mask",{light:s.value.imageDark}],style:[{background:`url(${s.value.image}) center/cover no-repeat`},s.value.bgStyle]}):null,s.value.imageDark?f("div",{class:"vp-portfolio-mask dark",style:[{background:`url(${s.value.imageDark}) center/cover no-repeat`},s.value.bgStyle]}):null],((m=t.avatar)==null?void 0:m.call(t,l.value))??f("div",{class:"vp-portfolio-avatar"},[f(ft,{delay:.04},()=>{const{avatarDark:y,name:E,alt:A,avatarStyle:T}=l.value;return[f("img",{key:"light",class:{light:y},src:l.value.avatar,title:E,alt:A,style:T}),y?f("img",{key:"dark",class:"dark",src:y,title:E,alt:A,style:T}):null]})]),f("div",{class:"vp-portfolio-container"},((v=t.info)==null?void 0:v.call(t,u.value))??f("div",{class:"vp-portfolio-info"},[f(ft,{appear:!0,delay:.08},()=>f("h6",{class:"vp-portfolio-welcome"},u.value.welcome)),f(ft,{appear:!0,delay:.12},()=>f("h1",{class:"vp-portfolio-name",id:"main-title"},u.value.name)),f(ft,{appear:!0,delay:.16},()=>f("h2",{class:"vp-portfolio-title"},a.value)),f(ft,{appear:!0,delay:.2},()=>u.value.medias.length?f("div",{class:"vp-portfolio-medias"},u.value.medias.map(({name:y,url:E,icon:A})=>f("a",{class:"vp-portfolio-media",href:E,rel:"noopener noreferrer",target:"_blank",title:y},f(ze,{icon:A})))):St("SocialMedias")?f(Rt("SocialMedias")):null)]))])}}}),K4=X({name:"PortfolioHome",setup(){const e=Se(),t=O(()=>e.value.content??"portfolio");return()=>f("main",{id:"main-content",class:"vp-page vp-portfolio-home","aria-labelledby":"main-title"},[f(z4),t.value==="none"?null:f("div",{},f(ft,{appear:!0,delay:.24},()=>f($r,{class:{"vp-portfolio-content":t.value==="portfolio"}})))])}}),W4=X({name:"Layout",slots:Object,setup(e,{slots:t}){be();const n=Ne(),r=Se(),o=ht(),{isMobile:i}=Jo(),a=O(()=>"none");return()=>[f(cp),f(np,{},{default:()=>{var l;return((l=t.default)==null?void 0:l.call(t))??(r.value.portfolio?f(K4):r.value.home?f(w4):f(o.value?Ja:dp,()=>f(j4,{key:n.value.path},{top:t.top?()=>t.top():null,bottom:t.bottom?()=>t.bottom():null,contentBefore:t.contentBefore?()=>t.contentBefore():null,contentAfter:t.contentAfter?()=>t.contentAfter():null,tocBefore:t.tocBefore?()=>t.tocBefore():null,tocAfter:t.tocAfter?()=>t.tocAfter():null})))},navScreenBottom:a.value==="none"&&St("BloggerInfo")?()=>f(Rt("BloggerInfo")):null,sidebar:!i.value&&a.value==="always"&&St("BloggerInfo")?()=>f(Rt("BloggerInfo")):null})]}}),q4=X({name:"NotFoundHint",setup(){const e=be(),t=()=>{const n=e.value.routeLocales.notFoundMsg;return n[Math.floor(Math.random()*n.length)]};return()=>f("div",{class:"not-found-hint"},[f("p",{class:"error-code"},"404"),f("h1",{class:"error-title"},e.value.routeLocales.notFoundTitle),f("p",{class:"error-hint"},t())])}}),G4=X({name:"NotFound",slots:Object,setup(e,{slots:t}){const n=Rn(),r=Gt(),o=be();return()=>[f(cp),f(np,{noSidebar:!0},()=>{var i;return f("main",{id:"main-content",class:"vp-page not-found"},((i=t.default)==null?void 0:i.call(t))??[f(q4),f("div",{class:"actions"},[f("button",{type:"button",class:"action-button",onClick:()=>{window.history.go(-1)}},o.value.routeLocales.back),f("button",{type:"button",class:"action-button",onClick:()=>{n.push(o.value.home??r.value)}},o.value.routeLocales.home)])])})]}});Z_(e=>{const t=e.t,n=e.I!==!1,r=e.i;return n?{title:t,content:r?()=>[f(ze,{icon:r}),t]:null,order:e.O,index:e.I}:null});const Y4={enhance:({app:e,router:t})=>{const{scrollBehavior:n}=t.options;t.options.scrollBehavior=async(...r)=>(await ia.wait(),n(...r)),n4(e),e.component("HopeIcon",ze)},setup:()=>{r4(),ZE()},layouts:{Layout:W4,NotFound:G4}},X4=Object.freeze(Object.defineProperty({__proto__:null,default:Y4},Symbol.toStringTag,{value:"Module"})),uo=[i_,a_,K_,Q_,ig,ug,hg,C2,L2,F2,M2,N2,U2,K2,RE,FE,X4].map(e=>e.default).filter(Boolean),J4=JSON.parse('{"base":"/","lang":"en-US","title":"","description":"","head":[["link",{"rel":"icon","href":"/photos/home/logo-small.svg"}]],"locales":{}}');var vr=Be(J4),Q4=p0,Z4=()=>{const e=q0({history:Q4(Sa("/")),routes:[{name:"vuepress-route",path:"/:catchAll(.*)",components:{}}],scrollBehavior:(t,n,r)=>r||(t.hash?{el:t.hash}:{top:0})});return e.beforeResolve(async(t,n)=>{if(t.path!==n.path||n===Mt){const r=Ut(t.fullPath);if(r.path!==t.fullPath)return r.path;const o=await r.loader();t.meta={...r.meta,_pageChunk:o}}else t.path===n.path&&(t.meta=n.meta)}),e},ey=e=>{e.component("ClientOnly",Dd),e.component("Content",Id),e.component("RouteLink",_t)},ty=(e,t,n)=>{const r=O(()=>t.currentRoute.value.path),o=tc((E,A)=>({get(){return E(),t.currentRoute.value.meta._pageChunk},set(T){t.currentRoute.value.meta._pageChunk=T,A()}})),i=O(()=>_n.resolveLayouts(n)),a=O(()=>_n.resolveRouteLocale(vr.value.locales,r.value)),l=O(()=>_n.resolveSiteLocaleData(vr.value,a.value)),s=O(()=>o.value.comp),u=O(()=>o.value.data),c=O(()=>u.value.frontmatter),d=O(()=>_n.resolvePageHeadTitle(u.value,l.value)),p=O(()=>_n.resolvePageHead(d.value,c.value,l.value)),m=O(()=>_n.resolvePageLang(u.value,l.value)),v=O(()=>_n.resolvePageLayout(u.value,i.value)),y={layouts:i,pageData:u,pageComponent:s,pageFrontmatter:c,pageHead:p,pageHeadTitle:d,pageLang:m,pageLayout:v,redirects:Ui,routeLocale:a,routePath:r,routes:zn,siteData:vr,siteLocaleData:l};return e.provide(La,y),Object.defineProperties(e.config.globalProperties,{$frontmatter:{get:()=>c.value},$head:{get:()=>p.value},$headTitle:{get:()=>d.value},$lang:{get:()=>m.value},$page:{get:()=>u.value},$routeLocale:{get:()=>a.value},$site:{get:()=>vr.value},$siteLocale:{get:()=>l.value},$withBase:{get:()=>$e}}),y},ny=([e,t,n=""])=>{const r=Object.entries(t).map(([l,s])=>Fe(s)?`[${l}=${JSON.stringify(s)}]`:s?`[${l}]`:"").join(""),o=`head > ${e}${r}`;return Array.from(document.querySelectorAll(o)).find(l=>l.innerText===n)??null},ry=([e,t,n])=>{if(!Fe(e))return null;const r=document.createElement(e);return $o(t)&&Object.entries(t).forEach(([o,i])=>{Fe(i)?r.setAttribute(o,i):i&&r.setAttribute(o,"")}),Fe(n)&&r.appendChild(document.createTextNode(n)),r},oy=()=>{const e=X0(),t=xd();let n=[];const r=()=>{e.value.forEach(a=>{const l=ny(a);l&&n.push(l)})},o=()=>{const a=[];return e.value.forEach(l=>{const s=ry(l);s&&a.push(s)}),a},i=()=>{document.documentElement.lang=t.value;const a=o();n.forEach((l,s)=>{const u=a.findIndex(c=>l.isEqualNode(c));u===-1?(l.remove(),delete n[s]):a.splice(u,1)}),a.forEach(l=>document.head.appendChild(l)),n=[...n.filter(l=>!!l),...a]};xn(Z0,i),Oe(()=>{r(),se(e,i,{immediate:!1})})},iy=mv,ay=async()=>{var r;const e=iy({name:"Vuepress",setup(){var a;oy();for(const l of uo)(a=l.setup)==null||a.call(l);const o=uo.flatMap(({rootComponents:l=[]})=>l.map(s=>f(s))),i=J0();return()=>[f(i.value),o]}}),t=Z4();ey(e);const n=ty(e,t,uo);{const{setupDevtools:o}=await h(async()=>{const{setupDevtools:i}=await import("./setupDevtools-7MC2TMWH-CFab8NJr.js");return{setupDevtools:i}},[]);o(e,n)}for(const o of uo)await((r=o.enhance)==null?void 0:r.call(o,{app:e,router:t,siteData:vr}));return e.use(t),{app:e,router:t}};ay().then(({app:e,router:t})=>{t.isReady().then(()=>{e.mount("#app")})});export{Be as A,Oe as B,Lf as C,mE as D,rr as E,cy as F,$o as G,sE as H,cE as I,Sd as J,Co as K,Fe as L,el as P,_t as R,uy as a,$c as b,sy as c,ay as createVueApp,Bc as d,Le as e,Dm as f,X as g,Rn as h,Gt as i,kn as j,Ur as k,te as l,O as m,De as n,ly as o,f as p,Sf as q,Rt as r,N1 as s,Vo as t,S_ as u,uE as v,se as w,aE as x,lE as y,Ne as z}; diff --git a/assets/architecture.html-C-MxvfKL.js b/assets/architecture.html-C-MxvfKL.js new file mode 100644 index 000000000..848df7a3c --- /dev/null +++ b/assets/architecture.html-C-MxvfKL.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as i,o as s}from"./app-BIWb5uIp.js";const r="/photos/info/architecture/architecture1.png",n="/photos/info/architecture/architecture.svg",o="/photos/info/architecture/architecture-dark.svg",c="/photos/info/architecture/fhir-server.svg",h="/photos/info/architecture/fhir-server-dark.svg",d="/photos/info/architecture/bpe-light.svg",l="/photos/info/architecture/bpe-dark.svg",p="/photos/info/architecture/star.png",u="/photos/info/architecture/mesh.png",m={};function g(f,e){return s(),a("div",null,e[0]||(e[0]=[i('

The Data Sharing Framework implements a distributed business process engine based on the BPMN 2.0 and FHIR R4 standards. Every participating organisation (e.g. ORG. A) runs a FHIR endpoint accessible by other sites and a business process engine (BPE) in the local secured network. Once the DSF has been installed in an organisation, it can be used for multiple use cases.

Simplified DSF Architecture
Simplified DSF Architecture

The following architecture diagram also shows three organisations, each of which has installed the DSF. The FHIR endpoint (green) is located in a demilitarised zone (DMZ) and is accessible from outside for communication with other organisations. It can be compared to a mailbox. The Business Process Engine (BPE - blue) is located in the intranet of an organisation and is responsible for the execution of processes. The metaphor: control centre helps here.

DSF Architecture
DSF Architecture

DSF FHIR Server 📫

As mentioned above, the externally accessible DSF FHIR server acts as a mailbox for communication. This means that an organisation creates a task resource in its DSF and drops the task resource (letters) into the mailbox of another organisation, requesting that something happen. Task resources have been explained in more detail in the section Basics and Standards.
It is important to understand that the DSF FHIR server is not used for persisting medical data.

DSF FHIR Server
DSF FHIR Server

Business Process Engine (BPE)

The BPE located in the secure internal network executes the processes (BPMN/Java). The BPE is deployed in the internal network and has access to the local systems, such as the organisation's own FHIR server, on which medical data is stored. These FHIR servers are not to be confused with the DSF FHIR server, on which no medical data is persisted.
Different processes can be executed simultaneously. For this, only a new process plugin file has to be added and configured. More about this in the Process Plugins.

BPE
BPE

The DSF BPE uses websocket (WSS) and webservice (HTTPS) connections to communicate with the DSF FHIR server. FHIR resources are created, read, updated and deleted via HTTP requests against the FHIR webservice API. The FHIR subscription mechanism is used to communicate Task resources with status 'requested' and QuestionnaireResponse resources with status 'completed' to the BPE via websockets. When the BPE starts and before the websocket connections are established, 'requested' Task resources and 'completed' QuestionnaireResponse not seen by the BPE are read via webservice requests.

Flexible Deployment

The deployment of the architecture is flexible. The organisations can be deployed as a star schema (left) or as a mesh schema (right). In the Star schema (left), all Data Integration Centres (DIC) are connected to a central node (CRR - Central Research Repository), which transfers the information to all nodes (DIC). For security reasons, a data transfer hub (DTH) is connected upstream, which provides additional security so that the medical data is never transferred together with the authenticating data.

In the mesh scheme (right), the nodes (DIC) are all directly connected to each other and the information is transferred from node to node. Here in the FDPG (Forschungsdatenportal - Research Data Portal), the data can then be accessed for research purposes. More about this here.

Star schema Mesh schema

Network Setup & Additional Reverse Proxy in external DMZ

You can find more information about the network setup here

',20)]))}const y=t(m,[["render",g],["__file","architecture.html.vue"]]),F=JSON.parse('{"path":"/intro/info/architecture.html","title":"Architecture","lang":"en-US","frontmatter":{"title":"Architecture","icon":"structure","gitInclude":[]},"headers":[{"level":2,"title":"DSF FHIR Server 📫","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":2,"title":"Business Process Engine (BPE)","slug":"business-process-engine-bpe","link":"#business-process-engine-bpe","children":[]},{"level":2,"title":"Flexible Deployment","slug":"flexible-deployment","link":"#flexible-deployment","children":[]},{"level":2,"title":"Network Setup & Additional Reverse Proxy in external DMZ","slug":"network-setup-additional-reverse-proxy-in-external-dmz","link":"#network-setup-additional-reverse-proxy-in-external-dmz","children":[]}],"readingTime":{"minutes":1.94,"words":582},"filePathRelative":"intro/info/architecture.md","excerpt":"

The Data Sharing Framework implements a distributed business process engine based on the BPMN 2.0 and FHIR R4 standards. Every participating organisation (e.g. ORG. A) runs a FHIR endpoint accessible by other sites and a business process engine (BPE) in the local secured network. Once the DSF has been installed in an organisation, it can be used for multiple use cases.

"}');export{y as comp,F as data}; diff --git a/assets/authentication.html-6LTSdQiG.js b/assets/authentication.html-6LTSdQiG.js new file mode 100644 index 000000000..67a2301e9 --- /dev/null +++ b/assets/authentication.html-6LTSdQiG.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as n}from"./app-BIWb5uIp.js";const a={};function s(o,e){return n(),i("div",null,e[0]||(e[0]=[r('

Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.

A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf

Certificate Requests

FHIR Endpoint

  • Purpose: Server certificate to authenticate the FHIR endpoint on the local network and against other organizations
  • Certificate profile:
    • DFN-PKI Global G2 via DFN e.V.: Web Server
    • D-Trust via TMF e.V.: Advanced SSL ID
    • GÉANT TCS via DFN e.V.: Web Server
  • Common name: FQDN of the server used while accessing from other organizations (external FQDN)
  • Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)

Business Process Engine Server

  • Purpose: Client certificate to authenticate against remote FHIR endpoints (when either the BPE Server or the FHIR Endpoint Server is acting as a client), server certificate to authenticate the business process engine server on the local network
  • Certificate profile:
    • DFN-PKI Global G2 via DFN e.V.: 802.1X Client
    • D-Trust via TMF e.V.: Basic Team ID
    • GÉANT TCS via DFN e.V.: Web Server
  • Common name: FQDN of the server used while accessing from the local network (local FQDN)
',7)]))}const d=t(a,[["render",s],["__file","authentication.html.vue"]]),f=JSON.parse('{"path":"/oldstable/generalinformation/authentication.html","title":"Authentication","lang":"en-US","frontmatter":{"title":"Authentication","icon":"lock","gitInclude":[]},"headers":[{"level":2,"title":"Certificate Requests","slug":"certificate-requests","link":"#certificate-requests","children":[{"level":3,"title":"FHIR Endpoint","slug":"fhir-endpoint","link":"#fhir-endpoint","children":[]},{"level":3,"title":"Business Process Engine Server","slug":"business-process-engine-server","link":"#business-process-engine-server","children":[]}]}],"readingTime":{"minutes":0.94,"words":282},"filePathRelative":"oldstable/generalinformation/authentication.md","excerpt":"

Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.

"}');export{d as comp,f as data}; diff --git a/assets/basics.html-TQpBZp3U.js b/assets/basics.html-TQpBZp3U.js new file mode 100644 index 000000000..7911825ab --- /dev/null +++ b/assets/basics.html-TQpBZp3U.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a,o as s}from"./app-BIWb5uIp.js";const i="/photos/info/basics/interoperability.png",r="/photos/info/basics/bpmn1.png",o="/photos/info/basics/bpmn2.png",h={};function d(l,e){return s(),n("div",null,e[0]||(e[0]=[a('

Here you can find some basic information about interoperability and the standards were using within the DSF before we go into details about the architecture. Here we only describe how the standards (FHIR and BPMN) are used within the DSF. If you want to gain a deeper knowledge of the standards, we recommend visiting these websites: HL7 FHIR and BPMN

Interoperability

Interoperability is the ability of different systems to work together as seamlessly as possible. We can divide interoperability into four levels.

  • The foundational level defines the basic interconnectivity requirements which are necessary for a system or application to securely transmit data to and receive data from another system or application. Techniques such as HTTPS or REST are used for this.
  • The second level is the structural level. It defines the format and the syntax of the data exchange. Therefore, data formats like JSON or XML can be used.
  • The semantic level ensures the correct interpretation of the contents of the exchanged data between the different systems. Therefore, information models as FHIR or CDA or medical terminology systems like SNOMED CT or ICD can be used.
  • The final level, the organizational level, includes policy, social, legal and organizational aspects that enable secure, seamless and timely communication and use of data both within and between organizations. And importantly, these components enable shared consent, trust and integrated end-user processes and workflows.
Levels of interoperability
Levels of interoperability

HL7 FHIR 🔥

HL7 FHIR is a standard for data exchange that can be used as an information model for communication within and between systems. The standard is based on resources, references and profiles. With this concept, FHIR offers interoperability out of the box. The resources describe data formats. 150 specified resources cover the entire health system. An example of a resource would be a patient, which consists of data such as name or gender. These resources can refer to other resources by means of references. This connects the information units into a network. For seamless exchange of information, FHIR supports RESTful architectures and web standards such as XML or JSON, which makes it easier for developers to use FHIR.
The FHIR profiles can be understood as a set of rules. They explain, for example, which attributes must be mandatorily specified or which terminology may be used. In addition, profiles and controlled vocabulary can be validated.

BPMN

Business Process Modelling Notation is a modelling language that can be used to model and implement processes. The models can be used for the documentation of processes and for communication between different stakeholders. Furthermore, BPMN forms a standardised bridge between process design and process implementation. This is because it simplifies implementation. These processes are executed by a Business Process Engine. Basically, a BPE is a server that can read and execute the business process. More about this in the section on architecture.

Example of a BPMN model (Ping-Pong-Process of the DSF)
Example of a BPMN model (Ping-Pong-Process of the DSF)

Why are we using FHIR and BPMN?

On the one hand we use FHIR because of the mentioned benefits. On the other hand FHIR fits great with BPMN and these two in combination are a great fit for what we do:
Execute distributed data sharing Processes.

We do not need all 150 FHIR resources. The following FHIR resources are the ones we need and have implemented: ActivityDefinition, Binary, Bundle, CodeSystem, DocumentReference, Endpoint, Group, Library, Measure, MeasureReport, NamingSystem, Organization, Questionnaire, QuestionnaireResponse, ResearchStudy, StructureDefinition, Subscription, Task and ValueSet.

Don't worry, it is not important to understand them all now. But to understand why we use FHIR and BPMN, it is important to look at the ActivityDefinition and TaskResources on the FHIR side and the Message Events on the BPMN side.
In the following picture you can see parts of BPMN. These Message Events enable the communication between different organizations. Every time there is a Message Event between two business processes, there is a corresponding TaskResource on the FHIR side. When one organization sends a message for example “do some work” to another organization or when we send a message to ourselves to start or continue a process, we do this by creating a FHIR TaskResource with the status “requested”. After that the Business Process Engine starts the work and the status switches to “in-progress” and if the work is done to “completed” or if there is a problem to “failed”.

The ActivityDefinition is needed to publish what can be done in an instance. That means the ActivityDefinition contains the process description with the authorisation who is allowed to send a message.

BPMN MessageEvents
BPMN MessageEvents
',16)]))}const p=t(h,[["render",d],["__file","basics.html.vue"]]),f=JSON.parse('{"path":"/intro/info/basics.html","title":"Basics and Standards","lang":"en-US","frontmatter":{"title":"Basics and Standards","icon":"study","gitInclude":[]},"headers":[{"level":2,"title":"Interoperability","slug":"interoperability","link":"#interoperability","children":[]},{"level":2,"title":"HL7 FHIR 🔥","slug":"hl7-fhir","link":"#hl7-fhir","children":[]},{"level":2,"title":"BPMN","slug":"bpmn","link":"#bpmn","children":[]},{"level":2,"title":"Why are we using FHIR and BPMN?","slug":"why-are-we-using-fhir-and-bpmn","link":"#why-are-we-using-fhir-and-bpmn","children":[]}],"readingTime":{"minutes":2.59,"words":778},"filePathRelative":"intro/info/basics.md","excerpt":"

Here you can find some basic information about interoperability and the standards were using within the DSF before we go into details about the architecture. Here we only describe how the standards (FHIR and BPMN) are used within the DSF. If you want to gain a deeper knowledge of the standards, we recommend visiting these websites: HL7 FHIR and BPMN

"}');export{p as comp,f as data}; diff --git a/assets/bpe.html-xUo025DH.js b/assets/bpe.html-xUo025DH.js new file mode 100644 index 000000000..8c138e664 --- /dev/null +++ b/assets/bpe.html-xUo025DH.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),r("div",null,e[0]||(e[0]=[i('

Parameters BPE Server

Please also check common parameters for additional configuration options.

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_server_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.bpe.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',118)]))}const c=s(o,[["render",l],["__file","bpe.html.vue"]]),p=JSON.parse('{"path":"/v1.0.0/maintain/configuration/bpe.html","title":"Parameters BPE Server","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-bpe-fhir-server-organization-identifier-value","link":"#dev-dsf-bpe-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":5.96,"words":1789},"filePathRelative":"v1.0.0/maintain/configuration/bpe.md","excerpt":"\\n

Please also check common parameters for additional configuration options.

\\n

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

\\n
    \\n
  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • \\n
  • Required: No
    • \\n
  • Description: To force liquibase to unlock the migration lock set to true
    • \\n
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • \\n
  • Default: false
    • \\n
"}');export{c as comp,p as data}; diff --git a/assets/build.html-CKvxinw6.js b/assets/build.html-CKvxinw6.js new file mode 100644 index 000000000..6aeca4d14 --- /dev/null +++ b/assets/build.html-CKvxinw6.js @@ -0,0 +1,11 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as t,o as a}from"./app-BIWb5uIp.js";const r={};function n(l,e){return a(),s("div",null,e[0]||(e[0]=[t(`

Build Project

Prerequisite: Java 11, Maven 3.6, Docker

mvn install

Manual Integration Testing (without Docker)

Prerequisite: Java 11, Maven 3.6, PostgreSQL 11

  • Build the entire project from the root directory of the repository
    mvn install
  • Install PostgreSQL 11 (localhost:5432)
  • Add DB User liquibase_user
    CREATE USER liquibase_user WITH LOGIN NOSUPERUSER INHERIT CREATEDB CREATEROLE NOREPLICATION
+PASSWORD 'fLp6ZSd5QrMAkGZMjxqXjmcWrTfa3Dn8fA57h92Y';
  • Create Databases fhir and bpe with owner liquibase_user
    CREATE DATABASE bpe OWNER liquibase_user;
+CREATE DATABASE fhir OWNER liquibase_user;
  • Start org.highmed.dsf.fhir.FhirJettyServerHttps from your IDE with execution folder: .../highmed-dsf/dsf-fhir/dsf-fhir-server-jetty
  • Start org.highmed.dsf.bpe.BpeJettyServerHttps from your IDE with execition folder: .../highmed-dsf/dsf-bpe/dsf-bpe-server-jetty
  • To access the FHIR endpoint (https://localhost:8001/fhir/...) and BPE rest interface (https://localhost:8002/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for "Webbrowser Test User" and the "Test CA" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.

Manual Integration Testing (local with Docker)

Prerequisite: Java 11, Maven 3.6, Docker 18

  • Build the entire project from the root directory of this repository
    mvn install
  • Build docker images
    • Windows: in the .../dsf-docker-test-setup folder execute
      docker-build.bat
    • Unix/Linux: in the .../dsf-docker-test-setup folder execute
      docker-build.sh
  • Start docker containers
    • To start the FHIR server execute in the .../dsf-docker-test-setup/fhir folder
      dev:
+docker-compose up
+
+prod: 
+docker-compose -f docker-compose.yml -f docker-compose.prod.yml up
    • To start the BPE server execute in the .../dsf-docker-test-setup/bpe folder
      dev:
+docker-compose up
+    
+prod: 
+docker-compose -f docker-compose.yml -f docker-compose.prod.yml up
  • To access the FHIR endpoint (https://localhost/fhir/...) and BPE rest interface (https://localhost:8443/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for "Webbrowser Test User" and the "Test CA" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.

Troubleshooting

  • If you run in docker network troubles, clean up your network using docker network ls -q | xargs docker network rm
  • In production: if the warning Service "db" is using volume "/var/lib/postgresql/data" from the previous container appears, run the command
    docker-compose down -v
    before starting the containers.

Manual Integration Testing (VMs for Docker-Registry, 3 MeDICs, TTP)

  • For hints on setting up 5 Ubuntu VMs with Docker running on a Windows 10 host with Hyper-V and Ansible see test_setup_windows.txt
  • For hints on setting up 5 Ubuntu VMs with Docker running on a MacOS Catalina host with VirtualBox and Ansible see test_setup_macos.txt

Starting the Processes

Each process contains an ExampleStarter which creates FHIR resources and sends them to a designated FHIR-Endpoint in order to start the corresponding process in the Manual Integration Test Setup. The same client certificate can be used as above: .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

The following configuration is needed:

  • The path to the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PATH or args[0] has to be set
  • The password of the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PASSWORD or args[1] has to be set
`,17)]))}const h=i(r,[["render",n],["__file","build.html.vue"]]),c=JSON.parse('{"path":"/oldstable/build/build.html","title":"Build and Test","lang":"en-US","frontmatter":{"title":"Build and Test","icon":"back-stage","gitInclude":[]},"headers":[{"level":2,"title":"Build Project","slug":"build-project","link":"#build-project","children":[]},{"level":2,"title":"Manual Integration Testing (without Docker)","slug":"manual-integration-testing-without-docker","link":"#manual-integration-testing-without-docker","children":[]},{"level":2,"title":"Manual Integration Testing (local with Docker)","slug":"manual-integration-testing-local-with-docker","link":"#manual-integration-testing-local-with-docker","children":[{"level":3,"title":"Troubleshooting","slug":"troubleshooting","link":"#troubleshooting","children":[]}]},{"level":2,"title":"Manual Integration Testing (VMs for Docker-Registry, 3 MeDICs, TTP)","slug":"manual-integration-testing-vms-for-docker-registry-3-medics-ttp","link":"#manual-integration-testing-vms-for-docker-registry-3-medics-ttp","children":[{"level":3,"title":"Starting the Processes","slug":"starting-the-processes","link":"#starting-the-processes","children":[]}]}],"readingTime":{"minutes":2.1,"words":630},"filePathRelative":"oldstable/build/build.md","excerpt":"

Build Project

\\n

Prerequisite: Java 11, Maven 3.6, Docker

\\n
mvn install
\\n
"}');export{h as comp,c as data}; diff --git a/assets/changingBpmnProcesses.html-B14gOeU8.js b/assets/changingBpmnProcesses.html-B14gOeU8.js new file mode 100644 index 000000000..2e2acbdeb --- /dev/null +++ b/assets/changingBpmnProcesses.html-B14gOeU8.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as o,o as s}from"./app-BIWb5uIp.js";const i={};function r(a,e){return s(),n("div",null,e[0]||(e[0]=[o("

DEPRECATED SINCE VERSION 0.4.0

A service task of a process integrated in the framework can be overwritten using the plugin interface. This means that entire processes do not have to be replaced when only individual steps need adaption. An example can be found in the module dsf-bpe > dsf-bpe-process-plugin-example > dsf-bpe-process-service-overwrite.

A plugin has as its only dependency the process module which contains the service task to be overwritten.

For a plugin replacing one service task, two new files must be generated:

  • A new service task extending the task it overwrites. The method to be overwritten is doExecute(DelegateExecution execution).
  • A new configuration file containing a method that has as return type the service task you want to overwrite. This method then returns a Bean of your own implementation of this specific service task. The method has to be annotated with @Primary.
",5)]))}const p=t(i,[["render",r],["__file","changingBpmnProcesses.html.vue"]]),l=JSON.parse('{"path":"/oldstable/code/changingBpmnProcesses.html","title":"Changing BPMN Processes by Service Task Overwrites","lang":"en-US","frontmatter":{"title":"Changing BPMN Processes by Service Task Overwrites","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.54,"words":162},"filePathRelative":"oldstable/code/changingBpmnProcesses.md","excerpt":"
\\n

DEPRECATED SINCE VERSION 0.4.0

\\n
\\n

A service task of a process integrated in the framework can be overwritten using the plugin interface. This means that entire processes do not have to be replaced when only individual steps need adaption. An example can be found in the module dsf-bpe > dsf-bpe-process-plugin-example > dsf-bpe-process-service-overwrite.

"}');export{p as comp,l as data}; diff --git a/assets/code.html-BDpTAxf0.js b/assets/code.html-BDpTAxf0.js new file mode 100644 index 000000000..24a33e28f --- /dev/null +++ b/assets/code.html-BDpTAxf0.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.4.0/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.4.0/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-CL2p7Hc-.js b/assets/code.html-CL2p7Hc-.js new file mode 100644 index 000000000..ba930c4f5 --- /dev/null +++ b/assets/code.html-CL2p7Hc-.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.6.0/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.6.0/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-DFB-nvYv.js b/assets/code.html-DFB-nvYv.js new file mode 100644 index 000000000..fb3c0780b --- /dev/null +++ b/assets/code.html-DFB-nvYv.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/stable/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"stable/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-DbFOsjtY.js b/assets/code.html-DbFOsjtY.js new file mode 100644 index 000000000..9ed99c979 --- /dev/null +++ b/assets/code.html-DbFOsjtY.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.5.0/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.5.0/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-DedZSN5Z.js b/assets/code.html-DedZSN5Z.js new file mode 100644 index 000000000..677eb9c93 --- /dev/null +++ b/assets/code.html-DedZSN5Z.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as o,e as l,f as n,a as d,r as s,o as c,d as a}from"./app-BIWb5uIp.js";const m={};function f(h,e){const t=s("RouteLink");return c(),r("div",null,[e[2]||(e[2]=o("h2",{id:"code-style",tabindex:"-1"},[o("a",{class:"header-anchor",href:"#code-style"},[o("span",null,"Code Style")])],-1)),e[3]||(e[3]=o("p",null,"HiGHmed DSF code-style configurations for Eclipse and IntelliJ IDEA can be found here:",-1)),o("ul",null,[o("li",null,[l(t,{to:"/oldstable/code/eclipseContent.html"},{default:n(()=>e[0]||(e[0]=[a("Eclipse")])),_:1})]),o("li",null,[l(t,{to:"/oldstable/code/intelliJContent.html"},{default:n(()=>e[1]||(e[1]=[a("IntelliJ IDEA")])),_:1})])]),e[4]||(e[4]=d('

Pull Requests are only approved, if the code is formatted according to the code-style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Git Workflow

Since Release 0.1.0, we follow git-flow as described here.
New features should branch from develop and merged back if done. Hot-Fixes for the latest release will branch of master and will be merged into develop and later into master. A new release will branch of develop for a ramp down phase and will then be merged into master. The new master should merge back into develop to start a new development cycle.

Branch Naming:

  • Features: issue/<issue-number>_<issue-name>
  • Hot-Fix: hot-fix/<issue-number>_<issue-name>
  • Release: release/<version>
',5))])}const g=i(m,[["render",f],["__file","code.html.vue"]]),b=JSON.parse('{"path":"/oldstable/code/code.html","title":"Writing Code","lang":"en-US","frontmatter":{"title":"Writing Code","icon":"code","gitInclude":[]},"headers":[{"level":2,"title":"Code Style","slug":"code-style","link":"#code-style","children":[]},{"level":2,"title":"Git Workflow","slug":"git-workflow","link":"#git-workflow","children":[{"level":3,"title":"Branch Naming:","slug":"branch-naming","link":"#branch-naming","children":[]}]}],"readingTime":{"minutes":0.54,"words":162},"filePathRelative":"oldstable/code/code.md","excerpt":"

Code Style

\\n

HiGHmed DSF code-style configurations for Eclipse and IntelliJ IDEA can be found here:

\\n\\n

Pull Requests are only approved, if the code is formatted according to the code-style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

"}');export{g as comp,b as data}; diff --git a/assets/code.html-OC-Q5B21.js b/assets/code.html-OC-Q5B21.js new file mode 100644 index 000000000..bad78a618 --- /dev/null +++ b/assets/code.html-OC-Q5B21.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.7.0/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.7.0/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-WJrc1cv8.js b/assets/code.html-WJrc1cv8.js new file mode 100644 index 000000000..d023ab836 --- /dev/null +++ b/assets/code.html-WJrc1cv8.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.5.2/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.5.2/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/code.html-wX-SuVoF.js b/assets/code.html-wX-SuVoF.js new file mode 100644 index 000000000..a25013192 --- /dev/null +++ b/assets/code.html-wX-SuVoF.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function i(s,e){return n(),r("div",null,e[0]||(e[0]=[o('

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

Benefits of Contributing:

  • Foster community growth and diversification.
  • Sharpen your coding skills.
  • Gain recognition in the DSF community.
  • Directly impact the future of data sharing in medicine.

Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

General

Code style

You can import our code style for your specific IDE:

  • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
  • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

Branching strategy

Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

  • main
  • develop
  • issue
  • hotfix
  • release

Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

Branch naming

The following ruleset is applied to name branches:

  • issue/<issue-number>_<issue-name>
  • hotfix/<version>
  • release/<version>

Setting up the project

This chapter lists all important requirements to get the project buildable and running properly.

Java

This project uses Java JDK 17, so make sure you have it installed on your system.

Docker

Docker is used in this project to test database functionality and to run more complex test-setups.

Maven

The project relies on Maven as its management tool.
Important: When building the project you might encounter the following error:
Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

Workflow

  1. Create an issue or comment on an issue that you want to contribute some feature
  2. Fork the repository, create a branch and mention it in the issue
  3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
  4. If your changes are production-ready, create a pull request.

Pull request process

We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

  1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

  2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

  3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

Data Security in DSF Development

The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

  • No development with real personal data: Always use anonymized or synthetic data for development purposes.
  • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
  • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
',34)]))}const h=t(a,[["render",i],["__file","code.html.vue"]]),d=JSON.parse('{"path":"/v1.5.1/contribute/code.html","title":"Contribute code","lang":"en-US","frontmatter":{"title":"Contribute code","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Benefits of Contributing:","slug":"benefits-of-contributing","link":"#benefits-of-contributing","children":[]},{"level":2,"title":"General","slug":"general","link":"#general","children":[{"level":3,"title":"Code style","slug":"code-style","link":"#code-style","children":[]},{"level":3,"title":"Branching strategy","slug":"branching-strategy","link":"#branching-strategy","children":[]}]},{"level":2,"title":"Setting up the project","slug":"setting-up-the-project","link":"#setting-up-the-project","children":[{"level":3,"title":"Java","slug":"java","link":"#java","children":[]},{"level":3,"title":"Docker","slug":"docker","link":"#docker","children":[]},{"level":3,"title":"Maven","slug":"maven","link":"#maven","children":[]}]},{"level":2,"title":"Workflow","slug":"workflow","link":"#workflow","children":[{"level":3,"title":"Pull request process","slug":"pull-request-process","link":"#pull-request-process","children":[]}]},{"level":2,"title":"Data Security in DSF Development","slug":"data-security-in-dsf-development","link":"#data-security-in-dsf-development","children":[]}],"readingTime":{"minutes":2.51,"words":754},"filePathRelative":"v1.5.1/contribute/code.md","excerpt":"

Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

\\n

Benefits of Contributing:

\\n
    \\n
  • Foster community growth and diversification.
    • \\n
  • Sharpen your coding skills.
    • \\n
  • Gain recognition in the DSF community.
    • \\n
  • Directly impact the future of data sharing in medicine.
    • \\n
"}');export{h as comp,d as data}; diff --git a/assets/common.html-it2o1u7D.js b/assets/common.html-it2o1u7D.js new file mode 100644 index 000000000..7ffd66aed --- /dev/null +++ b/assets/common.html-it2o1u7D.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as i,o as s}from"./app-BIWb5uIp.js";const o={};function d(n,e){return s(),t("div",null,e[0]||(e[0]=[i('

Common Parameters

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',49)]))}const a=r(o,[["render",d],["__file","common.html.vue"]]),_=JSON.parse('{"path":"/v1.0.0/maintain/configuration/common.html","title":"Common Parameters","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":1.84,"words":552},"filePathRelative":"v1.0.0/maintain/configuration/common.md","excerpt":"\\n

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{a as comp,_ as data}; diff --git a/assets/configBpe.html-DIUpo9iX.js b/assets/configBpe.html-DIUpo9iX.js new file mode 100644 index 000000000..9481dac4a --- /dev/null +++ b/assets/configBpe.html-DIUpo9iX.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o}from"./app-BIWb5uIp.js";const t={};function l(n,e){return o(),i("div",null,e[0]||(e[0]=[s('

DSF 0.9.3 Configuration Parameters - BPE Server

Please note: Additional parameters (not listed here) are used to configure process plugins.

  • Property: org.highmed.dsf.bpe.consent.webservice.factory.class
  • Required: No
  • Description: Factory for client implementations used to connect to a consent server in order to check permissions to access patient medical data
  • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your Consent server
  • Default: org.highmed.consent.client.stub.ConsentClientStubFactory

ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: org.highmed.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

ORG_HIGHMED_DSF_BPE_DB_URL

  • Property: org.highmed.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: org.highmed.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: org.highmed.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

ORG_HIGHMED_DSF_BPE_DB_USER_GROUP

  • Property: org.highmed.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME

  • Property: org.highmed.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: org.highmed.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: org.highmed.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: org.highmed.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: org.highmed.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.password
  • Required: No
  • Description: Proxy password, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_URL

  • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.url
  • Required: No
  • Description: Proxy location, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy
  • Example: http://proxy.foo:8080

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_USERNAME

  • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.username
  • Required: No
  • Description: Proxy username, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: org.highmed.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: org.highmed.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: org.highmed.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.password
  • Required: No
  • Description: Proxy password, set if the DSF BPE server can reach internal servers via websocket, like the getSub server, only through a proxy which requests authentication
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_URL

  • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.url
  • Required: No
  • Description: Proxy location, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy
  • Example: http://proxy.foo:8080

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_USERNAME

  • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.username
  • Required: No
  • Description: Proxy username, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy which requests authentication

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.password
  • Required: No
  • Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_URL

  • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.url
  • Required: No
  • Description: Proxy location, set if the DSF BPE server can reach the internet only through a proxy
  • Example: http://proxy.foo:8080

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_USERNAME

  • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.username
  • Required: No
  • Description: Proxy username, set if the the DSF BPE server can reach the internet only through a proxy which requests authentication

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: org.highmed.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES

  • Property: org.highmed.dsf.bpe.fhir.client.trust.certificates
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

ORG_HIGHMED_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: org.highmed.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: org.highmed.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: org.highmed.dsf.bpe.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: org.highmed.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: org.highmed.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: org.highmed.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

ORG_HIGHMED_DSF_BPE_MAIL_FROMADDRESS

  • Property: org.highmed.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

ORG_HIGHMED_DSF_BPE_MAIL_HOST

  • Property: org.highmed.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

ORG_HIGHMED_DSF_BPE_MAIL_PORT

  • Property: org.highmed.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

ORG_HIGHMED_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: org.highmed.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

ORG_HIGHMED_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: org.highmed.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

ORG_HIGHMED_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: org.highmed.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: org.highmed.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: org.highmed.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSES

  • Property: org.highmed.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: org.highmed.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

ORG_HIGHMED_DSF_BPE_MAIL_TRUST_CERTIFICATES

  • Property: org.highmed.dsf.bpe.mail.trust.certificates
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

ORG_HIGHMED_DSF_BPE_MAIL_USERNAME

  • Property: org.highmed.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

  • Property: org.highmed.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

ORG_HIGHMED_DSF_BPE_MPI_WEBSERVICE_FACTORY_CLASS

  • Property: org.highmed.dsf.bpe.mpi.webservice.factory.class
  • Required: No
  • Description: Factory for client implementations used to connect to a Master Patient Index (MPI) server in order to read patient demographic data
  • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your MPI
  • Default: org.highmed.mpi.client.stub.MasterPatientIndexClientStubFactory

ORG_HIGHMED_DSF_BPE_OPENEHR_WEBSERVICE_FACTORY_CLASS

  • Property: org.highmed.dsf.bpe.openehr.webservice.factory.class
  • Required: No
  • Description: Factory for client implementations used to connect to an openEHR repository in order to read patient medical data
  • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your openEHR repository
  • Default: org.highmed.openehr.client.stub.OpenEhrClientStubFactory

ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED

  • Property: org.highmed.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: org.highmed.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: org.highmed.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

ORG_HIGHMED_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: org.highmed.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

ORG_HIGHMED_DSF_BPE_PROCESS_RETIRED

  • Property: org.highmed.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available

ORG_HIGHMED_DSF_BPE_PSEUDONYMIZATION_WEBSERVICE_FACTORY_CLASS

  • Property: org.highmed.dsf.bpe.pseudonymization.webservice.factory.class
  • Required: No
  • Description: Factory for client implementations used to connect to a pseudonymization service in order to pseudonymize patient demographic and medical data
  • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your pseudonymization service
  • Default: org.highmed.pseudonymization.client.stub.PseudonymizationClientStubFactory
',132)]))}const g=r(t,[["render",l],["__file","configBpe.html.vue"]]),h=JSON.parse('{"path":"/oldstable/releases/configBpe.html","title":"","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"DSF 0.9.3 Configuration Parameters - BPE Server","slug":"dsf-0-9-3-configuration-parameters-bpe-server","link":"#dsf-0-9-3-configuration-parameters-bpe-server","children":[{"level":3,"title":"ORG_HIGHMED_DSF_BPE_CONSENT_WEBSERVICE_FACTORY_CLASS","slug":"org-highmed-dsf-bpe-consent-webservice-factory-class","link":"#org-highmed-dsf-bpe-consent-webservice-factory-class","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-db-liquibase-password-or-org-highmed-dsf-bpe-db-liquibase-password-file","link":"#org-highmed-dsf-bpe-db-liquibase-password-or-org-highmed-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"org-highmed-dsf-bpe-db-liquibase-username","link":"#org-highmed-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_URL","slug":"org-highmed-dsf-bpe-db-url","link":"#org-highmed-dsf-bpe-db-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"org-highmed-dsf-bpe-db-user-camunda-group","link":"#org-highmed-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-db-user-camunda-password-or-org-highmed-dsf-bpe-db-user-camunda-password-file","link":"#org-highmed-dsf-bpe-db-user-camunda-password-or-org-highmed-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"org-highmed-dsf-bpe-db-user-camunda-username","link":"#org-highmed-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_GROUP","slug":"org-highmed-dsf-bpe-db-user-group","link":"#org-highmed-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-db-user-password-or-org-highmed-dsf-bpe-db-user-password-file","link":"#org-highmed-dsf-bpe-db-user-password-or-org-highmed-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME","slug":"org-highmed-dsf-bpe-db-user-username","link":"#org-highmed-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"org-highmed-dsf-bpe-debug-log-message-onactivityend","link":"#org-highmed-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"org-highmed-dsf-bpe-debug-log-message-onactivitystart","link":"#org-highmed-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"org-highmed-dsf-bpe-debug-log-message-variables","link":"#org-highmed-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"org-highmed-dsf-bpe-fhir-client-certificate","link":"#org-highmed-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"org-highmed-dsf-bpe-fhir-client-certificate-private-key","link":"#org-highmed-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-or-org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-or-org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-fhir-client-local-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-proxy-password-file","link":"#org-highmed-dsf-bpe-fhir-client-local-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-proxy-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_URL","slug":"org-highmed-dsf-bpe-fhir-client-local-proxy-url","link":"#org-highmed-dsf-bpe-fhir-client-local-proxy-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_USERNAME","slug":"org-highmed-dsf-bpe-fhir-client-local-proxy-username","link":"#org-highmed-dsf-bpe-fhir-client-local-proxy-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"org-highmed-dsf-bpe-fhir-client-local-timeout-connect","link":"#org-highmed-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"org-highmed-dsf-bpe-fhir-client-local-timeout-read","link":"#org-highmed-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"org-highmed-dsf-bpe-fhir-client-local-verbose","link":"#org-highmed-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-file","link":"#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_URL","slug":"org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-url","link":"#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_USERNAME","slug":"org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-username","link":"#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-fhir-client-remote-proxy-password-or-org-highmed-dsf-bpe-fhir-client-remote-proxy-password-file","link":"#org-highmed-dsf-bpe-fhir-client-remote-proxy-password-or-org-highmed-dsf-bpe-fhir-client-remote-proxy-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_URL","slug":"org-highmed-dsf-bpe-fhir-client-remote-proxy-url","link":"#org-highmed-dsf-bpe-fhir-client-remote-proxy-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_USERNAME","slug":"org-highmed-dsf-bpe-fhir-client-remote-proxy-username","link":"#org-highmed-dsf-bpe-fhir-client-remote-proxy-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"org-highmed-dsf-bpe-fhir-client-remote-timeout-connect","link":"#org-highmed-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"org-highmed-dsf-bpe-fhir-client-remote-timeout-read","link":"#org-highmed-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"org-highmed-dsf-bpe-fhir-client-remote-verbose","link":"#org-highmed-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES","slug":"org-highmed-dsf-bpe-fhir-client-trust-certificates","link":"#org-highmed-dsf-bpe-fhir-client-trust-certificates","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"org-highmed-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#org-highmed-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"org-highmed-dsf-bpe-fhir-server-base-url","link":"#org-highmed-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"org-highmed-dsf-bpe-fhir-server-organization-identifier-value","link":"#org-highmed-dsf-bpe-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"org-highmed-dsf-bpe-fhir-task-subscription-retry-max","link":"#org-highmed-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"org-highmed-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#org-highmed-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"org-highmed-dsf-bpe-fhir-task-subscription-search-parameter","link":"#org-highmed-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"org-highmed-dsf-bpe-mail-client-certificate","link":"#org-highmed-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"org-highmed-dsf-bpe-mail-client-certificate-private-key","link":"#org-highmed-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-mail-client-certificate-private-key-password-or-org-highmed-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#org-highmed-dsf-bpe-mail-client-certificate-private-key-password-or-org-highmed-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_FROMADDRESS","slug":"org-highmed-dsf-bpe-mail-fromaddress","link":"#org-highmed-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_HOST","slug":"org-highmed-dsf-bpe-mail-host","link":"#org-highmed-dsf-bpe-mail-host","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"org-highmed-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#org-highmed-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"org-highmed-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#org-highmed-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-mail-password-or-org-highmed-dsf-bpe-mail-password-file","link":"#org-highmed-dsf-bpe-mail-password-or-org-highmed-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_PORT","slug":"org-highmed-dsf-bpe-mail-port","link":"#org-highmed-dsf-bpe-mail-port","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"org-highmed-dsf-bpe-mail-replytoaddresses","link":"#org-highmed-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"org-highmed-dsf-bpe-mail-sendmailonerrorlogevent","link":"#org-highmed-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"org-highmed-dsf-bpe-mail-sendtestmailonstartup","link":"#org-highmed-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"org-highmed-dsf-bpe-mail-smime-p12keystore","link":"#org-highmed-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"org-highmed-dsf-bpe-mail-smime-p12keystore-password-or-org-highmed-dsf-bpe-mail-smime-p12keystore-password-file","link":"#org-highmed-dsf-bpe-mail-smime-p12keystore-password-or-org-highmed-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSES","slug":"org-highmed-dsf-bpe-mail-toaddresses","link":"#org-highmed-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSESCC","slug":"org-highmed-dsf-bpe-mail-toaddressescc","link":"#org-highmed-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_TRUST_CERTIFICATES","slug":"org-highmed-dsf-bpe-mail-trust-certificates","link":"#org-highmed-dsf-bpe-mail-trust-certificates","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_USERNAME","slug":"org-highmed-dsf-bpe-mail-username","link":"#org-highmed-dsf-bpe-mail-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS","slug":"org-highmed-dsf-bpe-mail-usesmtps","link":"#org-highmed-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_MPI_WEBSERVICE_FACTORY_CLASS","slug":"org-highmed-dsf-bpe-mpi-webservice-factory-class","link":"#org-highmed-dsf-bpe-mpi-webservice-factory-class","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_OPENEHR_WEBSERVICE_FACTORY_CLASS","slug":"org-highmed-dsf-bpe-openehr-webservice-factory-class","link":"#org-highmed-dsf-bpe-openehr-webservice-factory-class","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED","slug":"org-highmed-dsf-bpe-process-excluded","link":"#org-highmed-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"org-highmed-dsf-bpe-process-fhir-server-retry-max","link":"#org-highmed-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"org-highmed-dsf-bpe-process-fhir-server-retry-sleep","link":"#org-highmed-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"org-highmed-dsf-bpe-process-plugin-directroy","link":"#org-highmed-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PROCESS_RETIRED","slug":"org-highmed-dsf-bpe-process-retired","link":"#org-highmed-dsf-bpe-process-retired","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_BPE_PSEUDONYMIZATION_WEBSERVICE_FACTORY_CLASS","slug":"org-highmed-dsf-bpe-pseudonymization-webservice-factory-class","link":"#org-highmed-dsf-bpe-pseudonymization-webservice-factory-class","children":[]}]}],"readingTime":{"minutes":7.16,"words":2148},"filePathRelative":"oldstable/releases/configBpe.md","excerpt":"

DSF 0.9.3 Configuration Parameters - BPE Server

\\n

Please note: Additional parameters (not listed here) are used to configure process plugins.

\\n

ORG_HIGHMED_DSF_BPE_CONSENT_WEBSERVICE_FACTORY_CLASS

\\n
    \\n
  • Property: org.highmed.dsf.bpe.consent.webservice.factory.class
    • \\n
  • Required: No
    • \\n
  • Description: Factory for client implementations used to connect to a consent server in order to check permissions to access patient medical data
    • \\n
  • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your Consent server
    • \\n
  • Default: org.highmed.consent.client.stub.ConsentClientStubFactory
    • \\n
"}');export{g as comp,h as data}; diff --git a/assets/configFhir.html-BBQFAhE_.js b/assets/configFhir.html-BBQFAhE_.js new file mode 100644 index 000000000..403d67b1d --- /dev/null +++ b/assets/configFhir.html-BBQFAhE_.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as t}from"./app-BIWb5uIp.js";const o={};function n(l,e){return t(),i("div",null,e[0]||(e[0]=[s('

DSF 0.9.3 Configuration Parameters - FHIR Server

Please note: Additional parameters (not listed here) are used to define elements of the external FHIR bundle.

ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: org.highmed.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: org.highmed.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: org.highmed.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE

  • Property: org.highmed.dsf.fhir.client.proxy.password
  • Required: No
  • Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE

ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_URL

  • Property: org.highmed.dsf.fhir.client.proxy.url
  • Required: No
  • Description: Proxy location, set if the DSF FHIR server can reach the internet only through a proxy
  • Example: http://proxy.foo:8080

ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_USERNAME

  • Property: org.highmed.dsf.fhir.client.proxy.username
  • Required: No
  • Description: Proxy username, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication

ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: org.highmed.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: org.highmed.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES

  • Property: org.highmed.dsf.fhir.client.trust.certificates
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

ORG_HIGHMED_DSF_FHIR_CLIENT_VERBOSE

  • Property: org.highmed.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: org.highmed.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: org.highmed.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

ORG_HIGHMED_DSF_FHIR_DB_URL

  • Property: org.highmed.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP

  • Property: org.highmed.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: org.highmed.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: org.highmed.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: org.highmed.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: org.highmed.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME

  • Property: org.highmed.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL

  • Property: org.highmed.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

ORG_HIGHMED_DSF_FHIR_SERVER_CORS_ORIGINS

  • Property: org.highmed.dsf.fhir.server.cors.origins
  • Required: No
  • Description: List of allowed CORS origins, used to set the Access-Control-Allow-Origin HTTP response header, which indicates whether the response can be shared with requesting code from the given origin; comma or space separated list, YAML block scalars supported

ORG_HIGHMED_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: org.highmed.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: org.highmed.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

ORG_HIGHMED_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: org.highmed.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS

  • Property: org.highmed.dsf.fhir.server.user.thumbprints
  • Required: Yes
  • Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server; comma or space separated list, YAML block scalars supported
  • Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes

ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE

  • Property: org.highmed.dsf.fhir.server.user.thumbprints.permanent.delete
  • Required: Yes
  • Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server for permanent deletes; comma or space separated list, YAML block scalars supported
  • Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes
',54)]))}const a=r(o,[["render",n],["__file","configFhir.html.vue"]]),g=JSON.parse('{"path":"/oldstable/releases/configFhir.html","title":"","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"DSF 0.9.3 Configuration Parameters - FHIR Server","slug":"dsf-0-9-3-configuration-parameters-fhir-server","link":"#dsf-0-9-3-configuration-parameters-fhir-server","children":[{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE","slug":"org-highmed-dsf-fhir-client-certificate","link":"#org-highmed-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"org-highmed-dsf-fhir-client-certificate-private-key","link":"#org-highmed-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"org-highmed-dsf-fhir-client-certificate-private-key-password-or-org-highmed-dsf-fhir-client-certificate-private-key-password-file","link":"#org-highmed-dsf-fhir-client-certificate-private-key-password-or-org-highmed-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE","slug":"org-highmed-dsf-fhir-client-proxy-password-or-org-highmed-dsf-fhir-client-proxy-password-file","link":"#org-highmed-dsf-fhir-client-proxy-password-or-org-highmed-dsf-fhir-client-proxy-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_URL","slug":"org-highmed-dsf-fhir-client-proxy-url","link":"#org-highmed-dsf-fhir-client-proxy-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_USERNAME","slug":"org-highmed-dsf-fhir-client-proxy-username","link":"#org-highmed-dsf-fhir-client-proxy-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"org-highmed-dsf-fhir-client-timeout-connect","link":"#org-highmed-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"org-highmed-dsf-fhir-client-timeout-read","link":"#org-highmed-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES","slug":"org-highmed-dsf-fhir-client-trust-certificates","link":"#org-highmed-dsf-fhir-client-trust-certificates","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_CLIENT_VERBOSE","slug":"org-highmed-dsf-fhir-client-verbose","link":"#org-highmed-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"org-highmed-dsf-fhir-db-liquibase-password-or-org-highmed-dsf-fhir-db-liquibase-password-file","link":"#org-highmed-dsf-fhir-db-liquibase-password-or-org-highmed-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"org-highmed-dsf-fhir-db-liquibase-username","link":"#org-highmed-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_URL","slug":"org-highmed-dsf-fhir-db-url","link":"#org-highmed-dsf-fhir-db-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP","slug":"org-highmed-dsf-fhir-db-user-group","link":"#org-highmed-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"org-highmed-dsf-fhir-db-user-password-or-org-highmed-dsf-fhir-db-user-password-file","link":"#org-highmed-dsf-fhir-db-user-password-or-org-highmed-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"org-highmed-dsf-fhir-db-user-permanent-delete-group","link":"#org-highmed-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"org-highmed-dsf-fhir-db-user-permanent-delete-password-or-org-highmed-dsf-fhir-db-user-permanent-delete-password-file","link":"#org-highmed-dsf-fhir-db-user-permanent-delete-password-or-org-highmed-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"org-highmed-dsf-fhir-db-user-permanent-delete-username","link":"#org-highmed-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME","slug":"org-highmed-dsf-fhir-db-user-username","link":"#org-highmed-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL","slug":"org-highmed-dsf-fhir-server-base-url","link":"#org-highmed-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_CORS_ORIGINS","slug":"org-highmed-dsf-fhir-server-cors-origins","link":"#org-highmed-dsf-fhir-server-cors-origins","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"org-highmed-dsf-fhir-server-init-bundle","link":"#org-highmed-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"org-highmed-dsf-fhir-server-organization-identifier-value","link":"#org-highmed-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_PAGE_COUNT","slug":"org-highmed-dsf-fhir-server-page-count","link":"#org-highmed-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS","slug":"org-highmed-dsf-fhir-server-user-thumbprints","link":"#org-highmed-dsf-fhir-server-user-thumbprints","children":[]},{"level":3,"title":"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE","slug":"org-highmed-dsf-fhir-server-user-thumbprints-permanent-delete","link":"#org-highmed-dsf-fhir-server-user-thumbprints-permanent-delete","children":[]}]}],"readingTime":{"minutes":2.98,"words":895},"filePathRelative":"oldstable/releases/configFhir.md","excerpt":"

DSF 0.9.3 Configuration Parameters - FHIR Server

\\n

Please note: Additional parameters (not listed here) are used to define elements of the external FHIR bundle.

\\n

ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: org.highmed.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{a as comp,g as data}; diff --git a/assets/configFhirReverseProxy.html-DxL-rq4Y.js b/assets/configFhirReverseProxy.html-DxL-rq4Y.js new file mode 100644 index 000000000..69366b57e --- /dev/null +++ b/assets/configFhirReverseProxy.html-DxL-rq4Y.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

DSF 0.9.3 Configuration Parameters - FHIR Reverse Proxy

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem
',23)]))}const d=t(o,[["render",n],["__file","configFhirReverseProxy.html.vue"]]),p=JSON.parse('{"path":"/oldstable/releases/configFhirReverseProxy.html","title":"","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"DSF 0.9.3 Configuration Parameters - FHIR Reverse Proxy","slug":"dsf-0-9-3-configuration-parameters-fhir-reverse-proxy","link":"#dsf-0-9-3-configuration-parameters-fhir-reverse-proxy","children":[]},{"level":2,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":2,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":2,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":2,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":2,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":2,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":2,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":2,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":2,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":2,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":2,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]}],"readingTime":{"minutes":1.17,"words":351},"filePathRelative":"oldstable/releases/configFhirReverseProxy.md","excerpt":"

DSF 0.9.3 Configuration Parameters - FHIR Reverse Proxy

\\n

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
"}');export{d as comp,p as data}; diff --git a/assets/configuration.html--e0C5ZKV.js b/assets/configuration.html--e0C5ZKV.js new file mode 100644 index 000000000..1b31e0386 --- /dev/null +++ b/assets/configuration.html--e0C5ZKV.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_server_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.bpe.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',164)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.1.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-bpe-fhir-server-organization-identifier-value","link":"#dev-dsf-bpe-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":7.77,"words":2331},"filePathRelative":"v1.1.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-0NMspHep.js b/assets/configuration.html-0NMspHep.js new file mode 100644 index 000000000..f2e30104a --- /dev/null +++ b/assets/configuration.html-0NMspHep.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',172)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.2/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.21,"words":2464},"filePathRelative":"v1.3.2/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-2g2NV2bW.js b/assets/configuration.html-2g2NV2bW.js new file mode 100644 index 000000000..042c4ab8a --- /dev/null +++ b/assets/configuration.html-2g2NV2bW.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.6.0/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.6.0/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-3bPj-iQy.js b/assets/configuration.html-3bPj-iQy.js new file mode 100644 index 000000000..185f5c4b1 --- /dev/null +++ b/assets/configuration.html-3bPj-iQy.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.2/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.2/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-9-gxWTsR.js b/assets/configuration.html-9-gxWTsR.js new file mode 100644 index 000000000..17c082eb3 --- /dev/null +++ b/assets/configuration.html-9-gxWTsR.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_server_trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.2.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.7,"words":1411},"filePathRelative":"v1.2.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-AmHqBh1j.js b/assets/configuration.html-AmHqBh1j.js new file mode 100644 index 000000000..4ce5fb9dc --- /dev/null +++ b/assets/configuration.html-AmHqBh1j.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.88,"words":2665},"filePathRelative":"v1.5.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-B22FewOX.js b/assets/configuration.html-B22FewOX.js new file mode 100644 index 000000000..04e47a283 --- /dev/null +++ b/assets/configuration.html-B22FewOX.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.2/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.71,"words":1412},"filePathRelative":"v1.3.2/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-B6x5Arla.js b/assets/configuration.html-B6x5Arla.js new file mode 100644 index 000000000..8608f54fb --- /dev/null +++ b/assets/configuration.html-B6x5Arla.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.1/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.1/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-B9K0thH0.js b/assets/configuration.html-B9K0thH0.js new file mode 100644 index 000000000..8322fa17c --- /dev/null +++ b/assets/configuration.html-B9K0thH0.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_server_trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

  • Property: dev.dsf.fhir.server.roleConfig
  • Required: Yes
  • Description: Role config YAML as defined in FHIR Server: Access Control.
  • Recommendation: Use an empty string "" or a single block scalar | character if no roles should be configured

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.1.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.76,"words":1428},"filePathRelative":"v1.1.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-BCKzibHN.js b/assets/configuration.html-BCKzibHN.js new file mode 100644 index 000000000..0e4414087 --- /dev/null +++ b/assets/configuration.html-BCKzibHN.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.0/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.0/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-BCcYjJs7.js b/assets/configuration.html-BCcYjJs7.js new file mode 100644 index 000000000..c64be1968 --- /dev/null +++ b/assets/configuration.html-BCcYjJs7.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.4.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.71,"words":1412},"filePathRelative":"v1.4.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-BEgHxbLV.js b/assets/configuration.html-BEgHxbLV.js new file mode 100644 index 000000000..36729ef61 --- /dev/null +++ b/assets/configuration.html-BEgHxbLV.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-BUB13-BB.js b/assets/configuration.html-BUB13-BB.js new file mode 100644 index 000000000..72073f2dc --- /dev/null +++ b/assets/configuration.html-BUB13-BB.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true
  • Recommendation: This debug function should only be activated during process plugin development
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true
  • Recommendation: This debug function should only be activated during process plugin development
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
  • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
  • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: No
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: No
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: No
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/client_cert_ca_chains.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: No
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: No
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: No
  • Description: Status connector port, default in docker image: 10000
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.7.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":8.86,"words":2658},"filePathRelative":"v1.7.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

\\n
    \\n
  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • \\n
  • Required: No
    • \\n
  • Description: To force liquibase to unlock the migration lock set to true
    • \\n
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • \\n
  • Default: false
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-BVieb_qp.js b/assets/configuration.html-BVieb_qp.js new file mode 100644 index 000000000..ac18ca566 --- /dev/null +++ b/assets/configuration.html-BVieb_qp.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_server_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',172)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.2.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.21,"words":2464},"filePathRelative":"v1.2.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-BerTbb3a.js b/assets/configuration.html-BerTbb3a.js new file mode 100644 index 000000000..b3815c429 --- /dev/null +++ b/assets/configuration.html-BerTbb3a.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as r}from"./app-BIWb5uIp.js";const n={};function o(c,e){return r(),i("div",null,e[0]||(e[0]=[s('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: No
  • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_ca_chains.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_issuing_cas.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_EXPECTED_CLIENT_S_DN_C_VALUES

  • Required: No
  • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
  • Default: 'DE'

SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

  • Required: No
  • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
  • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',30)]))}const d=t(n,[["render",o],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/stable/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_S_DN_C_VALUES","slug":"ssl-expected-client-s-dn-c-values","link":"#ssl-expected-client-s-dn-c-values","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES","slug":"ssl-expected-client-i-dn-cn-values","link":"#ssl-expected-client-i-dn-cn-values","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":2.13,"words":640},"filePathRelative":"stable/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-C5rSSCzr.js b/assets/configuration.html-C5rSSCzr.js new file mode 100644 index 000000000..89b2b74e0 --- /dev/null +++ b/assets/configuration.html-C5rSSCzr.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: No
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: No
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: No
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/client_cert_ca_chains.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: No
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: No
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: No
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.7.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.14,"words":1543},"filePathRelative":"v1.7.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-C8C8eVoz.js b/assets/configuration.html-C8C8eVoz.js new file mode 100644 index 000000000..ab35d7127 --- /dev/null +++ b/assets/configuration.html-C8C8eVoz.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.15,"words":1546},"filePathRelative":"v1.5.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-CFTMHCPS.js b/assets/configuration.html-CFTMHCPS.js new file mode 100644 index 000000000..0b17f0be6 --- /dev/null +++ b/assets/configuration.html-CFTMHCPS.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.1/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.88,"words":2665},"filePathRelative":"v1.5.1/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-CJGjidT6.js b/assets/configuration.html-CJGjidT6.js new file mode 100644 index 000000000..cc5b5df7e --- /dev/null +++ b/assets/configuration.html-CJGjidT6.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.4.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.4.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-CT8qdJmH.js b/assets/configuration.html-CT8qdJmH.js new file mode 100644 index 000000000..613c3fc52 --- /dev/null +++ b/assets/configuration.html-CT8qdJmH.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.1/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.15,"words":1546},"filePathRelative":"v1.5.1/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-CUNojr74.js b/assets/configuration.html-CUNojr74.js new file mode 100644 index 000000000..75063d640 --- /dev/null +++ b/assets/configuration.html-CUNojr74.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.2/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.88,"words":2665},"filePathRelative":"v1.5.2/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-CX1SHh6p.js b/assets/configuration.html-CX1SHh6p.js new file mode 100644 index 000000000..63be7a24e --- /dev/null +++ b/assets/configuration.html-CX1SHh6p.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as r}from"./app-BIWb5uIp.js";const n={};function o(c,e){return r(),i("div",null,e[0]||(e[0]=[s('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: No
  • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_ca_chains.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_issuing_cas.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_EXPECTED_CLIENT_S_DN_C_VALUES

  • Required: No
  • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
  • Default: 'DE'

SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

  • Required: No
  • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
  • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',30)]))}const d=t(n,[["render",o],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.7.0/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_S_DN_C_VALUES","slug":"ssl-expected-client-s-dn-c-values","link":"#ssl-expected-client-s-dn-c-values","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES","slug":"ssl-expected-client-i-dn-cn-values","link":"#ssl-expected-client-i-dn-cn-values","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":2.13,"words":640},"filePathRelative":"v1.7.0/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-C__nH2Qj.js b/assets/configuration.html-C__nH2Qj.js new file mode 100644 index 000000000..b54cc5c33 --- /dev/null +++ b/assets/configuration.html-C__nH2Qj.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.5.2/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.15,"words":1546},"filePathRelative":"v1.5.2/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-CqXemyhq.js b/assets/configuration.html-CqXemyhq.js new file mode 100644 index 000000000..d80785c33 --- /dev/null +++ b/assets/configuration.html-CqXemyhq.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.3.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.3.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-CxcVHTFL.js b/assets/configuration.html-CxcVHTFL.js new file mode 100644 index 000000000..5b90c2a8e --- /dev/null +++ b/assets/configuration.html-CxcVHTFL.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.2.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.2.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-CzP8igmj.js b/assets/configuration.html-CzP8igmj.js new file mode 100644 index 000000000..7a6596c79 --- /dev/null +++ b/assets/configuration.html-CzP8igmj.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.6.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.88,"words":2665},"filePathRelative":"v1.6.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-D1oz1N0T.js b/assets/configuration.html-D1oz1N0T.js new file mode 100644 index 000000000..da6d9b5a6 --- /dev/null +++ b/assets/configuration.html-D1oz1N0T.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.2/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.2/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-D2S40OOC.js b/assets/configuration.html-D2S40OOC.js new file mode 100644 index 000000000..1bc2cf9ad --- /dev/null +++ b/assets/configuration.html-D2S40OOC.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',172)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.21,"words":2464},"filePathRelative":"v1.3.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DEel35nd.js b/assets/configuration.html-DEel35nd.js new file mode 100644 index 000000000..bad0d97d9 --- /dev/null +++ b/assets/configuration.html-DEel35nd.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true.
  • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.6.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.15,"words":1546},"filePathRelative":"v1.6.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DHpvcZUz.js b/assets/configuration.html-DHpvcZUz.js new file mode 100644 index 000000000..30eb24d82 --- /dev/null +++ b/assets/configuration.html-DHpvcZUz.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as r}from"./app-BIWb5uIp.js";const n={};function o(c,e){return r(),i("div",null,e[0]||(e[0]=[s('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: No
  • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_ca_chains.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_issuing_cas.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_EXPECTED_CLIENT_S_DN_C_VALUES

  • Required: No
  • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
  • Default: 'DE'

SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

  • Required: No
  • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
  • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',30)]))}const d=t(n,[["render",o],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.7.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_S_DN_C_VALUES","slug":"ssl-expected-client-s-dn-c-values","link":"#ssl-expected-client-s-dn-c-values","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES","slug":"ssl-expected-client-i-dn-cn-values","link":"#ssl-expected-client-i-dn-cn-values","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":2.14,"words":641},"filePathRelative":"v1.7.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-DOXO1lQO.js b/assets/configuration.html-DOXO1lQO.js new file mode 100644 index 000000000..99cdb16dc --- /dev/null +++ b/assets/configuration.html-DOXO1lQO.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.1/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.71,"words":1412},"filePathRelative":"v1.3.1/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DVe4NUbp.js b/assets/configuration.html-DVe4NUbp.js new file mode 100644 index 000000000..3fe434596 --- /dev/null +++ b/assets/configuration.html-DVe4NUbp.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: Password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.fhir.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.fhir.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: Base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: Local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_FHIR_SERVER_UI_THEME

  • Property: dev.dsf.fhir.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: No
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: No
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: No
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/client_cert_ca_chains.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: No
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: No
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: No
  • Description: Status connector port, default in docker image: 10000
',114)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/stable/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-fhir-debug-log-message-currentuser","link":"#dev-dsf-fhir-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-fhir-debug-log-message-dbstatement","link":"#dev-dsf-fhir-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-fhir-debug-log-message-webservicerequest","link":"#dev-dsf-fhir-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_UI_THEME","slug":"dev-dsf-fhir-server-ui-theme","link":"#dev-dsf-fhir-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":5.14,"words":1543},"filePathRelative":"stable/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DcUurjxM.js b/assets/configuration.html-DcUurjxM.js new file mode 100644 index 000000000..fc6a50fef --- /dev/null +++ b/assets/configuration.html-DcUurjxM.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',172)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.1/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.21,"words":2464},"filePathRelative":"v1.3.1/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DfavBsiR.js b/assets/configuration.html-DfavBsiR.js new file mode 100644 index 000000000..c77025fe9 --- /dev/null +++ b/assets/configuration.html-DfavBsiR.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.3.2/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.3.2/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-DgmMmxNu.js b/assets/configuration.html-DgmMmxNu.js new file mode 100644 index 000000000..3e73e70b5 --- /dev/null +++ b/assets/configuration.html-DgmMmxNu.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.6.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.6.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-Dxnk3dN3.js b/assets/configuration.html-Dxnk3dN3.js new file mode 100644 index 000000000..fb50be3ea --- /dev/null +++ b/assets/configuration.html-Dxnk3dN3.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(d,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: Address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: Name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: Password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: Username to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

  • Property: dev.dsf.bpe.debug.log.message.currentUser
  • Required: No
  • Description: To enable logging of the currently requesting user set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

  • Property: dev.dsf.bpe.debug.log.message.dbStatement
  • Required: No
  • Description: To enable logging of DB queries set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true
  • Recommendation: This debug function should only be activated during process plugin development
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true
  • Recommendation: This debug function should only be activated during process plugin development
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
  • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
  • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

  • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
  • Required: No
  • Description: To enable logging of webservices requests set to true
  • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: Base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_BPE_SERVER_BASE_URL

  • Property: dev.dsf.bpe.server.base.url
  • Required: No
  • Description: Base address of the BPE server, configure when exposing the web-ui
  • Example: https://foo.bar/bpe
  • Default: https://localhost/bpe

DEV_DSF_BPE_SERVER_ROLECONFIG

DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.bpe.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_BPE_SERVER_UI_THEME

  • Property: dev.dsf.bpe.server.ui.theme
  • Required: No
  • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: No
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: No
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: No
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem
  • Default: ca/server_cert_root_cas.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem
  • Default: ca/client_cert_ca_chains.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: No
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: No
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: No
  • Description: Status connector port, default in docker image: 10000
',186)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/stable/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER","slug":"dev-dsf-bpe-debug-log-message-currentuser","link":"#dev-dsf-bpe-debug-log-message-currentuser","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT","slug":"dev-dsf-bpe-debug-log-message-dbstatement","link":"#dev-dsf-bpe-debug-log-message-dbstatement","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST","slug":"dev-dsf-bpe-debug-log-message-webservicerequest","link":"#dev-dsf-bpe-debug-log-message-webservicerequest","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_BASE_URL","slug":"dev-dsf-bpe-server-base-url","link":"#dev-dsf-bpe-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_ROLECONFIG","slug":"dev-dsf-bpe-server-roleconfig","link":"#dev-dsf-bpe-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-bpe-server-static-resource-cache","link":"#dev-dsf-bpe-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_BPE_SERVER_UI_THEME","slug":"dev-dsf-bpe-server-ui-theme","link":"#dev-dsf-bpe-server-ui-theme","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":8.86,"words":2658},"filePathRelative":"stable/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

\\n
    \\n
  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • \\n
  • Required: No
    • \\n
  • Description: To force liquibase to unlock the migration lock set to true
    • \\n
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • \\n
  • Default: false
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-DzrhCnzW.js b/assets/configuration.html-DzrhCnzW.js new file mode 100644 index 000000000..c35d2bd13 --- /dev/null +++ b/assets/configuration.html-DzrhCnzW.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.3.1/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.3.1/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-DzsiotEB.js b/assets/configuration.html-DzsiotEB.js new file mode 100644 index 000000000..8f6e8ff7e --- /dev/null +++ b/assets/configuration.html-DzsiotEB.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as r}from"./app-BIWb5uIp.js";const o={};function n(l,e){return r(),i("div",null,e[0]||(e[0]=[s('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',24)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.1.0/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.23,"words":370},"filePathRelative":"v1.1.0/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-NzlYsJp8.js b/assets/configuration.html-NzlYsJp8.js new file mode 100644 index 000000000..55141c19b --- /dev/null +++ b/assets/configuration.html-NzlYsJp8.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF BPE server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
  • Default: /bpe

SSL_CA_CERTIFICATE_FILE

  • Required: Yes
  • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_certificate_file.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_ca_dn_request_file.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',26)]))}const d=t(o,[["render",n],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/v1.5.1/maintain/bpe-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":1.35,"words":404},"filePathRelative":"v1.5.1/maintain/bpe-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-U9VXgZ2T.js b/assets/configuration.html-U9VXgZ2T.js new file mode 100644 index 000000000..7cc0fca2a --- /dev/null +++ b/assets/configuration.html-U9VXgZ2T.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,o as r}from"./app-BIWb5uIp.js";const n={};function o(c,e){return r(),i("div",null,e[0]||(e[0]=[s('

APP_SERVER_IP

  • Required: Yes
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
  • Example: app, 172.28.1.3

HTTPS_SERVER_NAME_PORT

  • Required: Yes
  • Description: External FQDN of your DSF FHIR server with port, typically 443
  • Example: my-external.fqdn:443

PROXY_PASS_CONNECTION_TIMEOUT_HTTP

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_CONNECTION_TIMEOUT_WS

  • Required: No
  • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
  • Default: 30 seconds

PROXY_PASS_TIMEOUT_HTTP

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
  • Default: 60 seconds

PROXY_PASS_TIMEOUT_WS

  • Required: No
  • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
  • Default: 60 seconds

SERVER_CONTEXT_PATH

  • Required: No
  • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
  • Default: /fhir

SSL_CA_CERTIFICATE_FILE

  • Required: No
  • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_ca_chains.pem

SSL_CA_DN_REQUEST_FILE

  • Required: No
  • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
  • Recommendation: Use docker secret file to configure
  • Default: ca/client_cert_issuing_cas.pem

SSL_CERTIFICATE_CHAIN_FILE

  • Required: No
  • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_chain_file.pem

SSL_CERTIFICATE_FILE

  • Required: Yes
  • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_file.pem

SSL_CERTIFICATE_KEY_FILE

  • Required: Yes
  • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/ssl_certificate_key_file.pem

SSL_EXPECTED_CLIENT_S_DN_C_VALUES

  • Required: No
  • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
  • Default: 'DE'

SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

  • Required: No
  • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
  • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

SSL_VERIFY_CLIENT

  • Required: No
  • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
  • Recommendation: Set to optional when using OIDC authentication
  • Default: require
',30)]))}const d=t(n,[["render",o],["__file","configuration.html.vue"]]),p=JSON.parse('{"path":"/stable/maintain/fhir-reverse-proxy/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SERVER_CONTEXT_PATH","slug":"server-context-path","link":"#server-context-path","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_S_DN_C_VALUES","slug":"ssl-expected-client-s-dn-c-values","link":"#ssl-expected-client-s-dn-c-values","children":[]},{"level":3,"title":"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES","slug":"ssl-expected-client-i-dn-cn-values","link":"#ssl-expected-client-i-dn-cn-values","children":[]},{"level":3,"title":"SSL_VERIFY_CLIENT","slug":"ssl-verify-client","link":"#ssl-verify-client","children":[]}],"readingTime":{"minutes":2.14,"words":641},"filePathRelative":"stable/maintain/fhir-reverse-proxy/configuration.md","excerpt":"

APP_SERVER_IP

\\n
    \\n
  • Required: Yes
    • \\n
  • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • \\n
  • Example: app, 172.28.1.3
    • \\n
\\n

HTTPS_SERVER_NAME_PORT

"}');export{d as comp,p as data}; diff --git a/assets/configuration.html-gxiqEr2y.js b/assets/configuration.html-gxiqEr2y.js new file mode 100644 index 000000000..00eb68370 --- /dev/null +++ b/assets/configuration.html-gxiqEr2y.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function l(n,e){return t(),s("div",null,e[0]||(e[0]=[i('

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000

DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.bpe.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.bpe.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server to execute database migrations
  • Default: liquibase_user

DEV_DSF_BPE_DB_URL

  • Property: dev.dsf.bpe.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF BPE server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/bpe

DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

  • Property: dev.dsf.bpe.db.user.camunda.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
  • Default: camunda_users

DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.camunda.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
  • Example: /run/secrets/db_user_camunda.password

DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

  • Property: dev.dsf.bpe.db.user.camunda.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server for camunda processes
  • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
  • Default: camunda_server_user

DEV_DSF_BPE_DB_USER_GROUP

  • Property: dev.dsf.bpe.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF BPE server
  • Default: bpe_users

DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.bpe.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF BPE server
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_BPE_DB_USER_USERNAME

  • Property: dev.dsf.bpe.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF BPE server
  • Default: bpe_server_user

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

  • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
  • Required: No
  • Description: To enable debug log messages for every bpmn activity end, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

  • Property: dev.dsf.bpe.debug.log.message.onActivityStart
  • Required: No
  • Description: To enable debug log messages for every bpmn activity start, set to true.
  • Recommendation: This debug function should only be activated during process plugin development.
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

  • Property: dev.dsf.bpe.debug.log.message.variables
  • Required: No
  • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

  • Property: dev.dsf.bpe.debug.log.message.variablesLocal
  • Required: No
  • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
  • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.local.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.local.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 5000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

  • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 60000

DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

  • Property: dev.dsf.bpe.fhir.client.remote.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
  • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.bpe.fhir.server.base.url
  • Required: Yes
  • Description: The base address of the local DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
  • Required: No
  • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

  • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
  • Default: 5000

DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

  • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
  • Required: No
  • Description: Subscription to receive notifications about task resources from the DSF FHIR server
  • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

  • Property: dev.dsf.bpe.mail.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.bpe.mail.client.certificate.private.key
  • Required: No
  • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

DEV_DSF_BPE_MAIL_FROMADDRESS

  • Property: dev.dsf.bpe.mail.fromAddress
  • Required: No
  • Description: Mail service sender address
  • Example: sender@localhost

DEV_DSF_BPE_MAIL_HOST

  • Property: dev.dsf.bpe.mail.host
  • Required: No
  • Description: SMTP server hostname
  • Example: smtp.server.de

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
  • Required: No
  • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: 4

DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

  • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
  • Required: No
  • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
  • Default: /opt/bpe/log/bpe.log

DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.password
  • Required: No
  • Description: SMTP server authentication password
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_PORT

  • Property: dev.dsf.bpe.mail.port
  • Required: No
  • Description: SMTP server port
  • Example: 465
  • Default: 0

DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

  • Property: dev.dsf.bpe.mail.replyToAddresses
  • Required: No
  • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
  • Example: reply.to@localhost

DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

  • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
  • Required: No
  • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

  • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
  • Required: No
  • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
  • Default: false

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore
  • Required: No
  • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smime_certificate.p12

DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

  • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
  • Required: No
  • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
  • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
  • Example: /run/secrets/smime_certificate.p12.password

DEV_DSF_BPE_MAIL_TOADDRESSES

  • Property: dev.dsf.bpe.mail.toAddresses
  • Required: No
  • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
  • Example: recipient@localhost

DEV_DSF_BPE_MAIL_TOADDRESSESCC

  • Property: dev.dsf.bpe.mail.toAddressesCc
  • Required: No
  • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
  • Example: cc.recipient@localhost

DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/smtp_server_trust_certificates.pem

DEV_DSF_BPE_MAIL_USERNAME

  • Property: dev.dsf.bpe.mail.username
  • Required: No
  • Description: SMTP server authentication username
  • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

DEV_DSF_BPE_MAIL_USESMTPS

  • Property: dev.dsf.bpe.mail.useSmtps
  • Required: No
  • Description: To enable SMTP over TLS (smtps), set to true
  • Default: false

DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.corePoolSize
  • Required: No
  • Description: Process engine job executor core pool size
  • Default: 4

DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

  • Property: dev.dsf.bpe.process.engine.maxPoolSize
  • Required: No
  • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
  • Default: 10

DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

  • Property: dev.dsf.bpe.process.engine.queueSize
  • Required: No
  • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
  • Default: 40

DEV_DSF_BPE_PROCESS_EXCLUDED

  • Property: dev.dsf.bpe.process.excluded
  • Required: No
  • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
  • Example: dsfdev_updateAllowList|1.0, another_process|x.y

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

  • Property: dev.dsf.bpe.process.fhir.server.retry.max
  • Required: No
  • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
  • Default: -1

DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

  • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
  • Required: No
  • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
  • Default: 5000

DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

  • Property: dev.dsf.bpe.process.plugin.directroy
  • Required: No
  • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
  • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
  • Default: process

DEV_DSF_BPE_PROCESS_RETIRED

  • Property: dev.dsf.bpe.process.retired
  • Required: No
  • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
  • Recommendation: Retire processes that where deployed previously but are not anymore available
  • Example: old_process|x.y

DEV_DSF_BPE_PROCESS_THREADS

  • Property: dev.dsf.bpe.process.threads
  • Required: No
  • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
  • Default: -1

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication
',172)]))}const c=r(o,[["render",l],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.4.0/maintain/bpe/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-bpe-db-liquibase-forceunlock","link":"#dev-dsf-bpe-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-bpe-db-liquibase-lockwaittime","link":"#dev-dsf-bpe-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","link":"#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-bpe-db-liquibase-username","link":"#dev-dsf-bpe-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_URL","slug":"dev-dsf-bpe-db-url","link":"#dev-dsf-bpe-db-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP","slug":"dev-dsf-bpe-db-user-camunda-group","link":"#dev-dsf-bpe-db-user-camunda-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","link":"#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME","slug":"dev-dsf-bpe-db-user-camunda-username","link":"#dev-dsf-bpe-db-user-camunda-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_GROUP","slug":"dev-dsf-bpe-db-user-group","link":"#dev-dsf-bpe-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE","slug":"dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","link":"#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_DB_USER_USERNAME","slug":"dev-dsf-bpe-db-user-username","link":"#dev-dsf-bpe-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND","slug":"dev-dsf-bpe-debug-log-message-onactivityend","link":"#dev-dsf-bpe-debug-log-message-onactivityend","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART","slug":"dev-dsf-bpe-debug-log-message-onactivitystart","link":"#dev-dsf-bpe-debug-log-message-onactivitystart","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES","slug":"dev-dsf-bpe-debug-log-message-variables","link":"#dev-dsf-bpe-debug-log-message-variables","children":[]},{"level":3,"title":"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL","slug":"dev-dsf-bpe-debug-log-message-variableslocal","link":"#dev-dsf-bpe-debug-log-message-variableslocal","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-fhir-client-certificate","link":"#dev-dsf-bpe-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-fhir-client-certificate-private-key","link":"#dev-dsf-bpe-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-local-timeout-connect","link":"#dev-dsf-bpe-fhir-client-local-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-local-timeout-read","link":"#dev-dsf-bpe-fhir-client-local-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE","slug":"dev-dsf-bpe-fhir-client-local-verbose","link":"#dev-dsf-bpe-fhir-client-local-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT","slug":"dev-dsf-bpe-fhir-client-remote-timeout-connect","link":"#dev-dsf-bpe-fhir-client-remote-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ","slug":"dev-dsf-bpe-fhir-client-remote-timeout-read","link":"#dev-dsf-bpe-fhir-client-remote-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE","slug":"dev-dsf-bpe-fhir-client-remote-verbose","link":"#dev-dsf-bpe-fhir-client-remote-verbose","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-bpe-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_SERVER_BASE_URL","slug":"dev-dsf-bpe-fhir-server-base-url","link":"#dev-dsf-bpe-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX","slug":"dev-dsf-bpe-fhir-task-subscription-retry-max","link":"#dev-dsf-bpe-fhir-task-subscription-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP","slug":"dev-dsf-bpe-fhir-task-subscription-retry-sleep","link":"#dev-dsf-bpe-fhir-task-subscription-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER","slug":"dev-dsf-bpe-fhir-task-subscription-search-parameter","link":"#dev-dsf-bpe-fhir-task-subscription-search-parameter","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE","slug":"dev-dsf-bpe-mail-client-certificate","link":"#dev-dsf-bpe-mail-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-bpe-mail-client-certificate-private-key","link":"#dev-dsf-bpe-mail-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","link":"#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_FROMADDRESS","slug":"dev-dsf-bpe-mail-fromaddress","link":"#dev-dsf-bpe-mail-fromaddress","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_HOST","slug":"dev-dsf-bpe-mail-host","link":"#dev-dsf-bpe-mail-host","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE","slug":"dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","link":"#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION","slug":"dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","link":"#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","link":"#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_PORT","slug":"dev-dsf-bpe-mail-port","link":"#dev-dsf-bpe-mail-port","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES","slug":"dev-dsf-bpe-mail-replytoaddresses","link":"#dev-dsf-bpe-mail-replytoaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT","slug":"dev-dsf-bpe-mail-sendmailonerrorlogevent","link":"#dev-dsf-bpe-mail-sendmailonerrorlogevent","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP","slug":"dev-dsf-bpe-mail-sendtestmailonstartup","link":"#dev-dsf-bpe-mail-sendtestmailonstartup","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE","slug":"dev-dsf-bpe-mail-smime-p12keystore","link":"#dev-dsf-bpe-mail-smime-p12keystore","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE","slug":"dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","link":"#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSES","slug":"dev-dsf-bpe-mail-toaddresses","link":"#dev-dsf-bpe-mail-toaddresses","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TOADDRESSESCC","slug":"dev-dsf-bpe-mail-toaddressescc","link":"#dev-dsf-bpe-mail-toaddressescc","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-bpe-mail-trust-server-certificate-cas","link":"#dev-dsf-bpe-mail-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USERNAME","slug":"dev-dsf-bpe-mail-username","link":"#dev-dsf-bpe-mail-username","children":[]},{"level":3,"title":"DEV_DSF_BPE_MAIL_USESMTPS","slug":"dev-dsf-bpe-mail-usesmtps","link":"#dev-dsf-bpe-mail-usesmtps","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE","slug":"dev-dsf-bpe-process-engine-corepoolsize","link":"#dev-dsf-bpe-process-engine-corepoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE","slug":"dev-dsf-bpe-process-engine-maxpoolsize","link":"#dev-dsf-bpe-process-engine-maxpoolsize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE","slug":"dev-dsf-bpe-process-engine-queuesize","link":"#dev-dsf-bpe-process-engine-queuesize","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_EXCLUDED","slug":"dev-dsf-bpe-process-excluded","link":"#dev-dsf-bpe-process-excluded","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX","slug":"dev-dsf-bpe-process-fhir-server-retry-max","link":"#dev-dsf-bpe-process-fhir-server-retry-max","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP","slug":"dev-dsf-bpe-process-fhir-server-retry-sleep","link":"#dev-dsf-bpe-process-fhir-server-retry-sleep","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY","slug":"dev-dsf-bpe-process-plugin-directroy","link":"#dev-dsf-bpe-process-plugin-directroy","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_RETIRED","slug":"dev-dsf-bpe-process-retired","link":"#dev-dsf-bpe-process-retired","children":[]},{"level":3,"title":"DEV_DSF_BPE_PROCESS_THREADS","slug":"dev-dsf-bpe-process-threads","link":"#dev-dsf-bpe-process-threads","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":8.21,"words":2464},"filePathRelative":"v1.4.0/maintain/bpe/configuration.md","excerpt":"

DEV_DSF_SERVER_API_HOST

\\n
    \\n
  • Property: dev.dsf.server.api.host
    • \\n
  • Required: Yes
    • \\n
  • Description: API connector host, default in docker image: 0.0.0.0
    • \\n
  • Default: 127.0.0.1
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/configuration.html-xk6crEob.js b/assets/configuration.html-xk6crEob.js new file mode 100644 index 000000000..b532bcfd3 --- /dev/null +++ b/assets/configuration.html-xk6crEob.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as s}from"./app-BIWb5uIp.js";const o={};function n(d,e){return s(),i("div",null,e[0]||(e[0]=[t('

DEV_DSF_FHIR_CLIENT_CERTIFICATE

  • Property: dev.dsf.fhir.client.certificate
  • Required: Yes
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.fhir.client.certificate.private.key
  • Required: Yes
  • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_certificate_private_key.pem

DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.fhir.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the local client certificate encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/app_client_certificate_private_key.pem.password

DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

  • Property: dev.dsf.fhir.client.timeout.connect
  • Required: No
  • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 2000

DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

  • Property: dev.dsf.fhir.client.timeout.read
  • Required: No
  • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
  • Recommendation: Change default value only if timeout exceptions occur
  • Default: 10000

DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.fhir.client.trust.server.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client _trust_certificates.pem

DEV_DSF_FHIR_CLIENT_VERBOSE

  • Property: dev.dsf.fhir.client.verbose
  • Required: No
  • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

  • Property: dev.dsf.fhir.db.liquibase.forceUnlock
  • Required: No
  • Description: To force liquibase to unlock the migration lock set to true
  • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
  • Default: false

DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

  • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
  • Required: No
  • Description: Liquibase change lock wait time in minutes, default 2 minutes
  • Default: 2

DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.liquibase.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server to execute database migrations
  • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
  • Example: /run/secrets/db_liquibase.password

DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

  • Property: dev.dsf.fhir.db.liquibase.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server to execute database migrations
  • Default: liquibase_user

DEV_DSF_FHIR_DB_URL

  • Property: dev.dsf.fhir.db.url
  • Required: Yes
  • Description: The address of the database used for the DSF FHIR server
  • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
  • Example: jdbc:postgresql://db/fhir

DEV_DSF_FHIR_DB_USER_GROUP

  • Property: dev.dsf.fhir.db.user.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server
  • Default: fhir_users

DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
  • Example: /run/secrets/db_user.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

  • Property: dev.dsf.fhir.db.user.permanent.delete.group
  • Required: No
  • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
  • Default: fhir_permanent_delete_users

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

  • Property: dev.dsf.fhir.db.user.permanent.delete.password
  • Required: Yes
  • Description: The password to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
  • Example: /run/secrets/db_user_permanent_delete.password

DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

  • Property: dev.dsf.fhir.db.user.permanent.delete.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server for permanent deletes
  • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
  • Default: fhir_server_permanent_delete_user

DEV_DSF_FHIR_DB_USER_USERNAME

  • Property: dev.dsf.fhir.db.user.username
  • Required: No
  • Description: The user name to access the database from the DSF FHIR server
  • Default: fhir_server_user

DEV_DSF_FHIR_SERVER_BASE_URL

  • Property: dev.dsf.fhir.server.base.url
  • Required: Yes
  • Description: The base address of this DSF FHIR server to read/store fhir resources
  • Example: https://foo.bar/fhir

DEV_DSF_FHIR_SERVER_INIT_BUNDLE

  • Property: dev.dsf.fhir.server.init.bundle
  • Required: No
  • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
  • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
  • Default: conf/bundle.xml

DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

  • Property: dev.dsf.fhir.server.organization.identifier.value
  • Required: Yes
  • Description: The local identifier value used in the Allow-List
  • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
  • Example: hospital.com

DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

  • Property: dev.dsf.fhir.server.organization.thumbprint
  • Required: Yes
  • Description: The SHA-512 thumbprint of the local organization client certificate
  • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

DEV_DSF_FHIR_SERVER_PAGE_COUNT

  • Property: dev.dsf.fhir.server.page.count
  • Required: No
  • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
  • Default: 20

DEV_DSF_FHIR_SERVER_ROLECONFIG

DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

  • Property: dev.dsf.fhir.server.static.resource.cache
  • Required: No
  • Description: To disable static resource caching, set to false
  • Recommendation: Only set to false for development
  • Default: true

DEV_DSF_PROXY_NOPROXY

  • Property: dev.dsf.proxy.noProxy
  • Required: No
  • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
  • Example: foo.bar, test.com:8080

DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

  • Property: dev.dsf.proxy.password
  • Required: No
  • Description: Forward Proxy password
  • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

DEV_DSF_PROXY_URL

  • Property: dev.dsf.proxy.url
  • Required: No
  • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
  • Example: http://proxy.foo:8080

DEV_DSF_PROXY_USERNAME

  • Property: dev.dsf.proxy.username
  • Required: No
  • Description: Forward proxy username
  • Recommendation: Configure username if proxy requires authentication

DEV_DSF_SERVER_API_HOST

  • Property: dev.dsf.server.api.host
  • Required: Yes
  • Description: API connector host, default in docker image: 0.0.0.0
  • Default: 127.0.0.1

DEV_DSF_SERVER_API_PORT

  • Property: dev.dsf.server.api.port
  • Required: Yes
  • Description: API connector port, default in docker image: 8080

DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

  • Property: dev.dsf.server.auth.client.certificate.header
  • Required: Yes
  • Description: Name of HTTP header with client certificate from reverse proxy
  • Default: X-ClientCert

DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

  • Property: dev.dsf.server.auth.oidc.authorization.code.flow
  • Required: No
  • Description: Set to true to enable OIDC authorization code flow
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

  • Property: dev.dsf.server.auth.oidc.back.channel.logout
  • Required: No
  • Description: Set to true to enable OIDC back-channel logout
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

  • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
  • Required: No
  • Description: Path called by the OIDC provide to request back-channel logout
  • Default: /back-channel-logout

DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

  • Property: dev.dsf.server.auth.oidc.bearer.token
  • Required: No
  • Description: Set to true to enable OIDC bearer token authentication
  • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
  • Default: false

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

  • Property: dev.dsf.server.auth.oidc.client.id
  • Required: No
  • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

  • Property: dev.dsf.server.auth.oidc.client.secret
  • Required: No
  • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate
  • Required: No
  • Description: PEM encoded file with client certificate for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
  • Required: No
  • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
  • Required: No
  • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
  • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
  • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
  • Required: No
  • Description: OIDC provider client connect timeout in milliseconds
  • Default: 5000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

  • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
  • Required: No
  • Description: OIDC provider client idle timeout in milliseconds
  • Default: 30000

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
  • Required: No
  • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/oidc_provider_trust_certificates.pem

DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

  • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
  • Required: No
  • Description: OIDC provider realm base url
  • Example: https://keycloak.test.com:8443/realms/example-realm-name

DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

  • Property: dev.dsf.server.auth.trust.client.certificate.cas
  • Required: Yes
  • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
  • Recommendation: Use docker secret file to configure
  • Example: /run/secrets/app_client_trust_certificates.pem

DEV_DSF_SERVER_CERTIFICATE

  • Property: dev.dsf.server.certificate
  • Required: No
  • Description: Server certificate file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_CHAIN

  • Property: dev.dsf.server.certificate.chain
  • Required: No
  • Description: Server certificate chain file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY

  • Property: dev.dsf.server.certificate.key
  • Required: No
  • Description: Server certificate private key file for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

  • Property: dev.dsf.server.certificate.key.password
  • Required: No
  • Description: Server certificate private key file password for testing
  • Recommendation: Only specify For testing when terminating TLS in jetty server

DEV_DSF_SERVER_CONTEXT_PATH

  • Property: dev.dsf.server.context.path
  • Required: Yes
  • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
  • Recommendation: Only modify for testing

DEV_DSF_SERVER_STATUS_HOST

  • Property: dev.dsf.server.status.host
  • Required: Yes
  • Description: Status connector host
  • Default: 127.0.0.1

DEV_DSF_SERVER_STATUS_PORT

  • Property: dev.dsf.server.status.port
  • Required: Yes
  • Description: Status connector port, default in docker image: 10000
',106)]))}const c=r(o,[["render",n],["__file","configuration.html.vue"]]),_=JSON.parse('{"path":"/v1.3.0/maintain/fhir/configuration.html","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT","slug":"dev-dsf-fhir-server-organization-thumbprint","link":"#dev-dsf-fhir-server-organization-thumbprint","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_HOST","slug":"dev-dsf-server-api-host","link":"#dev-dsf-server-api-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_API_PORT","slug":"dev-dsf-server-api-port","link":"#dev-dsf-server-api-port","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER","slug":"dev-dsf-server-auth-client-certificate-header","link":"#dev-dsf-server-auth-client-certificate-header","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW","slug":"dev-dsf-server-auth-oidc-authorization-code-flow","link":"#dev-dsf-server-auth-oidc-authorization-code-flow","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT","slug":"dev-dsf-server-auth-oidc-back-channel-logout","link":"#dev-dsf-server-auth-oidc-back-channel-logout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH","slug":"dev-dsf-server-auth-oidc-back-channel-logout-path","link":"#dev-dsf-server-auth-oidc-back-channel-logout-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN","slug":"dev-dsf-server-auth-oidc-bearer-token","link":"#dev-dsf-server-auth-oidc-bearer-token","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID","slug":"dev-dsf-server-auth-oidc-client-id","link":"#dev-dsf-server-auth-oidc-client-id","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET","slug":"dev-dsf-server-auth-oidc-client-secret","link":"#dev-dsf-server-auth-oidc-client-secret","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate","link":"#dev-dsf-server-auth-oidc-provider-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","link":"#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-connecttimeout","link":"#dev-dsf-server-auth-oidc-provider-client-connecttimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT","slug":"dev-dsf-server-auth-oidc-provider-client-idletimeout","link":"#dev-dsf-server-auth-oidc-provider-client-idletimeout","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","link":"#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL","slug":"dev-dsf-server-auth-oidc-provider-realm-base-url","link":"#dev-dsf-server-auth-oidc-provider-realm-base-url","children":[]},{"level":3,"title":"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS","slug":"dev-dsf-server-auth-trust-client-certificate-cas","link":"#dev-dsf-server-auth-trust-client-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE","slug":"dev-dsf-server-certificate","link":"#dev-dsf-server-certificate","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_CHAIN","slug":"dev-dsf-server-certificate-chain","link":"#dev-dsf-server-certificate-chain","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY","slug":"dev-dsf-server-certificate-key","link":"#dev-dsf-server-certificate-key","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE","slug":"dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","link":"#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_SERVER_CONTEXT_PATH","slug":"dev-dsf-server-context-path","link":"#dev-dsf-server-context-path","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_HOST","slug":"dev-dsf-server-status-host","link":"#dev-dsf-server-status-host","children":[]},{"level":3,"title":"DEV_DSF_SERVER_STATUS_PORT","slug":"dev-dsf-server-status-port","link":"#dev-dsf-server-status-port","children":[]}],"readingTime":{"minutes":4.71,"words":1412},"filePathRelative":"v1.3.0/maintain/fhir/configuration.md","excerpt":"

DEV_DSF_FHIR_CLIENT_CERTIFICATE

\\n
    \\n
  • Property: dev.dsf.fhir.client.certificate
    • \\n
  • Required: Yes
    • \\n
  • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • \\n
  • Recommendation: Use docker secret file to configure
    • \\n
  • Example: /run/secrets/app_client_certificate.pem
    • \\n
"}');export{c as comp,_ as data}; diff --git a/assets/contact.html--dlNXcVc.js b/assets/contact.html--dlNXcVc.js new file mode 100644 index 000000000..d69229955 --- /dev/null +++ b/assets/contact.html--dlNXcVc.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as s,b as t,d as o,e as a,f as n,r as u,o as d}from"./app-BIWb5uIp.js";const h={};function p(m,e){const r=u("RouteLink");return d(),i("div",null,[e[10]||(e[10]=s('

✉️ E-MAIL

Feel free to contact us via E-Mail (dsf-gecko@hs-heilbronn.de) and we will take care of your request as soon as possible.

👥 COMMUNITY

DSF's community is growing and we welcome anyone who would like to join! 🚀

Stay up to Date

',5)),t("ul",null,[e[3]||(e[3]=t("li",null,[t("a",{href:"https://github.com/datasharingframework/dsf",target:"_blank",rel:"noopener noreferrer"},"GitHub")],-1)),t("li",null,[e[1]||(e[1]=o("Follow our ")),a(r,{to:"/about/learnmore/team.html"},{default:n(()=>e[0]||(e[0]=[o("contributors")])),_:1}),e[2]||(e[2]=o(" on GitHub"))]),e[4]||(e[4]=t("li",null,[t("a",{href:"https://mii.zulipchat.com",target:"_blank",rel:"noopener noreferrer"},"Zulip Chat - MII"),o(" (If you would like access, please write us an "),t("a",{href:"mailto:dsf-gecko@hs-heilbronn.de"},"E-MAIL"),o(")")],-1))]),e[11]||(e[11]=t("h3",{id:"contribute-code",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#contribute-code"},[t("span",null,"Contribute Code")])],-1)),t("p",null,[e[6]||(e[6]=o("You can get familiar with the DSF code on GitHub. Branching follows the git-flow model, for the latest development version see branch ")),e[7]||(e[7]=t("a",{href:"https://github.com/datasharingframework/dsf/tree/develop",target:"_blank",rel:"noopener noreferrer"},"develop",-1)),e[8]||(e[8]=o(". Additionally, you can find more information ")),a(r,{to:"/stable/"},{default:n(()=>e[5]||(e[5]=[o("here")])),_:1}),e[9]||(e[9]=o(" in the documentation."))]),e[12]||(e[12]=t("h3",{id:"share-your-experience-get-support",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#share-your-experience-get-support"},[t("span",null,"Share your Experience & Get support")])],-1)),e[13]||(e[13]=t("p",null,[o("You´re welcome to share your experience with the Community. If you have a bug to report or feature to request, that's what the "),t("a",{href:"https://github.com/datasharingframework/dsf/issues",target:"_blank",rel:"noopener noreferrer"},"GitHub issues"),o(" are for.")],-1))])}const b=l(h,[["render",p],["__file","contact.html.vue"]]),g=JSON.parse('{"path":"/about/learnmore/contact.html","title":"Contact & Community","lang":"en-US","frontmatter":{"title":"Contact & Community","icon":"call","gitInclude":[]},"headers":[{"level":2,"title":"✉️ E-MAIL","slug":"e-mail","link":"#e-mail","children":[]},{"level":2,"title":"👥 COMMUNITY","slug":"community","link":"#community","children":[{"level":3,"title":"Stay up to Date","slug":"stay-up-to-date","link":"#stay-up-to-date","children":[]},{"level":3,"title":"Contribute Code","slug":"contribute-code","link":"#contribute-code","children":[]},{"level":3,"title":"Share your Experience & Get support","slug":"share-your-experience-get-support","link":"#share-your-experience-get-support","children":[]}]}],"readingTime":{"minutes":0.58,"words":174},"filePathRelative":"about/learnmore/contact.md","excerpt":"

✉️ E-MAIL

\\n

Feel free to contact us via E-Mail (dsf-gecko@hs-heilbronn.de) and we will take care of your request as soon as possible.

"}');export{b as comp,g as data}; diff --git a/assets/create.html-B1E91RlH.js b/assets/create.html-B1E91RlH.js new file mode 100644 index 000000000..420192dd2 --- /dev/null +++ b/assets/create.html-B1E91RlH.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.6.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.6.0/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-B3zd-q7E.js b/assets/create.html-B3zd-q7E.js new file mode 100644 index 000000000..b10bed2c2 --- /dev/null +++ b/assets/create.html-B3zd-q7E.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/stable/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"stable/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-BX-19DEo.js b/assets/create.html-BX-19DEo.js new file mode 100644 index 000000000..ec0c81aa5 --- /dev/null +++ b/assets/create.html-BX-19DEo.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as t,d as r,e as l,f as s,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(c,e){const o=i("RouteLink");return p(),a("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),l(o,{to:"/oldstable/tutorial/"},{default:s(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.3.2/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.3.2/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/create.html-BpleBtB4.js b/assets/create.html-BpleBtB4.js new file mode 100644 index 000000000..cf8cae551 --- /dev/null +++ b/assets/create.html-BpleBtB4.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.4.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.4.0/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-CBE8y_4a.js b/assets/create.html-CBE8y_4a.js new file mode 100644 index 000000000..42129726c --- /dev/null +++ b/assets/create.html-CBE8y_4a.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.5.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.5.0/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-CEaaiT8A.js b/assets/create.html-CEaaiT8A.js new file mode 100644 index 000000000..5da2f42a7 --- /dev/null +++ b/assets/create.html-CEaaiT8A.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.5.1/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.5.1/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-CSEOxnfr.js b/assets/create.html-CSEOxnfr.js new file mode 100644 index 000000000..13d637a9e --- /dev/null +++ b/assets/create.html-CSEOxnfr.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.7.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.7.0/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-Ce3lf9hk.js b/assets/create.html-Ce3lf9hk.js new file mode 100644 index 000000000..41e904957 --- /dev/null +++ b/assets/create.html-Ce3lf9hk.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as t,d as r,e as n,f as a,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=i("RouteLink");return p(),s("div",null,[t("p",null,[e[1]||(e[1]=r("Visit the ")),n(o,{to:"/for-you/"},{default:a(()=>e[0]||(e[0]=[r("how the DSF can help you")])),_:1}),e[2]||(e[2]=r(" page to get started."))]),t("div",h,[e[6]||(e[6]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[4]||(e[4]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),n(o,{to:"/oldstable/tutorial/"},{default:a(()=>e[3]||(e[3]=[r("process plugin tutorial")])),_:1}),e[5]||(e[5]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[7]||(e[7]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const c=l(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.5.2/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.34,"words":102},"filePathRelative":"v1.5.2/develop/create.md","excerpt":"

Visit the how the DSF can help you page to get started.

\\n
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{c as comp,w as data}; diff --git a/assets/create.html-DKW1RBR_.js b/assets/create.html-DKW1RBR_.js new file mode 100644 index 000000000..6268390d8 --- /dev/null +++ b/assets/create.html-DKW1RBR_.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as t,d as r,e as l,f as s,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(c,e){const o=i("RouteLink");return p(),a("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),l(o,{to:"/oldstable/tutorial/"},{default:s(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.3.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.3.0/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/create.html-DfXNs7tA.js b/assets/create.html-DfXNs7tA.js new file mode 100644 index 000000000..2588c1721 --- /dev/null +++ b/assets/create.html-DfXNs7tA.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as t,d as r,e as l,f as s,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(c,e){const o=i("RouteLink");return p(),a("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),l(o,{to:"/oldstable/tutorial/"},{default:s(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.1.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.1.0/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/create.html-DgtxAQYo.js b/assets/create.html-DgtxAQYo.js new file mode 100644 index 000000000..6103005f1 --- /dev/null +++ b/assets/create.html-DgtxAQYo.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as t,d as r,e as l,f as s,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(c,e){const o=i("RouteLink");return p(),a("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),l(o,{to:"/oldstable/tutorial/"},{default:s(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.2.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.2.0/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/create.html-Dhsfopdf.js b/assets/create.html-Dhsfopdf.js new file mode 100644 index 000000000..4f7624a63 --- /dev/null +++ b/assets/create.html-Dhsfopdf.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as t,d as r,e as l,f as s,r as i,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(c,e){const o=i("RouteLink");return p(),a("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),l(o,{to:"/oldstable/tutorial/"},{default:s(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.3.1/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.3.1/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/create.html-UzmU0FOF.js b/assets/create.html-UzmU0FOF.js new file mode 100644 index 000000000..28ba0c79b --- /dev/null +++ b/assets/create.html-UzmU0FOF.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as t,d as r,e as a,f as i,r as s,o as p}from"./app-BIWb5uIp.js";const d={},h={class:"hint-container tip"};function u(g,e){const o=s("RouteLink");return p(),l("div",null,[t("div",h,[e[3]||(e[3]=t("p",{class:"hint-container-title"},"Work in progress",-1)),t("p",null,[e[1]||(e[1]=r("We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the ")),a(o,{to:"/oldstable/guideline/tutorial/"},{default:i(()=>e[0]||(e[0]=[r("process plugin tutorial")])),_:1}),e[2]||(e[2]=r(". Additionally, we recommend to take a look at the upgraded DSF processes here:"))]),e[4]||(e[4]=t("ul",null,[t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-hello-world/tree/develop",target:"_blank",rel:"noopener noreferrer"},"hello world plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-ping-pong",target:"_blank",rel:"noopener noreferrer"},"ping pong plugin")]),t("li",null,[r("The "),t("a",{href:"https://github.com/datasharingframework/dsf-process-allow-list",target:"_blank",rel:"noopener noreferrer"},"update allowlist plugin")])],-1))])])}const f=n(d,[["render",u],["__file","create.html.vue"]]),w=JSON.parse('{"path":"/v1.0.0/develop/create.html","title":"Create a new process plugin","lang":"en-US","frontmatter":{"title":"Create a new process plugin","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.29,"words":88},"filePathRelative":"v1.0.0/develop/create.md","excerpt":"
\\n

Work in progress

\\n

We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:

\\n\\n
"}');export{f as comp,w as data}; diff --git a/assets/documentation.html-CyhCEMiv.js b/assets/documentation.html-CyhCEMiv.js new file mode 100644 index 000000000..56b377513 --- /dev/null +++ b/assets/documentation.html-CyhCEMiv.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.5.2/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.5.2/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-Db26NjAn.js b/assets/documentation.html-Db26NjAn.js new file mode 100644 index 000000000..d48e6e52d --- /dev/null +++ b/assets/documentation.html-Db26NjAn.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/stable/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"stable/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-DxrIQVyi.js b/assets/documentation.html-DxrIQVyi.js new file mode 100644 index 000000000..8ebd14033 --- /dev/null +++ b/assets/documentation.html-DxrIQVyi.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.5.1/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.5.1/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-KQtDStaD.js b/assets/documentation.html-KQtDStaD.js new file mode 100644 index 000000000..6fbbca0f3 --- /dev/null +++ b/assets/documentation.html-KQtDStaD.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.5.0/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.5.0/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-Wn__5BQ5.js b/assets/documentation.html-Wn__5BQ5.js new file mode 100644 index 000000000..5339c31f9 --- /dev/null +++ b/assets/documentation.html-Wn__5BQ5.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.4.0/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.4.0/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-YtBXfQ4n.js b/assets/documentation.html-YtBXfQ4n.js new file mode 100644 index 000000000..82cc0ec71 --- /dev/null +++ b/assets/documentation.html-YtBXfQ4n.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.6.0/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.6.0/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/documentation.html-ueGYR-fA.js b/assets/documentation.html-ueGYR-fA.js new file mode 100644 index 000000000..b1d191521 --- /dev/null +++ b/assets/documentation.html-ueGYR-fA.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as a}from"./app-BIWb5uIp.js";const n={};function i(s,e){return a(),o("div",null,e[0]||(e[0]=[r('

Join us in enhancing our documentation!

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

',4)]))}const l=t(n,[["render",i],["__file","documentation.html.vue"]]),h=JSON.parse(`{"path":"/v1.7.0/contribute/documentation.html","title":"Contribute documentation","lang":"en-US","frontmatter":{"title":"Contribute documentation","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.74,"words":222},"filePathRelative":"v1.7.0/contribute/documentation.md","excerpt":"

Join us in enhancing our documentation!

\\n

We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

\\n
    \\n
  1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. \\n
  2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. \\n
  3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.
    4. \\n
"}`);export{l as comp,h as data}; diff --git a/assets/dsf-concept-Dbcu0twt.js b/assets/dsf-concept-Dbcu0twt.js new file mode 100644 index 000000000..5fb26f4e0 --- /dev/null +++ b/assets/dsf-concept-Dbcu0twt.js @@ -0,0 +1 @@ +const o="/photos/info/introduction/dsf-concept.png";export{o as _}; diff --git a/assets/dsf-for-dev.html-BEsPCGfN.js b/assets/dsf-for-dev.html-BEsPCGfN.js new file mode 100644 index 000000000..04e451f61 --- /dev/null +++ b/assets/dsf-for-dev.html-BEsPCGfN.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.5.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-BHbqABzE.js b/assets/dsf-for-dev.html-BHbqABzE.js new file mode 100644 index 000000000..ea9552b99 --- /dev/null +++ b/assets/dsf-for-dev.html-BHbqABzE.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.5.2/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.2/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-BTVbCBjm.js b/assets/dsf-for-dev.html-BTVbCBjm.js new file mode 100644 index 000000000..0b0cdad31 --- /dev/null +++ b/assets/dsf-for-dev.html-BTVbCBjm.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.2.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.2.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-BbzdxZL5.js b/assets/dsf-for-dev.html-BbzdxZL5.js new file mode 100644 index 000000000..680f99ff9 --- /dev/null +++ b/assets/dsf-for-dev.html-BbzdxZL5.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.5.1/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.1/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-Bfk0jIju.js b/assets/dsf-for-dev.html-Bfk0jIju.js new file mode 100644 index 000000000..0111b93b8 --- /dev/null +++ b/assets/dsf-for-dev.html-Bfk0jIju.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(a,f){return r(),t("div")}const l=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),d=JSON.parse('{"path":"/stable/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"stable/dsf-for-dev.md","excerpt":""}');export{l as comp,d as data}; diff --git a/assets/dsf-for-dev.html-C1_lZM3T.js b/assets/dsf-for-dev.html-C1_lZM3T.js new file mode 100644 index 000000000..bd1c5b332 --- /dev/null +++ b/assets/dsf-for-dev.html-C1_lZM3T.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.3.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-C54H0sEh.js b/assets/dsf-for-dev.html-C54H0sEh.js new file mode 100644 index 000000000..c000c142a --- /dev/null +++ b/assets/dsf-for-dev.html-C54H0sEh.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.7.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.7.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-C7eEqNG_.js b/assets/dsf-for-dev.html-C7eEqNG_.js new file mode 100644 index 000000000..6028248a3 --- /dev/null +++ b/assets/dsf-for-dev.html-C7eEqNG_.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.6.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.6.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-C9euuucY.js b/assets/dsf-for-dev.html-C9euuucY.js new file mode 100644 index 000000000..47d4f6836 --- /dev/null +++ b/assets/dsf-for-dev.html-C9euuucY.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.0.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.0.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-Cb90i-uk.js b/assets/dsf-for-dev.html-Cb90i-uk.js new file mode 100644 index 000000000..16dce386d --- /dev/null +++ b/assets/dsf-for-dev.html-Cb90i-uk.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.4.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.4.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-FPawE1xG.js b/assets/dsf-for-dev.html-FPawE1xG.js new file mode 100644 index 000000000..d3f675e7e --- /dev/null +++ b/assets/dsf-for-dev.html-FPawE1xG.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.3.2/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.2/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-LGq1G0a7.js b/assets/dsf-for-dev.html-LGq1G0a7.js new file mode 100644 index 000000000..ce8d89ddb --- /dev/null +++ b/assets/dsf-for-dev.html-LGq1G0a7.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.3.1/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.1/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/dsf-for-dev.html-x2O2enR2.js b/assets/dsf-for-dev.html-x2O2enR2.js new file mode 100644 index 000000000..8a973722b --- /dev/null +++ b/assets/dsf-for-dev.html-x2O2enR2.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,o as r}from"./app-BIWb5uIp.js";const o={};function s(f,n){return r(),t("div")}const d=e(o,[["render",s],["__file","dsf-for-dev.html.vue"]]),i=JSON.parse('{"path":"/v1.1.0/dsf-for-dev.html","title":"DSF for Developers","lang":"en-US","frontmatter":{"title":"DSF for Developers","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.1.0/dsf-for-dev.md","excerpt":""}');export{d as comp,i as data}; diff --git a/assets/eclipseContent.html-IrZvhAIP.js b/assets/eclipseContent.html-IrZvhAIP.js new file mode 100644 index 000000000..127dfc8de --- /dev/null +++ b/assets/eclipseContent.html-IrZvhAIP.js @@ -0,0 +1,322 @@ +import{_ as k}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as a,e as t,f as n,a as e,r as p,o as r,d as h}from"./app-BIWb5uIp.js";const d={};function g(B,s){const i=p("RouteLink");return r(),l("div",null,[a("p",null,[t(i,{to:"/oldstable/code/code.html"},{default:n(()=>s[0]||(s[0]=[h("Back")])),_:1})]),s[2]||(s[2]=e(`
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<profiles version="15">
+    <profile kind="CodeFormatterProfile" name="highmed_dsf" version="15">
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_ellipsis" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_at_in_annotation_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_for_statment" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.new_lines_at_block_boundaries" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.insert_new_line_for_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_package" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_method_invocation" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_after_imports" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_while" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.insert_new_line_before_root_tags" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_annotation_type_member_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_throws" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_switch_statement" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_javadoc_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.indentation.size" value="4"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_postfix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_enum_constant_declaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_increments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_inits" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_with_spaces" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.disabling_tag" value="@formatter:off"/>
+        <setting id="org.eclipse.jdt.core.formatter.continuation_indentation" value="2"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_enum_constants" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_imports" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_after_package" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_binary_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_local_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_if_while_statement" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_enum_constant" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.indent_root_tags" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_or_operator_multicatch" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.enabling_tag" value="@formatter:on"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_brace_in_block" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.count_line_length_from_starting_position" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_return" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_method_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_parameter" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_then_statement_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_field" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_explicitconstructorcall_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_prefix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_between_type_declarations" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_catch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_method" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_switch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameterized_type_references" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_anonymous_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_annotation_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_enum_constant" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.never_indent_line_comments_on_first_column" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_and_in_type_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_inits" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_statements_compare_to_block" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_anonymous_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_question_in_wildcard" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_invocation_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_switch" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.align_tags_descriptions_grouped" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.line_length" value="120"/>
+        <setting id="org.eclipse.jdt.core.formatter.use_on_off_tags" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_method_body_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_brackets_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_loop_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_constant" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_assignment_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.preserve_white_space_between_code_and_line_comments" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_local_variable" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_method_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_enum_constant_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_variable_declarations_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_union_type_in_multicatch" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_type_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.number_of_blank_lines_at_beginning_of_method_body" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_else_statement_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_binary_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_catch_clause" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_parameterized_type_reference" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_field_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_explicit_constructor_call" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_anonymous_type_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_annotation_declaration_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_superinterfaces" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_default" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_question_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_block" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_constructor_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_lambda_body" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.compact_else_if" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_catch" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.put_empty_statement_on_new_line" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameters_in_constructor_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_type_parameters" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_invocation_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_method_invocation" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_constructor_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_compact_loops" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_block_comment" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_catch_in_try_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_try" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_for_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_at_end_of_file_if_missing" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_javadoc_comment" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_binary_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_unary_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_expressions_in_array_initializer" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.format_line_comment_starting_on_first_column" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.number_of_empty_lines_to_preserve" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_annotation" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_case" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_ellipsis" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_try_resources" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_assert" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_if" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_and_in_type_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_line_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_labeled_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_type_members_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_assignment" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_module_statements" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_type_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.align_tags_names_descriptions" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_type_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_if_then_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_first_class_body_declaration" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_conditional_expression" value="80"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_closing_brace_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.format_guardian_clause_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_if" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_assignment_statements_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_type" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_block" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_enum_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_block_in_case" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_header" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_while" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_switch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_method_declaration" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.join_wrapped_lines" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_conditional_operator" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_cases" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_synchronized" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_fields_grouping_blank_lines" value="2147483647"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.new_lines_at_javadoc_boundaries" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_annotation_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_resources_in_try" value="80"/>
+        <setting id="org.eclipse.jdt.core.formatter.use_tabs_only_for_leading_indentations" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_try_clause" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_selector_in_method_invocation" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.never_indent_block_comments_on_first_column" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_code_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_synchronized" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_throws" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.tabulation.size" value="4"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_allocation_expression" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_source_code" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_try" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_try_resources" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_field" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.continuation_indentation_for_array_initializer" value="2"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_question_in_wildcard" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_method" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superclass_in_type_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_enum_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_throw" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_assignment_operator" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_labeled_statement" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_switch" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_superinterfaces" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_type_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_html" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation_type_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_method_delcaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_compact_if" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_lambda_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_empty_lines" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_type_arguments" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_unary_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_annotation" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_empty_array_initializer_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_switch" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_else_in_if_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_assignment_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_new_chunk" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_label" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_declaration_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_cast" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_assert" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_member_type" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_while_in_do_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_qualified_allocation_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_opening_brace_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_breaks_compare_to_cases" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_if" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_postfix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_try" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_cast" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_block_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_lambda_arrow" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_imple_if_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameters_in_method_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_brackets_in_array_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_throws" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_statements_compare_to_body" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_multiple_fields" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_constant_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_while_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_prefix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_array_initializer" value="end_of_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_binary_operator" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_method_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_catch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_annotation" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_constant_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_lambda_declaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_braces_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_case" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_local_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_do_while_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_annotation_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_enum_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_outer_expressions_when_nested" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_paren_in_cast" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_enum_constant" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_package" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_synchronized" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_increments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation_type_member_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_expressions_in_for_loop_header" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_getter_setter_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_while" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_explicitconstructorcall_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_constant_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_lambda_arrow" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_constructor_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_throws" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.join_lines_in_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_question_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.indent_parameter_description" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_finally_in_try_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.tabulation.char" value="tab"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_field_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_between_import_groups" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.lineSplit" value="120"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_switch" value="insert"/>
+    </profile>
+</profiles>
`,1)),a("p",null,[t(i,{to:"/oldstable/code/code.html"},{default:n(()=>s[1]||(s[1]=[h("Back")])),_:1})])])}const o=k(d,[["render",g],["__file","eclipseContent.html.vue"]]),F=JSON.parse('{"path":"/oldstable/code/eclipseContent.html","title":"Eclipse code-style configurations","lang":"en-US","frontmatter":{"title":"Eclipse code-style configurations","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":7.13,"words":2138},"filePathRelative":"oldstable/code/eclipseContent.md","excerpt":"

Back

\\n
<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" standalone=\\"no\\"?>\\n<profiles version=\\"15\\">\\n    <profile kind=\\"CodeFormatterProfile\\" name=\\"highmed_dsf\\" version=\\"15\\">\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_ellipsis\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_declarations\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_allocation_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_at_in_annotation_type_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_for_statment\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.new_lines_at_block_boundaries\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_parameters\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.insert_new_line_for_parameter\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_package\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_method_invocation\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_enum_constant\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_after_imports\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_while\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.insert_new_line_before_root_tags\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_annotation_type_member_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_throws\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_switch_statement\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_javadoc_comments\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indentation.size\\" value=\\"4\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_postfix_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_enum_constant_declaration\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_increments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_arguments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_inits\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_for\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.align_with_spaces\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.disabling_tag\\" value=\\"@formatter:off\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.continuation_indentation\\" value=\\"2\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_enum_constants\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_imports\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_after_package\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_binary_operator\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_local_declarations\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_if_while_statement\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_enum_constant\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.indent_root_tags\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.wrap_before_or_operator_multicatch\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.enabling_tag\\" value=\\"@formatter:on\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_closing_brace_in_block\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.count_line_length_from_starting_position\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_return\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_method_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_parameter\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_then_statement_on_same_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_field\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_explicitconstructorcall_arguments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_prefix_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_between_type_declarations\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_brace_in_array_initializer\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_for\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_catch\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_method\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_switch\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_parameterized_type_references\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_anonymous_type_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_parenthesized_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_annotation_declaration_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_enum_constant\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.never_indent_line_comments_on_first_column\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_and_in_type_parameter\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_inits\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_statements_compare_to_block\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_anonymous_type_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_question_in_wildcard\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_invocation_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_switch\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.align_tags_descriptions_grouped\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.line_length\\" value=\\"120\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.use_on_off_tags\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_method_body_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_brackets_in_array_allocation_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_loop_body_block_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_constant\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_invocation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_assignment_operator\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_type_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_for\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.preserve_white_space_between_code_and_line_comments\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_local_variable\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_method_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_enum_constant_declaration_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.align_variable_declarations_on_columns\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_invocation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_union_type_in_multicatch\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_colon_in_for\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_type_declaration_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.number_of_blank_lines_at_beginning_of_method_body\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_arguments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_else_statement_on_same_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_binary_expression\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_catch_clause\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_parameterized_type_reference\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_array_initializer\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_field_declarations\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_explicit_constructor_call\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_anonymous_type_declaration_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_annotation_declaration_header\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_superinterfaces\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_default\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_question_in_conditional\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_block\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_constructor_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_lambda_body\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.compact_else_if\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_catch\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_invocation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.put_empty_statement_on_new_line\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_parameters_in_constructor_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_type_parameters\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_invocation_arguments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_method_invocation\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_constructor_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_compact_loops\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_block_comment\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_before_catch_in_try_statement\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_try\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_simple_for_body_on_same_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_at_end_of_file_if_missing\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_javadoc_comment\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_array_initializer\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_binary_operator\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_unary_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_expressions_in_array_initializer\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.format_line_comment_starting_on_first_column\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.number_of_empty_lines_to_preserve\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_annotation\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_colon_in_case\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_ellipsis\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_try_resources\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_colon_in_assert\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_if\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_and_in_type_parameter\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_parenthesized_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_line_comments\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_colon_in_labeled_statement\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.align_type_members_on_columns\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_assignment\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_module_statements\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_type_header\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.align_tags_names_descriptions\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_enum_constant\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_type_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_if_then_body_block_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_first_class_body_declaration\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_conditional_expression\\" value=\\"80\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_before_closing_brace_in_array_initializer\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.format_guardian_clause_on_one_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_if\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.align_assignment_statements_on_columns\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_type\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_block\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_enum_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_block_in_case\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_constructor_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_header\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_invocation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_while\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_switch\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_method_declaration\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.join_wrapped_lines\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_constructor_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.wrap_before_conditional_operator\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_cases\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_allocation_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_synchronized\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.align_fields_grouping_blank_lines\\" value=\\"2147483647\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.new_lines_at_javadoc_boundaries\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_annotation_type_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_for\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_resources_in_try\\" value=\\"80\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.use_tabs_only_for_leading_indentations\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_try_clause\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_selector_in_method_invocation\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.never_indent_block_comments_on_first_column\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_code_block_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_synchronized\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_throws\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.tabulation.size\\" value=\\"4\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_allocation_expression\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_colon_in_conditional\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_source_code\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_array_initializer\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_try\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_try_resources\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_field\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.continuation_indentation_for_array_initializer\\" value=\\"2\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_question_in_wildcard\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_method\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_superclass_in_type_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_enum_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_throw\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.wrap_before_assignment_operator\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_labeled_statement\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_switch\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_superinterfaces\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_parameters\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_type_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_brace_in_array_initializer\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_parenthesized_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_html\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation_type_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_parameters\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_method_delcaration\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_compact_if\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_lambda_body_block_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_empty_lines\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_type_arguments\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_parameterized_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_unary_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_enum_constant\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_annotation\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_declarations\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_empty_array_initializer_on_one_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_switch\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_before_else_in_if_statement\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_assignment_operator\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_constructor_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_new_chunk\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_label\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_declaration_header\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_allocation_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_constructor_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_conditional\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_cast\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_assert\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_member_type\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_before_while_in_do_statement\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_parameterized_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_arguments_in_qualified_allocation_expression\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_after_opening_brace_in_array_initializer\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_breaks_compare_to_cases\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_if\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_semicolon\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_postfix_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_try\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_cast\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.format_block_comments\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_lambda_arrow\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_imple_if_on_one_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_parameters_in_method_declaration\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_brackets_in_array_type_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_for\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_throws\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_allocation_expression\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_statements_compare_to_body\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_multiple_fields\\" value=\\"16\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_constant_arguments\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_simple_while_body_on_same_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_prefix_operator\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_array_initializer\\" value=\\"end_of_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.wrap_before_binary_operator\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_method_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_parameters\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_catch\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_comma_in_annotation\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_constant_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.parentheses_positions_in_lambda_declaration\\" value=\\"common_lines\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_between_empty_braces_in_array_initializer\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_colon_in_case\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_local_declarations\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_simple_do_while_body_on_same_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_annotation_type_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_reference\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_enum_declaration_on_one_line\\" value=\\"one_line_never\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.wrap_outer_expressions_when_nested\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_closing_paren_in_cast\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_enum_constant\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.brace_position_for_type_declaration\\" value=\\"next_line\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_before_package\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_for\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_synchronized\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_increments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation_type_member_declaration\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.alignment_for_expressions_in_for_loop_header\\" value=\\"0\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.keep_simple_getter_setter_on_one_line\\" value=\\"false\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_while\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_enum_constant\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_explicitconstructorcall_arguments\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_constant_header\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_lambda_arrow\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_constructor_declaration\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_throws\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.join_lines_in_comments\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_parameters\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_question_in_conditional\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.comment.indent_parameter_description\\" value=\\"true\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_new_line_before_finally_in_try_statement\\" value=\\"insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.tabulation.char\\" value=\\"tab\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_field_declarations\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.blank_lines_between_import_groups\\" value=\\"1\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.lineSplit\\" value=\\"120\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_annotation\\" value=\\"do not insert\\"/>\\n        <setting id=\\"org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_switch\\" value=\\"insert\\"/>\\n    </profile>\\n</profiles>
\\n
"}');export{o as comp,F as data}; diff --git a/assets/ex11-docker-composeyml.html-CaQz6qfp.js b/assets/ex11-docker-composeyml.html-CaQz6qfp.js new file mode 100644 index 000000000..db2a95f45 --- /dev/null +++ b/assets/ex11-docker-composeyml.html-CaQz6qfp.js @@ -0,0 +1,458 @@ +import{_ as p}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as h,b as e,e as n,f as l,d as i,a as k,r as t,o as r}from"./app-BIWb5uIp.js";const d={};function B(c,s){const a=t("RouteLink");return r(),h("div",null,[e("p",null,[n(a,{to:"/oldstable/tutorial/prerequisites.html"},{default:l(()=>s[0]||(s[0]=[i("Prerequisites")])),_:1}),s[7]||(s[7]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:l(()=>s[1]||(s[1]=[i("Exercise 1")])),_:1}),s[8]||(s[8]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:l(()=>s[2]||(s[2]=[i("Exercise 1.1")])),_:1}),s[9]||(s[9]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:l(()=>s[3]||(s[3]=[i("Exercise 2")])),_:1}),s[10]||(s[10]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:l(()=>s[4]||(s[4]=[i("Exercise 3")])),_:1}),s[11]||(s[11]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:l(()=>s[5]||(s[5]=[i("Exercise 4")])),_:1}),s[12]||(s[12]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:l(()=>s[6]||(s[6]=[i("Exercise 5")])),_:1})]),s[26]||(s[26]=k(`

docker-compose.yml

version: '3.8'
+services:
+  proxy:
+    image: nginx:1.23
+    restart: "no"
+    ports:
+      - 127.0.0.1:443:443
+    secrets:
+      - proxy_certificate_and_int_cas.pem
+      - proxy_certificate_private_key.pem
+      - proxy_trusted_client_cas.pem
+    volumes:
+      - type: bind
+        source: ./proxy/conf.d
+        target: /etc/nginx/conf.d
+        read_only: true
+      - type: bind
+        source: ./proxy/nginx.conf
+        target: /etc/nginx/nginx.conf
+        read_only: true
+    networks:
+      dic-fhir-frontend:
+        ipv4_address: 172.20.0.66
+      hrp-fhir-frontend:
+        ipv4_address: 172.20.0.82
+      cos-fhir-frontend:
+        ipv4_address: 172.20.0.98
+      internet:
+        aliases:
+          - cos
+          - dic
+          - hrp
+    environment:
+      TZ: Europe/Berlin
+
+  db:
+    image: postgres:13
+    restart: "no"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U liquibase_user -d postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    environment:
+      TZ: Europe/Berlin
+      POSTGRES_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      POSTGRES_USER: liquibase_user
+      POSTGRES_DB: postgres
+    networks:
+      - cos-fhir-backend
+      - dic-fhir-backend
+      - hrp-fhir-backend
+      - cos-bpe-backend
+      - dic-bpe-backend
+      - hrp-bpe-backend
+    secrets:
+      - db_liquibase.password
+    volumes:
+      - type: volume
+        source: db-data
+        target: /var/lib/postgresql/data
+      - type: bind
+        source: ./db/init-db.sh
+        target: /docker-entrypoint-initdb.d/init-db.sh
+        read_only: true
+
+  cos-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5002:5002
+    secrets:
+      - db_liquibase.password
+      - db_cos_fhir_user.password
+      - db_cos_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_cos_client_certificate.pem
+      - app_cos_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./cos/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./cos/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5002
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_cos_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/cos_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: cos_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: cos_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: cos_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: cos_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://cos/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: \${COS_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: \${COS_USER_THUMBPRINTS_PERMANENT_DELETE}
+    networks:
+      cos-fhir-frontend:
+        ipv4_address: 172.20.0.99
+      cos-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  cos-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5005:5005
+    secrets:
+      - db_liquibase.password
+      - db_cos_bpe_user.password
+      - db_cos_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_cos_client_certificate.pem
+      - app_cos_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./cos/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./cos/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./cos/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./cos/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_cos_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/cos_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: cos_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: cos_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: cos_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: cos_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://cos/fhir
+    networks:
+      cos-bpe-frontend:
+      cos-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - cos-fhir
+
+  dic-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5000:5000
+    secrets:
+      - db_liquibase.password
+      - db_dic_fhir_user.password
+      - db_dic_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_dic_client_certificate.pem
+      - app_dic_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./dic/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./dic/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5000
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: dic_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: dic_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://dic/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: \${DIC_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: \${DIC_USER_THUMBPRINTS_PERMANENT_DELETE}
+    networks:
+      dic-fhir-frontend:
+        ipv4_address: 172.20.0.67
+      dic-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  dic-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5003:5003
+    secrets:
+      - db_liquibase.password
+      - db_dic_bpe_user.password
+      - db_dic_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_dic_client_certificate.pem
+      - app_dic_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./dic/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./dic/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./dic/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./dic/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5003
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/dic_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: dic_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: dic_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic/fhir
+    networks:
+      dic-bpe-frontend:
+      dic-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - dic-fhir
+
+  hrp-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5001:5001
+    secrets:
+      - db_liquibase.password
+      - db_hrp_fhir_user.password
+      - db_hrp_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_hrp_client_certificate.pem
+      - app_hrp_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./hrp/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./hrp/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5001
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/hrp_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: hrp_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: hrp_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: hrp_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: hrp_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://hrp/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: \${HRP_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: \${HRP_USER_THUMBPRINTS_PERMANENT_DELETE}
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP
+    networks:
+      hrp-fhir-frontend:
+        ipv4_address: 172.20.0.83
+      hrp-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  hrp-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5004:5004
+    secrets:
+      - db_liquibase.password
+      - db_hrp_bpe_user.password
+      - db_hrp_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_hrp_client_certificate.pem
+      - app_hrp_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./hrp/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./hrp/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./hrp/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./hrp/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5004
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/hrp_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: hrp_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: hrp_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: hrp_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: hrp_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://hrp/fhir
+    networks:
+      hrp-bpe-frontend:
+      hrp-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - hrp-fhir
+
+secrets:
+  proxy_certificate_and_int_cas.pem:
+    file: ./secrets/proxy_certificate_and_int_cas.pem
+  proxy_certificate_private_key.pem:
+    file: ./secrets/proxy_certificate_private_key.pem
+  proxy_trusted_client_cas.pem:
+    file: ./secrets/proxy_trusted_client_cas.pem
+
+  db_liquibase.password:
+    file: ./secrets/db_liquibase.password
+
+  db_dic_fhir_user.password:
+    file: ./secrets/db_dic_fhir_user.password
+  db_dic_fhir_user_permanent_delete.password:
+    file: ./secrets/db_dic_fhir_user_permanent_delete.password
+  db_dic_bpe_user.password:
+    file: ./secrets/db_dic_bpe_user.password
+  db_dic_bpe_user_camunda.password:
+    file: ./secrets/db_dic_bpe_user_camunda.password
+
+  db_hrp_fhir_user.password:
+    file: ./secrets/db_hrp_fhir_user.password
+  db_hrp_fhir_user_permanent_delete.password:
+    file: ./secrets/db_hrp_fhir_user_permanent_delete.password
+  db_hrp_bpe_user.password:
+    file: ./secrets/db_hrp_bpe_user.password
+  db_hrp_bpe_user_camunda.password:
+    file: ./secrets/db_hrp_bpe_user_camunda.password
+
+  db_cos_fhir_user.password:
+    file: ./secrets/db_cos_fhir_user.password
+  db_cos_fhir_user_permanent_delete.password:
+    file: ./secrets/db_cos_fhir_user_permanent_delete.password
+  db_cos_bpe_user.password:
+    file: ./secrets/db_cos_bpe_user.password
+  db_cos_bpe_user_camunda.password:
+    file: ./secrets/db_cos_bpe_user_camunda.password
+
+  app_client_trust_certificates.pem:
+    file: ./secrets/app_client_trust_certificates.pem
+  app_client_certificate_private_key.pem.password:
+    file: ./secrets/app_client_certificate_private_key.pem.password
+
+  app_dic_client_certificate.pem:
+    file: ./secrets/app_dic_client_certificate.pem
+  app_dic_client_certificate_private_key.pem:
+    file: ./secrets/app_dic_client_certificate_private_key.pem
+
+  app_hrp_client_certificate.pem:
+    file: ./secrets/app_hrp_client_certificate.pem
+  app_hrp_client_certificate_private_key.pem:
+    file: ./secrets/app_hrp_client_certificate_private_key.pem
+
+  app_cos_client_certificate.pem:
+    file: ./secrets/app_cos_client_certificate.pem
+  app_cos_client_certificate_private_key.pem:
+    file: ./secrets/app_cos_client_certificate_private_key.pem
+
+networks:
+  internet:
+  dic-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.64/28
+  dic-fhir-backend:
+  dic-bpe-frontend:
+  dic-bpe-backend:
+  hrp-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.80/28
+  hrp-fhir-backend:
+  hrp-bpe-frontend:
+  hrp-bpe-backend:
+  cos-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.96/28
+  cos-fhir-backend:
+  cos-bpe-frontend:
+  cos-bpe-backend:
+
+
+volumes:
+  db-data:
+    name: dsf-process-tutorial-db
`,2)),e("p",null,[n(a,{to:"/oldstable/tutorial/prerequisites.html"},{default:l(()=>s[13]||(s[13]=[i("Prerequisites")])),_:1}),s[20]||(s[20]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:l(()=>s[14]||(s[14]=[i("Exercise 1")])),_:1}),s[21]||(s[21]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:l(()=>s[15]||(s[15]=[i("Exercise 1.1")])),_:1}),s[22]||(s[22]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:l(()=>s[16]||(s[16]=[i("Exercise 2")])),_:1}),s[23]||(s[23]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:l(()=>s[17]||(s[17]=[i("Exercise 3")])),_:1}),s[24]||(s[24]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:l(()=>s[18]||(s[18]=[i("Exercise 4")])),_:1}),s[25]||(s[25]=i(" | ")),n(a,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:l(()=>s[19]||(s[19]=[i("Exercise 5")])),_:1})])])}const y=p(d,[["render",B],["__file","ex11-docker-composeyml.html.vue"]]),E=JSON.parse('{"path":"/oldstable/tutorial/ex11-docker-composeyml.html","title":"Exercise 1.1 - Process Debugging","lang":"en-US","frontmatter":{"title":"Exercise 1.1 - Process Debugging","icon":"slides","gitInclude":[]},"headers":[{"level":3,"title":"docker-compose.yml","slug":"docker-compose-yml","link":"#docker-compose-yml","children":[]}],"readingTime":{"minutes":3.1,"words":931},"filePathRelative":"oldstable/tutorial/ex11-docker-composeyml.md","excerpt":"

Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

"}');export{y as comp,E as data}; diff --git a/assets/exercise1-simpleProcess.html-BxXADBB1.js b/assets/exercise1-simpleProcess.html-BxXADBB1.js new file mode 100644 index 000000000..0708e030d --- /dev/null +++ b/assets/exercise1-simpleProcess.html-BxXADBB1.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as o,e as r,f as a,d as t,a as i,r as c,o as d}from"./app-BIWb5uIp.js";const h={};function p(u,e){const s=c("RouteLink");return d(),l("div",null,[o("p",null,[r(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[0]||(e[0]=[t("Prerequisites")])),_:1}),e[6]||(e[6]=t(" | Exercise 1 | ")),r(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[1]||(e[1]=[t("Exercise 1.1")])),_:1}),e[7]||(e[7]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[2]||(e[2]=[t("Exercise 2")])),_:1}),e[8]||(e[8]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[3]||(e[3]=[t("Exercise 3")])),_:1}),e[9]||(e[9]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[4]||(e[4]=[t("Exercise 4")])),_:1}),e[10]||(e[10]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[5]||(e[5]=[t("Exercise 5")])),_:1})]),e[32]||(e[32]=i('

Exercise 1 - Simple Process

The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process.

With this exercise we will take a look at the general setup of the tutorial code base, modify a service class and execute the service within a simple demo process.

Introduction

Tutorial Code Base Structure and Docker Test Setup

The tutorial project consists of three parts: A test-data-generator project used to generate X.509 certificates and FHIR resources during the maven build of the project. The certificates and FHIR resources are needed to start DSF instances simulating installations at three different organizations used for this tutorial. The DSF instances are configured using a docker-compose.yml file in the test-setup folder. The docker-compose test setup uses a single PostgreSQL database server, a single nginx reverse proxy as well as three separate DSF FHIR server- and 3 separate DSF BPE server instances. The tutorial-process project contains all resource (FHIR resources, BPMN process models and Java code) for the actual DSF process plugin.

Java code for the tutorial-process project is located at src/main/java, FHIR resources and BPMN process models at src/main/resources as well as prepared JUnit tests to verify your solution at src/test/java.

Process Plugin Main Components

The most imported Java class used to specify the process plugin for the DSF BPE server is a class that implements the org.highmed.dsf.bpe.ProcessPluginDefinition interface from the DSF dsf-bpe-process-base module. The DSF BPE server searches for classes implementing this interface using the Java ServiceLoader mechanism. For this tutorial the TutorialProcessPluginDefinition class implements this interface. It is appropriately specified in the src/main/resources/META-INF/services/org.highmed.dsf.bpe.ProcessPluginDefinition file. The TutorialProcessPluginDefinition class is used to specify name and version of the process plugin, what BPMN processes are to be deployed and what FHIR resources and required by the BPMN processes. For the implementation of service task and message events of the processes a special Spring context is used for every process plugin. The TutorialProcessPluginDefinition class specifies what via Spring-Framework configuration class with Spring Beans are used for the process plugin specific Spring Context. For this plugin the TutorialConfig cass is used to define Spring Beans.

The business process engine used by the DSF BPE server is based on the OpenSource Camunda Process Engine 7. In order to specify what Java code should be executed for a BPMN ServiceTask you need to specify the fully-qualified Java class name in the ServiceTask inside the BPMN model. To be executable the Java class needs to extend the org.highmed.dsf.bpe.delegate.AbstractServiceDelegate from the DSF dsf-bpe-process-base module and the class needs to be defined as as Spring Bean.

Process Execution and FHIR Task Resources

Business process instances are started or the execution continued via FHIR Task resources. The Task resource specifies what process to instantiate or continue, what organization is requesting this action and what organization is the target for the request. When a Task resource starts a process we call it "leading", when it continues a process it's called "current". This differentiation is important for multi-instance use cases not covered by this tutorial. Each Java class extending the abstract class org.highmed.dsf.bpe.delegate.AbstractServiceDelegate has methods to access both types of Task resources.

Process Access Control

FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. These resources are used by the DSF to specify what profile the Task resource needs to conform to and what BPMN message name is used to correlate the appropriate start or intermediate event within the BPMN model. The ActivityDefinition also defines what kind of organization can request the instantiation or continuation of a process instance and what kind of organization are allowed to fulfill the request.

',15)),o("p",null,[e[13]||(e[13]=t("We will take a closer look as ")),e[14]||(e[14]=o("a",{href:"http://hl7.org/fhir/R4/activitydefinition.html",target:"_blank",rel:"noopener noreferrer"},"ActivityDefinition",-1)),e[15]||(e[15]=t(" resources in ")),r(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[11]||(e[11]=[t("Exercise 3")])),_:1}),e[16]||(e[16]=t(" and ")),r(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[12]||(e[12]=[t("Exercise 5")])),_:1}),e[17]||(e[17]=t("."))]),e[33]||(e[33]=i('

Exercise Tasks

  1. Add a log message to the HelloDic#doExecute method that logs the recipient organization identifier from the "leading" Task.
  2. Register the HelloDic class as a singleton bean in the TutorialConfig class.
  3. Set the HelloDic class as the service implementation of the appropriate service task within the hello-dic.bpmn process model.
  4. Modify the ActivityDefinition for the highmedorg_helloDic process to only allow local clients to instantiate the process via a helloDic message.

Solution Verification

Maven Build and Automated Tests

Execute a maven build of the dsf-process-tutorial parent module via:

mvn clean install -Pexercise-1

Verify that the build was successful and no test failures occurred.

Process Execution and Manual Tests

To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and to copy the jar to the appropriate locations of the docker test setup.

  1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-fhir

Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://dic/fhir.
The DSF FHIR server uses a server certificate that was generated during the first maven install build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password). Add the certificate and the generated Root CA to your browser certificate store.

Caution: If you add the generated Root CA to your browsers certificate store as a trusted Root CA, make sure you are the only one with access to the private key at .../dsf-process-tutorial/test-data-generator/cert/ca/testca_private-key.pem.

  1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-bpe

Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://dic/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a single ActivityDefinition. Also, go to https://dic/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-dic to check if the expected Task profile was created.

  1. Start the highmedorg_helloDic process by posting an appropriate FHIR Task resource to the DSF FHIR server:

The Task resource is used to tell the DSF BPE server via the DSF FHIR server that a specific organization wants to start (or continue) one process instance at a specified organization. The needed Task resource can be generated and posted to the DSF FHIR server by executing the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class. For the TutorialExampleStarter to work the location of the client certificate and its password need to be specified:

  • Either specify the location and password via program arguments: 1. location of the client certificate (.../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12), 2. password for the client certificate (password)
  • Or set the environment variables DSF_CLIENT_CERTIFICATE_PATH and DSF_CLIENT_CERTIFICATE_PASSWORD with the appropriate values.

Verify that the FHIR Task resource could be created at the DSF FHIR server. The TutorialExampleStarter class should print a message HTTP 201: Created showing that the Task resource was created.

Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should print a message showing that the process was started, print the log message you added to the HelloDic class and end with a message showing that the process finished.

',23)),o("p",null,[e[19]||(e[19]=t("Continue with ")),r(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[18]||(e[18]=[t("Exercise 1.1")])),_:1}),e[20]||(e[20]=t("."))]),e[34]||(e[34]=o("hr",null,null,-1)),o("p",null,[r(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[21]||(e[21]=[t("Prerequisites")])),_:1}),e[27]||(e[27]=t(" | Exercise 1 | ")),r(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[22]||(e[22]=[t("Exercise 1.1")])),_:1}),e[28]||(e[28]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[23]||(e[23]=[t("Exercise 2")])),_:1}),e[29]||(e[29]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[24]||(e[24]=[t("Exercise 3")])),_:1}),e[30]||(e[30]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[25]||(e[25]=[t("Exercise 4")])),_:1}),e[31]||(e[31]=t(" | ")),r(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[26]||(e[26]=[t("Exercise 5")])),_:1})])])}const m=n(h,[["render",p],["__file","exercise1-simpleProcess.html.vue"]]),b=JSON.parse('{"path":"/oldstable/tutorial/exercise1-simpleProcess.html","title":"Exercise 1 - Simple Process","lang":"en-US","frontmatter":{"title":"Exercise 1 - Simple Process","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 1 - Simple Process","slug":"exercise-1-simple-process","link":"#exercise-1-simple-process","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]},{"level":3,"title":"Solution Verification","slug":"solution-verification","link":"#solution-verification","children":[]}]}],"readingTime":{"minutes":4.59,"words":1376},"filePathRelative":"oldstable/tutorial/exercise1-simpleProcess.md","excerpt":"

Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

"}');export{m as comp,b as data}; diff --git a/assets/exercise11-processDebugging.html-B5eMvcvL.js b/assets/exercise11-processDebugging.html-B5eMvcvL.js new file mode 100644 index 000000000..da82abb12 --- /dev/null +++ b/assets/exercise11-processDebugging.html-B5eMvcvL.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as l,e as s,f as r,d as t,a as o,r as d,o as u}from"./app-BIWb5uIp.js";const p="/photos/guideline/tutorial/eclipse.png",g="/photos/guideline/tutorial/intelliJ.png",m={};function b(c,e){const i=d("RouteLink");return u(),n("div",null,[l("p",null,[s(i,{to:"/oldstable/tutorial/prerequisites.html"},{default:r(()=>e[0]||(e[0]=[t("Prerequisites")])),_:1}),e[6]||(e[6]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:r(()=>e[1]||(e[1]=[t("Exercise 1")])),_:1}),e[7]||(e[7]=t(" | Exercise 1.1 | ")),s(i,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:r(()=>e[2]||(e[2]=[t("Exercise 2")])),_:1}),e[8]||(e[8]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:r(()=>e[3]||(e[3]=[t("Exercise 3")])),_:1}),e[9]||(e[9]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:r(()=>e[4]||(e[4]=[t("Exercise 4")])),_:1}),e[10]||(e[10]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:r(()=>e[5]||(e[5]=[t("Exercise 5")])),_:1})]),e[30]||(e[30]=o('

Exercise 1.1 - Process Debugging

This exercise looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin.

Introduction

The DSF FHIR server and the DSF BPE server applications are written in Java and as such are execute on a headless JRE 11 within their docker containers. Command line arguments can be passed to the JVM inside the ghcr.io/highmed/fhir and ghcr.io/highmed/bpe docker images by specifying the environment variable EXTRA_JVM_ARGS. This can be used for example to configure the minimum and maximum heap of the JVM; but can also be used to specify a remote debugging port, which we will use in this exercise.

',5)),l("p",null,[e[12]||(e[12]=t("An ")),e[13]||(e[13]=l("code",null,"EXTRA_JVM_ARGS",-1)),e[14]||(e[14]=t(" environment variable is already configure for all DSF FHIR server and DSF BPE server docker containers in the tutorial docker-compose test setup. Take a look at the ")),s(i,{to:"/oldstable/tutorial/ex11-docker-composeyml.html"},{default:r(()=>e[11]||(e[11]=[t("docker-compose.yml")])),_:1}),e[15]||(e[15]=t(" file to lookup the port numbers specified for the different DSF FHIR and DSF BPE servers."))]),e[31]||(e[31]=o('

Exercise Tasks

  1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-fhir
  1. Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-bpe
  1. Configure your Java IDE for remote debugging

  • Eclipse:
    Eclipse

  • IntelliJ:
    IntelliJ

  1. Create a debug breakpoint in the first line of the HelloDic class doExecute method.

  2. Start your previously defined remote Java debugger in your IDE.

  3. Execute the TutorialExampleStarter class to start highmed_helloDic process.

  4. User your IDE's debugger to step thru the code of the HelloDic class doExecute method.

',9)),l("p",null,[e[17]||(e[17]=t("Continue with ")),s(i,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:r(()=>e[16]||(e[16]=[t("Exercise 2")])),_:1}),e[18]||(e[18]=t("."))]),e[32]||(e[32]=l("hr",null,null,-1)),l("p",null,[s(i,{to:"/oldstable/tutorial/prerequisites.html"},{default:r(()=>e[19]||(e[19]=[t("Prerequisites")])),_:1}),e[25]||(e[25]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:r(()=>e[20]||(e[20]=[t("Exercise 1")])),_:1}),e[26]||(e[26]=t(" | Exercise 1.1 | ")),s(i,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:r(()=>e[21]||(e[21]=[t("Exercise 2")])),_:1}),e[27]||(e[27]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:r(()=>e[22]||(e[22]=[t("Exercise 3")])),_:1}),e[28]||(e[28]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:r(()=>e[23]||(e[23]=[t("Exercise 4")])),_:1}),e[29]||(e[29]=t(" | ")),s(i,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:r(()=>e[24]||(e[24]=[t("Exercise 5")])),_:1})])])}const f=a(m,[["render",b],["__file","exercise11-processDebugging.html.vue"]]),k=JSON.parse('{"path":"/oldstable/tutorial/exercise11-processDebugging.html","title":"Exercise 1.1 - Process Debugging","lang":"en-US","frontmatter":{"title":"Exercise 1.1 - Process Debugging","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 1.1 - Process Debugging","slug":"exercise-1-1-process-debugging","link":"#exercise-1-1-process-debugging","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]}]}],"readingTime":{"minutes":1.14,"words":341},"filePathRelative":"oldstable/tutorial/exercise11-processDebugging.md","excerpt":"

Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

"}');export{f as comp,k as data}; diff --git a/assets/exercise2-inputParameters.html-BLlHrkE8.js b/assets/exercise2-inputParameters.html-BLlHrkE8.js new file mode 100644 index 000000000..7d2013dcc --- /dev/null +++ b/assets/exercise2-inputParameters.html-BLlHrkE8.js @@ -0,0 +1,6 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as r,e as i,f as a,d as t,a as o,r as d,o as h}from"./app-BIWb5uIp.js";const p={},u={start:"3"};function g(m,e){const s=d("RouteLink");return h(),l("div",null,[r("p",null,[i(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[0]||(e[0]=[t("Prerequisites")])),_:1}),e[6]||(e[6]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[1]||(e[1]=[t("Exercise 1")])),_:1}),e[7]||(e[7]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[2]||(e[2]=[t("Exercise 1.1")])),_:1}),e[8]||(e[8]=t(" | Exercise 2 | ")),i(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[3]||(e[3]=[t("Exercise 3")])),_:1}),e[9]||(e[9]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[4]||(e[4]=[t("Exercise 4")])),_:1}),e[10]||(e[10]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[5]||(e[5]=[t("Exercise 5")])),_:1})]),e[66]||(e[66]=o('

Exercise 2 - Input Parameters

In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. The goal of this exercise is to enhance the highmedorg_helloDic process by trying them both.

Introduction

DSF process plugins can be configured with input parameters using two different approaches:

  • Static configuration using environment variables during the deployment of a process plugin.
  • Dynamic configuration by sending values as part of the Task resource to start or continue a process instance.

Environment Variables

Environment variables are the same for all running process instances and allow static configuration of processes. They can be defined by adding a member variable having the Spring-Framework @Value annotation to the configuration class TutorialConfig. The value of the annotation uses the ${..} notation and follows the form ${some.property:defaultValue}, where each dot in the property name corresponds to an underscore in the environment variable and environment variables are always written upper-case. The property some.property therefore corresponds to the environment variable SOME_PROPERTY.

To create an automated documentation of environment variables during the Maven build process, the DSF provided @ProcessDocumentation annotation from the package org.highmed.dsf.tools.generator can be used. The pom.xml of the tutorial-process submodule calls the DSF provided DocumentGenerator class from the same package during the prepare-package phase of the build process. The generator searches for all @ProcessDocumentation annotations and generates a Markdown documentation based on the annotation's values in the target folder.

Task Input Parameters

Providing input parameters to a specific process instance allows for dynamic configuration of process instances. It can be done by sending additional values as part of the Task resource that starts or continues a process instance. It should be noted that a FHIR profile must be created for each Task resource, i.e. for each message event in a process model, which inherits from the DSF Task Base Profile. This base profile defines three default input parameters:

  • message-name (mandatory 1..1): the name of the BPMN message event, same as in the BPMN model
  • business-key (optional 0..1): used to identify process instances
  • correlation-key(optional 0..1): used to identify multi-instance process instances used for messaging multiple targets

A later exercise will examine these input parameters and their meaning in more detail.

',13)),r("p",null,[e[12]||(e[12]=t("Since input parameters of ")),e[13]||(e[13]=r("a",{href:"http://hl7.org/fhir/R4/task.html",target:"_blank",rel:"noopener noreferrer"},"Task",-1)),e[14]||(e[14]=t(" resources are identified by predefined codes, they are defined via FHIR ")),e[15]||(e[15]=r("a",{href:"http://hl7.org/fhir/R4/codesystem.html",target:"_blank",rel:"noopener noreferrer"},"CodeSystem",-1)),e[16]||(e[16]=t(" and ")),i(s,{to:"/oldstable/tutorial/hl7.org/fhir/R4/valueset.html"},{default:a(()=>e[11]||(e[11]=[t("ValueSet")])),_:1}),e[17]||(e[17]=t(" resources. The ")),e[18]||(e[18]=r("a",{href:"https://github.com/highmed/highmed-dsf/blob/main/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/highmed-bpmn-message-0.5.0.xml",target:"_blank",rel:"noopener noreferrer"},"BPMN-Message CodeSystem",-1)),e[19]||(e[19]=t(" and the ")),e[20]||(e[20]=r("a",{href:"https://github.com/highmed/highmed-dsf/blob/main/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/highmed-bpmn-message-0.5.0.xml",target:"_blank",rel:"noopener noreferrer"},"BPMN-Message ValueSet",-1)),e[21]||(e[21]=t(" are used in the ")),e[22]||(e[22]=r("a",{href:"https://github.com/highmed/highmed-dsf/blob/main/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/highmed-task-base-0.5.0.xml",target:"_blank",rel:"noopener noreferrer"},"DSF Task Base Profile",-1)),e[23]||(e[23]=t(" to define the three default input parameters of ")),e[24]||(e[24]=r("a",{href:"http://hl7.org/fhir/R4/task.html",target:"_blank",rel:"noopener noreferrer"},"Task",-1)),e[25]||(e[25]=t(" resources."))]),e[67]||(e[67]=o(`

Version and Release-Date Placeholders

To avoid the need to specify the version and release date for each CodeSystem, StructureDefinition (Task profile) and ValueSet resource, the placeholders #{version} and #{date} can be used. They are replaced with the values returned by the methods ProcessPluginDefinition#getVersion() and ProcessPluginDefinition#getReleaseDate() respectively during deployment of a process plugin by the DSF BPE server.

Read Access Tag
While writing FHIR resources on the DSF FHIR server is only allowed by the own organization (except Task), rules have to be defined for reading FHIR resources by external organizations (again except Task). The Resource.meta.tag field is used for this purpose. To allow read access for all organizations (the standard for metadata resources), the following read-access-tag value can be written into this field:

<meta>
+   <tag>
+      <system value="http://highmed.org/fhir/CodeSystem/read-access-tag" />
+      <code value="ALL" />
+   </tag>
+</meta>

The read access rules for Task resources are defined through the fields Task.requester and Task.restriction.recipient. Therefore, no read-access-tag is needed.

It is also possible to restrict read access of FHIR resources to organizations with a specific role in a consortium or a specific identifier, but this is not covered in the tutorial.

`,6)),r("p",null,[e[28]||(e[28]=t("The write access rules for ")),e[29]||(e[29]=r("a",{href:"http://hl7.org/fhir/R4/task.html",target:"_blank",rel:"noopener noreferrer"},"Task",-1)),e[30]||(e[30]=t(" resources are defined through the ")),e[31]||(e[31]=r("a",{href:"http://hl7.org/fhir/R4/activitydefinition.html",target:"_blank",rel:"noopener noreferrer"},"ActivityDefinition",-1)),e[32]||(e[32]=t(" resources belonging to the process. We will take a look at this in ")),i(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[26]||(e[26]=[t("exercise 3")])),_:1}),e[33]||(e[33]=t(" and ")),i(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[27]||(e[27]=[t("exercise 5")])),_:1}),e[34]||(e[34]=t("."))]),e[68]||(e[68]=o('

Exercise Tasks

  1. Add an environment variable to enable/disable logging to the TutorialConfig class specify the default value as false.
  2. Inject the value of the environment variable in to HelloDic class, by modifying its constructor and using the new field of the TutorialConfig class.
  3. Use the value of the environment variable in the HelloDic class to decide whether the log message from exercise 1 should be printed.
  4. Adapt test-setup/docker-compose.yml by adding the new environment variable to the service dic-bpe and set the value to "true".
  5. Create a new CodeSystem with url http://highmed.org/fhir/CodeSystem/tutorial having a concept with code tutorial-input.
  6. Create a new ValueSet with url http://highmed.org/fhir/ValueSet/tutorial that includes all concepts from the CodeSystem.
  7. Add the new CodeSystem and ValueSet resources to the highmedorg_helloDic process in the TutorialProcessPluginDefinition class.
  8. Add a new input parameter of type string to the task-hello-dic.xml Task profile using the concept of the new CodeSystem as a fixed coding.
  9. Read the new input parameter in the HelloDic class from the "leading" Task and add the value to the log message from exercise 1.
  10. Adapt the starter class TutorialExampleStarter by adding the new input parameter with an arbitrary string.

Solution Verification

Maven Build and Automated Tests

Execute a maven build of the dsf-process-tutorial parent module via:

mvn clean install -Pexercise-2

Verify that the build was successful and no test failures occurred.

Process Execution and Manual Tests

To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

  1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-fhir

Verify the DSF FHIR server started successfully.

  1. Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:
docker-compose up dic-bpe

Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

',17)),r("ol",u,[r("li",null,[e[36]||(e[36]=t("Start the ")),e[37]||(e[37]=r("code",null,"highmedorg_helloDic",-1)),e[38]||(e[38]=t(" process by posting an appropriate FHIR ")),e[39]||(e[39]=r("a",{href:"http://hl7.org/fhir/R4/task.html",target:"_blank",rel:"noopener noreferrer"},"Task",-1)),e[40]||(e[40]=t(" resource to the DSF FHIR server of the ")),e[41]||(e[41]=r("code",null,"Test_DIC",-1)),e[42]||(e[42]=t(" organization: Execute the ")),e[43]||(e[43]=r("code",null,"main",-1)),e[44]||(e[44]=t(" method of the ")),e[45]||(e[45]=r("code",null,"org.highmed.dsf.process.tutorial.TutorialExampleStarter",-1)),e[46]||(e[46]=t(" class as in ")),i(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[35]||(e[35]=[t("exercise 1")])),_:1}),e[47]||(e[47]=t(" to create the ")),e[48]||(e[48]=r("a",{href:"http://hl7.org/fhir/R4/task.html",target:"_blank",rel:"noopener noreferrer"},"Task",-1)),e[49]||(e[49]=t(" resource needed to start the ")),e[50]||(e[50]=r("code",null,"highmedorg_helloDic",-1)),e[51]||(e[51]=t(" process."))])]),e[69]||(e[69]=o('

Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should:

  • Print a message showing that the process was started.
  • If logging is enabled - print the log message and the value of the input parameter you added to the HelloDic implementation.
  • Print a message showing that the process finished.

Check that you can disable logging of you message by modifying the docker-compose.yml file and configuring your environment variable with the value "false" or removing the environment variable.
Note: Changes to environment variable require recreating the docker container.

Also check that modification to the Task input parameter specified in the TutorialExampleStarter class, have the appropriate effect on your log message.

',4)),r("p",null,[e[53]||(e[53]=t("Continue with ")),i(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[52]||(e[52]=[t("Exercise 3")])),_:1}),e[54]||(e[54]=t("."))]),e[70]||(e[70]=r("hr",null,null,-1)),r("p",null,[i(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[55]||(e[55]=[t("Prerequisites")])),_:1}),e[61]||(e[61]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[56]||(e[56]=[t("Exercise 1")])),_:1}),e[62]||(e[62]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[57]||(e[57]=[t("Exercise 1.1")])),_:1}),e[63]||(e[63]=t(" | Exercise 2 | ")),i(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[58]||(e[58]=[t("Exercise 3")])),_:1}),e[64]||(e[64]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[59]||(e[59]=[t("Exercise 4")])),_:1}),e[65]||(e[65]=t(" | ")),i(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[60]||(e[60]=[t("Exercise 5")])),_:1})])])}const k=n(p,[["render",g],["__file","exercise2-inputParameters.html.vue"]]),b=JSON.parse('{"path":"/oldstable/tutorial/exercise2-inputParameters.html","title":"Exercise 2 - Input Parameters","lang":"en-US","frontmatter":{"title":"Exercise 2 - Input Parameters","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 2 - Input Parameters","slug":"exercise-2-input-parameters","link":"#exercise-2-input-parameters","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]},{"level":3,"title":"Solution Verification","slug":"solution-verification","link":"#solution-verification","children":[]}]}],"readingTime":{"minutes":4.58,"words":1373},"filePathRelative":"oldstable/tutorial/exercise2-inputParameters.md","excerpt":"

Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

"}');export{k as comp,b as data}; diff --git a/assets/exercise3-messageEvents.html-tI2HZN1H.js b/assets/exercise3-messageEvents.html-tI2HZN1H.js new file mode 100644 index 000000000..e80f70d26 --- /dev/null +++ b/assets/exercise3-messageEvents.html-tI2HZN1H.js @@ -0,0 +1,32 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as n,e as t,f as a,d as i,a as r,r as h,o as d}from"./app-BIWb5uIp.js";const p="/photos/guideline/tutorial/ex3.png",c={};function g(k,e){const s=h("RouteLink");return d(),l("div",null,[n("p",null,[t(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[0]||(e[0]=[i("Prerequisites")])),_:1}),e[6]||(e[6]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[1]||(e[1]=[i("Exercise 1")])),_:1}),e[7]||(e[7]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[2]||(e[2]=[i("Exercise 1.1")])),_:1}),e[8]||(e[8]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[3]||(e[3]=[i("Exercise 2")])),_:1}),e[9]||(e[9]=i(" | Exercise 3 | ")),t(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[4]||(e[4]=[i("Exercise 4")])),_:1}),e[10]||(e[10]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[5]||(e[5]=[i("Exercise 5")])),_:1})]),e[33]||(e[33]=r('

Exercise 3 - Message Events

Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization.

To demonstrate communication between two organizations we will configure message flow between the processes highmedorg_helloDic and highmedorg_helloCos. The processes are then to be executed at the organizations Test_DIC and Test_COS respectively in the docker test setup, with the former triggering execution of the latter by automatically sending a Task from organization Test_DIC to organization Test_COS.

Introduction

Message Flow and FHIR Task resources

BPMN processes are instantiated and started within the DSF by creating a matching FHIR Task resource in the DSF FHIR server. This is true for executing a process on the local DSF BPE server by manually creating a Task resource, but also works by creating and starting a process instance at a remote DSF BPE server from an executing process automatically.

In order to exchange information between different processes, for example at two different organizations, BPMN message flow is used. Typically represented by a dashed line arrow between elements with black (send) and white (receive) envelop icons. The following BPMN collaboration diagram shows two processes. The process at "Organization 1" is sending a message to "Organization 2" which results in the instantiation and execution of new process instance at the second organization.

Message Flow
Message Flow

Every time message flow is used in a BPMN process for the DSF, a corresponding FHIR Task profile needs to be specified for every interaction. This profile specifies which process should be started or continued and what the message name is when correlating the appropriate Message Start Event or Intermediate Message Catch Event. A Business Key and a Correlation Key are specified if different process instances need to be linked to a single execution, for example to be able to send a message back.

BPMN Process Definition Key vs. FHIR Task.instantiatesUri and ActivityDefinition.url / version

FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. They also control what kind of organization can request the instantiation or continuation of a process instance and what kind of organization is allowed to fulfill the request.

In order to link the FHIR and BPMN worlds the BPMN process definition key needs to be specified following the pattern ^[-a-zA-Z0-9]+_[-a-zA-Z0-9]+$ for example:

domainorg_processKey

In addition the BPM process needs to specify a process version with the pattern ^\\d+.\\d+.\\d+$ for example:

1.0.0

This results in a canonical URL used to identify the process, for example:

http://domain.org/bpe/Process/processKey/1.0.0

The canonical URL is used for Task.instantiatesUri and ActivityDefinition.url / version.

ActivityDefinitions for the DSF

FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.

The authorization extension needs to be configured at least once and has four sub extensions:

message-name [1..1]

String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.

task-profile [1..1]

Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.

requester [1..]

Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:

',28)),n("ul",null,[e[16]||(e[16]=r('

  • LOCAL_ORGANIZATION A local organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.

  • REMOTE_ORGANIZATION A remote (non local) organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.

  • LOCAL_ROLE A local organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.

    • ',3)),n("li",null,[n("p",null,[e[12]||(e[12]=i("REMOTE_ROLE A remote (non local) organizations with a specific role defined via ")),t(s,{to:"/oldstable/tutorial/hl7.org/fhir/R4/organizationaffiliation.html"},{default:a(()=>e[11]||(e[11]=[i("OrganizationAffiliation")])),_:1}),e[13]||(e[13]=i(". Role and consortium identifier need to be specified using the ")),e[14]||(e[14]=n("a",{href:"http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role",target:"_blank",rel:"noopener noreferrer"},"http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role",-1)),e[15]||(e[15]=i(" extension."))])]),e[17]||(e[17]=n("li",null,[n("p",null,"LOCAL_ALL All local organizations regardless of their identifier or role in a consortium.")],-1)),e[18]||(e[18]=n("li",null,[n("p",null,"REMOTE_ALL All remote (non local) organizations regardless of their identifier or role in a consortium.")],-1))]),e[34]||(e[34]=r(`
    recipient [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.

    The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.

    Authorization Extension Example

    The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.

    <extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization">
+	<extension url="message-name">
+		<valueString value="some-message-name" />
+	</extension>
+	<extension url="task-profile">
+		<valueCanonical value="http://foo.org/fhir/StructureDefinition/profile|#{version}" />
+	</extension>
+	<extension url="requester">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization">
+				<valueIdentifier>
+					<system value="http://highmed.org/sid/organization-identifier" />
+					<value value="identifier.remote.org" />
+				</valueIdentifier>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="REMOTE_ORGANIZATION" />
+		</valueCoding>
+	</extension>
+	<extension url="recipient">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization">
+				<valueIdentifier>
+					<system value="http://highmed.org/sid/organization-identifier" />
+					<value value="identifier.local.org" />
+				</valueIdentifier>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="LOCAL_ORGANIZATION" />
+		</valueCoding>
+	</extension>
+</extension>

    Exercise Tasks

    1. Modify the highmedorg_helloDic process in the hello-dic.bpmn file and replace the End Event with a Message End Event. Configure input parameters instantiatesUri, profile and messageName in the BPMN model for the Message End Event. Set the message name of the Message End Event and configure it to be executed using the HelloCosMessage class.
      Use http://highmed.org/fhir/StructureDefinition/task-hello-cos|#{version} as the profile and helloCos as the message name. Figure out what the appropriate instantiatesUri value is, based on the name (process definition key) of the process to be triggered.
    2. Modify the highmedorg_helloCos process in the hello-cos.bpmn file and configure the message name of the Message Start Event with the same value as the message name of the Message End Event in the highmedorg_helloDic process.
    3. Create a new StructureDefinition with a Task profile for the helloCos message.
    4. Create a new ActivityDefinition resource for the highmedorg_helloCos process and configure the authorization extension to allow the Test_DIC organization as the requester and the Test_COS organization as the recipient.
    5. Add the highmedorg_helloCos process and its resources to the TutorialProcessPluginDefinition class.
    6. Modify HelloDic service class to set the target process variable for the Test_COS organization.
    7. Configure the HelloCosMessage class as a spring in the TutorialConfig class.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-3

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in another console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_COS organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://cos/fhir.
    The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

    1. Start the DSF BPE server for the Test_COS organization in another console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://cos/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain two ActivityDefinition resources. Also, go to https://cos/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-cos to check if the expected Task profile was created.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was send to the Test_COS organization.
    Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was then executed by the DSF BPE server of the Test_COS organization.

    `,32)),n("p",null,[e[20]||(e[20]=i("Continue with ")),t(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[19]||(e[19]=[i("exercise 4")])),_:1}),e[21]||(e[21]=i("."))]),e[35]||(e[35]=n("hr",null,null,-1)),n("p",null,[t(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[22]||(e[22]=[i("Prerequisites")])),_:1}),e[28]||(e[28]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[23]||(e[23]=[i("Exercise 1")])),_:1}),e[29]||(e[29]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[24]||(e[24]=[i("Exercise 1.1")])),_:1}),e[30]||(e[30]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[25]||(e[25]=[i("Exercise 2")])),_:1}),e[31]||(e[31]=i(" | Exercise 3 | ")),t(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[26]||(e[26]=[i("Exercise 4")])),_:1}),e[32]||(e[32]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[27]||(e[27]=[i("Exercise 5")])),_:1})])])}const m=o(c,[["render",g],["__file","exercise3-messageEvents.html.vue"]]),v=JSON.parse('{"path":"/oldstable/tutorial/exercise3-messageEvents.html","title":"Exercise 3 - Message Events","lang":"en-US","frontmatter":{"title":"Exercise 3 - Message Events","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 3 - Message Events","slug":"exercise-3-message-events","link":"#exercise-3-message-events","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]},{"level":3,"title":"Solution Verification","slug":"solution-verification","link":"#solution-verification","children":[]}]}],"readingTime":{"minutes":6.16,"words":1849},"filePathRelative":"oldstable/tutorial/exercise3-messageEvents.md","excerpt":"

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    "}');export{m as comp,v as data}; diff --git a/assets/exercise4-exclusiveGateways.html-BFc2qSSk.js b/assets/exercise4-exclusiveGateways.html-BFc2qSSk.js new file mode 100644 index 000000000..8699efb43 --- /dev/null +++ b/assets/exercise4-exclusiveGateways.html-BFc2qSSk.js @@ -0,0 +1,4 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as o,e as i,f as a,d as s,a as n,r as d,o as c}from"./app-BIWb5uIp.js";const h={};function u(p,e){const t=d("RouteLink");return c(),l("div",null,[o("p",null,[i(t,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[0]||(e[0]=[s("Prerequisites")])),_:1}),e[6]||(e[6]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[1]||(e[1]=[s("Exercise 1")])),_:1}),e[7]||(e[7]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[2]||(e[2]=[s("Exercise 1.1")])),_:1}),e[8]||(e[8]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[3]||(e[3]=[s("Exercise 2")])),_:1}),e[9]||(e[9]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[4]||(e[4]=[s("Exercise 3")])),_:1}),e[10]||(e[10]=s(" | Exercise 4 | ")),i(t,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[5]||(e[5]=[s("Exercise 5")])),_:1})]),e[24]||(e[24]=n(`

    Exercise 4 - Exclusive Gateways

    Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented by modifying the highmedorg_helloDic process.

    Introduction

    Exclusive Gateways

    Different sequence flows during the execution of a process instance can be modeled using BPMN Exclusive Gateways. For each outgoing sequence flow of the gateway, a BPMN Condition Expression can be added to the process model, deciding whether a sequence flow should be followed. Thereby, all condition decisions must be in an XOR relationship to each other.

    Condition Expressions

    A BPMN Condition Expression uses the \${..} notation. Within the curly braces all execution variables of a process instance can be accessed, e.g. the ones that were stored in a previous Java implementation of a BPMN ServiceTask. For example, the BPMN Condition Expression \${cohortSize > 100} checks whether the value in the execution variable cohortSize is greater than 100.

    Storing / Modifying Process Variables

    Via the DelegateExecution execution parameter of the doExecute method of a class extending AbstractServiceDelegate, we can write and read process variables of the current process instance. The following code listing show how to write and read a boolean variable:

    {
+	execution.setVariable("variable-name", Variables.booleanValue(false));
+	boolean variable = (boolean) execution.getVariable("variable-name");
+}

    For more details on process variables see the Camunda documentation.

    Exercise Tasks

    1. In the HelloDic class, write an algorithm deciding based on the "leading" Task's input parameter tutorial-input, whether the highmedorg_helloCos process should be started.
    2. Add a boolean variable to the process instance execution variables storing the decision.
    3. Add an exclusive gateway to the highmedorg_helloDic process model and two outgoing sequence flows - the first starting process highmedorg_helloDic, the second stopping process highmedorg_helloDic without starting process highmedorg_helloCos.
    4. Add a condition expressions to each outgoing sequence flow based on the previously stored execution variable.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-4

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the highmedorg_helloDic process was executed successfully by the Test_DIC DSF BPE server and possibly the highmedorg_helloCos process by the Test_COS DSF BPE server, depending on whether decision of your algorithm based on the input parameter allowed to start the highmedorg_helloDic process.

    `,34)),o("p",null,[e[12]||(e[12]=s("Continue with ")),i(t,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[11]||(e[11]=[s("exercise 5")])),_:1})]),e[25]||(e[25]=o("hr",null,null,-1)),o("p",null,[i(t,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[13]||(e[13]=[s("Prerequisites")])),_:1}),e[19]||(e[19]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[14]||(e[14]=[s("Exercise 1")])),_:1}),e[20]||(e[20]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[15]||(e[15]=[s("Exercise 1.1")])),_:1}),e[21]||(e[21]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[16]||(e[16]=[s("Exercise 2")])),_:1}),e[22]||(e[22]=s(" | ")),i(t,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[17]||(e[17]=[s("Exercise 3")])),_:1}),e[23]||(e[23]=s(" | Exercise 4 | ")),i(t,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:a(()=>e[18]||(e[18]=[s("Exercise 5")])),_:1})])])}const b=r(h,[["render",u],["__file","exercise4-exclusiveGateways.html.vue"]]),f=JSON.parse('{"path":"/oldstable/tutorial/exercise4-exclusiveGateways.html","title":"Exercise 4 - Exclusive Gateways","lang":"en-US","frontmatter":{"title":"Exercise 4 - Exclusive Gateways","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 4 - Exclusive Gateways","slug":"exercise-4-exclusive-gateways","link":"#exercise-4-exclusive-gateways","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]},{"level":3,"title":"Solution Verification","slug":"solution-verification","link":"#solution-verification","children":[]}]}],"readingTime":{"minutes":2.29,"words":686},"filePathRelative":"oldstable/tutorial/exercise4-exclusiveGateways.md","excerpt":"

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    "}');export{b as comp,f as data}; diff --git a/assets/exercise5-eventBasedGateways.html-DEvFgy-0.js b/assets/exercise5-eventBasedGateways.html-DEvFgy-0.js new file mode 100644 index 000000000..2ccc0d1a2 --- /dev/null +++ b/assets/exercise5-eventBasedGateways.html-DEvFgy-0.js @@ -0,0 +1,48 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as n,e as t,f as a,d as i,a as h,r as o,o as d}from"./app-BIWb5uIp.js";const p="/photos/guideline/tutorial/ex5.png",k={};function g(c,e){const s=o("RouteLink");return d(),l("div",null,[n("p",null,[t(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[0]||(e[0]=[i("Prerequisites")])),_:1}),e[6]||(e[6]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[1]||(e[1]=[i("Exercise 1")])),_:1}),e[7]||(e[7]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[2]||(e[2]=[i("Exercise 1.1")])),_:1}),e[8]||(e[8]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[3]||(e[3]=[i("Exercise 2")])),_:1}),e[9]||(e[9]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[4]||(e[4]=[i("Exercise 3")])),_:1}),e[10]||(e[10]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[5]||(e[5]=[i("Exercise 4")])),_:1}),e[11]||(e[11]=i(" | Exercise 5"))]),e[24]||(e[24]=h('

    Exercise 5 - Event Based Gateways and Intermediate Events

    In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. With this exercise we will add a third process and complete a message loop from Test_DIC to Test_COR to Test_HRP back to Test_DIC.

    Introduction

    Managing Multiple- and Missing Messages

    If an existing and started process instance is waiting for a message from another organization, the corresponding FHIR Task may never arrive. Either because the other organization decides to never send the "message" or because some technical problem prohibits the Task resource from being posted to the DSF FHIR server. This would result in stale process instances that never finish.

    In order to solve this problem we can add an Event Based Gateway to the process waiting for a response and then either handle a Task resource with the response and finish the process in a success state or fire of an Intermediate Timer Catch Event after a defined wait period and finish the process in an error state. The following BPMN collaboration diagram shows how the process at the first organization would look like if two different message or no message could be received:

    Timer Events

    For Timer Events the duration until the timer fires is specified using the ISO 8601 Durations format. Examples can be found in the Camunda 7 documentation.

    Matching Process Instances With Business Keys

    In the example above the first organization is sending a "message" to the second and waiting for a reply. In order to correlate the return message with the waiting process instance, a unique identifier needs to be exchanged between both process instances. Within the DSF this is implemented using the process instance business-key and a corresponding Task.input parameter. For 1:1 communication relationships this is handled by the DSF BPE servers automatically, but the corresponding Task profiles need to define the business-key input parameter as mandatory.

    If multiple message are send in a 1:n relationship with a n:1 return an additional correlation-key needs to be configured in order to correlate every bidirectional communication between two DSF instances.

    ActivityDefinitions for the DSF

    FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.

    The authorization extension needs to be configured at least once and has four sub extensions:

    message-name [1..1]

    String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.

    task-profile [1..1]

    Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.

    requester [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:

    recipient [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.

    The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.

    Authorization Extension Example

    The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.

    <extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization">
+	<extension url="message-name">
+		<valueString value="some-message-name" />
+	</extension>
+	<extension url="task-profile">
+		<valueCanonical value="http://foo.org/fhir/StructureDefinition/profile|#{version}" />
+	</extension>
+	<extension url="requester">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role">
+				<extension url="consortium">
+					<valueIdentifier>
+						<system value="http://highmed.org/sid/organization-identifier" />
+						<value value="identifier.consortium.org" />
+					</valueIdentifier>
+				</extension>
+				<extension url="role">
+					<valueCoding>
+						<system value="http://highmed.org/fhir/CodeSystem/organization-role" />
+						<code value="SOME_ROLE" />
+					</valueCoding>
+				</extension>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="REMOTE_ROLE" />
+		</valueCoding>
+	</extension>
+	<extension url="recipient">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role">
+				<extension url="consortium">
+					<valueIdentifier>
+						<system value="http://highmed.org/sid/organization-identifier" />
+						<value value="identifier.consortium.org" />
+					</valueIdentifier>
+				</extension>
+				<extension url="role">
+					<valueCoding>
+						<system value="http://highmed.org/fhir/CodeSystem/organization-role" />
+						<code value="SOME_ROLE" />
+					</valueCoding>
+				</extension>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="LOCAL_ROLE" />
+		</valueCoding>
+	</extension>
+</extension>

    Exercise Tasks

    1. Modify the HelloCosMessage and use the value from the Task.input parameter of the helloDic Task to send it to the highmedorg_helloCos process via a Task.input parameter in the helloCos Task. Override the getAdditionalInputParameters to configure a Task.input parameter to be send.
    2. Modify the highmedorg_helloCos process to use a Message End Event to trigger the process in file hello-hrp.bpmn. Figure out the values for the instantiatesUri, profile and messageName input parameters of the Message End Event based on the AcitvityDefinition in file hello-hrp.xml.
    3. Modify the highmedorg_helloDic process:
    4. Modify the process in file hello-hrp.bpmn and set the process definition key and version. Figure out the appropriate values based on the AcitvityDefinition in file hello-hrp.xml.
    5. Add the process in file hello-hrp.bpmn to the TutorialProcessPluginDefinition and configure the FHIR resources needed for the three processes.
    6. Add the HelloCos, HelloHrpMessage , HelloHrp and GoodbyeDicMessage classes as spring beans.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-5

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic, highmedorg_helloCos and highmedorg_helloHrp processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_COS organization in a third console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_HRP organization in a fifth at location .../dsf-process-tutorial/test-setup:
    docker-compose up hrp-fhir

    Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://hrp/fhir.
    The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

    1. Start the DSF BPE server for the Test_HRP organization in a sixth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up hrp-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloHrp process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://hrp/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a three ActivityDefinition resources. Also, go to https://hrp/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-hrp to check if the expected Task profile was created.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was sent to the Test_COS organization.
    Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was executed by the DSF BPE server of the Test_COS organization. The DSF BPE server of the Test_COS organization should print a message showing that a Task resource to start the highmedorg_helloHrp process was send to the Test_HRP organization.

    Based on the value of the Task.input parameter you send, the highmedorg_helloHrp process will either send a goodbyDic message to the Test_DIC organization or finish without sending a message.

    To trigger the goodbyDic message, use send-response as the http://highmed.org/fhir/CodeSystem/tutorial#tutorial-input input parameter.

    Verify that the highmedorg_helloDic process either finishes with the arrival of the goodbyDic message or after waiting for two minutes.

    `,65)),n("p",null,[t(s,{to:"/oldstable/tutorial/prerequisites.html"},{default:a(()=>e[12]||(e[12]=[i("Prerequisites")])),_:1}),e[18]||(e[18]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:a(()=>e[13]||(e[13]=[i("Exercise 1")])),_:1}),e[19]||(e[19]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:a(()=>e[14]||(e[14]=[i("Exercise 1.1")])),_:1}),e[20]||(e[20]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:a(()=>e[15]||(e[15]=[i("Exercise 2")])),_:1}),e[21]||(e[21]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:a(()=>e[16]||(e[16]=[i("Exercise 3")])),_:1}),e[22]||(e[22]=i(" | ")),t(s,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:a(()=>e[17]||(e[17]=[i("Exercise 4")])),_:1}),e[23]||(e[23]=i(" | Exercise 5"))])])}const m=r(k,[["render",g],["__file","exercise5-eventBasedGateways.html.vue"]]),B=JSON.parse('{"path":"/oldstable/tutorial/exercise5-eventBasedGateways.html","title":"Exercise 5 - Event Based Gateways and Intermediate Events","lang":"en-US","frontmatter":{"title":"Exercise 5 - Event Based Gateways and Intermediate Events","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Exercise 5 - Event Based Gateways and Intermediate Events","slug":"exercise-5-event-based-gateways-and-intermediate-events","link":"#exercise-5-event-based-gateways-and-intermediate-events","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Exercise Tasks","slug":"exercise-tasks","link":"#exercise-tasks","children":[]},{"level":3,"title":"Solution Verification","slug":"solution-verification","link":"#solution-verification","children":[]}]}],"readingTime":{"minutes":6.73,"words":2019},"filePathRelative":"oldstable/tutorial/exercise5-eventBasedGateways.md","excerpt":"

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    "}');export{m as comp,B as data}; diff --git a/assets/feasibility.html-UPmBbOyd.js b/assets/feasibility.html-UPmBbOyd.js new file mode 100644 index 000000000..6c4191df2 --- /dev/null +++ b/assets/feasibility.html-UPmBbOyd.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as r,o as a}from"./app-BIWb5uIp.js";const s={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[r('

    Overview

    Funded by the German Federal Ministry of Research and Education, 25 sites have installed the DSF to execute the Feasibility process. To perform feasibility queries, a researcher can register and query data on the FDPG (Forschungsdaten Portal für Gesundheit - Research Data Portal) website. Basic data of hospitalizations of over 8 million patients with over 40 million diagnoses and much more such as laboratory values or drug prescriptions are available. After a successful query, the data is made available in standardized FHIR format. Further information can be found in the flyer.

    The Feasibility Process

    Medical routine data holds great promise for advancing research, yet its integration into a research context poses significant challenges. To address this, Medical Data Integration Centers have been established, by the medical informatics initiative to consolidate data from primary information systems into a central repository. However, relying on data from only one organization is rarely sufficient to answer complex research questions, so merging data across institutional boundaries is necessary.

    To enable researchers to leverage this integrated data for specific research projects, there is a critical need for the ability to query cohort sizes across institutions. The feasibility process allows researchers to conduct automated and distributed feasibility queries, i.e., cohort size estimates. This process is executed according to the open standard BPMN 2.0, the underlying process data model is based on HL7 FHIR R4 resources.

    Technical Information

    ',7)]))}const c=i(s,[["render",n],["__file","feasibility.html.vue"]]),f=JSON.parse('{"path":"/intro/use-cases/feasibility.html","title":"Feasibility","lang":"en-US","frontmatter":{"title":"Feasibility","icon":"diagram","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"The Feasibility Process","slug":"the-feasibility-process","link":"#the-feasibility-process","children":[]},{"level":2,"title":"Technical Information","slug":"technical-information","link":"#technical-information","children":[]}],"readingTime":{"minutes":1.23,"words":370},"filePathRelative":"intro/use-cases/feasibility.md","excerpt":"

    Overview

    \\n

    Funded by the German Federal Ministry of Research and Education, 25 sites have installed the DSF to execute the Feasibility process. To perform feasibility queries, a researcher can register and query data on the FDPG (Forschungsdaten Portal für Gesundheit - Research Data Portal) website. Basic data of hospitalizations of over 8 million patients with over 40 million diagnoses and much more such as laboratory values or drug prescriptions are available. After a successful query, the data is made available in standardized FHIR format. Further information can be found in the flyer.

    "}');export{c as comp,f as data}; diff --git a/assets/fhir.html-BWbIvPkF.js b/assets/fhir.html-BWbIvPkF.js new file mode 100644 index 000000000..d0f10122d --- /dev/null +++ b/assets/fhir.html-BWbIvPkF.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as i,o as t}from"./app-BIWb5uIp.js";const o={};function n(l,e){return t(),s("div",null,e[0]||(e[0]=[i('

    Parameters FHIR Server

    Please also check common parameters for additional configuration options.

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    • Property: dev.dsf.fhir.server.roleConfig
    • Required: Yes
    • Description: Role config YAML

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    ',58)]))}const c=r(o,[["render",n],["__file","fhir.html.vue"]]),f=JSON.parse('{"path":"/v1.0.0/maintain/configuration/fhir.html","title":"Parameters FHIR Server","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE","slug":"dev-dsf-fhir-client-certificate","link":"#dev-dsf-fhir-client-certificate","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY","slug":"dev-dsf-fhir-client-certificate-private-key","link":"#dev-dsf-fhir-client-certificate-private-key","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE","slug":"dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","link":"#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT","slug":"dev-dsf-fhir-client-timeout-connect","link":"#dev-dsf-fhir-client-timeout-connect","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ","slug":"dev-dsf-fhir-client-timeout-read","link":"#dev-dsf-fhir-client-timeout-read","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS","slug":"dev-dsf-fhir-client-trust-server-certificate-cas","link":"#dev-dsf-fhir-client-trust-server-certificate-cas","children":[]},{"level":3,"title":"DEV_DSF_FHIR_CLIENT_VERBOSE","slug":"dev-dsf-fhir-client-verbose","link":"#dev-dsf-fhir-client-verbose","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK","slug":"dev-dsf-fhir-db-liquibase-forceunlock","link":"#dev-dsf-fhir-db-liquibase-forceunlock","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME","slug":"dev-dsf-fhir-db-liquibase-lockwaittime","link":"#dev-dsf-fhir-db-liquibase-lockwaittime","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","link":"#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME","slug":"dev-dsf-fhir-db-liquibase-username","link":"#dev-dsf-fhir-db-liquibase-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_URL","slug":"dev-dsf-fhir-db-url","link":"#dev-dsf-fhir-db-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_GROUP","slug":"dev-dsf-fhir-db-user-group","link":"#dev-dsf-fhir-db-user-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","link":"#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP","slug":"dev-dsf-fhir-db-user-permanent-delete-group","link":"#dev-dsf-fhir-db-user-permanent-delete-group","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE","slug":"dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","link":"#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME","slug":"dev-dsf-fhir-db-user-permanent-delete-username","link":"#dev-dsf-fhir-db-user-permanent-delete-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_DB_USER_USERNAME","slug":"dev-dsf-fhir-db-user-username","link":"#dev-dsf-fhir-db-user-username","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_BASE_URL","slug":"dev-dsf-fhir-server-base-url","link":"#dev-dsf-fhir-server-base-url","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_INIT_BUNDLE","slug":"dev-dsf-fhir-server-init-bundle","link":"#dev-dsf-fhir-server-init-bundle","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE","slug":"dev-dsf-fhir-server-organization-identifier-value","link":"#dev-dsf-fhir-server-organization-identifier-value","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_PAGE_COUNT","slug":"dev-dsf-fhir-server-page-count","link":"#dev-dsf-fhir-server-page-count","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_ROLECONFIG","slug":"dev-dsf-fhir-server-roleconfig","link":"#dev-dsf-fhir-server-roleconfig","children":[]},{"level":3,"title":"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE","slug":"dev-dsf-fhir-server-static-resource-cache","link":"#dev-dsf-fhir-server-static-resource-cache","children":[]},{"level":3,"title":"DEV_DSF_PROXY_NOPROXY","slug":"dev-dsf-proxy-noproxy","link":"#dev-dsf-proxy-noproxy","children":[]},{"level":3,"title":"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE","slug":"dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","link":"#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file","children":[]},{"level":3,"title":"DEV_DSF_PROXY_URL","slug":"dev-dsf-proxy-url","link":"#dev-dsf-proxy-url","children":[]},{"level":3,"title":"DEV_DSF_PROXY_USERNAME","slug":"dev-dsf-proxy-username","link":"#dev-dsf-proxy-username","children":[]}],"readingTime":{"minutes":2.77,"words":830},"filePathRelative":"v1.0.0/maintain/configuration/fhir.md","excerpt":"\\n

    Please also check common parameters for additional configuration options.

    \\n

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    \\n
      \\n
    • Property: dev.dsf.fhir.client.certificate
      • \\n
    • Required: Yes
      • \\n
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
      • \\n
    • Recommendation: Use docker secret file to configure
      • \\n
    • Example: /run/secrets/app_client_certificate.pem
      • \\n
    "}');export{c as comp,f as data}; diff --git a/assets/font/font.css b/assets/font/font.css new file mode 100644 index 000000000..b80d5ac8d --- /dev/null +++ b/assets/font/font.css @@ -0,0 +1,1043 @@ +@font-face { + font-family: "iconfont"; + src: url('/assets/font/font.woff2') format('woff2'), + url('/assets/font/font.woff') format('woff'), + url('/assets/font/font.ttf') format('truetype'); + } + + .iconfont { + font-family: "iconfont" !important; + font-size: 16px; + font-style: normal; + -webkit-font-smoothing: antialiased; + -moz-osx-font-smoothing: grayscale; + } + + .icon-delete:before { + content: "\e6f2"; + } + + .icon-superscript:before { + content: "\f0e7"; + } + + .icon-subscript:before { + content: "\f0e3"; + } + + .icon-safari:before { + content: "\f229"; + } + + .icon-tab:before { + content: "\e66c"; + } + + .icon-strong:before { + content: "\e9fe"; + } + + .icon-free:before { + content: "\e669"; + } + + .icon-light:before { + content: "\e6f8"; + } + + .icon-waline:before { + content: "\e65e"; + } + + .icon-diagram:before { + content: "\e639"; + } + + .icon-customize:before { + content: "\e64f"; + } + + .icon-restrict:before { + content: "\e62d"; + } + + .icon-svg:before { + content: "\e629"; + } + + .icon-anonymous:before { + content: "\e622"; + } + + .icon-define:before { + content: "\e644"; + } + + .icon-IO:before { + content: "\e64b"; + } + + .icon-php:before { + content: "\e61f"; + } + + .icon-java:before { + content: "\e7f8"; + } + + .icon-enum:before { + content: "\e620"; + } + + .icon-generic:before { + content: "\e625"; + } + + .icon-alias:before { + content: "\e6c2"; + } + + .icon-script:before { + content: "\e7d0"; + } + + .icon-search:before { + content: "\e6c7"; + } + + .icon-edit:before { + content: "\e634"; + } + + .icon-type:before { + content: "\e719"; + } + + .icon-advance:before { + content: "\e77c"; + } + + .icon-stack:before { + content: "\e782"; + } + + .icon-call:before { + content: "\e787"; + } + + .icon-safe:before { + content: "\e78b"; + } + + .icon-ability:before { + content: "\e79f"; + } + + .icon-any:before { + content: "\e61e"; + } + + .icon-boolean:before { + content: "\e633"; + } + + .icon-engine:before { + content: "\e7ef"; + } + + .icon-filter:before { + content: "\e628"; + } + + .icon-sort:before { + content: "\e688"; + } + + .icon-yaml:before { + content: "\e636"; + } + + .icon-launch:before { + content: "\e677"; + } + + .icon-decorate:before { + content: "\e63c"; + } + + .icon-navigate:before { + content: "\e63e"; + } + + .icon-eye:before { + content: "\e63f"; + } + + .icon-interact:before { + content: "\e640"; + } + + .icon-input:before { + content: "\e65d"; + } + + .icon-box:before { + content: "\e650"; + } + + .icon-javascript:before { + content: "\e913"; + } + + .icon-nodeJS:before { + content: "\e641"; + } + + .icon-overflow:before { + content: "\e70b"; + } + + .icon-direction:before { + content: "\e6de"; + } + + .icon-table:before { + content: "\ec31"; + } + + .icon-resize:before { + content: "\e691"; + } + + .icon-float:before { + content: "\e642"; + } + + .icon-grid:before { + content: "\e90c"; + } + + .icon-flex:before { + content: "\eabe"; + } + + .icon-flow:before { + content: "\e6f7"; + } + + .icon-linter:before { + content: "\e645"; + } + + .icon-semantic:before { + content: "\e646"; + } + + .icon-cache:before { + content: "\e647"; + } + + .icon-update:before { + content: "\e6df"; + } + + .icon-speed:before { + content: "\e648"; + } + + .icon-ci:before { + content: "\e68f"; + } + + .icon-actions:before { + content: "\e69f"; + } + + .icon-token:before { + content: "\e649"; + } + + .icon-mysql:before { + content: "\e64a"; + } + + .icon-align:before { + content: "\e7ba"; + } + + .icon-api:before { + content: "\e76a"; + } + + .icon-markdown:before { + content: "\e7ea"; + } + + .icon-home:before { + content: "\e6bb"; + } + + .icon-creative:before { + content: "\e718"; + } + + .icon-navbar:before { + content: "\e6b5"; + } + + .icon-sidebar:before { + content: "\e638"; + } + + .icon-vue:before { + content: "\f25f"; + } + + .icon-navigation:before { + content: "\e6dc"; + } + + .icon-discover:before { + content: "\e6ba"; + } + + .icon-bitbucket:before { + content: "\e651"; + } + + .icon-valine:before { + content: "\e65b"; + } + + .icon-gitlab:before { + content: "\e692"; + } + + .icon-gitee:before { + content: "\e6f5"; + } + + .icon-vssue:before { + content: "\e663"; + } + + .icon-github:before { + content: "\e653"; + } + + .icon-info:before { + content: "\e6e4"; + } + + .icon-palette:before { + content: "\e7cc"; + } + + .icon-fullscreen:before { + content: "\e69d"; + } + + .icon-comment:before { + content: "\e666"; + } + + .icon-time:before { + content: "\e654"; + } + + .icon-ask:before { + content: "\e7c9"; + } + + .icon-emoji:before { + content: "\e6f3"; + } + + .icon-categoryselected:before { + content: "\e62c"; + } + + .icon-layout:before { + content: "\e6fd"; + } + + .icon-blog:before { + content: "\e655"; + } + + .icon-question:before { + content: "\e690"; + } + + .icon-write:before { + content: "\e760"; + } + + .icon-config:before { + content: "\e656"; + } + + .icon-slides:before { + content: "\e7a7"; + } + + .icon-setting:before { + content: "\e78e"; + } + + .icon-install:before { + content: "\e657"; + } + + .icon-folder:before { + content: "\eac9"; + } + + .icon-plugin:before { + content: "\eb48"; + } + + .icon-support:before { + content: "\e6e3"; + } + + .icon-page:before { + content: "\e6b9"; + } + + .icon-context:before { + content: "\e658"; + } + + .icon-tex:before { + content: "\e659"; + } + + .icon-shell:before { + content: "\e7a8"; + } + + .icon-rss:before { + content: "\e9ca"; + } + + .icon-enable:before { + content: "\e65a"; + } + + .icon-copyright:before { + content: "\e6b3"; + } + + .icon-contrast:before { + content: "\e6a7"; + } + + .icon-others:before { + content: "\e65c"; + } + + .icon-preview:before { + content: "\e716"; + } + + .icon-copy:before { + content: "\e7a0"; + } + + .icon-footer:before { + content: "\e65f"; + } + + .icon-sitemap:before { + content: "\e664"; + } + + .icon-warn:before { + content: "\e662"; + } + + .icon-like:before { + content: "\e668"; + } + + .icon-check:before { + content: "\e6d4"; + } + + .icon-add:before { + content: "\e6d8"; + } + + .icon-selection:before { + content: "\e6e1"; + } + + .icon-mobile:before { + content: "\e705"; + } + + .icon-notice:before { + content: "\e709"; + } + + .icon-rank:before { + content: "\e721"; + } + + .icon-pic:before { + content: "\e72c"; + } + + .icon-mark:before { + content: "\e730"; + } + + .icon-people:before { + content: "\e735"; + } + + .icon-community:before { + content: "\e740"; + } + + .icon-play:before { + content: "\e74f"; + } + + .icon-tag:before { + content: "\e751"; + } + + .icon-hot:before { + content: "\e757"; + } + + .icon-code:before { + content: "\e606"; + } + + .icon-compare:before { + content: "\ead8"; + } + + .icon-ajax:before { + content: "\e623"; + } + + .icon-animation:before { + content: "\e619"; + } + + .icon-Apache:before { + content: "\e626"; + } + + .icon-jQuery:before { + content: "\e612"; + } + + .icon-workingDirectory:before { + content: "\e75e"; + } + + .icon-es6:before { + content: "\e671"; + } + + .icon-git:before { + content: "\e61b"; + } + + .icon-css:before { + content: "\e630"; + } + + .icon-software:before { + content: "\e6a1"; + } + + .icon-underscore:before { + content: "\e637"; + } + + .icon-function:before { + content: "\e6bd"; + } + + .icon-mini-app:before { + content: "\e611"; + } + + .icon-html:before { + content: "\e660"; + } + + .icon-windows:before { + content: "\e75f"; + } + + .icon-note:before { + content: "\e711"; + } + + .icon-c:before { + content: "\e607"; + } + + .icon-nginx:before { + content: "\e601"; + } + + .icon-chrome:before { + content: "\e604"; + } + + .icon-branch:before { + content: "\e616"; + } + + .icon-change:before { + content: "\e609"; + } + + .icon-remote:before { + content: "\ea43"; + } + + .icon-wechat:before { + content: "\e63b"; + } + + .icon-debug:before { + content: "\e60a"; + } + + .icon-state:before { + content: "\e60d"; + } + + .icon-vscode:before { + content: "\e81d"; + } + + .icon-network:before { + content: "\e602"; + } + + .icon-frame:before { + content: "\e70d"; + } + + .icon-process:before { + content: "\e82e"; + } + + .icon-tool:before { + content: "\ed5f"; + } + + .icon-npm:before { + content: "\e6da"; + } + + .icon-linux:before { + content: "\e765"; + } + + .icon-ubuntu:before { + content: "\eb37"; + } + + .icon-language:before { + content: "\e631"; + } + + .icon-leaf:before { + content: "\e6be"; + } + + .icon-autumn:before { + content: "\ecc6"; + } + + .icon-android:before { + content: "\e63d"; + } + + .icon-angular:before { + content: "\e60c"; + } + + .icon-file:before { + content: "\e61a"; + } + + .icon-python:before { + content: "\e615"; + } + + .icon-react:before { + content: "\e743"; + } + + .icon-link:before { + content: "\e707"; + } + + .icon-snow:before { + content: "\e627"; + } + + .icon-mount:before { + content: "\e621"; + } + + .icon-license:before { + content: "\e61c"; + } + + .icon-repo:before { + content: "\e6e9"; + } + + .icon-keyboard:before { + content: "\e8fa"; + } + + .icon-computer:before { + content: "\e8dd"; + } + + .icon-window:before { + content: "\e60b"; + } + + .icon-read:before { + content: "\e861"; + } + + .icon-template:before { + content: "\ed95"; + } + + .icon-typescript:before { + content: "\e7ab"; + } + + .icon-module:before { + content: "\e6f0"; + } + + .icon-emmet:before { + content: "\e608"; + } + + .icon-format:before { + content: "\e6ee"; + } + + .icon-guide:before { + content: "\e62f"; + } + + .icon-heading:before { + content: "\e60e"; + } + + .icon-centos:before { + content: "\e676"; + } + + .icon-http:before { + content: "\ebb3"; + } + + .icon-storage:before { + content: "\ed39"; + } + + .icon-quote:before { + content: "\e91d"; + } + + .icon-expansion:before { + content: "\e6f1"; + } + + .icon-variable:before { + content: "\e6cd"; + } + + .icon-calculate:before { + content: "\e665"; + } + + .icon-string:before { + content: "\e809"; + } + + .icon-line:before { + content: "\e624"; + } + + .icon-condition:before { + content: "\e62a"; + } + + .icon-loop:before { + content: "\e6ca"; + } + + .icon-array:before { + content: "\e762"; + } + + .icon-set:before { + content: "\e66a"; + } + + .icon-refresh:before { + content: "\e6bf"; + } + + .icon-map:before { + content: "\e6b6"; + } + + .icon-object:before { + content: "\e632"; + } + + .icon-null:before { + content: "\e618"; + } + + .icon-number:before { + content: "\e643"; + } + + .icon-build:before { + content: "\e600"; + } + + .icon-create:before { + content: "\e610"; + } + + .icon-mesh:before { + content: "\e64d"; + } + + .icon-material:before { + content: "\e635"; + } + + .icon-relation:before { + content: "\e66b"; + } + + .icon-tree:before { + content: "\e62b"; + } + + .icon-geometry:before { + content: "\e613"; + } + + .icon-select:before { + content: "\e7fb"; + } + + .icon-view:before { + content: "\e614"; + } + + .icon-physics:before { + content: "\e6c1"; + } + + .icon-study:before { + content: "\e68c"; + } + + .icon-result:before { + content: "\e710"; + } + + .icon-exercise:before { + content: "\e652"; + } + + .icon-editor:before { + content: "\e68e"; + } + + .icon-return:before { + content: "\e728"; + } + + .icon-timer:before { + content: "\e708"; + } + + .icon-repair:before { + content: "\e73a"; + } + + .icon-command:before { + content: "\e73e"; + } + + .icon-activity:before { + content: "\e775"; + } + + .icon-profile:before { + content: "\e77a"; + } + + .icon-form:before { + content: "\e7ac"; + } + + .icon-news:before { + content: "\e7e6"; + } + + .icon-flower:before { + content: "\e7f0"; + } + + .icon-group:before { + content: "\e7f4"; + } + + .icon-card:before { + content: "\e81f"; + } + + .icon-share:before { + content: "\e6fe"; + } + + .icon-back-stage:before { + content: "\e661"; + } + + .icon-router:before { + content: "\e680"; + } + + .icon-app:before { + content: "\e60f"; + } + + .icon-dart:before { + content: "\e603"; + } + + .icon-OS:before { + content: "\e68d"; + } + + .icon-async:before { + content: "\e605"; + } + + .icon-extend:before { + content: "\e62e"; + } + + .icon-class:before { + content: "\ed66"; + } + + .icon-at:before { + content: "\e6c5"; + } + + .icon-structure:before { + content: "\e696"; + } + + .icon-asynchronous:before { + content: "\e64e"; + } + + .icon-cycle:before { + content: "\e92d"; + } + + .icon-merge:before { + content: "\e682"; + } + + .icon-load:before { + content: "\e6c6"; + } + + .icon-proposal:before { + content: "\e667"; + } + + .icon-article:before { + content: "\e64c"; + } + + .icon-proxy:before { + content: "\e834"; + } + + .icon-operate:before { + content: "\e86e"; + } + + .icon-regexp:before { + content: "\e86f"; + } + + .icon-style:before { + content: "\e617"; + } + + .icon-symbol:before { + content: "\e73f"; + } + + .icon-arrow:before { + content: "\e8cb"; + } + + .icon-lock:before { + content: "\e6ea"; + } + + .icon-list:before { + content: "\e818"; + } + + .icon-locate:before { + content: "\e685"; + } + + .icon-date:before { + content: "\e670"; + } + + .icon-json:before { + content: "\e61d"; + } + + .icon-wrap:before { + content: "\e63a"; + } + + .icon-bit:before { + content: "\e6ad"; + } + + .icon-more:before { + content: "\e96c"; + } + \ No newline at end of file diff --git a/assets/font/font.ttf b/assets/font/font.ttf new file mode 100644 index 000000000..58c5dfe7d Binary files /dev/null and b/assets/font/font.ttf differ diff --git a/assets/font/font.woff b/assets/font/font.woff new file mode 100644 index 000000000..d14efa179 Binary files /dev/null and b/assets/font/font.woff differ diff --git a/assets/font/font.woff2 b/assets/font/font.woff2 new file mode 100644 index 000000000..f13e6c441 Binary files /dev/null and b/assets/font/font.woff2 differ diff --git a/assets/highmedInstall.html-Gh-l_MIJ.js b/assets/highmedInstall.html-Gh-l_MIJ.js new file mode 100644 index 000000000..6beef8399 --- /dev/null +++ b/assets/highmedInstall.html-Gh-l_MIJ.js @@ -0,0 +1,28 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a as r,o as t}from"./app-BIWb5uIp.js";const a={};function n(o,e){return t(),s("div",null,e[0]||(e[0]=[r(`

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is only suitable for HiGHmed organizations.
    If you are not a member of HiGHmed, see NUM-CODEX Install.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install

    docker:

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io

    docker-compose (warning: 2.17.3 might not be latest):

    sudo curl -L "https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose

    Client/Server Certificates

    Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication

    • Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    Network setup / Network access

    For additional information on the network setup see Network-and-Architecture.

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (GECCO Transfer Hub)443https
    DSF FHIR (local)DSF FHIR (GECCO Transfer Hub)443https (HTTP HEAD only)
    DSF BPE (GECCO Transfer Hub)DSF FHIR (local)443https
    DSF FHIR (GECCO Transfer Hub)DSF FHIR (local)443https (HTTP HEAD only)

    On-Boarding Excel Spreadsheet

    You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download prepared DSF FHIR server config files and folder structure from

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L56:      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L136:  app_client_certificate_private_key.pem.password:
+L137:    file: ./secrets/client_certificate_private_key.pem.password

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L101:  ssl_certificate_chain_file.pem:
+L102:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME
          Set your Organizations official name, e.g. Hochschule Heilbronn
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.
        • For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters

    8. Start the DSF FHIR Server
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download prepared DSF BPE server config files and folder structure from

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log
      • /opt/bpe/psn

    4. Add certificates and keys

      • Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L41:      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L99:  app_client_certificate_private_key.pem.password:
+L100:    file: ./secrets/client_certificate_private_key.pem.password
      • Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    9. Stop the DSF BPE Server

      • Hit Ctrl-C to close log
      • Stop using: docker-compose stop

    10. Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.

      Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440

    11. Start the DSF BPE Server (with process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    12. Request Allow-List upload from HiGHmed TTP
      The Allow-List upload is needed in order to execute HiGHmed and NUM-CODEX processes.

    `,27)]))}const c=i(a,[["render",n],["__file","highmedInstall.html.vue"]]),h=JSON.parse('{"path":"/oldstable/releases/highmedInstall.html","title":"","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]},{"level":3,"title":"On-Boarding Excel Spreadsheet","slug":"on-boarding-excel-spreadsheet","link":"#on-boarding-excel-spreadsheet","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]}]}],"readingTime":{"minutes":6.39,"words":1918},"filePathRelative":"oldstable/releases/highmedInstall.md","excerpt":"

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is only suitable for HiGHmed organizations.
    \\nIf you are not a member of HiGHmed, see NUM-CODEX Install.

    \\n

    Prerequisites

    \\n

    Virtual Machines

    "}');export{c as comp,h as data}; diff --git a/assets/highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js b/assets/highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js new file mode 100644 index 000000000..176af872d --- /dev/null +++ b/assets/highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js @@ -0,0 +1 @@ +const e="/photos/guideline/generalInformation/highmed_dsf_network_setup.svg",o="/photos/guideline/generalInformation/highmed_dsf_network_setup_ext_dmz.svg";export{e as _,o as a}; diff --git a/assets/icon/apple-icon-152.png b/assets/icon/apple-icon-152.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/apple-icon-152.png differ diff --git a/assets/icon/chrome-192.png b/assets/icon/chrome-192.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/chrome-192.png differ diff --git a/assets/icon/chrome-512.png b/assets/icon/chrome-512.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/chrome-512.png differ diff --git a/assets/icon/chrome-mask-192.png b/assets/icon/chrome-mask-192.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/chrome-mask-192.png differ diff --git a/assets/icon/chrome-mask-512.png b/assets/icon/chrome-mask-512.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/chrome-mask-512.png differ diff --git a/assets/icon/favicon.ico b/assets/icon/favicon.ico new file mode 100644 index 000000000..ed857d176 Binary files /dev/null and b/assets/icon/favicon.ico differ diff --git a/assets/icon/guide-maskable.png b/assets/icon/guide-maskable.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/guide-maskable.png differ diff --git a/assets/icon/ms-ico-144.png b/assets/icon/ms-ico-144.png new file mode 100644 index 000000000..71c690527 Binary files /dev/null and b/assets/icon/ms-ico-144.png differ diff --git a/assets/index.html--WiMJ2-5.js b/assets/index.html--WiMJ2-5.js new file mode 100644 index 000000000..1ab60f7bf --- /dev/null +++ b/assets/index.html--WiMJ2-5.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.0.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.0.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html--z6-FzwM.js b/assets/index.html--z6-FzwM.js new file mode 100644 index 000000000..a1fe5ea53 --- /dev/null +++ b/assets/index.html--z6-FzwM.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const l={};function o(t,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(l,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.5.2/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"v1.5.2/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-2BGvWDpf.js b/assets/index.html-2BGvWDpf.js new file mode 100644 index 000000000..e7f81d39e --- /dev/null +++ b/assets/index.html-2BGvWDpf.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.3.1/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.3.1/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-3D5twG1B.js b/assets/index.html-3D5twG1B.js new file mode 100644 index 000000000..798789231 --- /dev/null +++ b/assets/index.html-3D5twG1B.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.1.0/","title":"DSF 1.1.0","lang":"en-US","frontmatter":{"title":"DSF 1.1.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.1.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-B1pXabiP.js b/assets/index.html-B1pXabiP.js new file mode 100644 index 000000000..1e9c9c08f --- /dev/null +++ b/assets/index.html-B1pXabiP.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const l={};function o(t,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(l,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.6.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"v1.6.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-B2IxHHQk.js b/assets/index.html-B2IxHHQk.js new file mode 100644 index 000000000..ede8bbe83 --- /dev/null +++ b/assets/index.html-B2IxHHQk.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.5.1/","title":"DSF 1.5.1","lang":"en-US","frontmatter":{"title":"DSF 1.5.1","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.5.1/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-B4bLs14H.js b/assets/index.html-B4bLs14H.js new file mode 100644 index 000000000..61ac764e3 --- /dev/null +++ b/assets/index.html-B4bLs14H.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.6.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.6.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-B5ugpUCb.js b/assets/index.html-B5ugpUCb.js new file mode 100644 index 000000000..8018b52f9 --- /dev/null +++ b/assets/index.html-B5ugpUCb.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.2/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.2/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-B6hfS6g4.js b/assets/index.html-B6hfS6g4.js new file mode 100644 index 000000000..0888f06ba --- /dev/null +++ b/assets/index.html-B6hfS6g4.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.3.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.3.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-B8XYCKZS.js b/assets/index.html-B8XYCKZS.js new file mode 100644 index 000000000..d0e935388 --- /dev/null +++ b/assets/index.html-B8XYCKZS.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.2/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.2/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-BCmfWh4B.js b/assets/index.html-BCmfWh4B.js new file mode 100644 index 000000000..fa0a2c64d --- /dev/null +++ b/assets/index.html-BCmfWh4B.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.4.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.4.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-BKgt8rGq.js b/assets/index.html-BKgt8rGq.js new file mode 100644 index 000000000..0059700e7 --- /dev/null +++ b/assets/index.html-BKgt8rGq.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as e,o as n}from"./app-BIWb5uIp.js";const i={};function o(s,r){return n(),a("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),d=JSON.parse('{"path":"/stable/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"stable/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,d as data}; diff --git a/assets/index.html-BNbhkZ3e.js b/assets/index.html-BNbhkZ3e.js new file mode 100644 index 000000000..d386ad19b --- /dev/null +++ b/assets/index.html-BNbhkZ3e.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.3.1/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.3.1/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-BPv7Yi_g.js b/assets/index.html-BPv7Yi_g.js new file mode 100644 index 000000000..552e4ca16 --- /dev/null +++ b/assets/index.html-BPv7Yi_g.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as l,e as a,f as r,r as i,o as d,d as s}from"./app-BIWb5uIp.js";const m={};function f(u,e){const t=i("RouteLink");return d(),o("div",null,[l("ul",null,[l("li",null,[a(t,{to:"/oldstable/releases/configFhirReverseProxy.html"},{default:r(()=>e[0]||(e[0]=[s("Configuration Parameters FHIR Reverse Proxy")])),_:1})]),l("li",null,[a(t,{to:"/oldstable/releases/configFhir.html"},{default:r(()=>e[1]||(e[1]=[s("Configuration Parameters FHIR")])),_:1})]),l("li",null,[a(t,{to:"/oldstable/releases/configBpe.html"},{default:r(()=>e[2]||(e[2]=[s("Configuration Parameters BPE")])),_:1})]),l("li",null,[a(t,{to:"/oldstable/releases/upgradeFrom91.html"},{default:r(()=>e[3]||(e[3]=[s("Upgrade from 0.9.1")])),_:1})]),l("li",null,[a(t,{to:"/oldstable/releases/upgradeFrom92.html"},{default:r(()=>e[4]||(e[4]=[s("Upgrade from 0.9.2")])),_:1})]),e[7]||(e[7]=l("li",null,[l("a",{href:"https://github.com/highmed/highmed-dsf/wiki/Deployment-Archive",target:"_blank",rel:"noopener noreferrer"},"Older Versions")],-1)),l("li",null,[a(t,{to:"/oldstable/releases/num-codexInstall.html"},{default:r(()=>e[5]||(e[5]=[s("NUM-CODEX Install")])),_:1})]),l("li",null,[a(t,{to:"/oldstable/releases/highmedInstall.html"},{default:r(()=>e[6]||(e[6]=[s("HiGHmed Install")])),_:1})])])])}const p=n(m,[["render",f],["__file","index.html.vue"]]),b=JSON.parse('{"path":"/oldstable/releases/","title":"Releases and Deployment","lang":"en-US","frontmatter":{"title":"Releases and Deployment","icon":"install","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.14,"words":42},"filePathRelative":"oldstable/releases/README.md","excerpt":""}');export{p as comp,b as data}; diff --git a/assets/index.html-BQ1cFXBB.js b/assets/index.html-BQ1cFXBB.js new file mode 100644 index 000000000..2b3ebe5ad --- /dev/null +++ b/assets/index.html-BQ1cFXBB.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.1/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.3.1/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-BSAIHIgH.js b/assets/index.html-BSAIHIgH.js new file mode 100644 index 000000000..5417af362 --- /dev/null +++ b/assets/index.html-BSAIHIgH.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.5.2/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.2/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-BV9sfGy7.js b/assets/index.html-BV9sfGy7.js new file mode 100644 index 000000000..692145d61 --- /dev/null +++ b/assets/index.html-BV9sfGy7.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.4.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.4.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-BWnQvp8W.js b/assets/index.html-BWnQvp8W.js new file mode 100644 index 000000000..c9331b7f1 --- /dev/null +++ b/assets/index.html-BWnQvp8W.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,e as o,o as a,r}from"./app-BIWb5uIp.js";const l={};function s(c,i){const e=r("Catalog");return a(),n("div",null,[o(e)])}const _=t(l,[["render",s],["__file","index.html.vue"]]),d=JSON.parse('{"path":"/intro/info/","title":"Info","lang":"en-US","frontmatter":{"title":"Info","article":false,"feed":false,"sitemap":false,"gitInclude":[]},"headers":[],"readingTime":{"minutes":0,"words":1},"filePathRelative":null,"excerpt":""}');export{_ as comp,d as data}; diff --git a/assets/index.html-B_5_WvMB.js b/assets/index.html-B_5_WvMB.js new file mode 100644 index 000000000..b8d18f363 --- /dev/null +++ b/assets/index.html-B_5_WvMB.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const l={};function o(t,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(l,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.5.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"v1.5.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-B_wNLcVr.js b/assets/index.html-B_wNLcVr.js new file mode 100644 index 000000000..841b01704 --- /dev/null +++ b/assets/index.html-B_wNLcVr.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.1.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.1.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-BaDl1w7P.js b/assets/index.html-BaDl1w7P.js new file mode 100644 index 000000000..f3f114ba2 --- /dev/null +++ b/assets/index.html-BaDl1w7P.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,b as e,e as l,f as r,r as o,o as s,d as m}from"./app-BIWb5uIp.js";const f={};function u(d,n){const a=o("RouteLink");return s(),t("div",null,[n[4]||(n[4]=e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1)),e("ul",null,[n[1]||(n[1]=e("li",null,[e("a",{href:"install"},"Install DSF 1.0.0")],-1)),n[2]||(n[2]=e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade from DSF 0.9.x")],-1)),n[3]||(n[3]=e("li",null,[e("a",{href:"allowList-mgm"},"Allow List Management")],-1)),e("li",null,[l(a,{to:"/v1.0.0/maintain/configuration/"},{default:r(()=>n[0]||(n[0]=[m("Configuration Paramters")])),_:1})])])])}const p=i(f,[["render",u],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.0.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.09,"words":27},"filePathRelative":"v1.0.0/maintain/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,w as data}; diff --git a/assets/index.html-Bca-G99b.js b/assets/index.html-Bca-G99b.js new file mode 100644 index 000000000..1a482a875 --- /dev/null +++ b/assets/index.html-Bca-G99b.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.4.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.4.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-BmaGaBeY.js b/assets/index.html-BmaGaBeY.js new file mode 100644 index 000000000..8145fc7c9 --- /dev/null +++ b/assets/index.html-BmaGaBeY.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.1/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.1/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-BqCXzk3r.js b/assets/index.html-BqCXzk3r.js new file mode 100644 index 000000000..27dd05aa1 --- /dev/null +++ b/assets/index.html-BqCXzk3r.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as t,e as a,f as o,r as s,o as m,d as l}from"./app-BIWb5uIp.js";const u={};function d(c,e){const n=s("RouteLink");return m(),i("div",null,[t("ul",null,[t("li",null,[a(n,{to:"/oldstable/generalinformation/authentication.html"},{default:o(()=>e[0]||(e[0]=[l("Authentication")])),_:1})]),t("li",null,[a(n,{to:"/oldstable/generalinformation/networkSetup.html"},{default:o(()=>e[1]||(e[1]=[l("Network Setup and General Architecture")])),_:1})])])])}const p=r(u,[["render",d],["__file","index.html.vue"]]),_=JSON.parse('{"path":"/oldstable/generalinformation/","title":"General Information","lang":"en-US","frontmatter":{"title":"General Information","icon":"set","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.04,"words":13},"filePathRelative":"oldstable/generalinformation/README.md","excerpt":"\\n"}');export{p as comp,_ as data}; diff --git a/assets/index.html-Br2SEoN8.js b/assets/index.html-Br2SEoN8.js new file mode 100644 index 000000000..2b75d6e1a --- /dev/null +++ b/assets/index.html-Br2SEoN8.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/stable/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"stable/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-BrXjYrIb.js b/assets/index.html-BrXjYrIb.js new file mode 100644 index 000000000..b381b2697 --- /dev/null +++ b/assets/index.html-BrXjYrIb.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.7.0/","title":"DSF 1.7.0","lang":"en-US","frontmatter":{"title":"DSF 1.7.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.7.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-Bu0T-_KJ.js b/assets/index.html-Bu0T-_KJ.js new file mode 100644 index 000000000..6dea58ba5 --- /dev/null +++ b/assets/index.html-Bu0T-_KJ.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.6.0/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.6.0/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-Bur8W0e8.js b/assets/index.html-Bur8W0e8.js new file mode 100644 index 000000000..0d8f455a7 --- /dev/null +++ b/assets/index.html-Bur8W0e8.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.3.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-BvjsjDex.js b/assets/index.html-BvjsjDex.js new file mode 100644 index 000000000..6d4711e0f --- /dev/null +++ b/assets/index.html-BvjsjDex.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.2.0/","title":"DSF 1.2.0","lang":"en-US","frontmatter":{"title":"DSF 1.2.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.2.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-BxLs337Z.js b/assets/index.html-BxLs337Z.js new file mode 100644 index 000000000..6b952aede --- /dev/null +++ b/assets/index.html-BxLs337Z.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.3.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.3.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-By_2M9Eb.js b/assets/index.html-By_2M9Eb.js new file mode 100644 index 000000000..1c3f079ce --- /dev/null +++ b/assets/index.html-By_2M9Eb.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as l}from"./app-BIWb5uIp.js";const n={};function o(t,e){return l(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(n,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/stable/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"stable/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-C044djId.js b/assets/index.html-C044djId.js new file mode 100644 index 000000000..e05a989a4 --- /dev/null +++ b/assets/index.html-C044djId.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,b as l,e as o,f as a,r,o as d,d as n}from"./app-BIWb5uIp.js";const u={};function b(m,e){const t=r("RouteLink");return d(),s("div",null,[l("ul",null,[l("li",null,[o(t,{to:"/oldstable/build/build.html"},{default:a(()=>e[0]||(e[0]=[n("Build & Test Project")])),_:1})]),l("li",null,[o(t,{to:"/oldstable/build/proxyTestTool.html"},{default:a(()=>e[1]||(e[1]=[n("Proxy Test Tool")])),_:1})]),l("li",null,[o(t,{to:"/oldstable/build/releaseANewVersion.html"},{default:a(()=>e[2]||(e[2]=[n("Release a new version")])),_:1})])])])}const p=i(u,[["render",b],["__file","index.html.vue"]]),T=JSON.parse('{"path":"/oldstable/build/","title":"Build and Test","lang":"en-US","frontmatter":{"title":"Build and Test","icon":"back-stage","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"oldstable/build/README.md","excerpt":"\\n"}');export{p as comp,T as data}; diff --git a/assets/index.html-C3Ia18VX.js b/assets/index.html-C3Ia18VX.js new file mode 100644 index 000000000..ea625f9f4 --- /dev/null +++ b/assets/index.html-C3Ia18VX.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.6.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.6.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-C6jX4zME.js b/assets/index.html-C6jX4zME.js new file mode 100644 index 000000000..208623ad9 --- /dev/null +++ b/assets/index.html-C6jX4zME.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.2.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.2.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-C71EusK-.js b/assets/index.html-C71EusK-.js new file mode 100644 index 000000000..7bd143c0f --- /dev/null +++ b/assets/index.html-C71EusK-.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as n,o as r}from"./app-BIWb5uIp.js";const t={};function o(l,e){return r(),a("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/stable/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"stable/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-CAuA1qZF.js b/assets/index.html-CAuA1qZF.js new file mode 100644 index 000000000..6a736259f --- /dev/null +++ b/assets/index.html-CAuA1qZF.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.5.0/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.0/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-CCHXQ3qu.js b/assets/index.html-CCHXQ3qu.js new file mode 100644 index 000000000..2c1e76680 --- /dev/null +++ b/assets/index.html-CCHXQ3qu.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as i,d as n,e,f as o,r as s,o as u}from"./app-BIWb5uIp.js";const f={};function d(m,t){const l=s("RouteLink");return u(),a("div",null,[t[7]||(t[7]=i("h2",{id:"overview",tabindex:"-1"},[i("a",{class:"header-anchor",href:"#overview"},[i("span",null,"Overview")])],-1)),i("ul",null,[i("li",null,[t[6]||(t[6]=n("Documentation ")),i("ul",null,[i("li",null,[e(l,{to:"/intro/info/introduction.html"},{default:o(()=>t[0]||(t[0]=[n("Introduction")])),_:1})]),i("li",null,[e(l,{to:"/intro/info/basics.html"},{default:o(()=>t[1]||(t[1]=[n("Basics & Standards")])),_:1})]),i("li",null,[e(l,{to:"/intro/info/architecture.html"},{default:o(()=>t[2]||(t[2]=[n("Architecture")])),_:1})]),i("li",null,[e(l,{to:"/intro/info/security.html"},{default:o(()=>t[3]||(t[3]=[n("Security")])),_:1})]),i("li",null,[e(l,{to:"/intro/info/allowList.html"},{default:o(()=>t[4]||(t[4]=[n("Allow Lists")])),_:1})]),i("li",null,[e(l,{to:"/intro/info/process-plugins.html"},{default:o(()=>t[5]||(t[5]=[n("Process Plugins")])),_:1})])])])])])}const v=r(f,[["render",d],["__file","index.html.vue"]]),p=JSON.parse('{"path":"/intro/","title":"Documentation","lang":"en-US","frontmatter":{"title":"Documentation","icon":"info","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":22},"filePathRelative":"intro/README.md","excerpt":"

    Overview

    \\n"}');export{v as comp,p as data}; diff --git a/assets/index.html-CEXDY_Uk.js b/assets/index.html-CEXDY_Uk.js new file mode 100644 index 000000000..39e29afc6 --- /dev/null +++ b/assets/index.html-CEXDY_Uk.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.3.2/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.3.2/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-CEl0GMbE.js b/assets/index.html-CEl0GMbE.js new file mode 100644 index 000000000..cdad7a145 --- /dev/null +++ b/assets/index.html-CEl0GMbE.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as i,o as t}from"./app-BIWb5uIp.js";const n={};function l(o,e){return t(),a("div",null,e[0]||(e[0]=[i('

    Overview

    ',2)]))}const u=r(n,[["render",l],["__file","index.html.vue"]]),s=JSON.parse('{"path":"/about/","title":"About","lang":"en-US","frontmatter":{"title":"About","icon":"creative","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"about/README.md","excerpt":"

    Overview

    \\n\\n"}');export{u as comp,s as data}; diff --git a/assets/index.html-CGF3Du5r.js b/assets/index.html-CGF3Du5r.js new file mode 100644 index 000000000..8d79cb6bb --- /dev/null +++ b/assets/index.html-CGF3Du5r.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.5.2/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.5.2/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-CIYI18oA.js b/assets/index.html-CIYI18oA.js new file mode 100644 index 000000000..8efa3fd37 --- /dev/null +++ b/assets/index.html-CIYI18oA.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-CJqQIH24.js b/assets/index.html-CJqQIH24.js new file mode 100644 index 000000000..5ea03e482 --- /dev/null +++ b/assets/index.html-CJqQIH24.js @@ -0,0 +1 @@ +import{_ as a}from"./dsf-concept-Dbcu0twt.js";import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as t,o}from"./app-BIWb5uIp.js";const s="/photos/learnmore/funding/bmbf-mii.png",i={};function d(c,e){return o(),n("div",null,e[0]||(e[0]=[t('

    Data Sharing Framework

    The Data Sharing Framework (DSF) is a concept for a secure middleware to distribute data sharing processes based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed organizations. Every participating site runs a FHIR endpoint accessible by other sites and a business process engine in the local secured network. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing or feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organizational boundaries. The secure communication infrastructure is funded by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.

    DSF concept
    DSF concept

    Rolf Hansen Memorial Award 2023 goes to Hauke Hund

    We are very pleased to have won the Rolf Hansen Memorial Award at EFMI MIE 2023 in Gothenburg. The Rolf Hansen Memorial Award is presented annually by the European Federation for Medical Informatics (EFMI) for an outstanding paper as well as for an excellent presentation. It is named after Rolf Hansen (1931-1993), a well-known Norwegian medical informatician and former president of EFMI. Hauke Hund presented his Paper: No Transfer Without Validation: A Data Sharing Framework Use Case in May at the EFMI MIE. doi:10.3233/SHTI230066

    Feel free to contact us via dsf-gecko@hs-heilbronn.de and we will take care of your request as soon as possible.

    ',8)]))}const u=r(i,[["render",d],["__file","index.html.vue"]]),p=JSON.parse('{"path":"/","title":"Data Sharing Framework","lang":"en-US","frontmatter":{"home":true,"icon":"home","title":"Data Sharing Framework","heroImage":"/photos/home/logo.svg","heroText":"Data Sharing Framework","tagline":"A performant, secure, and innovative framework that enables biomedical researchers to extract value from routine data.","features":[{"title":"Introduction","icon":"info","details":"Introduction to the DSF and informations about Use-Cases/Projects.","link":"/intro/"},{"title":"Get Started","icon":"launch","details":"Get technical insights and install the DSF | Develop Process Plugins.","link":"/stable/"},{"title":"About Us","icon":"creative","details":"Contact, partners, the team behind the DSF and more... Join our community!","link":"/about/learnmore/"},{"title":"GitHub","icon":"github","details":"Take a look at the open-source reference implementation.","link":"https://github.com/datasharingframework/dsf"}],"gitInclude":[]},"headers":[{"level":2,"title":"Rolf Hansen Memorial Award 2023 goes to Hauke Hund","slug":"rolf-hansen-memorial-award-2023-goes-to-hauke-hund","link":"#rolf-hansen-memorial-award-2023-goes-to-hauke-hund","children":[]}],"readingTime":{"minutes":1.46,"words":439},"filePathRelative":"index.md","excerpt":"
    \\n

    Data Sharing Framework

    \\n

    The Data Sharing Framework (DSF) is a concept for a secure middleware to distribute data sharing processes based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed organizations. Every participating site runs a FHIR endpoint accessible by other sites and a business process engine in the local secured network. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing or feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organizational boundaries. The secure communication infrastructure is funded by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.

    "}');export{u as comp,p as data}; diff --git a/assets/index.html-CKHbb906.js b/assets/index.html-CKHbb906.js new file mode 100644 index 000000000..0fc78e175 --- /dev/null +++ b/assets/index.html-CKHbb906.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o}from"./app-BIWb5uIp.js";const s={};function n(a,e){return o(),r("div",null,e[0]||(e[0]=[i('

    We take security of the DSF, its process plugins, services and tools we operate very seriously.

    We describe the security mechanisms used by the DSF to implement secure communication on the pages Architecture, Security and Allow List.

    To ensure a high level of security, you should always install the latest DSF version and use the latest versions of the process plugins. Use the instructions to install the latest version of the DSF or to upgrade on the latest version. The instructions described there implement the security configuration recommended by us.

    It is also important that you ensure a secure operating environment in which you verify firewall configurations, keep the operating systems on which the DSF is running up to date and harden it according to the latest state of the art.

    Security vulnerability disclosure policy

    Our commitment to security

    We as the DSF development team take security of our software, services and data very seriously. We understand that despite our best efforts, vulnerabilities can exist. To address this, we encourage responsible reporting of any security vulnerabilities discovered in our software and systems.

    Responsible disclosure

    We kindly ask security researchers and the general public to follow the principles of Coordinated Vulnerability Disclosure (CVD) or Responsible Disclosure when reporting vulnerabilities to us. This approach helps us to mitigate potential risks and protect our users' data effectively.

    How to Report a Vulnerability

    If you believe you have found a security vulnerability in our system, please email us at dsf-security@hs-heilbronn.de. If you want to use end-to-end-encryption, you can send us mails using s-mime with the certificate chain provided here. We kindly request the following:

    • Provide a detailed description of the vulnerability, including if possible the potential impact and how it can be exploited.
    • Include steps to reproduce the vulnerability or proof-of-concept code, if possible.
    • Avoid accessing or modifying user data without permission, and do not exploit a security issue for any reason other than testing.
    • Maintain confidentiality and do not publicly disclose the vulnerability, until we have had the opportunity to investigate and address it.

    Please do not file an issue on a security-related topic and use the e-mail address provided. You can verify the address both in the application repository and at the homepage (this page).

    Our promise

    • Acknowledgement: We usually will acknowledge receipt of your vulnerability report within 48 hours.
    • Investigation: Our security team will investigate the issue and work diligently to verify and reproduce the vulnerability.
    • Communication: We will keep you informed of our progress as we work to resolve the issue.
    • Resolution: We will strive to resolve security issues in a timely manner and release updates, patches, or remediations as needed.
    • Recognition: We value your effort in making our systems more secure and will recognize your contribution, if desired, once the vulnerability is resolved.

    We promise not to initiate legal action against individuals who report vulnerabilities responsibly in accordance with this policy. This includes not suing for accidental access to data or reporting in good faith.

    Questions?

    If you have any questions about this policy or security of the Data Sharing Framework, the services and tools we provide, please contact us at dsf-security@hs-heilbronn.de. You can send us encrypted e-mails using s-mime. You can find the certificate chain here.

    ',19)]))}const c=t(s,[["render",n],["__file","index.html.vue"]]),d=JSON.parse('{"path":"/security/","title":"Security","lang":"en-US","frontmatter":{"title":"Security","icon":"safe","gitInclude":[]},"headers":[{"level":2,"title":"Security vulnerability disclosure policy","slug":"security-vulnerability-disclosure-policy","link":"#security-vulnerability-disclosure-policy","children":[{"level":3,"title":"Our commitment to security","slug":"our-commitment-to-security","link":"#our-commitment-to-security","children":[]},{"level":3,"title":"Responsible disclosure","slug":"responsible-disclosure","link":"#responsible-disclosure","children":[]},{"level":3,"title":"How to Report a Vulnerability","slug":"how-to-report-a-vulnerability","link":"#how-to-report-a-vulnerability","children":[]},{"level":3,"title":"Our promise","slug":"our-promise","link":"#our-promise","children":[]},{"level":3,"title":"Legal Protection","slug":"legal-protection","link":"#legal-protection","children":[]},{"level":3,"title":"Questions?","slug":"questions","link":"#questions","children":[]}]}],"readingTime":{"minutes":1.97,"words":590},"filePathRelative":"security/readme.md","excerpt":"

    We take security of the DSF, its process plugins, services and tools we operate very seriously.

    \\n

    We describe the security mechanisms used by the DSF to implement secure communication on the pages Architecture, Security and Allow List.

    "}');export{c as comp,d as data}; diff --git a/assets/index.html-CPm74umY.js b/assets/index.html-CPm74umY.js new file mode 100644 index 000000000..d4396a439 --- /dev/null +++ b/assets/index.html-CPm74umY.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.3.1/","title":"DSF 1.3.1","lang":"en-US","frontmatter":{"title":"DSF 1.3.1","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.3.1/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-CQ7vft6x.js b/assets/index.html-CQ7vft6x.js new file mode 100644 index 000000000..02165adcd --- /dev/null +++ b/assets/index.html-CQ7vft6x.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.5.1/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.1/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-CQIyjAbi.js b/assets/index.html-CQIyjAbi.js new file mode 100644 index 000000000..6c62ad5a0 --- /dev/null +++ b/assets/index.html-CQIyjAbi.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.4.0/","title":"DSF 1.4.0","lang":"en-US","frontmatter":{"title":"DSF 1.4.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.4.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-CXzsHOSr.js b/assets/index.html-CXzsHOSr.js new file mode 100644 index 000000000..7ba961fa2 --- /dev/null +++ b/assets/index.html-CXzsHOSr.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.1/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.1/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-CmYLzWSX.js b/assets/index.html-CmYLzWSX.js new file mode 100644 index 000000000..fe5d7a0bd --- /dev/null +++ b/assets/index.html-CmYLzWSX.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/stable/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"stable/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-Cndqnr5H.js b/assets/index.html-Cndqnr5H.js new file mode 100644 index 000000000..6a871e1fc --- /dev/null +++ b/assets/index.html-Cndqnr5H.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.3.0/","title":"DSF 1.3.0","lang":"en-US","frontmatter":{"title":"DSF 1.3.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.3.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-Cnxg1Eld.js b/assets/index.html-Cnxg1Eld.js new file mode 100644 index 000000000..b643900dd --- /dev/null +++ b/assets/index.html-Cnxg1Eld.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.7.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.7.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-CqJnCMPW.js b/assets/index.html-CqJnCMPW.js new file mode 100644 index 000000000..d1e7a3b82 --- /dev/null +++ b/assets/index.html-CqJnCMPW.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.5.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-CqQT4XC6.js b/assets/index.html-CqQT4XC6.js new file mode 100644 index 000000000..5ee08d207 --- /dev/null +++ b/assets/index.html-CqQT4XC6.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.3.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.3.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-Cs2nfFpC.js b/assets/index.html-Cs2nfFpC.js new file mode 100644 index 000000000..8aa30d313 --- /dev/null +++ b/assets/index.html-Cs2nfFpC.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as i,o as n}from"./app-BIWb5uIp.js";const t={};function o(l,e){return n(),a("div",null,e[0]||(e[0]=[i('

    Overview

    ',2)]))}const v=r(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.0.0/maintain/configuration/","title":"Configuration Parameters","lang":"en-US","frontmatter":{"title":"Configuration Parameters","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":22},"filePathRelative":"v1.0.0/maintain/configuration/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-CvKg-5SJ.js b/assets/index.html-CvKg-5SJ.js new file mode 100644 index 000000000..8c8f98730 --- /dev/null +++ b/assets/index.html-CvKg-5SJ.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.7.0/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.7.0/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-Cz99fyPG.js b/assets/index.html-Cz99fyPG.js new file mode 100644 index 000000000..9bf53d75e --- /dev/null +++ b/assets/index.html-Cz99fyPG.js @@ -0,0 +1 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as t,e as l,f as n,r as u,o as m,d as a}from"./app-BIWb5uIp.js";const s={};function d(b,e){const r=u("RouteLink");return m(),i("div",null,[e[4]||(e[4]=t("h2",{id:"overview",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#overview"},[t("span",null,"Overview")])],-1)),t("ul",null,[t("li",null,[l(r,{to:"/about/learnmore/contact.html"},{default:n(()=>e[0]||(e[0]=[a("Contact & Community Guide")])),_:1})]),t("li",null,[l(r,{to:"/about/learnmore/team.html"},{default:n(()=>e[1]||(e[1]=[a("Contributors")])),_:1})]),t("li",null,[l(r,{to:"/about/learnmore/partners.html"},{default:n(()=>e[2]||(e[2]=[a("Partners")])),_:1})]),t("li",null,[l(r,{to:"/about/learnmore/public.html"},{default:n(()=>e[3]||(e[3]=[a("Public Funding")])),_:1})])])])}const c=o(s,[["render",d],["__file","index.html.vue"]]),p=JSON.parse('{"path":"/about/learnmore/","title":"Learn more","lang":"en-US","frontmatter":{"title":"Learn more","icon":"creative","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.06,"words":17},"filePathRelative":"about/learnmore/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,p as data}; diff --git a/assets/index.html-CzGft21U.js b/assets/index.html-CzGft21U.js new file mode 100644 index 000000000..7319c8598 --- /dev/null +++ b/assets/index.html-CzGft21U.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.2.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.2.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-Czz42V9T.js b/assets/index.html-Czz42V9T.js new file mode 100644 index 000000000..1b3e7f32e --- /dev/null +++ b/assets/index.html-Czz42V9T.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),n("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const v=i(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.2/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.2/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-D0klOcDH.js b/assets/index.html-D0klOcDH.js new file mode 100644 index 000000000..7cdb825cc --- /dev/null +++ b/assets/index.html-D0klOcDH.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,b as e,e as o,f as r,r as s,o as u,d as i}from"./app-BIWb5uIp.js";const d={};function m(c,t){const l=s("RouteLink");return u(),a("div",null,[e("ul",null,[e("li",null,[o(l,{to:"/intro/tutorials/MIE2023.html"},{default:r(()=>t[0]||(t[0]=[i("MIE 2023")])),_:1})]),e("li",null,[o(l,{to:"/intro/tutorials/GMDS2022-dev.html"},{default:r(()=>t[1]||(t[1]=[i("GMDS 2022 - DSF Process Plugin Tutorial v 0.9.x")])),_:1})])])])}const p=n(d,[["render",m],["__file","index.html.vue"]]),x=JSON.parse('{"path":"/intro/tutorials/","title":"Tutorials","lang":"en-US","frontmatter":{"title":"Tutorials","icon":"edit","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.06,"words":17},"filePathRelative":"intro/tutorials/README.md","excerpt":"\\n"}');export{p as comp,x as data}; diff --git a/assets/index.html-D2LbKSwg.js b/assets/index.html-D2LbKSwg.js new file mode 100644 index 000000000..29a95a707 --- /dev/null +++ b/assets/index.html-D2LbKSwg.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.3.1/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.3.1/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-D7PkCYZy.js b/assets/index.html-D7PkCYZy.js new file mode 100644 index 000000000..e2ddd65f1 --- /dev/null +++ b/assets/index.html-D7PkCYZy.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as r,o as i}from"./app-BIWb5uIp.js";const s={};function a(d,e){return i(),t("div",null,e[0]||(e[0]=[r('

    Terminverschiebung

    Die Sprechstunde wird aufgrund der FDPG Datenausleitungssprechstunde (DANA) ab dem 20.01.2025 von 14:00-14:50 Uhr stattfinden.

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    Klicken Sie hier, um der Sprechstunde beizutreten.

    ',3)]))}const p=n(s,[["render",a],["__file","index.html.vue"]]),h=JSON.parse('{"path":"/sprechstunde/","title":"Sprechstunde","lang":"en-US","frontmatter":{"title":"Sprechstunde","icon":"guide","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.18,"words":55},"filePathRelative":"sprechstunde/index.md","excerpt":"
    \\n

    Terminverschiebung

    \\n

    Die Sprechstunde wird aufgrund der FDPG Datenausleitungssprechstunde (DANA) ab dem 20.01.2025 von 14:00-14:50 Uhr stattfinden.

    \\n
    \\n
    \\n

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    \\n\\n
    "}');export{p as comp,h as data}; diff --git a/assets/index.html-D9-SkzFP.js b/assets/index.html-D9-SkzFP.js new file mode 100644 index 000000000..816e8dfd3 --- /dev/null +++ b/assets/index.html-D9-SkzFP.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),n("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const v=i(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.1/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.1/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-DB1QlrqO.js b/assets/index.html-DB1QlrqO.js new file mode 100644 index 000000000..05fd9ce72 --- /dev/null +++ b/assets/index.html-DB1QlrqO.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.7.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.7.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-DHzXf-Ti.js b/assets/index.html-DHzXf-Ti.js new file mode 100644 index 000000000..1eba377b2 --- /dev/null +++ b/assets/index.html-DHzXf-Ti.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.7.0/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.7.0/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-DLMT2KGj.js b/assets/index.html-DLMT2KGj.js new file mode 100644 index 000000000..7dc2f4d6d --- /dev/null +++ b/assets/index.html-DLMT2KGj.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.7.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.7.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-DMDcxf3n.js b/assets/index.html-DMDcxf3n.js new file mode 100644 index 000000000..bb7ced2e5 --- /dev/null +++ b/assets/index.html-DMDcxf3n.js @@ -0,0 +1 @@ +import{_ as d}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,b as l,e as n,f as i,r,o as s,d as a}from"./app-BIWb5uIp.js";const g={};function b(u,e){const t=r("RouteLink");return s(),o("div",null,[l("ul",null,[l("li",null,[n(t,{to:"/oldstable/code/code.html"},{default:i(()=>e[0]||(e[0]=[a("Writing Code")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/usingTheGitHubMaven.html"},{default:i(()=>e[1]||(e[1]=[a("Using the GitHub Maven Package Registry")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/addingANewFhirR.html"},{default:i(()=>e[2]||(e[2]=[a("Adding a new FHIR Resource")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/changingBpmnProcesses.html"},{default:i(()=>e[3]||(e[3]=[a("Changing BPMN Processes by Service Task Overwrites")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/addingANewMpiClient.html"},{default:i(()=>e[4]||(e[4]=[a("Adding a new MPI Client")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/addingANewOpenEhrClient.html"},{default:i(()=>e[5]||(e[5]=[a("Adding a new openEHR Client")])),_:1})]),l("li",null,[n(t,{to:"/oldstable/code/libraries.html"},{default:i(()=>e[6]||(e[6]=[a("Libraries")])),_:1})])])])}const h=d(g,[["render",b],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/oldstable/code/","title":"Code","lang":"en-US","frontmatter":{"title":"Code","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.14,"words":42},"filePathRelative":"oldstable/code/README.md","excerpt":""}');export{h as comp,f as data}; diff --git a/assets/index.html-DOwz4jEO.js b/assets/index.html-DOwz4jEO.js new file mode 100644 index 000000000..34eae8c14 --- /dev/null +++ b/assets/index.html-DOwz4jEO.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.5.0/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.5.0/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-DQ3Nt6us.js b/assets/index.html-DQ3Nt6us.js new file mode 100644 index 000000000..785ad6b39 --- /dev/null +++ b/assets/index.html-DQ3Nt6us.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.5.0/","title":"DSF 1.5.0","lang":"en-US","frontmatter":{"title":"DSF 1.5.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.5.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-DRHY4Bbd.js b/assets/index.html-DRHY4Bbd.js new file mode 100644 index 000000000..4c57ae760 --- /dev/null +++ b/assets/index.html-DRHY4Bbd.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.4.0/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.4.0/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-DSkgDhK5.js b/assets/index.html-DSkgDhK5.js new file mode 100644 index 000000000..fe2ca5acd --- /dev/null +++ b/assets/index.html-DSkgDhK5.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),n("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const v=i(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.6.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.6.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-DWnbSWRp.js b/assets/index.html-DWnbSWRp.js new file mode 100644 index 000000000..8a1457884 --- /dev/null +++ b/assets/index.html-DWnbSWRp.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.3.2/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.3.2/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-DaJfQ08l.js b/assets/index.html-DaJfQ08l.js new file mode 100644 index 000000000..3014631e7 --- /dev/null +++ b/assets/index.html-DaJfQ08l.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const l={};function o(t,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(l,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.5.1/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"v1.5.1/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-DbFAXAAQ.js b/assets/index.html-DbFAXAAQ.js new file mode 100644 index 000000000..a1da06f51 --- /dev/null +++ b/assets/index.html-DbFAXAAQ.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.1.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.1.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-DfC4mUoD.js b/assets/index.html-DfC4mUoD.js new file mode 100644 index 000000000..3abec7ee1 --- /dev/null +++ b/assets/index.html-DfC4mUoD.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.3.2/","title":"DSF 1.3.2","lang":"en-US","frontmatter":{"title":"DSF 1.3.2","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.3.2/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-DfXGbgMQ.js b/assets/index.html-DfXGbgMQ.js new file mode 100644 index 000000000..6dd95565a --- /dev/null +++ b/assets/index.html-DfXGbgMQ.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.6.0/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.6.0/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-Dk8E3hDO.js b/assets/index.html-Dk8E3hDO.js new file mode 100644 index 000000000..3f87e6012 --- /dev/null +++ b/assets/index.html-Dk8E3hDO.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const l={};function o(t,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const c=i(l,[["render",o],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.7.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.21,"words":64},"filePathRelative":"v1.7.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-Dnqh_ARi.js b/assets/index.html-Dnqh_ARi.js new file mode 100644 index 000000000..5bb871222 --- /dev/null +++ b/assets/index.html-Dnqh_ARi.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.1/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.5.1/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-DrZ50Pv0.js b/assets/index.html-DrZ50Pv0.js new file mode 100644 index 000000000..43998d934 --- /dev/null +++ b/assets/index.html-DrZ50Pv0.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.2/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.3.2/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-DrkOei-6.js b/assets/index.html-DrkOei-6.js new file mode 100644 index 000000000..d7ef10102 --- /dev/null +++ b/assets/index.html-DrkOei-6.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const t={};function o(l,e){return n(),r("div",null,e[0]||(e[0]=[a('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),h=JSON.parse('{"path":"/stable/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"stable/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,h as data}; diff --git a/assets/index.html-DsoDbkV8.js b/assets/index.html-DsoDbkV8.js new file mode 100644 index 000000000..52cc44f04 --- /dev/null +++ b/assets/index.html-DsoDbkV8.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),n("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const v=i(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.7.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.7.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-DzD_HNEo.js b/assets/index.html-DzD_HNEo.js new file mode 100644 index 000000000..8c768f5df --- /dev/null +++ b/assets/index.html-DzD_HNEo.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.4.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.4.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-EiZ7XLI5.js b/assets/index.html-EiZ7XLI5.js new file mode 100644 index 000000000..7476c556b --- /dev/null +++ b/assets/index.html-EiZ7XLI5.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.5.2/","title":"DSF 1.5.2","lang":"en-US","frontmatter":{"title":"DSF 1.5.2","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.5.2/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-FXArYuCT.js b/assets/index.html-FXArYuCT.js new file mode 100644 index 000000000..f7cac35c6 --- /dev/null +++ b/assets/index.html-FXArYuCT.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.2/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.3.2/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-HyKBLJzv.js b/assets/index.html-HyKBLJzv.js new file mode 100644 index 000000000..1776851b0 --- /dev/null +++ b/assets/index.html-HyKBLJzv.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.2.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.2.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-KOE2FyFa.js b/assets/index.html-KOE2FyFa.js new file mode 100644 index 000000000..2bdd4a7ae --- /dev/null +++ b/assets/index.html-KOE2FyFa.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),n("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const v=i(t,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.5.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.5.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,f as data}; diff --git a/assets/index.html-LTp7GwJa.js b/assets/index.html-LTp7GwJa.js new file mode 100644 index 000000000..78a3249c5 --- /dev/null +++ b/assets/index.html-LTp7GwJa.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as t}from"./app-BIWb5uIp.js";const a={};function s(o,e){return t(),r("div",null,e[0]||(e[0]=[i('

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    Hackathon vom 22.10.2024

    Zusammenfassung

    Liebe Community,

    die Modul 2B Projekte FDPG+ und DSF Community möchten Sie herzlich zu einem Hackathon am 22.10.2024 von 10:00-16:00 Uhr einladen.
    Leiten Sie bitte die Einladung an die technischen Kolleg*innen in den DIZ und den DMSt weiter.

    Fokus des Hackathons liegt auf der Erprobung der neuen Machbarkeit und des neuen Datenselektion- und -Extraktionstools (TORCH) im Zusammenspiel mit den DSF Data Sharing Prozessen. Ergänzend wird der FHIR Data Evaluator vorgestellt und Updates zum DSF, dem Feasibility Prozess Plugin und dem Allowlist Management präsentiert.

    Wie üblich sollen die Tools und Prozesse hands-on auf der Testinfrastruktur erprobt und deployed werden, dazu folgen weitere Informationen kurz vor dem Hackathon.

    Vorläufiger Zeitplan:

    10:00-12:30 : Vorstellungen und Updates

    • Vorstellung Datenselektion und Extraktionstool TORCH – FDPG+
    • Vorstellung FHIR Evaluator – FDPG+
    • DSF Updates – DSF Community
    • Feasibility Prozessplugin Updates – DSF Community & FDPG+
    • Allowlist Management Updates – DSF Community

    12:30-14:00 : Mittagspause

    14:00-16:00 : Hands-On

    • Erproben der vorgestellten Tools
    • Datenselektion und Extraktion mit Data Sharing
    • Support und Fragen zum Deployment und Betrieb
    • Wir freuen uns auf Ihre Teilnahme!

    Viele Grüße,
    Julian Gründner und Maximilian Kurscheidt
    für FDPG+ und DSF Community

    Vorbereitung

    In diesem Hackathon ist das Aktualisieren der Systeme ein aktiver Bestandteil und bedarf keiner speziellen Vorbereitung. Für das Testen der Data Sharing Prozesse sollten jedoch einige Voraussetzungen bereits vor dem Termin erfüllt sein.

    Netzwerkfreigaben

    Für den Hackathon werden wir primär die Test-DMS aus Heilbronn verwenden, dafür muss neben der Freigabe zur FDPG auch die Freigabe zum und vom MII-Test-System der HHN vorhanden sein (mii-test.gecko.hs-heilbronn.de).

    In diesem Kontext bietet es sich an, auch die Freigaben für weitere Test-DMSen zu beantragen. Weitere Details dazu befinden sich in der Liste der Firewallregeln im Test-Allowlist-Management-Tool (allowlist-test.gecko.hs-heilbronn.de) unter dem Punkt “Download Allowlist”. Wir planen während des Termins auch mit ausgewählten DIZen erste Funktionstests der Test-DMSen durchzuführen.

    Wir empfehlen auch sicherzustellen, dass Sie Zugriff auf die Weboberfläche Ihres DSF-FHIR-Servers haben.

    FHIR-Store

    Zur Datenausleitung im Kontext des Data Sharing Prozesses werden wir FHIR Bundles mit Testdaten zur Verfügung stellen, die in Form eines FHIR Bundles auf einem FHIR Store gespeichert werden müssen. Dabei kann ein beliebiger FHIR Server (z.B. HAPI FHIR oder Blaze) verwendet werden. Es kann auch der FHIR Server verwendet werden, der z.B. für Feasibility im Testsystem genutzt wird.

    Weitere Details zum Data Sharing Prozess sind hier zu finden:

    https://github.com/medizininformatik-initiative/mii-process-data-sharing/wiki

    Eine Installation kann vor oder während des Hackathons durchgeführt werden.

    Installationshinweise

    ⚠️

    Versionen der unten aufgeführten Tools können sich noch bis zum Hackathon ändern.

    DSF

    Installation oder Update

    Prozessplugins

    Weitere Anwendungen

    Data Sharing Demodaten

    Falls Sie Fragen zum Hackathon oder der Installation des DSF haben, melden Sie sich gerne über den DSF-Community Zulip-Channel oder dsf-gecko@hs-heilbronn.de.

    ',37)]))}const h=n(a,[["render",s],["__file","index.html.vue"]]),p=JSON.parse('{"path":"/hackathon/","title":"Hackathon","lang":"en-US","frontmatter":{"title":"Hackathon","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"Vorbereitung","slug":"vorbereitung","link":"#vorbereitung","children":[{"level":3,"title":"Netzwerkfreigaben","slug":"netzwerkfreigaben","link":"#netzwerkfreigaben","children":[]},{"level":3,"title":"FHIR-Store","slug":"fhir-store","link":"#fhir-store","children":[]}]},{"level":2,"title":"Installationshinweise","slug":"installationshinweise","link":"#installationshinweise","children":[{"level":3,"title":"DSF","slug":"dsf","link":"#dsf","children":[]},{"level":3,"title":"Prozessplugins","slug":"prozessplugins","link":"#prozessplugins","children":[]},{"level":3,"title":"Weitere Anwendungen","slug":"weitere-anwendungen","link":"#weitere-anwendungen","children":[]}]},{"level":2,"title":"Data Sharing Demodaten","slug":"data-sharing-demodaten","link":"#data-sharing-demodaten","children":[]}],"readingTime":{"minutes":2.21,"words":662},"filePathRelative":"hackathon/index.md","excerpt":"\\n
    \\n

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    \\n\\n
    "}');export{h as comp,p as data}; diff --git a/assets/index.html-NnyYXI8c.js b/assets/index.html-NnyYXI8c.js new file mode 100644 index 000000000..11a5e95f3 --- /dev/null +++ b/assets/index.html-NnyYXI8c.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.3.2/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.3.2/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-OZBcTdV4.js b/assets/index.html-OZBcTdV4.js new file mode 100644 index 000000000..b314fb818 --- /dev/null +++ b/assets/index.html-OZBcTdV4.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.2/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.5.2/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-QtMirOFG.js b/assets/index.html-QtMirOFG.js new file mode 100644 index 000000000..1e52d9586 --- /dev/null +++ b/assets/index.html-QtMirOFG.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as n}from"./app-BIWb5uIp.js";const i={};function a(s,e){return n(),o("div",null,e[0]||(e[0]=[r('

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    ',5)]))}const g=t(i,[["render",a],["__file","index.html.vue"]]),c=JSON.parse(`{"path":"/v1.5.1/contribute/","title":"Contribute","lang":"en-US","frontmatter":{"title":"Contribute","icon":"info","gitInclude":[]},"headers":[{"level":3,"title":"Ways you can contribute:","slug":"ways-you-can-contribute","link":"#ways-you-can-contribute","children":[]}],"readingTime":{"minutes":1.64,"words":491},"filePathRelative":"v1.5.1/contribute/readme.md","excerpt":"

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    "}`);export{g as comp,c as data}; diff --git a/assets/index.html-RXe6B_7F.js b/assets/index.html-RXe6B_7F.js new file mode 100644 index 000000000..4cfeddc3f --- /dev/null +++ b/assets/index.html-RXe6B_7F.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as l,d as t,e as n,f as o,r as s,o as d}from"./app-BIWb5uIp.js";const u={};function f(m,e){const a=s("RouteLink");return d(),i("div",null,[l("p",null,[e[1]||(e[1]=t("Data Sharing Framework 0.9.x is an old version of the Data Sharing Framework. Click ")),n(a,{to:"/intro/"},{default:o(()=>e[0]||(e[0]=[t("here")])),_:1}),e[2]||(e[2]=t(" to find more information about the DSF in general."))]),e[8]||(e[8]=l("h2",{id:"overview-v-0-9-x",tabindex:"-1"},[l("a",{class:"header-anchor",href:"#overview-v-0-9-x"},[l("span",null,"Overview (v 0.9.x)")])],-1)),l("ul",null,[l("li",null,[n(a,{to:"/oldstable/generalInformation/"},{default:o(()=>e[3]||(e[3]=[t("General Information")])),_:1})]),l("li",null,[n(a,{to:"/oldstable/code/"},{default:o(()=>e[4]||(e[4]=[t("Code")])),_:1})]),l("li",null,[n(a,{to:"/oldstable/build/"},{default:o(()=>e[5]||(e[5]=[t("Build and Test")])),_:1})]),l("li",null,[n(a,{to:"/oldstable/releases/"},{default:o(()=>e[6]||(e[6]=[t("Releases and Deployment")])),_:1})]),l("li",null,[n(a,{to:"/oldstable/tutorial/"},{default:o(()=>e[7]||(e[7]=[t("DSF Process Plugin Tutorial")])),_:1})])])])}const g=r(u,[["render",f],["__file","index.html.vue"]]),x=JSON.parse('{"path":"/oldstable/","title":"Version 0.9.x","lang":"en-US","frontmatter":{"title":"Version 0.9.x","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"Overview (v 0.9.x)","slug":"overview-v-0-9-x","link":"#overview-v-0-9-x","children":[]}],"readingTime":{"minutes":0.17,"words":51},"filePathRelative":"oldstable/README.md","excerpt":"

    Data Sharing Framework 0.9.x is an old version of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n

    Overview (v 0.9.x)

    \\n"}');export{g as comp,x as data}; diff --git a/assets/index.html-S3T0mcfD.js b/assets/index.html-S3T0mcfD.js new file mode 100644 index 000000000..9c70264e6 --- /dev/null +++ b/assets/index.html-S3T0mcfD.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a,b as t,d as s,e as i,f as n,r as d,o as u}from"./app-BIWb5uIp.js";const p={};function m(g,e){const r=d("RouteLink");return u(),o("div",null,[e[34]||(e[34]=a('

    Implementing BPMN Processes as DSF Process-Plugins

    This repository contains exercises to learn how to implement process plugins for the Data Sharing Framework (DSF). The tutorial is divided into several exercises that build on each other. For each exercise, a sample solution is provided in a separate branch.
    This tutorial was first executed at the GMDS / TMF 2022 conference. A recording of the opening remarks by H. Hund and R. Wettstein can be found on YouTube. The slides of the opening remarks are available as a PDF download.

    Prerequisites

    ',4)),t("p",null,[e[1]||(e[1]=s("In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler and a minimum 16GB of RAM is needed. For more details see the ")),i(r,{to:"/oldstable/tutorial/prerequisites.html"},{default:n(()=>e[0]||(e[0]=[s("detailed prerequisites document")])),_:1}),e[2]||(e[2]=s("."))]),e[35]||(e[35]=t("h3",{id:"exercise-1-simple-process",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-1-simple-process"},[t("span",null,"Exercise 1 - Simple Process")])],-1)),e[36]||(e[36]=t("hr",null,null,-1)),t("p",null,[e[4]||(e[4]=s("The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:n(()=>e[3]||(e[3]=[s("exercise 1 description")])),_:1}),e[5]||(e[5]=s("."))]),e[37]||(e[37]=t("h4",{id:"exercise-1-1-process-debugging",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-1-1-process-debugging"},[t("span",null,"Exercise 1.1 - Process Debugging")])],-1)),e[38]||(e[38]=t("hr",null,null,-1)),t("p",null,[e[7]||(e[7]=s("Exercise 1.1 looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:n(()=>e[6]||(e[6]=[s("exercise 1.1 description")])),_:1}),e[8]||(e[8]=s("."))]),e[39]||(e[39]=t("h3",{id:"exercise-2-input-parameters",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-2-input-parameters"},[t("span",null,"Exercise 2 - Input Parameters")])],-1)),e[40]||(e[40]=t("hr",null,null,-1)),t("p",null,[e[10]||(e[10]=s("In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:n(()=>e[9]||(e[9]=[s("exercise 2 description")])),_:1}),e[11]||(e[11]=s("."))]),e[41]||(e[41]=t("h3",{id:"exercise-3-message-events",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-3-message-events"},[t("span",null,"Exercise 3 - Message Events")])],-1)),e[42]||(e[42]=t("hr",null,null,-1)),t("p",null,[e[13]||(e[13]=s("Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:n(()=>e[12]||(e[12]=[s("exercise 3 description")])),_:1}),e[14]||(e[14]=s("."))]),e[43]||(e[43]=t("h3",{id:"exercise-4-exclusive-gateways",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-4-exclusive-gateways"},[t("span",null,"Exercise 4 - Exclusive Gateways")])],-1)),e[44]||(e[44]=t("hr",null,null,-1)),t("p",null,[e[16]||(e[16]=s("Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:n(()=>e[15]||(e[15]=[s("exercise 4 description")])),_:1}),e[17]||(e[17]=s("."))]),e[45]||(e[45]=t("h3",{id:"exercise-5-event-based-gateways-and-intermediate-events",tabindex:"-1"},[t("a",{class:"header-anchor",href:"#exercise-5-event-based-gateways-and-intermediate-events"},[t("span",null,"Exercise 5 - Event Based Gateways and Intermediate Events")])],-1)),e[46]||(e[46]=t("hr",null,null,-1)),t("p",null,[e[19]||(e[19]=s("In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. For more details see the ")),i(r,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:n(()=>e[18]||(e[18]=[s("exercise 5 description")])),_:1}),e[20]||(e[20]=s("."))]),e[47]||(e[47]=t("hr",null,null,-1)),t("p",null,[i(r,{to:"/oldstable/tutorial/prerequisites.html"},{default:n(()=>e[21]||(e[21]=[s("Prerequisites")])),_:1}),e[28]||(e[28]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:n(()=>e[22]||(e[22]=[s("Exercise 1")])),_:1}),e[29]||(e[29]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:n(()=>e[23]||(e[23]=[s("Exercise 1.1")])),_:1}),e[30]||(e[30]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:n(()=>e[24]||(e[24]=[s("Exercise 2")])),_:1}),e[31]||(e[31]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:n(()=>e[25]||(e[25]=[s("Exercise 3")])),_:1}),e[32]||(e[32]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:n(()=>e[26]||(e[26]=[s("Exercise 4")])),_:1}),e[33]||(e[33]=s(" | ")),i(r,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:n(()=>e[27]||(e[27]=[s("Exercise 5")])),_:1})])])}const h=l(p,[["render",m],["__file","index.html.vue"]]),b=JSON.parse('{"path":"/oldstable/tutorial/","title":"DSF Process Plugin Tutorial","lang":"en-US","frontmatter":{"title":"DSF Process Plugin Tutorial","icon":"slides","gitInclude":[]},"headers":[{"level":2,"title":"Implementing BPMN Processes as DSF Process-Plugins","slug":"implementing-bpmn-processes-as-dsf-process-plugins","link":"#implementing-bpmn-processes-as-dsf-process-plugins","children":[{"level":3,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":3,"title":"Exercise 1 - Simple Process","slug":"exercise-1-simple-process","link":"#exercise-1-simple-process","children":[]},{"level":3,"title":"Exercise 2 - Input Parameters","slug":"exercise-2-input-parameters","link":"#exercise-2-input-parameters","children":[]},{"level":3,"title":"Exercise 3 - Message Events","slug":"exercise-3-message-events","link":"#exercise-3-message-events","children":[]},{"level":3,"title":"Exercise 4 - Exclusive Gateways","slug":"exercise-4-exclusive-gateways","link":"#exercise-4-exclusive-gateways","children":[]},{"level":3,"title":"Exercise 5 - Event Based Gateways and Intermediate Events","slug":"exercise-5-event-based-gateways-and-intermediate-events","link":"#exercise-5-event-based-gateways-and-intermediate-events","children":[]}]}],"readingTime":{"minutes":1.53,"words":458},"filePathRelative":"oldstable/tutorial/README.md","excerpt":"

    Implementing BPMN Processes as DSF Process-Plugins

    \\n

    This repository contains exercises to learn how to implement process plugins for the Data Sharing Framework (DSF). The tutorial is divided into several exercises that build on each other. For each exercise, a sample solution is provided in a separate branch.
    \\nThis tutorial was first executed at the GMDS / TMF 2022 conference. A recording of the opening remarks by H. Hund and R. Wettstein can be found on YouTube. The slides of the opening remarks are available as a PDF download.

    "}');export{h as comp,b as data}; diff --git a/assets/index.html-TcOcP-Bq.js b/assets/index.html-TcOcP-Bq.js new file mode 100644 index 000000000..dbb00b805 --- /dev/null +++ b/assets/index.html-TcOcP-Bq.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.1/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.3.1/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-XcF7NSzE.js b/assets/index.html-XcF7NSzE.js new file mode 100644 index 000000000..d550df863 --- /dev/null +++ b/assets/index.html-XcF7NSzE.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.2.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.2.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-Y0e05cKm.js b/assets/index.html-Y0e05cKm.js new file mode 100644 index 000000000..2d9df7e1f --- /dev/null +++ b/assets/index.html-Y0e05cKm.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/stable/","title":"DSF 1.7.0","lang":"en-US","frontmatter":{"title":"DSF 1.7.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"stable/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-ZBhJuKM1.js b/assets/index.html-ZBhJuKM1.js new file mode 100644 index 000000000..b2f13c9b5 --- /dev/null +++ b/assets/index.html-ZBhJuKM1.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.1.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.1.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-_264En7g.js b/assets/index.html-_264En7g.js new file mode 100644 index 000000000..c8e8667e3 --- /dev/null +++ b/assets/index.html-_264En7g.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as n,o as a}from"./app-BIWb5uIp.js";const t={};function o(l,e){return a(),r("div",null,e[0]||(e[0]=[n('

    Overview

    ',2)]))}const f=i(t,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.4.0/maintain/fhir/","title":"FHIR Server","lang":"en-US","frontmatter":{"title":"FHIR Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.05,"words":16},"filePathRelative":"v1.4.0/maintain/fhir/README.md","excerpt":"

    Overview

    \\n\\n"}');export{f as comp,v as data}; diff --git a/assets/index.html-bjuFvx66.js b/assets/index.html-bjuFvx66.js new file mode 100644 index 000000000..8149faa40 --- /dev/null +++ b/assets/index.html-bjuFvx66.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as r,o as n}from"./app-BIWb5uIp.js";const l={};function t(o,e){return n(),a("div",null,e[0]||(e[0]=[r('

    Overview

    ',2)]))}const c=i(l,[["render",t],["__file","index.html.vue"]]),u=JSON.parse('{"path":"/v1.1.0/maintain/","title":"Maintain a DSF instance","lang":"en-US","frontmatter":{"title":"Maintain a DSF instance","icon":"tool","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.16,"words":49},"filePathRelative":"v1.1.0/maintain/README.md","excerpt":"

    Overview

    \\n"}');export{c as comp,u as data}; diff --git a/assets/index.html-byhqdOu2.js b/assets/index.html-byhqdOu2.js new file mode 100644 index 000000000..81217b630 --- /dev/null +++ b/assets/index.html-byhqdOu2.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.1.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.1.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-gVhE0Tph.js b/assets/index.html-gVhE0Tph.js new file mode 100644 index 000000000..392667f08 --- /dev/null +++ b/assets/index.html-gVhE0Tph.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function l(o,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",l],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/v1.2.0/maintain/bpe/","title":"BPE Server","lang":"en-US","frontmatter":{"title":"BPE Server","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":9},"filePathRelative":"v1.2.0/maintain/bpe/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-jdtoEAin.js b/assets/index.html-jdtoEAin.js new file mode 100644 index 000000000..052c7ff6e --- /dev/null +++ b/assets/index.html-jdtoEAin.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.3.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.3.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/index.html-kMzNwla3.js b/assets/index.html-kMzNwla3.js new file mode 100644 index 000000000..2c1f3e755 --- /dev/null +++ b/assets/index.html-kMzNwla3.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.6.0/","title":"DSF 1.6.0","lang":"en-US","frontmatter":{"title":"DSF 1.6.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.46,"words":139},"filePathRelative":"v1.6.0/index.md","excerpt":"

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-lWF73U7W.js b/assets/index.html-lWF73U7W.js new file mode 100644 index 000000000..65e71f222 --- /dev/null +++ b/assets/index.html-lWF73U7W.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=i(a,[["render",o],["__file","index.html.vue"]]),f=JSON.parse('{"path":"/v1.6.0/maintain/fhir-reverse-proxy/","title":"FHIR Reverse Proxy","lang":"en-US","frontmatter":{"title":"FHIR Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"v1.6.0/maintain/fhir-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,f as data}; diff --git a/assets/index.html-psdjpexw.js b/assets/index.html-psdjpexw.js new file mode 100644 index 000000000..246396504 --- /dev/null +++ b/assets/index.html-psdjpexw.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as e,o as r}from"./app-BIWb5uIp.js";const t={};function a(s,i){return r(),l("div",null,i[0]||(i[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"feasibility"},"Feasibility")]),e("li",null,[e("a",{href:"num"},"Network University Medicine")])],-1)]))}const v=n(t,[["render",a],["__file","index.html.vue"]]),d=JSON.parse('{"path":"/intro/use-cases/","title":"Use-Cases","lang":"en-US","frontmatter":{"title":"Use-Cases","icon":"view","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.04,"words":12},"filePathRelative":"intro/use-cases/README.md","excerpt":"

    Overview

    \\n\\n"}');export{v as comp,d as data}; diff --git a/assets/index.html-tRP1yX-S.js b/assets/index.html-tRP1yX-S.js new file mode 100644 index 000000000..b3be2f1cc --- /dev/null +++ b/assets/index.html-tRP1yX-S.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as d,b as i,d as t,e as n,f as s,r as l,o as c}from"./app-BIWb5uIp.js";const h={};function p(u,e){const a=l("RouteLink");return c(),o("div",null,[e[6]||(e[6]=d('

    Summary

    • Use case agnostic middleware: DSF is adaptable to any distributed process, leveraging BPMN 2.0 and FHIR R4 for secure, efficient data sharing across various biomedical research scenarios.

    • Security: DSF prioritizes security through stringent authentication and authorization protocols, ensuring data is accessed and shared only by authorized organizations to maintain data confidentiality and integrity.

    • Proven in clinical research: Deployed in German university hospitals, DSF's effectiveness and reliability are validated in real-world settings.

    • Implementation guidance: DSF offers resources on how to implement new process plugins.

    Overview of DSF

    The Data Sharing Framework (DSF) is a secure middleware solution designed to facilitate data sharing across different organizations for biomedical research. It utilizes BPMN 2.0 and FHIR R4 standards to support processes such as data extraction, merging, pseudonymization, and provisioning. Funded by the German Federal Ministry of Education and Research as part of the Medical Informatics initiative, the DSF aims to improve data interoperability and security across institutional boundaries.

    Key features and benefits

    Distributed data sharing processes

    DSF enables distributed data sharing by providing each participating site with a FHIR endpoint and a business process engine. This setup ensures that data can be securely shared and processed across different sites, facilitating cross-site data sharing and feasibility analyses.

    Flexibility with data standards

    While DSF primarily uses the FHIR R4 standard to ensure high-quality data exchange, it is designed to be open and adaptable to other data formats. This flexibility allows for a wide range of data types to be incorporated into research projects.

    Security and access control

    Security is a critical component of DSF, which includes robust authentication and authorization protocols. These protocols ensure that data access and sharing are restricted to authorized organizations, maintaining the confidentiality and integrity of the data.

    Deployment in clinical environments

    DSF is already deployed and operational in Data Integration Centers at German university hospitals, demonstrating its applicability and reliability in real-world clinical research settings.

    Getting started with the DSF

    ',13)),i("p",null,[e[1]||(e[1]=t("If you're looking to leverage the DSF for your research or you're interested in exploring how it can enhance your data sharing needs, we're here to support you. Visit the ")),i("strong",null,[n(a,{to:"/for-you/learn.html"},{default:s(()=>e[0]||(e[0]=[t("Learn how to implement your use case")])),_:1})]),e[2]||(e[2]=t(" page to start your journey towards integrating the DSF into your research project."))]),e[7]||(e[7]=i("p",null,[t("Should you have any questions or need personalized assistance, don't hesitate to reach out to the DSF core team directly at "),i("strong",null,[i("a",{href:"mailto:dsf-gecko@hs-heilbronn.de",target:"_blank",rel:"noopener noreferrer"},"dsf-gecko@hs-heilbronn.de")]),t(".")],-1)),i("p",null,[e[4]||(e[4]=t("Embark on your DSF journey today and ")),n(a,{to:"/stable/contribute/"},{default:s(()=>e[3]||(e[3]=[t("join a community")])),_:1}),e[5]||(e[5]=t(" committed to advancing biomedical research through secure, interoperable data sharing."))])])}const y=r(h,[["render",p],["__file","index.html.vue"]]),m=JSON.parse(`{"path":"/for-you/","title":"DSF for your project","lang":"en-US","frontmatter":{"title":"DSF for your project","icon":"creative","gitInclude":[]},"headers":[{"level":2,"title":"Overview of DSF","slug":"overview-of-dsf","link":"#overview-of-dsf","children":[]},{"level":2,"title":"Key features and benefits","slug":"key-features-and-benefits","link":"#key-features-and-benefits","children":[{"level":3,"title":"Distributed data sharing processes","slug":"distributed-data-sharing-processes","link":"#distributed-data-sharing-processes","children":[]},{"level":3,"title":"Flexibility with data standards","slug":"flexibility-with-data-standards","link":"#flexibility-with-data-standards","children":[]},{"level":3,"title":"Security and access control","slug":"security-and-access-control","link":"#security-and-access-control","children":[]},{"level":3,"title":"Deployment in clinical environments","slug":"deployment-in-clinical-environments","link":"#deployment-in-clinical-environments","children":[]}]},{"level":2,"title":"Getting started with the DSF","slug":"getting-started-with-the-dsf","link":"#getting-started-with-the-dsf","children":[]}],"readingTime":{"minutes":1.45,"words":435},"filePathRelative":"for-you/index.md","excerpt":"
    \\n

    Summary

    \\n
      \\n
    • \\n

      Use case agnostic middleware: DSF is adaptable to any distributed process, leveraging BPMN 2.0 and FHIR R4 for secure, efficient data sharing across various biomedical research scenarios.

      \\n
      • \\n
    • \\n

      Security: DSF prioritizes security through stringent authentication and authorization protocols, ensuring data is accessed and shared only by authorized organizations to maintain data confidentiality and integrity.

      \\n
      • \\n
    • \\n

      Proven in clinical research: Deployed in German university hospitals, DSF's effectiveness and reliability are validated in real-world settings.

      \\n
      • \\n
    • \\n

      Implementation guidance: DSF offers resources on how to implement new process plugins.

      \\n
      • \\n
    \\n
    "}`);export{y as comp,m as data}; diff --git a/assets/index.html-w6bpU2pA.js b/assets/index.html-w6bpU2pA.js new file mode 100644 index 000000000..c94b00769 --- /dev/null +++ b/assets/index.html-w6bpU2pA.js @@ -0,0 +1 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as t}from"./app-BIWb5uIp.js";const a={};function o(l,r){return t(),i("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"configuration"},"Configuration Parameters")])],-1)]))}const c=n(a,[["render",o],["__file","index.html.vue"]]),m=JSON.parse('{"path":"/stable/maintain/bpe-reverse-proxy/","title":"BPE Reverse Proxy","lang":"en-US","frontmatter":{"title":"BPE Reverse Proxy","icon":"module","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.03,"words":10},"filePathRelative":"stable/maintain/bpe-reverse-proxy/README.md","excerpt":"

    Overview

    \\n\\n"}');export{c as comp,m as data}; diff --git a/assets/index.html-wVEnbcVC.js b/assets/index.html-wVEnbcVC.js new file mode 100644 index 000000000..34e335338 --- /dev/null +++ b/assets/index.html-wVEnbcVC.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as n,d as a,e as o,f as s,a as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function m(f,e){const t=d("RouteLink");return h(),i("div",null,[n("p",null,[e[1]||(e[1]=a("Data Sharing Framework 1.0.0 is the new major release of the Data Sharing Framework. Click ")),o(t,{to:"/intro/"},{default:s(()=>e[0]||(e[0]=[a("here")])),_:1}),e[2]||(e[2]=a(" to find more information about the DSF in general."))]),e[3]||(e[3]=l('

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow user authenitication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features
    ',7))])}const g=r(p,[["render",m],["__file","index.html.vue"]]),w=JSON.parse('{"path":"/v1.0.0/","title":"DSF 1.0.0","lang":"en-US","frontmatter":{"title":"DSF 1.0.0","icon":"guide","gitInclude":[]},"headers":[{"level":2,"title":"New features","slug":"new-features","link":"#new-features","children":[]}],"readingTime":{"minutes":0.42,"words":127},"filePathRelative":"v1.0.0/index.md","excerpt":"

    Data Sharing Framework 1.0.0 is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    \\n
    \\n

    Important note

    \\n

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    \\n
    "}');export{g as comp,w as data}; diff --git a/assets/index.html-zG09QC5j.js b/assets/index.html-zG09QC5j.js new file mode 100644 index 000000000..2d386dce5 --- /dev/null +++ b/assets/index.html-zG09QC5j.js @@ -0,0 +1 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as e,o as a}from"./app-BIWb5uIp.js";const i={};function o(s,r){return a(),n("div",null,r[0]||(r[0]=[e("h2",{id:"overview",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#overview"},[e("span",null,"Overview")])],-1),e("ul",null,[e("li",null,[e("a",{href:"create"},"Create a new process plugin")]),e("li",null,[e("a",{href:"upgrade-from-0"},"Upgrade processes from 0.9.x")])],-1)]))}const p=l(i,[["render",o],["__file","index.html.vue"]]),v=JSON.parse('{"path":"/v1.5.0/develop/","title":"Develop Process Plugins","lang":"en-US","frontmatter":{"title":"Develop Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]}],"readingTime":{"minutes":0.07,"words":20},"filePathRelative":"v1.5.0/develop/README.md","excerpt":"

    Overview

    \\n\\n"}');export{p as comp,v as data}; diff --git a/assets/install-plugins.html-BKYrmio5.js b/assets/install-plugins.html-BKYrmio5.js new file mode 100644 index 000000000..b576122c3 --- /dev/null +++ b/assets/install-plugins.html-BKYrmio5.js @@ -0,0 +1,3 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as a}from"./app-BIWb5uIp.js";const s={};function n(o,e){return a(),i("div",null,e[0]||(e[0]=[t(`

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 14/08/2024).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.6v1.0.0.6
    MII Process Reportv1.1.1.1v1.1.1.1
    MII Process Data Transferv1.0.2.1v1.0.2.1
    MII Process Data Sharingv1.0.1.1v1.0.1.1
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    `,17)]))}const h=r(s,[["render",n],["__file","install-plugins.html.vue"]]),p=JSON.parse('{"path":"/v1.5.2/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[{"level":3,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":3,"title":"Deployment","slug":"deployment","link":"#deployment","children":[]}]}],"readingTime":{"minutes":1.18,"words":353},"filePathRelative":"v1.5.2/maintain/install-plugins.md","excerpt":"
    \\n

    Marketplace for process plugins

    \\n

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    \\n
    \\n

    Overview

    "}');export{h as comp,p as data}; diff --git a/assets/install-plugins.html-BNnNzW63.js b/assets/install-plugins.html-BNnNzW63.js new file mode 100644 index 000000000..7f0e37da9 --- /dev/null +++ b/assets/install-plugins.html-BNnNzW63.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as i}from"./app-BIWb5uIp.js";const o={};function n(t,e){return i(),r("div",null,e[0]||(e[0]=[a('

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    ',7)]))}const c=s(o,[["render",n],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.3.0/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.3.0/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatable process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install-plugins.html-BOVVyaxu.js b/assets/install-plugins.html-BOVVyaxu.js new file mode 100644 index 000000000..42aef1120 --- /dev/null +++ b/assets/install-plugins.html-BOVVyaxu.js @@ -0,0 +1,3 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as a}from"./app-BIWb5uIp.js";const s={};function n(o,e){return a(),i("div",null,e[0]||(e[0]=[t(`

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 2025-01-22).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.2.0v1.1.2.0
    MII Process Data Transferv1.0.3.0v1.0.3.0
    MII Process Data Sharingv1.0.2.0v1.0.2.0
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    `,17)]))}const h=r(s,[["render",n],["__file","install-plugins.html.vue"]]),p=JSON.parse('{"path":"/stable/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[{"level":3,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":3,"title":"Deployment","slug":"deployment","link":"#deployment","children":[]}]}],"readingTime":{"minutes":1.18,"words":355},"filePathRelative":"stable/maintain/install-plugins.md","excerpt":"
    \\n

    Marketplace for process plugins

    \\n

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    \\n
    \\n

    Overview

    "}');export{h as comp,p as data}; diff --git a/assets/install-plugins.html-BrkJzu97.js b/assets/install-plugins.html-BrkJzu97.js new file mode 100644 index 000000000..f5a1a3ae7 --- /dev/null +++ b/assets/install-plugins.html-BrkJzu97.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as i}from"./app-BIWb5uIp.js";const o={};function n(t,e){return i(),r("div",null,e[0]||(e[0]=[a('

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    ',7)]))}const c=s(o,[["render",n],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.3.1/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.3.1/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatable process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install-plugins.html-C10EMoFX.js b/assets/install-plugins.html-C10EMoFX.js new file mode 100644 index 000000000..1b63597ab --- /dev/null +++ b/assets/install-plugins.html-C10EMoFX.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as a}from"./app-BIWb5uIp.js";const o={};function t(n,e){return a(),r("div",null,e[0]||(e[0]=[i('

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    ',8)]))}const c=s(o,[["render",t],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.4.0/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.4.0/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatable process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install-plugins.html-CETUdIzs.js b/assets/install-plugins.html-CETUdIzs.js new file mode 100644 index 000000000..99360dcb7 --- /dev/null +++ b/assets/install-plugins.html-CETUdIzs.js @@ -0,0 +1,3 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as a}from"./app-BIWb5uIp.js";const s={};function n(o,e){return a(),i("div",null,e[0]||(e[0]=[t(`

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 14/08/2024).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.1.1v1.1.1.1
    MII Process Data Transferv1.0.2.1v1.0.2.1
    MII Process Data Sharingv1.0.1.1v1.0.1.1
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    `,17)]))}const h=r(s,[["render",n],["__file","install-plugins.html.vue"]]),p=JSON.parse('{"path":"/v1.6.0/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[{"level":3,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":3,"title":"Deployment","slug":"deployment","link":"#deployment","children":[]}]}],"readingTime":{"minutes":1.18,"words":353},"filePathRelative":"v1.6.0/maintain/install-plugins.md","excerpt":"
    \\n

    Marketplace for process plugins

    \\n

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    \\n
    \\n

    Overview

    "}');export{h as comp,p as data}; diff --git a/assets/install-plugins.html-CUvVNWrv.js b/assets/install-plugins.html-CUvVNWrv.js new file mode 100644 index 000000000..46f73882f --- /dev/null +++ b/assets/install-plugins.html-CUvVNWrv.js @@ -0,0 +1,3 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as t,o as a}from"./app-BIWb5uIp.js";const s={};function n(o,e){return a(),i("div",null,e[0]||(e[0]=[t(`

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 2025-01-22).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.2.0v1.1.2.0
    MII Process Data Transferv1.0.3.0v1.0.3.0
    MII Process Data Sharingv1.0.2.0v1.0.2.0
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    `,17)]))}const h=r(s,[["render",n],["__file","install-plugins.html.vue"]]),p=JSON.parse('{"path":"/v1.7.0/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[{"level":3,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[]},{"level":3,"title":"Deployment","slug":"deployment","link":"#deployment","children":[]}]}],"readingTime":{"minutes":1.18,"words":355},"filePathRelative":"v1.7.0/maintain/install-plugins.md","excerpt":"
    \\n

    Marketplace for process plugins

    \\n

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    \\n
    \\n

    Overview

    "}');export{h as comp,p as data}; diff --git a/assets/install-plugins.html-CjpkZYU8.js b/assets/install-plugins.html-CjpkZYU8.js new file mode 100644 index 000000000..8045be48f --- /dev/null +++ b/assets/install-plugins.html-CjpkZYU8.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as a}from"./app-BIWb5uIp.js";const o={};function t(n,e){return a(),r("div",null,e[0]||(e[0]=[i('

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    ',8)]))}const c=s(o,[["render",t],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.5.0/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.5.0/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatable process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install-plugins.html-Q8LC3tyN.js b/assets/install-plugins.html-Q8LC3tyN.js new file mode 100644 index 000000000..8f378e7f7 --- /dev/null +++ b/assets/install-plugins.html-Q8LC3tyN.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as a}from"./app-BIWb5uIp.js";const t={};function o(n,e){return a(),i("div",null,e[0]||(e[0]=[r('

    You can find an overview of compatible process plugins below.

    Common processes

    MII processes

    NUM processes

    ',7)]))}const c=s(t,[["render",o],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.5.1/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.5.1/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatible process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install-plugins.html-uQEYkgRF.js b/assets/install-plugins.html-uQEYkgRF.js new file mode 100644 index 000000000..d63af80bd --- /dev/null +++ b/assets/install-plugins.html-uQEYkgRF.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as a}from"./app-BIWb5uIp.js";const o={};function t(n,e){return a(),r("div",null,e[0]||(e[0]=[i('

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    ',8)]))}const c=s(o,[["render",t],["__file","install-plugins.html.vue"]]),m=JSON.parse('{"path":"/v1.3.2/maintain/install-plugins.html","title":"Install Plugins","lang":"en-US","frontmatter":{"title":"Install Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Common processes","slug":"common-processes","link":"#common-processes","children":[]},{"level":2,"title":"MII processes","slug":"mii-processes","link":"#mii-processes","children":[]},{"level":2,"title":"NUM processes","slug":"num-processes","link":"#num-processes","children":[]}],"readingTime":{"minutes":0.24,"words":73},"filePathRelative":"v1.3.2/maintain/install-plugins.md","excerpt":"

    You can find an overview of compatable process plugins below.

    \\n

    Common processes

    \\n"}');export{c as comp,m as data}; diff --git a/assets/install.html-4JkzqW05.js b/assets/install.html-4JkzqW05.js new file mode 100644 index 000000000..f226443a9 --- /dev/null +++ b/assets/install.html-4JkzqW05.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as r}from"./app-BIWb5uIp.js";const a={};function n(o,e){return r(),t("div",null,e[0]||(e[0]=[s(`

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_2_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_2_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_2_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_2_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,33)]))}const d=i(a,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.2.0/maintain/install.html","title":"Install DSF 1.2.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.2.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.97,"words":1791},"filePathRelative":"v1.2.0/maintain/install.md","excerpt":"
    \\n

    Member of existing networks

    \\n

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-B0D4qCui.js b/assets/install.html-B0D4qCui.js new file mode 100644 index 000000000..3fff2185e --- /dev/null +++ b/assets/install.html-B0D4qCui.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_1.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_1.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_1.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_1.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.5.1/maintain/install.html","title":"Install DSF 1.5.1","lang":"en-US","frontmatter":{"title":"Install DSF 1.5.1","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.76,"words":1729},"filePathRelative":"v1.5.1/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-Bu9lSmMr.js b/assets/install.html-Bu9lSmMr.js new file mode 100644 index 000000000..a087e1be5 --- /dev/null +++ b/assets/install.html-Bu9lSmMr.js @@ -0,0 +1,25 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem
      • Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L34:      - app_client_certificate_private_key.pem.password
+...
+L47:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L109:  app_client_certificate_private_key.pem.password:
+L110:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
        • HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443
          Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443
        • For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see the FHIR server Configuration Parameters page.

    7. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L12:      - app_client_certificate_private_key.pem.password
+...
+L32:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L83:  app_client_certificate_private_key.pem.password:
+L84:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/stable/maintain/install.html","title":"Install DSF 1.7.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.7.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.72,"words":1717},"filePathRelative":"stable/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-C5JbEbto.js b/assets/install.html-C5JbEbto.js new file mode 100644 index 000000000..695bd65a6 --- /dev/null +++ b/assets/install.html-C5JbEbto.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.5.0/maintain/install.html","title":"Install DSF 1.5.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.5.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.77,"words":1731},"filePathRelative":"v1.5.0/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-C8E-85I9.js b/assets/install.html-C8E-85I9.js new file mode 100644 index 000000000..06bde0ebb --- /dev/null +++ b/assets/install.html-C8E-85I9.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.3.0/maintain/install.html","title":"Install DSF 1.3.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.3.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.84,"words":1753},"filePathRelative":"v1.3.0/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-CDyf6Qpa.js b/assets/install.html-CDyf6Qpa.js new file mode 100644 index 000000000..ed6843b50 --- /dev/null +++ b/assets/install.html-CDyf6Qpa.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_2.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_2.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_2.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_2.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.5.2/maintain/install.html","title":"Install DSF 1.5.2","lang":"en-US","frontmatter":{"title":"Install DSF 1.5.2","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.76,"words":1729},"filePathRelative":"v1.5.2/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-CJSKxVy2.js b/assets/install.html-CJSKxVy2.js new file mode 100644 index 000000000..4afd658c7 --- /dev/null +++ b/assets/install.html-CJSKxVy2.js @@ -0,0 +1,25 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem
      • Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L34:      - app_client_certificate_private_key.pem.password
+...
+L47:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L109:  app_client_certificate_private_key.pem.password:
+L110:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
        • HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443
          Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443
        • For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see the FHIR server Configuration Parameters page.

    7. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L12:      - app_client_certificate_private_key.pem.password
+...
+L32:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L83:  app_client_certificate_private_key.pem.password:
+L84:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.7.0/maintain/install.html","title":"Install DSF 1.7.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.7.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.72,"words":1717},"filePathRelative":"v1.7.0/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-CaWTETgA.js b/assets/install.html-CaWTETgA.js new file mode 100644 index 000000000..72ed921be --- /dev/null +++ b/assets/install.html-CaWTETgA.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_4_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_4_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_4_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_4_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.4.0/maintain/install.html","title":"Install DSF 1.4.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.4.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.77,"words":1731},"filePathRelative":"v1.4.0/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-DNNBSmYy.js b/assets/install.html-DNNBSmYy.js new file mode 100644 index 000000000..1ad83341c --- /dev/null +++ b/assets/install.html-DNNBSmYy.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_6_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_6_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_6_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_6_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.6.0/maintain/install.html","title":"Install DSF 1.6.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.6.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.76,"words":1729},"filePathRelative":"v1.6.0/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-DT8BqM1K.js b/assets/install.html-DT8BqM1K.js new file mode 100644 index 000000000..d01827b81 --- /dev/null +++ b/assets/install.html-DT8BqM1K.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_2.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_2.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_2.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_2.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.3.2/maintain/install.html","title":"Install DSF 1.3.2","lang":"en-US","frontmatter":{"title":"Install DSF 1.3.2","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.77,"words":1731},"filePathRelative":"v1.3.2/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-HcGcuX1k.js b/assets/install.html-HcGcuX1k.js new file mode 100644 index 000000000..a33256992 --- /dev/null +++ b/assets/install.html-HcGcuX1k.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as a}from"./app-BIWb5uIp.js";const r={};function n(o,e){return a(),t("div",null,e[0]||(e[0]=[s(`

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_1.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_1.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_1.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_1.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,32)]))}const d=i(r,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.3.1/maintain/install.html","title":"Install DSF 1.3.1","lang":"en-US","frontmatter":{"title":"Install DSF 1.3.1","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.77,"words":1731},"filePathRelative":"v1.3.1/maintain/install.md","excerpt":"

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    \\n
    \\n

    Unified installation manual

    \\n

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-PX4TNhu_.js b/assets/install.html-PX4TNhu_.js new file mode 100644 index 000000000..a6b8fd81f --- /dev/null +++ b/assets/install.html-PX4TNhu_.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as r}from"./app-BIWb5uIp.js";const a={};function n(o,e){return r(),t("div",null,e[0]||(e[0]=[s(`

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_1_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_1_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_1_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_1_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,33)]))}const d=i(a,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.1.0/maintain/install.html","title":"Install DSF 1.1.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.1.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":5.97,"words":1790},"filePathRelative":"v1.1.0/maintain/install.md","excerpt":"
    \\n

    Member of existing networks

    \\n

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/install.html-WwnVh3au.js b/assets/install.html-WwnVh3au.js new file mode 100644 index 000000000..e07c9ddeb --- /dev/null +++ b/assets/install.html-WwnVh3au.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as s,o as r}from"./app-BIWb5uIp.js";const a={};function n(o,e){return r(),t("div",null,e[0]||(e[0]=[s(`

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_0_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_0_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L149:  app_client_certificate_private_key.pem.password:
+L150:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • DEV_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • DEV_DSF_FHIR_SERVER_ROLECONFIG: You can add other client certificates (e.g. personal DFN PKI S/MIME certificates, e.g. from admins) to your DSF instance.
          Set the SHA-512 Hash (lowercase hex) of your additional client certificates. The parameter TODO_WEBUSER_CLIENT_CERTIFICATE_THUMBPRINT can be a single thumbprint or can be expanded to a list (like dsf-role). If you don't have additional thumbprints you want to add, simply remove the DEV_DSF_FHIR_SERVER_ROLECONFIG variable from your docker-compose file.
        • For additional environment variables, see DSF configuration parameters - FHIR Server

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_0_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_0_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF configuration parameters - BPE Server

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    `,33)]))}const d=i(a,[["render",n],["__file","install.html.vue"]]),p=JSON.parse('{"path":"/v1.0.0/maintain/install.html","title":"Install DSF 1.0.0","lang":"en-US","frontmatter":{"title":"Install DSF 1.0.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]},{"level":3,"title":"Logs","slug":"logs","link":"#logs","children":[]},{"level":3,"title":"On-Boarding","slug":"on-boarding","link":"#on-boarding","children":[]}]}],"readingTime":{"minutes":6.1,"words":1831},"filePathRelative":"v1.0.0/maintain/install.md","excerpt":"
    \\n

    Member of existing networks

    \\n

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    \\n
    "}');export{d as comp,p as data}; diff --git a/assets/intelliJContent.html-BmnP7ie4.js b/assets/intelliJContent.html-BmnP7ie4.js new file mode 100644 index 000000000..b3fe7b605 --- /dev/null +++ b/assets/intelliJContent.html-BmnP7ie4.js @@ -0,0 +1,67 @@ +import{_ as l}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,b as a,e as n,f as h,a as p,r as e,o as A,d as k}from"./app-BIWb5uIp.js";const B={};function d(r,s){const i=e("RouteLink");return A(),t("div",null,[a("p",null,[n(i,{to:"/oldstable/code/code.html"},{default:h(()=>s[0]||(s[0]=[k("Back")])),_:1})]),s[2]||(s[2]=p(`
    <code_scheme name="highmed_dsf" version="173">
+  <option name="FORMATTER_TAGS_ENABLED" value="true" />
+  <JavaCodeStyleSettings>
+    <option name="ANNOTATION_PARAMETER_WRAP" value="1" />
+    <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+    <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+    <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
+      <value />
+    </option>
+    <option name="IMPORT_LAYOUT_TABLE">
+      <value>
+        <package name="" withSubpackages="true" static="true" />
+        <emptyLine />
+        <package name="java" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="javax" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="org" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="com" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="ca" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="de" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="" withSubpackages="true" static="false" />
+        <emptyLine />
+      </value>
+    </option>
+  </JavaCodeStyleSettings>
+  <codeStyleSettings language="JAVA">
+    <option name="KEEP_LINE_BREAKS" value="false" />
+    <option name="KEEP_FIRST_COLUMN_COMMENT" value="false" />
+    <option name="KEEP_CONTROL_STATEMENT_IN_ONE_LINE" value="false" />
+    <option name="KEEP_BLANK_LINES_IN_DECLARATIONS" value="1" />
+    <option name="KEEP_BLANK_LINES_IN_CODE" value="1" />
+    <option name="KEEP_BLANK_LINES_BEFORE_RBRACE" value="1" />
+    <option name="BRACE_STYLE" value="2" />
+    <option name="CLASS_BRACE_STYLE" value="2" />
+    <option name="METHOD_BRACE_STYLE" value="2" />
+    <option name="ELSE_ON_NEW_LINE" value="true" />
+    <option name="WHILE_ON_NEW_LINE" value="true" />
+    <option name="CATCH_ON_NEW_LINE" value="true" />
+    <option name="FINALLY_ON_NEW_LINE" value="true" />
+    <option name="ALIGN_MULTILINE_PARAMETERS" value="false" />
+    <option name="ALIGN_MULTILINE_RESOURCES" value="false" />
+    <option name="SPACE_WITHIN_ARRAY_INITIALIZER_BRACES" value="true" />
+    <option name="SPACE_BEFORE_ARRAY_INITIALIZER_LBRACE" value="true" />
+    <option name="CALL_PARAMETERS_WRAP" value="1" />
+    <option name="METHOD_PARAMETERS_WRAP" value="1" />
+    <option name="RESOURCE_LIST_WRAP" value="5" />
+    <option name="EXTENDS_LIST_WRAP" value="1" />
+    <option name="THROWS_LIST_WRAP" value="1" />
+    <option name="EXTENDS_KEYWORD_WRAP" value="1" />
+    <option name="THROWS_KEYWORD_WRAP" value="1" />
+    <option name="METHOD_CALL_CHAIN_WRAP" value="1" />
+    <option name="BINARY_OPERATION_WRAP" value="1" />
+    <option name="BINARY_OPERATION_SIGN_ON_NEXT_LINE" value="true" />
+    <option name="TERNARY_OPERATION_WRAP" value="5" />
+    <option name="ARRAY_INITIALIZER_WRAP" value="1" />
+    <option name="PARAMETER_ANNOTATION_WRAP" value="2" />
+    <option name="VARIABLE_ANNOTATION_WRAP" value="2" />
+    <indentOptions>
+      <option name="USE_TAB_CHARACTER" value="true" />
+    </indentOptions>
+  </codeStyleSettings>
+</code_scheme>
    `,1)),a("p",null,[n(i,{to:"/oldstable/code/code.html"},{default:h(()=>s[1]||(s[1]=[k("Back")])),_:1})])])}const F=l(B,[["render",d],["__file","intelliJContent.html.vue"]]),u=JSON.parse('{"path":"/oldstable/code/intelliJContent.html","title":"IntelliJ code-style configurations","lang":"en-US","frontmatter":{"title":"IntelliJ code-style configurations","icon":"code","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.11,"words":332},"filePathRelative":"oldstable/code/intelliJContent.md","excerpt":"

    Back

    \\n
    <code_scheme name=\\"highmed_dsf\\" version=\\"173\\">\\n  <option name=\\"FORMATTER_TAGS_ENABLED\\" value=\\"true\\" />\\n  <JavaCodeStyleSettings>\\n    <option name=\\"ANNOTATION_PARAMETER_WRAP\\" value=\\"1\\" />\\n    <option name=\\"CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND\\" value=\\"99\\" />\\n    <option name=\\"NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND\\" value=\\"99\\" />\\n    <option name=\\"PACKAGES_TO_USE_IMPORT_ON_DEMAND\\">\\n      <value />\\n    </option>\\n    <option name=\\"IMPORT_LAYOUT_TABLE\\">\\n      <value>\\n        <package name=\\"\\" withSubpackages=\\"true\\" static=\\"true\\" />\\n        <emptyLine />\\n        <package name=\\"java\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"javax\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"org\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"com\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"ca\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"de\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n        <package name=\\"\\" withSubpackages=\\"true\\" static=\\"false\\" />\\n        <emptyLine />\\n      </value>\\n    </option>\\n  </JavaCodeStyleSettings>\\n  <codeStyleSettings language=\\"JAVA\\">\\n    <option name=\\"KEEP_LINE_BREAKS\\" value=\\"false\\" />\\n    <option name=\\"KEEP_FIRST_COLUMN_COMMENT\\" value=\\"false\\" />\\n    <option name=\\"KEEP_CONTROL_STATEMENT_IN_ONE_LINE\\" value=\\"false\\" />\\n    <option name=\\"KEEP_BLANK_LINES_IN_DECLARATIONS\\" value=\\"1\\" />\\n    <option name=\\"KEEP_BLANK_LINES_IN_CODE\\" value=\\"1\\" />\\n    <option name=\\"KEEP_BLANK_LINES_BEFORE_RBRACE\\" value=\\"1\\" />\\n    <option name=\\"BRACE_STYLE\\" value=\\"2\\" />\\n    <option name=\\"CLASS_BRACE_STYLE\\" value=\\"2\\" />\\n    <option name=\\"METHOD_BRACE_STYLE\\" value=\\"2\\" />\\n    <option name=\\"ELSE_ON_NEW_LINE\\" value=\\"true\\" />\\n    <option name=\\"WHILE_ON_NEW_LINE\\" value=\\"true\\" />\\n    <option name=\\"CATCH_ON_NEW_LINE\\" value=\\"true\\" />\\n    <option name=\\"FINALLY_ON_NEW_LINE\\" value=\\"true\\" />\\n    <option name=\\"ALIGN_MULTILINE_PARAMETERS\\" value=\\"false\\" />\\n    <option name=\\"ALIGN_MULTILINE_RESOURCES\\" value=\\"false\\" />\\n    <option name=\\"SPACE_WITHIN_ARRAY_INITIALIZER_BRACES\\" value=\\"true\\" />\\n    <option name=\\"SPACE_BEFORE_ARRAY_INITIALIZER_LBRACE\\" value=\\"true\\" />\\n    <option name=\\"CALL_PARAMETERS_WRAP\\" value=\\"1\\" />\\n    <option name=\\"METHOD_PARAMETERS_WRAP\\" value=\\"1\\" />\\n    <option name=\\"RESOURCE_LIST_WRAP\\" value=\\"5\\" />\\n    <option name=\\"EXTENDS_LIST_WRAP\\" value=\\"1\\" />\\n    <option name=\\"THROWS_LIST_WRAP\\" value=\\"1\\" />\\n    <option name=\\"EXTENDS_KEYWORD_WRAP\\" value=\\"1\\" />\\n    <option name=\\"THROWS_KEYWORD_WRAP\\" value=\\"1\\" />\\n    <option name=\\"METHOD_CALL_CHAIN_WRAP\\" value=\\"1\\" />\\n    <option name=\\"BINARY_OPERATION_WRAP\\" value=\\"1\\" />\\n    <option name=\\"BINARY_OPERATION_SIGN_ON_NEXT_LINE\\" value=\\"true\\" />\\n    <option name=\\"TERNARY_OPERATION_WRAP\\" value=\\"5\\" />\\n    <option name=\\"ARRAY_INITIALIZER_WRAP\\" value=\\"1\\" />\\n    <option name=\\"PARAMETER_ANNOTATION_WRAP\\" value=\\"2\\" />\\n    <option name=\\"VARIABLE_ANNOTATION_WRAP\\" value=\\"2\\" />\\n    <indentOptions>\\n      <option name=\\"USE_TAB_CHARACTER\\" value=\\"true\\" />\\n    </indentOptions>\\n  </codeStyleSettings>\\n</code_scheme>
    \\n
    "}');export{F as comp,u as data}; diff --git a/assets/introduction.html-CrZ_Peog.js b/assets/introduction.html-CrZ_Peog.js new file mode 100644 index 000000000..3751fc275 --- /dev/null +++ b/assets/introduction.html-CrZ_Peog.js @@ -0,0 +1 @@ +import{_ as t}from"./mii-bWzWhniO.js";import{_ as a}from"./dsf-concept-Dbcu0twt.js";import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,a as r,o}from"./app-BIWb5uIp.js";const s="/photos/info/introduction/dic-structure.png",c={};function d(h,e){return o(),n("div",null,e[0]||(e[0]=[r('

    The German Federal Ministry of Education and Research is funding the Medical Informatics Initiative with the aim of making routine data available digitally, reliably and quickly for medical research. University hospitals have founded consortia with partners such as research institutions and other companies to create the conditions for research and patient care to share their data across sites. Data Integration Centers (DIC) have been established at the university hospitals and partner institutions to create the technical and organizational conditions for data exchange between patient care and medical research.

    The Data Sharing Framework (DSF) was developed within the HiGHmed consortium of the Medical Informatics Initiative and is now funded as an independent project by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.

    The DSF is a concept for a secure middleware to distribute data sharing processes, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed DICs. A researcher can use the DSF for example to submit feasibility queries to several DICs and thus has the opportunity to obtain sufficient data from different locations for his or her research. By using international standards such as FHIR and BPMN 2.0, the problem of heterogeneous data models, primary systems, architectures and federated legislation between DICs can be solved. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organisational boundaries.

    DSF concept
    DSF concept

    The DSF is a secure communication infrastructure, that (1) scales with communication relationships, (2) orchestrates processes and instances, (3) separates execution logic from program code, (4) enables automated and user-centeric process steps ​(5) and can be used for heterogeny structures.

    Federated data exchange between distributed DICs (CRP=Central Research Portal, DMU=Data Management Unit)
    Federated data exchange between distributed DICs (CRP=Central Research Portal, DMU=Data Management Unit)
    ',7)]))}const u=i(c,[["render",d],["__file","introduction.html.vue"]]),g=JSON.parse('{"path":"/intro/info/introduction.html","title":"Introduction","lang":"en-US","frontmatter":{"title":"Introduction","icon":"customize","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.05,"words":316},"filePathRelative":"intro/info/introduction.md","excerpt":"

    The German Federal Ministry of Education and Research is funding the Medical Informatics Initiative with the aim of making routine data available digitally, reliably and quickly for medical research. University hospitals have founded consortia with partners such as research institutions and other companies to create the conditions for research and patient care to share their data across sites. Data Integration Centers (DIC) have been established at the university hospitals and partner institutions to create the technical and organizational conditions for data exchange between patient care and medical research.

    "}');export{u as comp,g as data}; diff --git a/assets/introduction.html-KmTMU4Pu.js b/assets/introduction.html-KmTMU4Pu.js new file mode 100644 index 000000000..fdda5663e --- /dev/null +++ b/assets/introduction.html-KmTMU4Pu.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,b as e,o as n}from"./app-BIWb5uIp.js";const a="/photos/guideline/introduction/dsf_architecture.svg",r={};function o(c,s){return n(),i("div",null,s[0]||(s[0]=[e("p",null,"The Data Sharing Framework implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data. Every participating site runs a FHIR endpoint (dsf-fhir) accessible by other sites and a business process engine (dsf-bpe) in the local secured network. Authentication between sites is handled using X.509 client/server certificates. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing and feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization.",-1),e("figure",null,[e("img",{src:a,alt:"DSF Architecture",tabindex:"0",loading:"lazy"}),e("figcaption",null,"DSF Architecture")],-1)]))}const p=t(r,[["render",o],["__file","introduction.html.vue"]]),u=JSON.parse('{"path":"/oldstable/introduction.html","title":"Introduction","lang":"en-US","frontmatter":{"title":"Introduction","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.39,"words":116},"filePathRelative":"oldstable/introduction.md","excerpt":"

    The Data Sharing Framework implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data. Every participating site runs a FHIR endpoint (dsf-fhir) accessible by other sites and a business process engine (dsf-bpe) in the local secured network. Authentication between sites is handled using X.509 client/server certificates. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing and feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization.

    "}');export{p as comp,u as data}; diff --git a/assets/learn.html-CN30f4q5.js b/assets/learn.html-CN30f4q5.js new file mode 100644 index 000000000..aab55d1cc --- /dev/null +++ b/assets/learn.html-CN30f4q5.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,b as e,e as o,f as a,r as s,o as u,d as r}from"./app-BIWb5uIp.js";const m={},p={class:"hint-container warning"};function c(d,t){const n=s("RouteLink");return u(),l("div",null,[e("div",p,[t[3]||(t[3]=e("p",{class:"hint-container-title"},"Work in progress",-1)),t[4]||(t[4]=e("p",null,"This site is work in progress, please come back later.",-1)),t[5]||(t[5]=e("p",null,"If you want further information about the DSF and how to implement use cases, please visit:",-1)),e("ul",null,[e("li",null,[o(n,{to:"/intro/"},{default:a(()=>t[0]||(t[0]=[r("Documentation Overview")])),_:1})]),e("li",null,[o(n,{to:"/stable/"},{default:a(()=>t[1]||(t[1]=[r("Getting started")])),_:1})]),e("li",null,[o(n,{to:"/about/learnmore/contact.html"},{default:a(()=>t[2]||(t[2]=[r("Contact us")])),_:1})])])])])}const h=i(m,[["render",c],["__file","learn.html.vue"]]),v=JSON.parse('{"path":"/for-you/learn.html","title":"How to implement your use-case","lang":"en-US","frontmatter":{"title":"How to implement your use-case","icon":"creative","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.16,"words":48},"filePathRelative":"for-you/learn.md","excerpt":"
    \\n

    Work in progress

    \\n

    This site is work in progress, please come back later.

    \\n

    If you want further information about the DSF and how to implement use cases, please visit:

    \\n\\n
    "}');export{h as comp,v as data}; diff --git a/assets/libraries.html-CbHlGOgV.js b/assets/libraries.html-CbHlGOgV.js new file mode 100644 index 000000000..d34f7f678 --- /dev/null +++ b/assets/libraries.html-CbHlGOgV.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,o as t}from"./app-BIWb5uIp.js";const i={};function a(o,l){return t(),r("div")}const n=e(i,[["render",a],["__file","libraries.html.vue"]]),d=JSON.parse('{"path":"/oldstable/code/libraries.html","title":"Libraries","lang":"en-US","frontmatter":{"title":"Libraries","icon":"folder","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.01,"words":4},"filePathRelative":"oldstable/code/libraries.md","excerpt":""}');export{n as comp,d as data}; diff --git a/assets/mii-bWzWhniO.js b/assets/mii-bWzWhniO.js new file mode 100644 index 000000000..eca642bae --- /dev/null +++ b/assets/mii-bWzWhniO.js @@ -0,0 +1 @@ +const o="/photos/learnmore/funding/mii.png";export{o as _}; diff --git a/assets/networkSetup.html-BtZqgB-G.js b/assets/networkSetup.html-BtZqgB-G.js new file mode 100644 index 000000000..675a5757c --- /dev/null +++ b/assets/networkSetup.html-BtZqgB-G.js @@ -0,0 +1,35 @@ +import{_ as n,a as s}from"./highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js";import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as t}from"./app-BIWb5uIp.js";const l={};function o(p,e){return t(),i("div",null,e[0]||(e[0]=[r('

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    Network Setup Diagramm
    Network Setup Diagramm
    • FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.
    • FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server
    • FHIR DB Server: PostgreSQL database for the FHIR App Server.
    • BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.
    • BPE DB Server: PostgreSQL database for the BPE App Server.
    • PDP: IHE Policy Decision Point for deciding on patient consent.
    • MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).
    • MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.
    • Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.

    More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates

    Additional Reverse Proxy in external DMZ

    In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.

    Network Setup Diagramm
    Network Setup Diagramm

    nginx

    http {
+	# ...
+}
+
+stream {
+	map $ssl_preread_server_name $name {
+		fhir.example.com fhir;
+	}
+
+	upstream fhir {
+		server 192.168.0.1:443;
+	}
+
+	server {
+		listen 443;
+		proxy_pass $name;
+		ssl_preread on;
+	}
+}

    haproxy

    defaults
+	timeout connect 5s
+	timeout client 30s
+	timeout server 30s
+
+frontend ingress
+	bind :443
+	mode tcp
+
+	tcp-request inspect-delay 5s
+	tcp-request content accept if { req_ssl_hello_type 1 }
+	use_backend fhir if { req.ssl_sni fhir.example.com }
+
+backend fhir
+	mode tcp
+
+	server fhir 192.168.0.1:443
    `,11)]))}const m=a(l,[["render",o],["__file","networkSetup.html.vue"]]),u=JSON.parse('{"path":"/oldstable/generalinformation/networkSetup.html","title":"Network Setup and General Architecture","lang":"en-US","frontmatter":{"title":"Network Setup and General Architecture","icon":"customize","gitInclude":[]},"headers":[{"level":2,"title":"Additional Reverse Proxy in external DMZ","slug":"additional-reverse-proxy-in-external-dmz","link":"#additional-reverse-proxy-in-external-dmz","children":[]}],"readingTime":{"minutes":1.62,"words":486},"filePathRelative":"oldstable/generalinformation/networkSetup.md","excerpt":"

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    "}');export{m as comp,u as data}; diff --git a/assets/networkSetup.html-CAU1OxOw.js b/assets/networkSetup.html-CAU1OxOw.js new file mode 100644 index 000000000..68102cce6 --- /dev/null +++ b/assets/networkSetup.html-CAU1OxOw.js @@ -0,0 +1 @@ +import{_ as r,a as t}from"./highmed_dsf_network_setup_ext_dmz-DyQZOoIs.js";import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as n,o as a}from"./app-BIWb5uIp.js";const s={};function c(d,e){return a(),i("div",null,e[0]||(e[0]=[n('

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    Network Setup Diagramm
    Network Setup Diagramm
    • FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.
    • FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server
    • FHIR DB Server: PostgreSQL database for the FHIR App Server.
    • BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.
    • BPE DB Server: PostgreSQL database for the BPE App Server.
    • PDP: IHE Policy Decision Point for deciding on patient consent.
    • MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).
    • MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.
    • Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.

    More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates

    Additional Reverse Proxy in external DMZ

    In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.

    Network Setup Diagramm
    Network Setup Diagramm
    ',7)]))}const m=o(s,[["render",c],["__file","networkSetup.html.vue"]]),g=JSON.parse('{"path":"/intro/info/networkSetup.html","title":"Network Setup and General Architecture","lang":"en-US","frontmatter":{"title":"Network Setup and General Architecture","icon":"customize","gitInclude":[]},"headers":[{"level":2,"title":"Additional Reverse Proxy in external DMZ","slug":"additional-reverse-proxy-in-external-dmz","link":"#additional-reverse-proxy-in-external-dmz","children":[]}],"readingTime":{"minutes":1.62,"words":486},"filePathRelative":"intro/info/networkSetup.md","excerpt":"

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    "}');export{m as comp,g as data}; diff --git a/assets/num-codexInstall.html-GtOtu3Li.js b/assets/num-codexInstall.html-GtOtu3Li.js new file mode 100644 index 000000000..89d9da973 --- /dev/null +++ b/assets/num-codexInstall.html-GtOtu3Li.js @@ -0,0 +1,28 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,o as t}from"./app-BIWb5uIp.js";const a={};function n(o,e){return t(),r("div",null,e[0]||(e[0]=[s(`

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is not suitable for HiGHmed organizations.
    If you are a member of HiGHmed, see HiGHmed Install.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install

    docker:

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io

    docker-compose (warning: 2.17.3 might not be latest):

    sudo curl -L "https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose

    Client/Server Certificates

    Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication

    • Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    Network setup / Network access

    For additional information on the network setup see Network-and-Architecture.

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (GECCO Transfer Hub)443https
    DSF FHIR (local)DSF FHIR (GECCO Transfer Hub)443https (HTTP HEAD only)
    DSF BPE (GECCO Transfer Hub)DSF FHIR (local)443https
    DSF FHIR (GECCO Transfer Hub)DSF FHIR (local)443https (HTTP HEAD only)

    On-Boarding Excel Spreadsheet

    You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download prepared DSF FHIR server config files and folder structure from

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L56:      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L137:  app_client_certificate_private_key.pem.password:
+L138:    file: ./secrets/client_certificate_private_key.pem.password

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L102:  ssl_certificate_chain_file.pem:
+L103:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • ORG_HIGHMED_DSF_FHIR_SERVER_FQDN: TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN
          Set your FHIR servers external FQDN, e.g. foo.bar.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME
          Set your Organizations official name, e.g. Hochschule Heilbronn
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.
        • For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters

    8. Start the DSF FHIR Server
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download prepared DSF BPE server config files and folder structure from

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L38:      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L92:  app_client_certificate_private_key.pem.password:
+L93:    file: ./secrets/client_certificate_private_key.pem.password
      • Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    9. Stop the DSF BPE Server

      • Hit Ctrl-C to close log
      • Stop using: docker-compose stop

    10. Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.

      Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440

    11. Start the DSF BPE Server (with process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    `,27)]))}const c=i(a,[["render",n],["__file","num-codexInstall.html.vue"]]),p=JSON.parse('{"path":"/oldstable/releases/num-codexInstall.html","title":"","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"Prerequisites","slug":"prerequisites","link":"#prerequisites","children":[{"level":3,"title":"Virtual Machines","slug":"virtual-machines","link":"#virtual-machines","children":[]},{"level":3,"title":"Docker / Docker-Compose","slug":"docker-docker-compose","link":"#docker-docker-compose","children":[]},{"level":3,"title":"Client/Server Certificates","slug":"client-server-certificates","link":"#client-server-certificates","children":[]},{"level":3,"title":"Network setup / Network access","slug":"network-setup-network-access","link":"#network-setup-network-access","children":[]},{"level":3,"title":"On-Boarding Excel Spreadsheet","slug":"on-boarding-excel-spreadsheet","link":"#on-boarding-excel-spreadsheet","children":[]}]},{"level":2,"title":"Setup","slug":"setup","link":"#setup","children":[{"level":3,"title":"Prepare Certificates","slug":"prepare-certificates","link":"#prepare-certificates","children":[]},{"level":3,"title":"DSF FHIR Server","slug":"dsf-fhir-server","link":"#dsf-fhir-server","children":[]},{"level":3,"title":"DSF BPE Server","slug":"dsf-bpe-server","link":"#dsf-bpe-server","children":[]}]}],"readingTime":{"minutes":6.12,"words":1837},"filePathRelative":"oldstable/releases/num-codexInstall.md","excerpt":"

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is not suitable for HiGHmed organizations.
    \\nIf you are a member of HiGHmed, see HiGHmed Install.

    \\n

    Prerequisites

    \\n

    Virtual Machines

    \\n
      \\n
    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
      • \\n
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
      • \\n
    "}');export{c as comp,p as data}; diff --git a/assets/num.html-DJf9-cNg.js b/assets/num.html-DJf9-cNg.js new file mode 100644 index 000000000..00de37013 --- /dev/null +++ b/assets/num.html-DJf9-cNg.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a,o as n}from"./app-BIWb5uIp.js";const i="/photos/learnmore/projects/num.png",s="/photos/learnmore/projects/ap1.png",o={};function c(p,e){return n(),r("div",null,e[0]||(e[0]=[a('

    The Network University Medicine was established in April 2020 as part of the COVID-19 pandemic crisis management. The aim of the NUM is to better coordinate COVID-19 research at all 36 university hospitals in Germany.'

    As part of the CODEX | COVID-19 Data Exchange Platform project, a nationwide, uniform, privacy-compliant infrastructure for storing and providing COVID-19 research datasets was established. Since 2022, the work continues within the project NUM RDP. All 36 university hospitals have installed the DSF to share Covid-19 research data.

    The Data Transfer Process

    The Data Transfer Process is used in NUM CODEX to send data from a Data Integration Center (DIC), via the Gecco Transfer Hub (GTH), to the Central Research Repository (CRR). The infrastructure and communincation messages on which the process is based can be seen in the following figure. All organizations use the Data Sharing Framework (DSF) for deployment and execution of the process.

    More technical information can be found on GitHub.

    ',7)]))}const d=t(o,[["render",c],["__file","num.html.vue"]]),m=JSON.parse(`{"path":"/intro/use-cases/num.html","title":"Network University Medicine","lang":"en-US","frontmatter":{"title":"Network University Medicine","icon":"map","gitInclude":[]},"headers":[{"level":3,"title":"The Data Transfer Process","slug":"the-data-transfer-process","link":"#the-data-transfer-process","children":[]}],"readingTime":{"minutes":0.66,"words":199},"filePathRelative":"intro/use-cases/num.md","excerpt":"

    The Network University Medicine was established in April 2020 as part of the COVID-19 pandemic crisis management. The aim of the NUM is to better coordinate COVID-19 research at all 36 university hospitals in Germany.'

    "}`);export{d as comp,m as data}; diff --git a/assets/oidc.html-BTDGYEv3.js b/assets/oidc.html-BTDGYEv3.js new file mode 100644 index 000000000..a666a0fd2 --- /dev/null +++ b/assets/oidc.html-BTDGYEv3.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/v1.5.1/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const v=t(p,[["render",k],["__file","oidc.html.vue"]]),f=JSON.parse('{"path":"/v1.5.1/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"v1.5.1/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{v as comp,f as data}; diff --git a/assets/oidc.html-Bgq1NlNy.js b/assets/oidc.html-Bgq1NlNy.js new file mode 100644 index 000000000..9083a431f --- /dev/null +++ b/assets/oidc.html-Bgq1NlNy.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/v1.5.0/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const v=t(p,[["render",k],["__file","oidc.html.vue"]]),f=JSON.parse('{"path":"/v1.5.0/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"v1.5.0/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{v as comp,f as data}; diff --git a/assets/oidc.html-BjNAiIJl.js b/assets/oidc.html-BjNAiIJl.js new file mode 100644 index 000000000..307c5c280 --- /dev/null +++ b/assets/oidc.html-BjNAiIJl.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/stable/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/stable/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"stable/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-BsSFj2Bs.js b/assets/oidc.html-BsSFj2Bs.js new file mode 100644 index 000000000..f78b3905e --- /dev/null +++ b/assets/oidc.html-BsSFj2Bs.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.1.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.1.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.1.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.1.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-ByT9fRor.js b/assets/oidc.html-ByT9fRor.js new file mode 100644 index 000000000..83b4b7cb4 --- /dev/null +++ b/assets/oidc.html-ByT9fRor.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/v1.7.0/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const v=t(p,[["render",k],["__file","oidc.html.vue"]]),f=JSON.parse('{"path":"/v1.7.0/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"v1.7.0/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{v as comp,f as data}; diff --git a/assets/oidc.html-Cb81bVAU.js b/assets/oidc.html-Cb81bVAU.js new file mode 100644 index 000000000..db6a35602 --- /dev/null +++ b/assets/oidc.html-Cb81bVAU.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.3.1/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.3.1/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.3.1/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-CkSwjsiH.js b/assets/oidc.html-CkSwjsiH.js new file mode 100644 index 000000000..d38757d81 --- /dev/null +++ b/assets/oidc.html-CkSwjsiH.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/v1.5.2/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const v=t(p,[["render",k],["__file","oidc.html.vue"]]),f=JSON.parse('{"path":"/v1.5.2/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"v1.5.2/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{v as comp,f as data}; diff --git a/assets/oidc.html-CobvVxkW.js b/assets/oidc.html-CobvVxkW.js new file mode 100644 index 000000000..3c95ae562 --- /dev/null +++ b/assets/oidc.html-CobvVxkW.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.2.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.2.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.2.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.2.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-D1q5Feuz.js b/assets/oidc.html-D1q5Feuz.js new file mode 100644 index 000000000..6e1288c10 --- /dev/null +++ b/assets/oidc.html-D1q5Feuz.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/v1.6.0/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const v=t(p,[["render",k],["__file","oidc.html.vue"]]),f=JSON.parse('{"path":"/v1.6.0/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"v1.6.0/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{v as comp,f as data}; diff --git a/assets/oidc.html-DDUONRpW.js b/assets/oidc.html-DDUONRpW.js new file mode 100644 index 000000000..685cd7b97 --- /dev/null +++ b/assets/oidc.html-DDUONRpW.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.7.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.7.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"v1.7.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-DLVYL_s-.js b/assets/oidc.html-DLVYL_s-.js new file mode 100644 index 000000000..8432eda78 --- /dev/null +++ b/assets/oidc.html-DLVYL_s-.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.5.2/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.5.2/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"v1.5.2/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-DbJNU4iG.js b/assets/oidc.html-DbJNU4iG.js new file mode 100644 index 000000000..863670a8d --- /dev/null +++ b/assets/oidc.html-DbJNU4iG.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.3.2/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.3.2/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.3.2/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-DlWufSfD.js b/assets/oidc.html-DlWufSfD.js new file mode 100644 index 000000000..5d6c67766 --- /dev/null +++ b/assets/oidc.html-DlWufSfD.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.4.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.4.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.4.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.4.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-DyXjwCxs.js b/assets/oidc.html-DyXjwCxs.js new file mode 100644 index 000000000..1b9073f8e --- /dev/null +++ b/assets/oidc.html-DyXjwCxs.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as e,d as s,e as r,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const p={},c={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),l("div",null,[i[6]||(i[6]=a('

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    ',3)),e("div",c,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"BPE Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=s("The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),r(n,{to:"/stable/maintain/bpe/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[s("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=s(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=s("."))])]),i[7]||(i[7]=a(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,9))])}const f=t(p,[["render",k],["__file","oidc.html.vue"]]),g=JSON.parse('{"path":"/stable/maintain/bpe/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.16,"words":347},"filePathRelative":"stable/maintain/bpe/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    \\n"}');export{f as comp,g as data}; diff --git a/assets/oidc.html-ROX4yxMZ.js b/assets/oidc.html-ROX4yxMZ.js new file mode 100644 index 000000000..f7cccfb5f --- /dev/null +++ b/assets/oidc.html-ROX4yxMZ.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.5.1/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.5.1/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"v1.5.1/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-aVCCllMb.js b/assets/oidc.html-aVCCllMb.js new file mode 100644 index 000000000..6c068a06a --- /dev/null +++ b/assets/oidc.html-aVCCllMb.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.3.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.3.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.33,"words":400},"filePathRelative":"v1.3.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-eTv7P-ln.js b/assets/oidc.html-eTv7P-ln.js new file mode 100644 index 000000000..91df5d85b --- /dev/null +++ b/assets/oidc.html-eTv7P-ln.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.6.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.6.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"v1.6.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/oidc.html-rCbM1nU8.js b/assets/oidc.html-rCbM1nU8.js new file mode 100644 index 000000000..9d8d284f1 --- /dev/null +++ b/assets/oidc.html-rCbM1nU8.js @@ -0,0 +1,20 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as s,b as e,d as a,e as l,f as o,r as h,o as d}from"./app-BIWb5uIp.js";const c={},p={class:"hint-container tip"};function k(u,i){const n=h("RouteLink");return d(),r("div",null,[i[6]||(i[6]=s('

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    ',3)),e("div",p,[i[5]||(i[5]=e("p",{class:"hint-container-title"},"FHIR Reverse Proxy",-1)),e("p",null,[i[1]||(i[1]=a("The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter ")),l(n,{to:"/v1.5.0/maintain/fhir/configuration/reverseproxy.html#ssl-verify-client"},{default:o(()=>i[0]||(i[0]=[a("SSL_VERIFY_CLIENT")])),_:1}),i[2]||(i[2]=a(" needs to be set to ")),i[3]||(i[3]=e("code",null,"optional",-1)),i[4]||(i[4]=a("."))])]),i[7]||(i[7]=s(`

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    `,12))])}const f=t(c,[["render",k],["__file","oidc.html.vue"]]),A=JSON.parse('{"path":"/v1.5.0/maintain/fhir/oidc.html","title":"OpenID Connect","lang":"en-US","frontmatter":{"title":"OpenID Connect","icon":"config","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"Authorization Code Flow","slug":"authorization-code-flow","link":"#authorization-code-flow","children":[]},{"level":2,"title":"Bearer Token Authentication","slug":"bearer-token-authentication","link":"#bearer-token-authentication","children":[]},{"level":2,"title":"Additional ODIC Configuration Parameter","slug":"additional-odic-configuration-parameter","link":"#additional-odic-configuration-parameter","children":[]},{"level":2,"title":"Example","slug":"example","link":"#example","children":[]}],"readingTime":{"minutes":1.34,"words":401},"filePathRelative":"v1.5.0/maintain/fhir/oidc.md","excerpt":"

    Overview

    \\n

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    "}');export{f as comp,A as data}; diff --git a/assets/partners.html-CNkEzyU2.js b/assets/partners.html-CNkEzyU2.js new file mode 100644 index 000000000..fbb189b3d --- /dev/null +++ b/assets/partners.html-CNkEzyU2.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as n,o as r}from"./app-BIWb5uIp.js";const a={};function o(s,e){return r(),t("div",null,e[0]||(e[0]=[n('

    Funded for further development of the Data Sharing Framework are:

    Heilbronn University of Applied Sciences | Gecko Institute

    The GECKO Institute is a research institution of Heilbronn University of Applied Sciences and conducts research and development at the interfaces between medicine, economics and computer science. The DSF is part of Prof. Fegeler's research area: Interoperability and Digital Processes in Medicine. Other areas of research include educational technologies, health economics, and consumer health informatics.

    University of Heidelberg | Institute of Medical Informatics

    The Institute of Medical Informatics belongs to the University of Heidelberg. The scientific focus of the institute is on structured patient data, e.g.

    • in the Medical Data Integration Center (MeDIC),
    • structured acquisition and transformation of biomedical data,
    • medical information systems and data models
    • and much more.

    University of Leipzig | LIFE Institute

    The LIFE Institute of the University of Leipzig manages collaborative and follow-on projects in the fields of medicine, public health, medical informatics, and biobanking.

    ',8)]))}const d=i(a,[["render",o],["__file","partners.html.vue"]]),h=JSON.parse(`{"path":"/about/learnmore/partners.html","title":"Partners","lang":"en-US","frontmatter":{"title":"Partners","icon":"proxy","gitInclude":[]},"headers":[{"level":2,"title":"Heilbronn University of Applied Sciences | Gecko Institute","slug":"heilbronn-university-of-applied-sciences-gecko-institute","link":"#heilbronn-university-of-applied-sciences-gecko-institute","children":[]},{"level":2,"title":"University of Heidelberg | Institute of Medical Informatics","slug":"university-of-heidelberg-institute-of-medical-informatics","link":"#university-of-heidelberg-institute-of-medical-informatics","children":[]},{"level":2,"title":"University of Leipzig | LIFE Institute","slug":"university-of-leipzig-life-institute","link":"#university-of-leipzig-life-institute","children":[]}],"readingTime":{"minutes":0.59,"words":176},"filePathRelative":"about/learnmore/partners.md","excerpt":"

    Funded for further development of the Data Sharing Framework are:

    \\n

    Heilbronn University of Applied Sciences | Gecko Institute

    \\n

    The GECKO Institute is a research institution of Heilbronn University of Applied Sciences and conducts research and development at the interfaces between medicine, economics and computer science. The DSF is part of Prof. Fegeler's research area: Interoperability and Digital Processes in Medicine. Other areas of research include educational technologies, health economics, and consumer health informatics.

    "}`);export{d as comp,h as data}; diff --git a/assets/passwords-secrets.html-CwvsK-ST.js b/assets/passwords-secrets.html-CwvsK-ST.js new file mode 100644 index 000000000..cf0c84f2a --- /dev/null +++ b/assets/passwords-secrets.html-CwvsK-ST.js @@ -0,0 +1,15 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),i("div",null,e[0]||(e[0]=[a(`

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    Example Environment Variables

    • DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.
    • DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.

    Docker Secrets

    It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/<secret_name> inside the container.

    Example docker-compose

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir
+    secrets:
+      - db_user_password
+      - oidc_client_secret
+    environment:
+      DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret
+
+secrets:
+  db_user_password:
+    file: ./secrets/db_user.password
+  api_key:
+    file: ./secrets/oidc_client.secret
    `,7)]))}const h=s(t,[["render",l],["__file","passwords-secrets.html.vue"]]),o=JSON.parse('{"path":"/stable/maintain/passwords-secrets.html","title":"Passwords and Secrets","lang":"en-US","frontmatter":{"title":"Passwords and Secrets","icon":"safe","gitInclude":[]},"headers":[{"level":3,"title":"Example Environment Variables","slug":"example-environment-variables","link":"#example-environment-variables","children":[]},{"level":3,"title":"Docker Secrets","slug":"docker-secrets","link":"#docker-secrets","children":[]}],"readingTime":{"minutes":0.64,"words":191},"filePathRelative":"stable/maintain/passwords-secrets.md","excerpt":"

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    "}');export{h as comp,o as data}; diff --git a/assets/passwords-secrets.html-D6qoNVZh.js b/assets/passwords-secrets.html-D6qoNVZh.js new file mode 100644 index 000000000..9157f3aff --- /dev/null +++ b/assets/passwords-secrets.html-D6qoNVZh.js @@ -0,0 +1,15 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a,o as n}from"./app-BIWb5uIp.js";const t={};function l(r,e){return n(),i("div",null,e[0]||(e[0]=[a(`

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    Example Environment Variables

    • DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.
    • DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.

    Docker Secrets

    It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/<secret_name> inside the container.

    Example docker-compose

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir
+    secrets:
+      - db_user_password
+      - oidc_client_secret
+    environment:
+      DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret
+
+secrets:
+  db_user_password:
+    file: ./secrets/db_user.password
+  api_key:
+    file: ./secrets/oidc_client.secret
    `,7)]))}const h=s(t,[["render",l],["__file","passwords-secrets.html.vue"]]),o=JSON.parse('{"path":"/v1.7.0/maintain/passwords-secrets.html","title":"Passwords and Secrets","lang":"en-US","frontmatter":{"title":"Passwords and Secrets","icon":"safe","gitInclude":[]},"headers":[{"level":3,"title":"Example Environment Variables","slug":"example-environment-variables","link":"#example-environment-variables","children":[]},{"level":3,"title":"Docker Secrets","slug":"docker-secrets","link":"#docker-secrets","children":[]}],"readingTime":{"minutes":0.64,"words":191},"filePathRelative":"v1.7.0/maintain/passwords-secrets.md","excerpt":"

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    "}');export{h as comp,o as data}; diff --git a/assets/plugin-vue_export-helper-DlAUqK2U.js b/assets/plugin-vue_export-helper-DlAUqK2U.js new file mode 100644 index 000000000..718edd339 --- /dev/null +++ b/assets/plugin-vue_export-helper-DlAUqK2U.js @@ -0,0 +1 @@ +const s=(t,r)=>{const o=t.__vccOpts||t;for(const[c,e]of r)o[c]=e;return o};export{s as _}; diff --git a/assets/prerequisites.html-DWJBX7kG.js b/assets/prerequisites.html-DWJBX7kG.js new file mode 100644 index 000000000..fb4e750be --- /dev/null +++ b/assets/prerequisites.html-DWJBX7kG.js @@ -0,0 +1,17 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as l,b as o,d as s,e as a,f as n,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function c(k,e){const i=d("RouteLink");return h(),r("div",null,[e[12]||(e[12]=l(`

    In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler a and minimum 16GB of RAM is needed.

    git

    git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

    • An installation guide for Linux, Mac and Windows can be found here: installation guide
    • The most basic git CLI commands are described here: commands

    Java 11

    Processes for the DSF are written using the Java programming language in version 11. Various open source releases of the Java Developer Kit (JDK) 11 exist, you are free in your choice.

    Maven 3.8

    When implementing DSF processes, we use Maven 3.8 to manage the software project's build, reporting and documentation workflow.

    • An installation guide for Maven 3.8 can be found here: installation guide
    • The most important maven commands are described here: commands

    GitHub Packages

    In order to download DSF packages from the GitHub Package Registry using Maven you need a personal GitHub access token with scope read:packages. This GitHub documentation shows you how to generate one.

    After that, add the following server configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the read:packages scope.

    <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+  ...
+
+  <servers>
+    <server>
+      <id>github</id>
+      <username>USERNAME</username>
+      <password>TOKEN</password>
+    </server>
+  </servers>
+</settings>

    Docker and docker-compose

    To be able to test the implemented processes, we use a test-setup based on Docker and docker-compose. This allows us to simulate multiple organizations with different roles and run the processes across "organizational boundaries".

    Host entries for test-setup

    The following entries are required in the hosts file of your computer so that the FHIR servers of the simulated organizations can be accessed in your web browser. On Linux and Mac this file is located at /etc/hosts. On Windows you can find it at C:\\Windows\\System32\\drivers\\etc\\hosts

    127.0.0.1	dic
+127.0.0.1	cos
+127.0.0.1	hrp

    Java IDE

    For the development of the processes we recommend the use of an IDE, e.g. Eclipse or IntelliJ:

    BPMN Editor

    To simplify modeling of BPMN processes, we recommend a graphical editor, e.g. the Camunda Modeler:

    Hardware

    The minimum hardware requirements to run all simulated organizations as part of the Docker test-setup is 16 GB of RAM.

    `,35)),o("p",null,[e[6]||(e[6]=s("Prerequisites | ")),a(i,{to:"/oldstable/tutorial/exercise1-simpleProcess.html"},{default:n(()=>e[0]||(e[0]=[s("Exercise 1")])),_:1}),e[7]||(e[7]=s(" | ")),a(i,{to:"/oldstable/tutorial/exercise11-processDebugging.html"},{default:n(()=>e[1]||(e[1]=[s("Exercise 1.1")])),_:1}),e[8]||(e[8]=s(" | ")),a(i,{to:"/oldstable/tutorial/exercise2-inputParameters.html"},{default:n(()=>e[2]||(e[2]=[s("Exercise 2")])),_:1}),e[9]||(e[9]=s(" | ")),a(i,{to:"/oldstable/tutorial/exercise3-messageEvents.html"},{default:n(()=>e[3]||(e[3]=[s("Exercise 3")])),_:1}),e[10]||(e[10]=s(" | ")),a(i,{to:"/oldstable/tutorial/exercise4-exclusiveGateways.html"},{default:n(()=>e[4]||(e[4]=[s("Exercise 4")])),_:1}),e[11]||(e[11]=s(" | ")),a(i,{to:"/oldstable/tutorial/exercise5-eventBasedGateways.html"},{default:n(()=>e[5]||(e[5]=[s("Exercise 5")])),_:1})])])}const m=t(p,[["render",c],["__file","prerequisites.html.vue"]]),v=JSON.parse('{"path":"/oldstable/tutorial/prerequisites.html","title":"Prerequisites","lang":"en-US","frontmatter":{"title":"Prerequisites","icon":"slides","gitInclude":[]},"headers":[{"level":3,"title":"git","slug":"git","link":"#git","children":[]},{"level":3,"title":"Java 11","slug":"java-11","link":"#java-11","children":[]},{"level":3,"title":"Maven 3.8","slug":"maven-3-8","link":"#maven-3-8","children":[]},{"level":3,"title":"GitHub Packages","slug":"github-packages","link":"#github-packages","children":[]},{"level":3,"title":"Docker and docker-compose","slug":"docker-and-docker-compose","link":"#docker-and-docker-compose","children":[]},{"level":3,"title":"Java IDE","slug":"java-ide","link":"#java-ide","children":[]},{"level":3,"title":"BPMN Editor","slug":"bpmn-editor","link":"#bpmn-editor","children":[]},{"level":3,"title":"Hardware","slug":"hardware","link":"#hardware","children":[]}],"readingTime":{"minutes":2.01,"words":603},"filePathRelative":"oldstable/tutorial/prerequisites.md","excerpt":"

    In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler a and minimum 16GB of RAM is needed.

    \\n

    git

    \\n
    \\n

    git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

    "}');export{m as comp,v as data}; diff --git a/assets/process-plugins-advanced.html-Aiosif86.js b/assets/process-plugins-advanced.html-Aiosif86.js new file mode 100644 index 000000000..3627f6ce8 --- /dev/null +++ b/assets/process-plugins-advanced.html-Aiosif86.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.6.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.6.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-BXZYZl-l.js b/assets/process-plugins-advanced.html-BXZYZl-l.js new file mode 100644 index 000000000..320669dcd --- /dev/null +++ b/assets/process-plugins-advanced.html-BXZYZl-l.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const t={};function c(a,r){return n(),s("div")}const d=e(t,[["render",c],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/stable/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"stable/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-C4k17IeZ.js b/assets/process-plugins-advanced.html-C4k17IeZ.js new file mode 100644 index 000000000..c153412d3 --- /dev/null +++ b/assets/process-plugins-advanced.html-C4k17IeZ.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.7.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.7.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-CryoSrgT.js b/assets/process-plugins-advanced.html-CryoSrgT.js new file mode 100644 index 000000000..fd04c39fb --- /dev/null +++ b/assets/process-plugins-advanced.html-CryoSrgT.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.3.2/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.2/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-CvYyNIjF.js b/assets/process-plugins-advanced.html-CvYyNIjF.js new file mode 100644 index 000000000..4702beb74 --- /dev/null +++ b/assets/process-plugins-advanced.html-CvYyNIjF.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.1.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.1.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-CvfI-O1o.js b/assets/process-plugins-advanced.html-CvfI-O1o.js new file mode 100644 index 000000000..48b0112d0 --- /dev/null +++ b/assets/process-plugins-advanced.html-CvfI-O1o.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.3.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-DDT8mKAK.js b/assets/process-plugins-advanced.html-DDT8mKAK.js new file mode 100644 index 000000000..7d3d36db7 --- /dev/null +++ b/assets/process-plugins-advanced.html-DDT8mKAK.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.5.2/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.2/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-DEwVR5E2.js b/assets/process-plugins-advanced.html-DEwVR5E2.js new file mode 100644 index 000000000..5f80eb87f --- /dev/null +++ b/assets/process-plugins-advanced.html-DEwVR5E2.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.5.1/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.1/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-DK2hR7GM.js b/assets/process-plugins-advanced.html-DK2hR7GM.js new file mode 100644 index 000000000..d519e69e9 --- /dev/null +++ b/assets/process-plugins-advanced.html-DK2hR7GM.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.3.1/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.3.1/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-DknbFNSU.js b/assets/process-plugins-advanced.html-DknbFNSU.js new file mode 100644 index 000000000..f81b1fbce --- /dev/null +++ b/assets/process-plugins-advanced.html-DknbFNSU.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.5.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.5.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-DrS0U-59.js b/assets/process-plugins-advanced.html-DrS0U-59.js new file mode 100644 index 000000000..eee385aec --- /dev/null +++ b/assets/process-plugins-advanced.html-DrS0U-59.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.0.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.0.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-Gkd0KZn-.js b/assets/process-plugins-advanced.html-Gkd0KZn-.js new file mode 100644 index 000000000..5a120b020 --- /dev/null +++ b/assets/process-plugins-advanced.html-Gkd0KZn-.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.2.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.2.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins-advanced.html-uS_KMulc.js b/assets/process-plugins-advanced.html-uS_KMulc.js new file mode 100644 index 000000000..26a79d8a3 --- /dev/null +++ b/assets/process-plugins-advanced.html-uS_KMulc.js @@ -0,0 +1 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,o as n}from"./app-BIWb5uIp.js";const c={};function t(a,r){return n(),s("div")}const d=e(c,[["render",t],["__file","process-plugins-advanced.html.vue"]]),l=JSON.parse('{"path":"/v1.4.0/process-plugins-advanced.html","title":"Process Plugins Advanced","lang":"en-US","frontmatter":{"title":"Process Plugins Advanced","icon":"info","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.02,"words":6},"filePathRelative":"v1.4.0/process-plugins-advanced.md","excerpt":""}');export{d as comp,l as data}; diff --git a/assets/process-plugins.html-BYVzwms7.js b/assets/process-plugins.html-BYVzwms7.js new file mode 100644 index 000000000..1ce422d0a --- /dev/null +++ b/assets/process-plugins.html-BYVzwms7.js @@ -0,0 +1 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as o,o as n}from"./app-BIWb5uIp.js";const t="/photos/info/plugins/bpmn-example.png",a="/photos/info/use-cases/ping-pong.png",r={};function l(p,e){return n(),i("div",null,e[0]||(e[0]=[o('

    Overview

    It is important to understand that the DSF is only the silent helper in the background: a middleware. The DSF is use case agnostic. This means that process plugins make it possible to execute almost any use case you can imagine with the DSF. Process plugins provide individual functionality. For example, it is possible to use the Ping Pong process to test bilateral communication or the Feasibility process to perform feasibility queries for research.
    However, it is possible to deploy several process plugins together, even the same process plugin in different versions. A process plugin is basically an archive of BPMN 2.0 models, FHIR R4 resources and Java code. This process plugin is deployed as a Jar file on the BPE.

    BPMN: Example

    BPMN models can be created with Camunda Modeler. The following model is a BPMN model consisting of two lanes: These are the square boxes, i.e. Organization A and B. This process is intended only as an example to illustrate the formalities. We will look at realistic processes in the next chapter.

    BPMN: Example
    BPMN: Example

    Ping Pong Process

    The ping process plugin can be used for (periodic) connection testing between organizations that are part of your DSF allow list. The following figure shows a representation of the process.

    Ping-Pong Process
    Ping-Pong Process

    The ping pong process is composed of 3 different subprocesses:

    Autostart Ping Process

    The autostart ping process is used to execute connection tests in a predefined interval. This subprocess performs the following steps:

    • Start a timer with a predefined interval (default 24 h)
    • Start the ping process once per interval
    • Stop the timer after the current interval completes

    Ping Process

    The ping process is used to check outgoing and incoming connections to organizations in your allow-list. This subprocess performs the following steps:

    • Select organizations in your allow list that should receive a ping message
    • Send ping message to selected organizations
    • Receive pong message from selected organizations
    • Log status of ping/pong messages
    • Log errors if any occur

    Pong Process

    The pong process is used to send a response during the connection test to the requesting organization. This subprocess performs the following steps:

    • Receive ping message from requesting organizations
    • Send pong message to requesting organizations
    • Log status of ping/pong message
    • Log errors if any occur
    ',18)]))}const h=s(r,[["render",l],["__file","process-plugins.html.vue"]]),u=JSON.parse('{"path":"/intro/info/process-plugins.html","title":"Process Plugins","lang":"en-US","frontmatter":{"title":"Process Plugins","icon":"plugin","gitInclude":[]},"headers":[{"level":2,"title":"Overview","slug":"overview","link":"#overview","children":[]},{"level":2,"title":"BPMN: Example","slug":"bpmn-example","link":"#bpmn-example","children":[]},{"level":2,"title":"Ping Pong Process","slug":"ping-pong-process","link":"#ping-pong-process","children":[{"level":3,"title":"Autostart Ping Process","slug":"autostart-ping-process","link":"#autostart-ping-process","children":[]},{"level":3,"title":"Ping Process","slug":"ping-process","link":"#ping-process","children":[]},{"level":3,"title":"Pong Process","slug":"pong-process","link":"#pong-process","children":[]}]}],"readingTime":{"minutes":1.8,"words":540},"filePathRelative":"intro/info/process-plugins.md","excerpt":"

    Overview

    \\n

    It is important to understand that the DSF is only the silent helper in the background: a middleware. The DSF is use case agnostic. This means that process plugins make it possible to execute almost any use case you can imagine with the DSF. Process plugins provide individual functionality. For example, it is possible to use the Ping Pong process to test bilateral communication or the Feasibility process to perform feasibility queries for research.
    \\nHowever, it is possible to deploy several process plugins together, even the same process plugin in different versions. A process plugin is basically an archive of BPMN 2.0 models, FHIR R4 resources and Java code. This process plugin is deployed as a Jar file on the BPE.

    "}');export{h as comp,u as data}; diff --git a/assets/proxyTestTool.html-C8I2FFKb.js b/assets/proxyTestTool.html-C8I2FFKb.js new file mode 100644 index 000000000..da4bbe196 --- /dev/null +++ b/assets/proxyTestTool.html-C8I2FFKb.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as r,o as l}from"./app-BIWb5uIp.js";const a={};function s(n,e){return l(),o("div",null,e[0]||(e[0]=[r('

    If the BPE will be deployed behind a proxy, you can test the internet access of the BPE using the tool in dsf-tools/dsf-tools-proxy-test.

    The proxy test jar takes three input variables:

    The proxy password will be asked as command line input. The name of the main class is ProxyTest.

    ',4)]))}const d=t(a,[["render",s],["__file","proxyTestTool.html.vue"]]),h=JSON.parse('{"path":"/oldstable/build/proxyTestTool.html","title":"Proxy Test Tool","lang":"en-US","frontmatter":{"title":"Proxy Test Tool","icon":"back-stage","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.3,"words":90},"filePathRelative":"oldstable/build/proxyTestTool.md","excerpt":"

    If the BPE will be deployed behind a proxy, you can test the internet access of the BPE using the tool in dsf-tools/dsf-tools-proxy-test.

    \\n

    The proxy test jar takes three input variables:

    \\n"}');export{d as comp,h as data}; diff --git a/assets/public.html-GIYlha5E.js b/assets/public.html-GIYlha5E.js new file mode 100644 index 000000000..27fcb0eb4 --- /dev/null +++ b/assets/public.html-GIYlha5E.js @@ -0,0 +1 @@ +import{_ as t}from"./mii-bWzWhniO.js";import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,a as i,o as a}from"./app-BIWb5uIp.js";const o="/photos/learnmore/funding/bmbf.png",s="/photos/learnmore/funding/highmed.jpg",h={};function d(c,e){return a(),r("div",null,e[0]||(e[0]=[i('

    The DSF Community connects the DSF competencies of the entire Medical Informatics Initiative (MII) so that new use cases, in particular from Module 3 or the Network University Medicine (NUM), are better supported in creating the respective DSF plugins. In the context of Module 2b, the DSF Community contributes to the further development of the common digital infrastructure of the MII together with the FDPG+ and TRANSIT projects. BMBF

    Heilbronn University (HHN) focuses on the connecting of DSF related topics and competencies in the MII with the community management. The quality assurance of new DSF plugins and further development of the application and core components aim at a scalable, stable and secure operation of the DSF (Funding code: 01ZZ2307A).

    Heidelberg University is focusing on the further development of the DSF core components as well as the rollout of the DSF plugins, in particular also from the perspective of a data integration center in consultation with the FDGP+ and TRANSIT projects (Funding code: 01ZZ2307B).

    The University of Leipzig will further develop and adapt the DSF plugin for the Research Data Portal for Health FDPG according to specifications resulting from the FDPG+ project and enable Data Integration Centers (DIC) to operate the FDPG plugin (Funding code: 01ZZ2307C).




    HiGHmed aims to increase the efficiency of clinical research and improve patient care through new medical informatics solutions and cross-organizational data exchange. The concept will be developed on the basis of three defined prototypical use cases, which will ensure close integration with the requirements of patient care and medical research. The GECKO Institute of HHN will establish a trusted third party with pseudonymization service to implement the goals of HiGHmed and is involved in the technical development of the DSF together with the partners (Funding code: 01ZZ1802E). Heidelberg University is in particular involved in the technical development of the DSF (Funding code: 01ZZ1802A).

    ',14)]))}const m=n(h,[["render",d],["__file","public.html.vue"]]),u=JSON.parse('{"path":"/about/learnmore/public.html","title":"Public Funding","lang":"en-US","frontmatter":{"title":"Public Funding","icon":"free","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.3,"words":391},"filePathRelative":"about/learnmore/public.md","excerpt":"
    \\n

    DSF - Medical Informatics Structure \\"Data Sharing Framework Community\\" (2023-2026)

    \\n
    \\n
    \\"\\"
    \\n

    The DSF Community connects the DSF competencies of the entire Medical Informatics Initiative (MII) so that new use cases, in particular from Module 3 or the Network University Medicine (NUM), are better supported in creating the respective DSF plugins. In the context of Module 2b, the DSF Community contributes to the further development of the common digital infrastructure of the MII together with the FDPG+ and TRANSIT projects. BMBF

    "}');export{m as comp,u as data}; diff --git a/assets/publications.html-B4U9UGg2.js b/assets/publications.html-B4U9UGg2.js new file mode 100644 index 000000000..63298d527 --- /dev/null +++ b/assets/publications.html-B4U9UGg2.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as n,b as r,d as t,e as s,f as l,r as d,o as h}from"./app-BIWb5uIp.js";const p={};function c(H,e){const o=d("RouteLink");return h(),a("div",null,[e[3]||(e[3]=n('

    Publications

    • H. Hund, R. Wettstein, C.M. Heidt, C. Fegeler, Executing Distributed Healthcare and Research Processes – The HiGHmed Data Sharing Framework, Stud Health Technol Inform, 278 (2021) 126-133, doi:10.3233/SHTI210060

    • R. Wettstein, H. Hund, I. Kobylinski, C. Fegeler, O. Heinze, Feasibility Queries in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 278 (2021) 134-141, doi:10.3233/SHTI210061

    • C.M. Heidt, H. Hund, C. Fegeler, A Federated Record Linkage Algorithm for Secure Medical Data Sharing, Stud Health Technol Inform, 278 (2021) 142-149, doi:10.3233/SHTI210062

    • R. Wettstein, H. Hund, C. Fegeler, O. Heinze, Data Sharing in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 283 (2021) 111-118, doi:10.3233/SHTI210548

    • H.-U. Prokosch, T. Bahls, M. Bialke, J. Eils, C. Fegeler, J. Gruendner, B. Haarbrandt, C. Hampf, W. Hoffmann, H. Hund, et al. The COVID-19 Data Exchange Platform of the German University Medicine, Stud Health Technol Inform, 294 (2022) 674-678, doi:10.3233/SHTI220554

    • R. Wettstein, T. Kussel, H. Hund, C. Fegeler, M. Dugas, K. Hamacher, Secure Multi-Party Computation Based Distributed Feasibility Queries – A HiGHmed Use Case, Stud Health Technol Inform, 296 (2022) 41-49, doi:10.3233/SHTI220802

    • C. Zilske, M. Kurscheidt, S.T. Schweizer, H. Hund, S. Mödinger, C. Fegeler, Monitoring Distributed Business Processes in Biomedical Research, Stud Health Technol Inform, 302 (2023) 252-256, doi:10.3233/SHTI230113

    • H. Hund, R. Wettstein, C. Hampf, M. Bialke, M. Kurscheidt, S.T. Schweizer, C. Zilske, S. Mödinger, C. Fegeler, No Transfer Without Validation: A Data Sharing Framework Use Case, Stud Health Technol Inform, 302 (2023) 68-72, doi:10.3233/SHTI230066

    • H. Hund, R. Wettstein, M. Kurscheidt, S.T. Schweizer, C. Zilske, C. Fegeler, Interoperability Is a Process- The Data Sharing Framework, Stud Health Technol Inform, 310 (2024) 28-32, doi:10.3233/SHTI230921

    • S.T. Schweizer, H. Hund, M. Kurscheidt, C. Zilske, J.P. Böhringer, C. Fegeler, Handling Complexity in Decentralized Research Networks: The Data Sharing Framework Allowlist Management Application, Stud Health Technol Inform, 317 (2024) 85-93, doi:10.3233/SHTI240841

    Recorded Talks

    GMDS Conference 2022

    ',4)),r("ul",null,[e[2]||(e[2]=r("li",null,[r("a",{href:"https://www.youtube.com/playlist?list=PLsHs7HOt6jDMe3PNevpo-uGsDTWVSMsYZ",target:"_blank",rel:"noopener noreferrer"},"Hands On! - Introduction to the Data Sharing Framework from a User Perspective ")],-1)),r("li",null,[e[1]||(e[1]=t("Tutorial: ")),s(o,{to:"/oldstable/tutorial/"},{default:l(()=>e[0]||(e[0]=[t("Implementing BPMN Processes as DSF Process-Plugins")])),_:1})])]),e[4]||(e[4]=n('

    GMDS Conference 2020

    ',2))])}const S=i(p,[["render",c],["__file","publications.html.vue"]]),f=JSON.parse('{"path":"/intro/publications.html","title":"Publications and Talks","lang":"en-US","frontmatter":{"title":"Publications and Talks","icon":"blog","gitInclude":[]},"headers":[{"level":3,"title":"Publications","slug":"publications","link":"#publications","children":[]},{"level":3,"title":"Recorded Talks","slug":"recorded-talks","link":"#recorded-talks","children":[]}],"readingTime":{"minutes":1.42,"words":427},"filePathRelative":"intro/publications.md","excerpt":"

    Publications

    \\n
      \\n
    • \\n

      H. Hund, R. Wettstein, C.M. Heidt, C. Fegeler, Executing Distributed Healthcare and Research Processes – The HiGHmed Data Sharing Framework, Stud Health Technol Inform, 278 (2021) 126-133, doi:10.3233/SHTI210060

      \\n
      • \\n
    • \\n

      R. Wettstein, H. Hund, I. Kobylinski, C. Fegeler, O. Heinze, Feasibility Queries in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 278 (2021) 134-141, doi:10.3233/SHTI210061

      \\n
      • \\n
    • \\n

      C.M. Heidt, H. Hund, C. Fegeler, A Federated Record Linkage Algorithm for Secure Medical Data Sharing, Stud Health Technol Inform, 278 (2021) 142-149, doi:10.3233/SHTI210062

      \\n
      • \\n
    • \\n

      R. Wettstein, H. Hund, C. Fegeler, O. Heinze, Data Sharing in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 283 (2021) 111-118, doi:10.3233/SHTI210548

      \\n
      • \\n
    • \\n

      H.-U. Prokosch, T. Bahls, M. Bialke, J. Eils, C. Fegeler, J. Gruendner, B. Haarbrandt, C. Hampf, W. Hoffmann, H. Hund, et al. The COVID-19 Data Exchange Platform of the German University Medicine, Stud Health Technol Inform, 294 (2022) 674-678, doi:10.3233/SHTI220554

      \\n
      • \\n
    • \\n

      R. Wettstein, T. Kussel, H. Hund, C. Fegeler, M. Dugas, K. Hamacher, Secure Multi-Party Computation Based Distributed Feasibility Queries – A HiGHmed Use Case, Stud Health Technol Inform, 296 (2022) 41-49, doi:10.3233/SHTI220802

      \\n
      • \\n
    • \\n

      C. Zilske, M. Kurscheidt, S.T. Schweizer, H. Hund, S. Mödinger, C. Fegeler, Monitoring Distributed Business Processes in Biomedical Research, Stud Health Technol Inform, 302 (2023) 252-256, doi:10.3233/SHTI230113

      \\n
      • \\n
    • \\n

      H. Hund, R. Wettstein, C. Hampf, M. Bialke, M. Kurscheidt, S.T. Schweizer, C. Zilske, S. Mödinger, C. Fegeler, No Transfer Without Validation: A Data Sharing Framework Use Case, Stud Health Technol Inform, 302 (2023) 68-72, doi:10.3233/SHTI230066

      \\n
      • \\n
    • \\n

      H. Hund, R. Wettstein, M. Kurscheidt, S.T. Schweizer, C. Zilske, C. Fegeler, Interoperability Is a Process- The Data Sharing Framework, Stud Health Technol Inform, 310 (2024) 28-32, doi:10.3233/SHTI230921

      \\n
      • \\n
    • \\n

      S.T. Schweizer, H. Hund, M. Kurscheidt, C. Zilske, J.P. Böhringer, C. Fegeler, Handling Complexity in Decentralized Research Networks: The Data Sharing Framework Allowlist Management Application, Stud Health Technol Inform, 317 (2024) 85-93, doi:10.3233/SHTI240841

      \\n
      • \\n
    "}');export{S as comp,f as data}; diff --git a/assets/releaseANewVersion.html-BMHv2Zkt.js b/assets/releaseANewVersion.html-BMHv2Zkt.js new file mode 100644 index 000000000..bbc78f8b8 --- /dev/null +++ b/assets/releaseANewVersion.html-BMHv2Zkt.js @@ -0,0 +1 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,o as n}from"./app-BIWb5uIp.js";const r={};function s(t,e){return n(),l("div",null,e[0]||(e[0]=[a('

    Release a new final version

    1. Write release notes
    2. Create new release/x.y.z branch from develop
    3. Remove -SNAPSHOT from version in pom.xml files
    4. Change status from draft to active and update dates, verify versions in FHIR resources
    5. Update version and date-released in CITATION.cff
    6. Push branch release/x.y.z
    7. Create pull request (release/x.y.z -> main)
    8. Build maven
    9. Build docker images and run manual tests in 3MeDIC/TTP test setup
    10. Execute trivy and check CVEs for the docker images
    11. Merge release/x.y.z into main
    12. Git tag main branch
    13. Push main branch (including Git tag)
    14. Build maven
    15. Run multi-arch docker build (including push)
    16. Update release notes with docker links, check Git tag
    17. Publish release notes
    18. Create 'start next development cycle' issue and branch
    19. Merge main into issue branch
    20. Increase version
    21. Merge next development cycle issue branch into develop via PR

    Release a new candidate version

    1. Write release notes
    2. Create new release/x.y.z-RC# branch from develop
    3. Replace -SNAPSHOT in versions with -RC# in pom.xml files
    4. Change status from draft to active and update dates, verify versions in FHIR resources
    5. Update version and date-released in CITATION.cff
    6. Git tag release/x.y.z-RC# branch
    7. Build maven
    8. Build docker images and run manual tests in 3MeDIC/TTP test setup
    9. Execute trivy and check CVEs for the docker images
    10. Push release/x.y.z-RC# branch (including Git tag)
    11. Run multi-arch docker build (including push)
    12. Update release notes with docker links, check Git tag
    13. Publish release notes
    ',4)]))}const c=i(r,[["render",s],["__file","releaseANewVersion.html.vue"]]),u=JSON.parse(`{"path":"/oldstable/build/releaseANewVersion.html","title":"Release a new version","lang":"en-US","frontmatter":{"title":"Release a new version","icon":"back-stage","gitInclude":[]},"headers":[{"level":2,"title":"Release a new final version","slug":"release-a-new-final-version","link":"#release-a-new-final-version","children":[]},{"level":2,"title":"Release a new candidate version","slug":"release-a-new-candidate-version","link":"#release-a-new-candidate-version","children":[]}],"readingTime":{"minutes":0.92,"words":276},"filePathRelative":"oldstable/build/releaseANewVersion.md","excerpt":"

    Release a new final version

    \\n
      \\n
    1. Write release notes
      2. \\n
    2. Create new release/x.y.z branch from develop
      3. \\n
    3. Remove -SNAPSHOT from version in pom.xml files
      4. \\n
    4. Change status from draft to active and update dates, verify versions in FHIR resources
      5. \\n
    5. Update version and date-released in CITATION.cff
      6. \\n
    6. Push branch release/x.y.z
      7. \\n
    7. Create pull request (release/x.y.z -> main)
      8. \\n
    8. Build maven
      9. \\n
    9. Build docker images and run manual tests in 3MeDIC/TTP test setup
      10. \\n
    10. Execute trivy and check CVEs for the docker images
      11. \\n
    11. Merge release/x.y.z into main
      12. \\n
    12. Git tag main branch
      13. \\n
    13. Push main branch (including Git tag)
      14. \\n
    14. Build maven
      15. \\n
    15. Run multi-arch docker build (including push)
      16. \\n
    16. Update release notes with docker links, check Git tag
      17. \\n
    17. Publish release notes
      18. \\n
    18. Create 'start next development cycle' issue and branch
      19. \\n
    19. Merge main into issue branch
      20. \\n
    20. Increase version
      21. \\n
    21. Merge next development cycle issue branch into develop via PR
      22. \\n
    "}`);export{c as comp,u as data}; diff --git a/assets/reverseproxy.html-DQ5Ws39T.js b/assets/reverseproxy.html-DQ5Ws39T.js new file mode 100644 index 000000000..1ab5d6fe9 --- /dev/null +++ b/assets/reverseproxy.html-DQ5Ws39T.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a as r,o as s}from"./app-BIWb5uIp.js";const o={};function n(l,e){return s(),i("div",null,e[0]||(e[0]=[r('

    Parameters FHIR Reverse Proxy

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem
    ',23)]))}const p=t(o,[["render",n],["__file","reverseproxy.html.vue"]]),d=JSON.parse('{"path":"/v1.0.0/maintain/configuration/reverseproxy.html","title":"Parameters FHIR Reverse Proxy","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":3,"title":"APP_SERVER_IP","slug":"app-server-ip","link":"#app-server-ip","children":[]},{"level":3,"title":"HTTPS_SERVER_NAME_PORT","slug":"https-server-name-port","link":"#https-server-name-port","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_HTTP","slug":"proxy-pass-connection-timeout-http","link":"#proxy-pass-connection-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_CONNECTION_TIMEOUT_WS","slug":"proxy-pass-connection-timeout-ws","link":"#proxy-pass-connection-timeout-ws","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_HTTP","slug":"proxy-pass-timeout-http","link":"#proxy-pass-timeout-http","children":[]},{"level":3,"title":"PROXY_PASS_TIMEOUT_WS","slug":"proxy-pass-timeout-ws","link":"#proxy-pass-timeout-ws","children":[]},{"level":3,"title":"SSL_CA_CERTIFICATE_FILE","slug":"ssl-ca-certificate-file","link":"#ssl-ca-certificate-file","children":[]},{"level":3,"title":"SSL_CA_DN_REQUEST_FILE","slug":"ssl-ca-dn-request-file","link":"#ssl-ca-dn-request-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_CHAIN_FILE","slug":"ssl-certificate-chain-file","link":"#ssl-certificate-chain-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_FILE","slug":"ssl-certificate-file","link":"#ssl-certificate-file","children":[]},{"level":3,"title":"SSL_CERTIFICATE_KEY_FILE","slug":"ssl-certificate-key-file","link":"#ssl-certificate-key-file","children":[]}],"readingTime":{"minutes":1.16,"words":348},"filePathRelative":"v1.0.0/maintain/configuration/reverseproxy.md","excerpt":"\\n

    APP_SERVER_IP

    \\n
      \\n
    • Required: Yes
      • \\n
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
      • \\n
    • Example: app, 172.28.1.3
      • \\n
    \\n

    HTTPS_SERVER_NAME_PORT

    "}');export{p as comp,d as data}; diff --git a/assets/root-certificates.html-D3mbENfX.js b/assets/root-certificates.html-D3mbENfX.js new file mode 100644 index 000000000..f9a87127b --- /dev/null +++ b/assets/root-certificates.html-D3mbENfX.js @@ -0,0 +1 @@ +import{_ as a}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a as o,b as e,e as n,f as s,d as t,r as f,o as d}from"./app-BIWb5uIp.js";const p={};function h(u,r){const i=f("RouteLink");return d(),l("div",null,[r[77]||(r[77]=o('

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    Extending or Replacing Trusted Certificate Authorities

    X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.

    FHIR Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    ',5)),e("ul",null,[e("li",null,[n(i,{to:"/v1.7.0/maintain/fhir-reverse-proxy/configuration.html#ssl-ca-certificate-file"},{default:s(()=>r[0]||(r[0]=[t("SSL_CA_CERTIFICATE_FILE")])),_:1}),r[1]||(r[1]=e("br",null,null,-1)),r[2]||(r[2]=t(" Default Value: ")),r[3]||(r[3]=e("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/fhir-reverse-proxy/configuration.html#ssl-ca-dn-request-file"},{default:s(()=>r[4]||(r[4]=[t("SSL_CA_DN_REQUEST_FILE")])),_:1}),r[5]||(r[5]=e("br",null,null,-1)),r[6]||(r[6]=t(" Default Value: ")),r[7]||(r[7]=e("a",{href:"/download/1.7.0/client_cert_issuing_cas.pem"},"ca/client_cert_issuing_cas.pem",-1))])]),e("p",null,[r[10]||(r[10]=e("strong",null,"Note:",-1)),r[11]||(r[11]=t(" Default file location are relative to the docker image work directory ")),r[12]||(r[12]=e("code",null,"/usr/local/apache2",-1)),r[13]||(r[13]=t(".")),r[14]||(r[14]=e("br",null,null,-1)),r[15]||(r[15]=e("strong",null,"Also Note:",-1)),r[16]||(r[16]=t(" Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables ")),n(i,{to:"/v1.7.0/maintain/fhir-reverse-proxy/configuration.html#ssl-expected-client-s-dn-c-values"},{default:s(()=>r[8]||(r[8]=[t("SSL_EXPECTED_CLIENT_S_DN_C_VALUES")])),_:1}),r[17]||(r[17]=t(" and ")),n(i,{to:"/v1.7.0/maintain/fhir-reverse-proxy/configuration.html#ssl-expected-client-i-dn-cn-values"},{default:s(()=>r[9]||(r[9]=[t("SSL_EXPECTED_CLIENT_I_DN_CN_VALUES")])),_:1}),r[18]||(r[18]=t("."))]),r[78]||(r[78]=e("h3",{id:"fhir-server",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#fhir-server"},[e("span",null,"FHIR Server")])],-1)),e("p",null,[r[20]||(r[20]=t("Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using ")),n(i,{to:"/v1.7.0/maintain/fhir/oidc.html"},{default:s(()=>r[19]||(r[19]=[t("OpenID Connect")])),_:1}),r[21]||(r[21]=t(" for authenticating local users.")),r[22]||(r[22]=e("br",null,null,-1)),r[23]||(r[23]=t(" Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:"))]),e("ul",null,[e("li",null,[n(i,{to:"/v1.7.0/maintain/fhir/configuration.html#dev-dsf-server-auth-trust-client-certificate-cas"},{default:s(()=>r[24]||(r[24]=[t("DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS")])),_:1}),r[25]||(r[25]=e("br",null,null,-1)),r[26]||(r[26]=t(" Default Value: ")),r[27]||(r[27]=e("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/fhir/configuration.html#dev-dsf-fhir-client-trust-server-certificate-cas"},{default:s(()=>r[28]||(r[28]=[t("DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),r[29]||(r[29]=e("br",null,null,-1)),r[30]||(r[30]=t(" Default Value: ")),r[31]||(r[31]=e("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/fhir/configuration.html#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas"},{default:s(()=>r[32]||(r[32]=[t("DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),r[33]||(r[33]=e("br",null,null,-1)),r[34]||(r[34]=t(" Default Value: ")),r[35]||(r[35]=e("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))])]),r[79]||(r[79]=o('

    Note: Default file location are relative to the docker image work directory /opt/fhir.

    BPE Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    ',3)),e("ul",null,[e("li",null,[n(i,{to:"/v1.7.0/maintain/bpe-reverse-proxy/configuration.html#ssl-ca-certificate-file"},{default:s(()=>r[36]||(r[36]=[t("SSL_CA_CERTIFICATE_FILE")])),_:1}),r[37]||(r[37]=e("br",null,null,-1)),r[38]||(r[38]=t(" Default Value: ")),r[39]||(r[39]=e("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/bpe-reverse-proxy/configuration.html#ssl-ca-dn-request-file"},{default:s(()=>r[40]||(r[40]=[t("SSL_CA_DN_REQUEST_FILE")])),_:1}),r[41]||(r[41]=e("br",null,null,-1)),r[42]||(r[42]=t(" Default Value: ")),r[43]||(r[43]=e("a",{href:"/download/1.7.0/client_cert_issuing_cas.pem"},"ca/client_cert_issuing_cas.pem",-1))])]),e("p",null,[r[46]||(r[46]=e("strong",null,"Note:",-1)),r[47]||(r[47]=t(" Default file location are relative to the docker image work directory ")),r[48]||(r[48]=e("code",null,"/usr/local/apache2",-1)),r[49]||(r[49]=t(".")),r[50]||(r[50]=e("br",null,null,-1)),r[51]||(r[51]=e("strong",null,"Also Note:",-1)),r[52]||(r[52]=t(" Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables ")),n(i,{to:"/v1.7.0/maintain/bpe-reverse-proxy/configuration.html#ssl-expected-client-s-dn-c-values"},{default:s(()=>r[44]||(r[44]=[t("SSL_EXPECTED_CLIENT_S_DN_C_VALUES")])),_:1}),r[53]||(r[53]=t(" and ")),n(i,{to:"/v1.7.0/maintain/bpe-reverse-proxy/configuration.html#ssl-expected-client-i-dn-cn-values"},{default:s(()=>r[45]||(r[45]=[t("SSL_EXPECTED_CLIENT_I_DN_CN_VALUES")])),_:1}),r[54]||(r[54]=t("."))]),r[80]||(r[80]=e("h3",{id:"bpe-server",tabindex:"-1"},[e("a",{class:"header-anchor",href:"#bpe-server"},[e("span",null,"BPE Server")])],-1)),e("p",null,[r[56]||(r[56]=t("Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using ")),n(i,{to:"/v1.7.0/maintain/fhir/oidc.html"},{default:s(()=>r[55]||(r[55]=[t("OpenID Connect")])),_:1}),r[57]||(r[57]=t(" for authenticating local users.")),r[58]||(r[58]=e("br",null,null,-1)),r[59]||(r[59]=t(" Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:"))]),e("ul",null,[e("li",null,[n(i,{to:"/v1.7.0/maintain/bpe/configuration.html#dev-dsf-server-auth-trust-client-certificate-cas"},{default:s(()=>r[60]||(r[60]=[t("DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS")])),_:1}),r[61]||(r[61]=e("br",null,null,-1)),r[62]||(r[62]=t(" Default Value: ")),r[63]||(r[63]=e("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/bpe/configuration.html#dev-dsf-fhir-client-trust-server-certificate-cas"},{default:s(()=>r[64]||(r[64]=[t("DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),r[66]||(r[66]=e("br",null,null,-1)),r[67]||(r[67]=t(" Default Value: ")),r[68]||(r[68]=e("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1)),r[69]||(r[69]=e("br",null,null,-1)),n(i,{to:"/v1.7.0/maintain/bpe/configuration.html#dev-dsf-bpe-mail-trust-server-certificate-cas"},{default:s(()=>r[65]||(r[65]=[t("DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),r[70]||(r[70]=e("br",null,null,-1)),r[71]||(r[71]=t(" Default Value: ")),r[72]||(r[72]=e("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))]),e("li",null,[n(i,{to:"/v1.7.0/maintain/bpe/configuration.html#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas"},{default:s(()=>r[73]||(r[73]=[t("DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),r[74]||(r[74]=e("br",null,null,-1)),r[75]||(r[75]=t(" Default Value: ")),r[76]||(r[76]=e("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))])]),r[81]||(r[81]=o('

    Note: Default file location are relative to the docker image work directory /opt/bpe.

    List of Default Trusted Certificate Authorities

    If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.

    CAs Trusted by Common Web Browsers and Operating Systems

    Other CAs

    ',7))])}const b=a(p,[["render",h],["__file","root-certificates.html.vue"]]),C=JSON.parse('{"path":"/v1.7.0/maintain/root-certificates.html","title":"Default Root Certificates","lang":"en-US","frontmatter":{"title":"Default Root Certificates","icon":"safe","gitInclude":[]},"headers":[{"level":2,"title":"Extending or Replacing Trusted Certificate Authorities","slug":"extending-or-replacing-trusted-certificate-authorities","link":"#extending-or-replacing-trusted-certificate-authorities","children":[{"level":3,"title":"FHIR Reverse Proxy","slug":"fhir-reverse-proxy","link":"#fhir-reverse-proxy","children":[]},{"level":3,"title":"FHIR Server","slug":"fhir-server","link":"#fhir-server","children":[]},{"level":3,"title":"BPE Reverse Proxy","slug":"bpe-reverse-proxy","link":"#bpe-reverse-proxy","children":[]},{"level":3,"title":"BPE Server","slug":"bpe-server","link":"#bpe-server","children":[]}]},{"level":2,"title":"List of Default Trusted Certificate Authorities","slug":"list-of-default-trusted-certificate-authorities","link":"#list-of-default-trusted-certificate-authorities","children":[{"level":3,"title":"CAs Trusted by Common Web Browsers and Operating Systems","slug":"cas-trusted-by-common-web-browsers-and-operating-systems","link":"#cas-trusted-by-common-web-browsers-and-operating-systems","children":[]},{"level":3,"title":"Other CAs","slug":"other-cas","link":"#other-cas","children":[]}]}],"readingTime":{"minutes":5.5,"words":1651},"filePathRelative":"v1.7.0/maintain/root-certificates.md","excerpt":"

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    "}');export{b as comp,C as data}; diff --git a/assets/root-certificates.html-DBTM8PxT.js b/assets/root-certificates.html-DBTM8PxT.js new file mode 100644 index 000000000..6ab0a72c1 --- /dev/null +++ b/assets/root-certificates.html-DBTM8PxT.js @@ -0,0 +1 @@ +import{_ as o}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as l,a,b as r,e as n,f as s,d as t,r as f,o as d}from"./app-BIWb5uIp.js";const p={};function h(u,e){const i=f("RouteLink");return d(),l("div",null,[e[77]||(e[77]=a('

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    Extending or Replacing Trusted Certificate Authorities

    X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.

    FHIR Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    ',5)),r("ul",null,[r("li",null,[n(i,{to:"/stable/maintain/fhir-reverse-proxy/configuration.html#ssl-ca-certificate-file"},{default:s(()=>e[0]||(e[0]=[t("SSL_CA_CERTIFICATE_FILE")])),_:1}),e[1]||(e[1]=r("br",null,null,-1)),e[2]||(e[2]=t(" Default Value: ")),e[3]||(e[3]=r("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/fhir-reverse-proxy/configuration.html#ssl-ca-dn-request-file"},{default:s(()=>e[4]||(e[4]=[t("SSL_CA_DN_REQUEST_FILE")])),_:1}),e[5]||(e[5]=r("br",null,null,-1)),e[6]||(e[6]=t(" Default Value: ")),e[7]||(e[7]=r("a",{href:"/download/1.7.0/client_cert_issuing_cas.pem"},"ca/client_cert_issuing_cas.pem",-1))])]),r("p",null,[e[10]||(e[10]=r("strong",null,"Note:",-1)),e[11]||(e[11]=t(" Default file location are relative to the docker image work directory ")),e[12]||(e[12]=r("code",null,"/usr/local/apache2",-1)),e[13]||(e[13]=t(".")),e[14]||(e[14]=r("br",null,null,-1)),e[15]||(e[15]=r("strong",null,"Also Note:",-1)),e[16]||(e[16]=t(" Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables ")),n(i,{to:"/stable/maintain/fhir-reverse-proxy/configuration.html#ssl-expected-client-s-dn-c-values"},{default:s(()=>e[8]||(e[8]=[t("SSL_EXPECTED_CLIENT_S_DN_C_VALUES")])),_:1}),e[17]||(e[17]=t(" and ")),n(i,{to:"/stable/maintain/fhir-reverse-proxy/configuration.html#ssl-expected-client-i-dn-cn-values"},{default:s(()=>e[9]||(e[9]=[t("SSL_EXPECTED_CLIENT_I_DN_CN_VALUES")])),_:1}),e[18]||(e[18]=t("."))]),e[78]||(e[78]=r("h3",{id:"fhir-server",tabindex:"-1"},[r("a",{class:"header-anchor",href:"#fhir-server"},[r("span",null,"FHIR Server")])],-1)),r("p",null,[e[20]||(e[20]=t("Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using ")),n(i,{to:"/stable/maintain/fhir/oidc.html"},{default:s(()=>e[19]||(e[19]=[t("OpenID Connect")])),_:1}),e[21]||(e[21]=t(" for authenticating local users.")),e[22]||(e[22]=r("br",null,null,-1)),e[23]||(e[23]=t(" Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:"))]),r("ul",null,[r("li",null,[n(i,{to:"/stable/maintain/fhir/configuration.html#dev-dsf-server-auth-trust-client-certificate-cas"},{default:s(()=>e[24]||(e[24]=[t("DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS")])),_:1}),e[25]||(e[25]=r("br",null,null,-1)),e[26]||(e[26]=t(" Default Value: ")),e[27]||(e[27]=r("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/fhir/configuration.html#dev-dsf-fhir-client-trust-server-certificate-cas"},{default:s(()=>e[28]||(e[28]=[t("DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),e[29]||(e[29]=r("br",null,null,-1)),e[30]||(e[30]=t(" Default Value: ")),e[31]||(e[31]=r("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/fhir/configuration.html#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas"},{default:s(()=>e[32]||(e[32]=[t("DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),e[33]||(e[33]=r("br",null,null,-1)),e[34]||(e[34]=t(" Default Value: ")),e[35]||(e[35]=r("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))])]),e[79]||(e[79]=a('

    Note: Default file location are relative to the docker image work directory /opt/fhir.

    BPE Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    ',3)),r("ul",null,[r("li",null,[n(i,{to:"/stable/maintain/bpe-reverse-proxy/configuration.html#ssl-ca-certificate-file"},{default:s(()=>e[36]||(e[36]=[t("SSL_CA_CERTIFICATE_FILE")])),_:1}),e[37]||(e[37]=r("br",null,null,-1)),e[38]||(e[38]=t(" Default Value: ")),e[39]||(e[39]=r("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/bpe-reverse-proxy/configuration.html#ssl-ca-dn-request-file"},{default:s(()=>e[40]||(e[40]=[t("SSL_CA_DN_REQUEST_FILE")])),_:1}),e[41]||(e[41]=r("br",null,null,-1)),e[42]||(e[42]=t(" Default Value: ")),e[43]||(e[43]=r("a",{href:"/download/1.7.0/client_cert_issuing_cas.pem"},"ca/client_cert_issuing_cas.pem",-1))])]),r("p",null,[e[46]||(e[46]=r("strong",null,"Note:",-1)),e[47]||(e[47]=t(" Default file location are relative to the docker image work directory ")),e[48]||(e[48]=r("code",null,"/usr/local/apache2",-1)),e[49]||(e[49]=t(".")),e[50]||(e[50]=r("br",null,null,-1)),e[51]||(e[51]=r("strong",null,"Also Note:",-1)),e[52]||(e[52]=t(" Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables ")),n(i,{to:"/stable/maintain/bpe-reverse-proxy/configuration.html#ssl-expected-client-s-dn-c-values"},{default:s(()=>e[44]||(e[44]=[t("SSL_EXPECTED_CLIENT_S_DN_C_VALUES")])),_:1}),e[53]||(e[53]=t(" and ")),n(i,{to:"/stable/maintain/bpe-reverse-proxy/configuration.html#ssl-expected-client-i-dn-cn-values"},{default:s(()=>e[45]||(e[45]=[t("SSL_EXPECTED_CLIENT_I_DN_CN_VALUES")])),_:1}),e[54]||(e[54]=t("."))]),e[80]||(e[80]=r("h3",{id:"bpe-server",tabindex:"-1"},[r("a",{class:"header-anchor",href:"#bpe-server"},[r("span",null,"BPE Server")])],-1)),r("p",null,[e[56]||(e[56]=t("Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using ")),n(i,{to:"/stable/maintain/fhir/oidc.html"},{default:s(()=>e[55]||(e[55]=[t("OpenID Connect")])),_:1}),e[57]||(e[57]=t(" for authenticating local users.")),e[58]||(e[58]=r("br",null,null,-1)),e[59]||(e[59]=t(" Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:"))]),r("ul",null,[r("li",null,[n(i,{to:"/stable/maintain/bpe/configuration.html#dev-dsf-server-auth-trust-client-certificate-cas"},{default:s(()=>e[60]||(e[60]=[t("DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS")])),_:1}),e[61]||(e[61]=r("br",null,null,-1)),e[62]||(e[62]=t(" Default Value: ")),e[63]||(e[63]=r("a",{href:"/download/1.7.0/client_cert_ca_chains.pem"},"ca/client_cert_ca_chains.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/bpe/configuration.html#dev-dsf-fhir-client-trust-server-certificate-cas"},{default:s(()=>e[64]||(e[64]=[t("DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),e[66]||(e[66]=r("br",null,null,-1)),e[67]||(e[67]=t(" Default Value: ")),e[68]||(e[68]=r("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1)),e[69]||(e[69]=r("br",null,null,-1)),n(i,{to:"/stable/maintain/bpe/configuration.html#dev-dsf-bpe-mail-trust-server-certificate-cas"},{default:s(()=>e[65]||(e[65]=[t("DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),e[70]||(e[70]=r("br",null,null,-1)),e[71]||(e[71]=t(" Default Value: ")),e[72]||(e[72]=r("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))]),r("li",null,[n(i,{to:"/stable/maintain/bpe/configuration.html#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas"},{default:s(()=>e[73]||(e[73]=[t("DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS")])),_:1}),e[74]||(e[74]=r("br",null,null,-1)),e[75]||(e[75]=t(" Default Value: ")),e[76]||(e[76]=r("a",{href:"/download/1.7.0/server_cert_root_cas.pem"},"ca/server_cert_root_cas.pem",-1))])]),e[81]||(e[81]=a('

    Note: Default file location are relative to the docker image work directory /opt/bpe.

    List of Default Trusted Certificate Authorities

    If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.

    CAs Trusted by Common Web Browsers and Operating Systems

    Other CAs

    ',7))])}const b=o(p,[["render",h],["__file","root-certificates.html.vue"]]),C=JSON.parse('{"path":"/stable/maintain/root-certificates.html","title":"Default Root Certificates","lang":"en-US","frontmatter":{"title":"Default Root Certificates","icon":"safe","gitInclude":[]},"headers":[{"level":2,"title":"Extending or Replacing Trusted Certificate Authorities","slug":"extending-or-replacing-trusted-certificate-authorities","link":"#extending-or-replacing-trusted-certificate-authorities","children":[{"level":3,"title":"FHIR Reverse Proxy","slug":"fhir-reverse-proxy","link":"#fhir-reverse-proxy","children":[]},{"level":3,"title":"FHIR Server","slug":"fhir-server","link":"#fhir-server","children":[]},{"level":3,"title":"BPE Reverse Proxy","slug":"bpe-reverse-proxy","link":"#bpe-reverse-proxy","children":[]},{"level":3,"title":"BPE Server","slug":"bpe-server","link":"#bpe-server","children":[]}]},{"level":2,"title":"List of Default Trusted Certificate Authorities","slug":"list-of-default-trusted-certificate-authorities","link":"#list-of-default-trusted-certificate-authorities","children":[{"level":3,"title":"CAs Trusted by Common Web Browsers and Operating Systems","slug":"cas-trusted-by-common-web-browsers-and-operating-systems","link":"#cas-trusted-by-common-web-browsers-and-operating-systems","children":[]},{"level":3,"title":"Other CAs","slug":"other-cas","link":"#other-cas","children":[]}]}],"readingTime":{"minutes":5.5,"words":1651},"filePathRelative":"stable/maintain/root-certificates.md","excerpt":"

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    "}');export{b as comp,C as data}; diff --git a/assets/security.html-DlCXhwuq.js b/assets/security.html-DlCXhwuq.js new file mode 100644 index 000000000..529b80cab --- /dev/null +++ b/assets/security.html-DlCXhwuq.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a,o as n}from"./app-BIWb5uIp.js";const r="/photos/info/security/certificates-light.svg",s="/photos/info/security/certificates-dark.svg",o={};function c(l,e){return n(),i("div",null,e[0]||(e[0]=[a('

    Basics Security

    The open-source Data Sharing Framework is EU-GDPR compliant and meets the highest security standards by design. DSF FHIR servers only accept certain FHIR resources from internal systems/administrators (e.g. tasks, binary resources...). In addition, the communication partners are defined via Allow Lists. This means that an organisation can only communicate with organisations that are included in the allow list of approved organisations of the participating organisations. More information about allow lists can be found in the next chapter.
    For transport encryption, the TLS protocol is used. Secure Web Socket (WSS) connections provide security for the connection between the DSF FHIR server (DMZ) and the BPE (internal network). In addition, the DSF is being actively developed and there is an excellent community, both of which guarantee fast security patches.

    Authentication

    Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.

    A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf

    More information about client and server certificates can be found here.

    Certificate Requests 🔒

    FHIR Endpoint

    Server certificates are used to authenticate the FHIR endpoint on the local network and to other organisations

    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: Web Server
      • D-Trust via TMF e.V.: Advanced SSL ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from other organizations (external FQDN)
    • Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)

    More information: Parameters FHIR Server

    Business Process Engine Server

    Client certificates are used to authenticate against remote FHIR endpoints (when either the BPE server or the FHIR endpoint server acts as the client).
    In addition, client certificates are used to authenticate the Business Process Engine server on the local network.

    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: 802.1X Client
      • D-Trust via TMF e.V.: Basic Team ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from the local network (local FQDN)

    More information: Parameters BPE Server

    ',17)]))}const f=t(o,[["render",c],["__file","security.html.vue"]]),u=JSON.parse('{"path":"/intro/info/security.html","title":"Security by Design","lang":"en-US","frontmatter":{"title":"Security by Design","icon":"safe","gitInclude":[]},"headers":[{"level":2,"title":"Basics Security","slug":"basics-security","link":"#basics-security","children":[]},{"level":2,"title":"Authentication","slug":"authentication","link":"#authentication","children":[{"level":3,"title":"Certificate Requests 🔒","slug":"certificate-requests","link":"#certificate-requests","children":[]}]}],"readingTime":{"minutes":1.54,"words":461},"filePathRelative":"intro/info/security.md","excerpt":"

    Basics Security

    \\n

    The open-source Data Sharing Framework is EU-GDPR compliant and meets the highest security standards by design. DSF FHIR servers only accept certain FHIR resources from internal systems/administrators (e.g. tasks, binary resources...). In addition, the communication partners are defined via Allow Lists. This means that an organisation can only communicate with organisations that are included in the allow list of approved organisations of the participating organisations. More information about allow lists can be found in the next chapter.
    \\nFor transport encryption, the TLS protocol is used. Secure Web Socket (WSS) connections provide security for the connection between the DSF FHIR server (DMZ) and the BPE (internal network). In addition, the DSF is being actively developed and there is an excellent community, both of which guarantee fast security patches.

    "}');export{f as comp,u as data}; diff --git a/assets/setupDevtools-7MC2TMWH-CFab8NJr.js b/assets/setupDevtools-7MC2TMWH-CFab8NJr.js new file mode 100644 index 000000000..c77780c4e --- /dev/null +++ b/assets/setupDevtools-7MC2TMWH-CFab8NJr.js @@ -0,0 +1 @@ +import{s as T,w as E}from"./app-BIWb5uIp.js";var l="org.vuejs.vuepress",v="VuePress",I=v,r=l,N=v,i="client-data",a="Client Data",g=(p,n)=>{T({app:p,id:l,label:v,packageName:"@vuepress/client",homepage:"https://vuepress.vuejs.org",logo:"https://vuepress.vuejs.org/images/hero.png",componentStateTypes:[I]},t=>{const c=Object.entries(n),u=Object.keys(n),d=Object.values(n);t.on.inspectComponent(e=>{e.instanceData.state.push(...c.map(([s,o])=>({type:I,editable:!1,key:s,value:o.value})))}),t.addInspector({id:r,label:N,icon:"article"}),t.on.getInspectorTree(e=>{e.inspectorId===r&&(e.rootNodes=[{id:i,label:a,children:u.map(s=>({id:s,label:s}))}])}),t.on.getInspectorState(e=>{e.inspectorId===r&&(e.nodeId===i&&(e.state={[a]:c.map(([s,o])=>({key:s,value:o.value}))}),u.includes(e.nodeId)&&(e.state={[a]:[{key:e.nodeId,value:n[e.nodeId].value}]}))}),E(d,()=>{t.notifyComponentUpdate(),t.sendInspectorState(r)})})};export{g as setupDevtools}; diff --git a/assets/style-BcLlt20R.css b/assets/style-BcLlt20R.css new file mode 100644 index 000000000..6953778a3 --- /dev/null +++ b/assets/style-BcLlt20R.css @@ -0,0 +1 @@ +:root{--code-padding-x: 1.25rem;--code-padding-y: 1rem;--code-border-radius: 6px;--code-line-height: 1.6;--code-font-size: 14px;--code-font-family: consolas, monaco, "Andale Mono", "Ubuntu Mono", monospace}div[class*=language-]{position:relative;border-radius:var(--code-border-radius);background-color:var(--code-c-bg)}div[class*=language-]:before{content:attr(data-title);position:absolute;top:.8em;right:1em;z-index:3;color:var(--code-c-text);font-size:.75rem}div[class*=language-] pre{position:relative;z-index:1;overflow-x:auto;margin:0;border-radius:var(--code-border-radius);font-size:var(--code-font-size);font-family:var(--code-font-family);line-height:var(--code-line-height)}div[class*=language-] pre code{display:block;box-sizing:border-box;width:-moz-fit-content;width:fit-content;min-width:100%;padding:var(--code-padding-y) var(--code-padding-x);background-color:#0000!important;color:var(--code-c-text);overflow-wrap:unset;-webkit-font-smoothing:auto;-moz-osx-font-smoothing:auto}:root{--code-c-text: #9e9e9e;--code-c-highlight-bg: rgba(142 150 170 / 14%)}.shiki span{color:var(--shiki-light, inherit)}[data-theme=dark] .shiki span{color:var(--shiki-dark, inherit)}div[data-highlighter=shiki]{background-color:var(--code-c-bg, var(--shiki-light-bg))}[data-theme=dark] div[data-highlighter=shiki]{background-color:var(--code-c-bg, var(--shiki-dark-bg))}:root{--code-line-number-width: 3rem}div[class*=language-]:not(.line-numbers-mode) .line-numbers{display:none}div[class*=language-].line-numbers-mode:after{content:"";position:absolute;top:0;left:0;width:var(--code-line-number-width);height:100%;border-right:1px solid var(--code-c-highlight-bg, var(--code-c-text));border-radius:var(--code-border-radius) 0 0 var(--code-border-radius);transition:border var(--vp-t-color)}div[class*=language-].line-numbers-mode pre{vertical-align:middle;margin-left:var(--code-line-number-width)}div[class*=language-].line-numbers-mode code{padding-left:1rem}div[class*=language-].line-numbers-mode .line-numbers{counter-reset:line-number;position:absolute;top:0;width:var(--code-line-number-width);padding-top:var(--code-padding-y);color:var(--code-c-line-number, var(--code-c-text));font-size:var(--code-font-size);line-height:var(--code-line-height);text-align:center}div[class*=language-].line-numbers-mode .line-number{position:relative;z-index:3;font-family:var(--code-font-family);-webkit-user-select:none;-moz-user-select:none;user-select:none}div[class*=language-].line-numbers-mode .line-number:before{content:counter(line-number);counter-increment:line-number}div[class*=language-] .line.highlighted{display:inline-block;width:100%;margin:0 calc(-1*var(--code-padding-x));padding:0 var(--code-padding-x);background-color:var(--code-c-highlight-bg)}:root{--vp-c-bg: #fff;--vp-c-bg-alt: #f6f6f7;--vp-c-bg-elv: #fff;--vp-c-text: rgb(60, 60, 67);--vp-c-border: #c2c2c4;--vp-c-gutter: #e2e2e3;--vp-c-shadow: rgba(0, 0, 0, .15);--vp-c-control: rgba(142, 150, 170, .1);--vp-c-control-hover: rgba(142, 150, 170, .16);--vp-c-control-disabled: #eaeaea;--vp-font: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", STHeiti, "Microsoft YaHei", SimSun, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--vp-font-heading: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", STHeiti, "Microsoft YaHei", SimSun, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";--vp-font-mono: Consolas, Monaco, "Andale Mono", "Ubuntu Mono", monospace;--navbar-height: 3.75rem;--navbar-padding-x: 1.5rem;--navbar-padding-y: .7rem;--navbar-mobile-height: 3.25rem;--navbar-mobile-padding-x: 1rem;--navbar-mobile-padding-y: .5rem;--sidebar-width: 18rem;--sidebar-mobile-width: 16rem;--content-width: 780px;--home-page-width: 1160px;--vp-t-color: .3s ease;--vp-t-transform: .3s ease;--vp-c-accent: rgb(44.8492462312, 99.5653266332, 133.6507537688);--vp-c-accent-bg: rgb(57.6633165829, 128.0125628141, 171.8366834171);--vp-c-accent-hover: rgb(64.0703517588, 142.2361809045, 190.9296482412);--vp-c-accent-soft: rgba(20.4, 120.9575757576, 183.6, .14);--vp-c-accent-text: var(--vp-c-white);--vp-c-bg-soft: rgba(255, 255, 255, .9);--vp-c-bg-elv-soft: rgba(255, 255, 255, .9);--vp-c-text-mute: rgba(60, 60, 67, .78);--vp-c-text-subtle: rgba(60, 60, 67, .56);--vp-c-border-hard: rgb(184.0875, 184.0875, 186.4125)}[data-theme=dark]{--vp-c-bg: #1b1b1f;--vp-c-bg-alt: #161618;--vp-c-bg-elv: #202127;--vp-c-text: rgba(235, 235, 245, .86);--vp-c-border: #3c3f44;--vp-c-gutter: #000;--vp-c-shadow: rgba(0, 0, 0, .3);--vp-c-control: rgba(101, 117, 133, .12);--vp-c-control-hover: rgba(101, 117, 133, .18);--vp-c-control-disabled: #363636;--vp-c-accent: rgb(83.1633165829, 153.5125628141, 197.3366834171);--vp-c-accent-bg: rgb(60.8668341709, 135.1243718593, 181.3831658291);--vp-c-accent-hover: rgb(57.6633165829, 128.0125628141, 171.8366834171);--vp-c-accent-soft: rgba(20.4, 120.9575757576, 183.6, .16);--vp-c-bg-soft: rgba(27, 27, 31, .9);--vp-c-bg-elv-soft: rgba(32, 33, 39, .9);--vp-c-text-mute: rgba(235, 235, 245, .602);--vp-c-text-subtle: rgba(235, 235, 245, .3784);--vp-c-border-hard: rgb(68.953125, 72.40078125, 78.146875)}.font-icon{display:inline-block}[vp-content] .font-icon{vertical-align:middle}@media screen{.sr-only{position:absolute;overflow:hidden;clip:rect 0,0,0,0;width:1px;height:1px;margin:-1px;padding:0;border:0}}@media print{.sr-only{display:none}}.vp-catalog{margin-top:8px;margin-bottom:8px}.vp-catalog-item{counter-increment:catalog-item}.vp-catalog-main-title{margin-top:calc(1rem - var(--catalog-header-offset));margin-bottom:.5rem;padding-top:var(--catalog-header-offset);font-weight:500;font-size:1.75rem}.vp-catalog-main-title:first-child{margin-bottom:.5rem!important}.vp-catalog-main-title:only-child{margin-bottom:0!important}.vp-catalog-main-title .vp-link{text-decoration:none!important}.vp-catalog-child-title{margin-bottom:.5rem!important}.vp-catalog-child-title.has-children{margin-top:calc(1rem - var(--catalog-header-offset));padding-top:var(--catalog-header-offset);border-bottom:1px solid var(--catalog-c-gutter);font-weight:500;font-size:1.3rem;transition:border-color .3s}.vp-catalog-child-title.has-children:only-child{margin-bottom:0!important}.vp-catalog-child-title .vp-link{text-decoration:none!important}.vp-catalog-sub-title{font-weight:500;font-size:1.1rem}.vp-catalog-sub-title:only-child{margin-bottom:0!important}.vp-catalog-title{color:inherit;text-decoration:none}.vp-catalog-title:hover{color:var(--catalog-c-accent)}.vp-catalog.index ol{padding-inline-start:0}.vp-catalog.index li{list-style-type:none}.vp-catalog.index .vp-catalog-list{padding-inline-start:0}.vp-catalog.index .vp-catalog-item{list-style-type:none}.vp-catalog.index .vp-catalog-title:before{content:"§" counter(catalog-item,upper-roman) " "}.vp-catalog.index .vp-child-catalogs{counter-reset:child-catalog}.vp-catalog.index .vp-child-catalog{counter-increment:child-catalog}.vp-catalog.index .vp-child-catalog .vp-catalog-title:before{content:counter(catalog-item) "." counter(child-catalog) " "}.vp-catalog.index .vp-sub-catalogs{padding-inline-start:.5rem}.vp-catalog-list{counter-reset:catalog-item;margin:0}.vp-catalog-list.deep{padding-inline-start:0}.vp-catalog-list.deep .vp-catalog-item{list-style-type:none}.vp-catalog-list .font-icon{vertical-align:baseline;margin-inline-end:.25rem}.vp-child-catalogs{margin:0}.vp-child-catalog{list-style-type:disc}.vp-sub-catalogs{counter-reset:sub-catalog}.vp-sub-catalog{counter-increment:sub-catalog}.vp-sub-catalog .vp-link:before{content:counter(catalog-item) "." counter(child-catalog) "." counter(sub-catalog) " "}.vp-sub-catalogs-wrapper{display:flex;flex-wrap:wrap}.vp-sub-catalog-link{display:inline-block;margin:4px 8px;padding:4px 8px;border-radius:6px;background-color:var(--catalog-c-control);line-height:1.5;overflow-wrap:break-word;transition:background-color .3s,color .3s}.vp-sub-catalog-link:hover{background-color:var(--catalog-c-control-hover);color:var(--catalog-c-accent);text-decoration:none!important}.vp-catalog-header-anchor{float:left;margin-top:.125em;margin-left:-1em;padding-right:0;font-size:.85em;text-decoration:none;opacity:0;-webkit-user-select:none;-moz-user-select:none;user-select:none}@media print{.vp-catalog-header-anchor{display:none}}h2:hover .vp-catalog-header-anchor,h3:hover .vp-catalog-header-anchor{text-decoration:none;opacity:1}.vp-catalog-header-anchor:focus-visible{opacity:1}.vp-empty-catalog{font-size:1.25rem;text-align:center}:root{--catalog-c-accent: var(--vp-c-accent);--catalog-c-accent-text: var(--vp-c-accent-text);--catalog-c-control: var(--vp-c-bg-alt);--catalog-c-control-hover: var(--vp-c-bg-alt);--catalog-c-gutter: var(--vp-c-gutter);--catalog-header-offset: var(--header-offset, 3.6rem)}.vp-back-to-top-button{position:fixed!important;inset-inline-end:1rem;bottom:4rem;z-index:100;width:48px;height:48px;padding:12px;border-width:0;border-radius:50%;background:var(--back-to-top-c-bg);color:var(--back-to-top-c-accent-bg);box-shadow:2px 2px 10px 4px var(--back-to-top-c-shadow);cursor:pointer}@media (max-width: 959px){.vp-back-to-top-button{transform:scale(.8);transform-origin:100% 100%}}@media print{.vp-back-to-top-button{display:none}}.vp-back-to-top-button:hover{color:var(--back-to-top-c-accent-hover)}.vp-back-to-top-button .back-to-top-icon{overflow:hidden;width:24px;height:24px;margin:0 auto;background:var(--back-to-top-c-icon);-webkit-mask-image:var(--back-to-top-icon);mask-image:var(--back-to-top-icon);-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:cover;mask-size:cover}.vp-scroll-progress{position:absolute;right:-2px;bottom:-2px;width:52px;height:52px}.vp-scroll-progress svg{width:100%;height:100%}.vp-scroll-progress circle{opacity:.9;transform:rotate(-90deg);transform-origin:50% 50%}.back-to-top-enter-active,.back-to-top-leave-active{transition:opacity .3s}.back-to-top-enter-from,.back-to-top-leave-to{opacity:0}:root{--back-to-top-z-index: 5;--back-to-top-icon: url("data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%2048%2048'%3e%3cpath%20fill='none'%20stroke='currentColor'%20stroke-linecap='round'%20stroke-linejoin='round'%20stroke-width='4'%20d='M24.008%2014.1V42M12%2026l12-12l12%2012M12%206h24'%20/%3e%3c/svg%3e");--back-to-top-c-bg: var(--vp-c-bg);--back-to-top-c-accent-bg: var(--vp-c-accent-bg);--back-to-top-c-accent-hover: var(--vp-c-accent-hover);--back-to-top-c-shadow: var(--vp-c-shadow);--back-to-top-c-icon: currentcolor}:root{--nprogress-c: var(--vp-c-accent);--nprogress-z-index: 1031}#nprogress{pointer-events:none}#nprogress .bar{position:fixed;top:0;left:0;z-index:var(--nprogress-z-index);width:100%;height:2px;background:var(--nprogress-c)}.vp-copy-code-button{position:absolute;top:.5em;right:.5em;z-index:5;width:2.5rem;height:2.5rem;padding:0;border-width:0;border-radius:.5rem;background:#0000;outline:none;opacity:0;cursor:pointer;transition:opacity .4s}@media print{.vp-copy-code-button{display:none}}.vp-copy-code-button:before{content:"";display:inline-block;width:1.25rem;height:1.25rem;padding:.625rem;background:currentcolor;color:var(--copy-code-c-text);font-size:1.25rem;-webkit-mask-image:var(--code-copy-icon);mask-image:var(--code-copy-icon);-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.vp-copy-code-button:focus,.vp-copy-code-button.copied{opacity:1}.vp-copy-code-button:hover,.vp-copy-code-button.copied{background:var(--copy-code-c-hover)}.vp-copy-code-button.copied:before{-webkit-mask-image:var(--code-copied-icon);mask-image:var(--code-copied-icon)}.vp-copy-code-button.copied:after{content:attr(data-copied);position:absolute;top:0;right:calc(100% + .25rem);display:block;height:1.25rem;padding:.625rem;border-radius:.5rem;background:var(--copy-code-c-hover);color:var(--copy-code-c-text);font-weight:500;line-height:1.25rem;white-space:nowrap}.no-copy-code .vp-copy-code-button{display:none}body:not(.no-copy-code) div[class*=language-]:hover:before{display:none}body:not(.no-copy-code) div[class*=language-]:hover .vp-copy-code-button{opacity:1}:root{--code-copy-icon: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' fill='none' stroke='%23808080' stroke-width='2'%3e%3cpath stroke-linecap='round' stroke-linejoin='round' d='M9 5H7a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V7a2 2 0 0 0-2-2h-2M9 5a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2M9 5a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2' /%3e%3c/svg%3e");--code-copied-icon: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' fill='none' stroke='%23808080' stroke-width='2'%3e%3cpath stroke-linecap='round' stroke-linejoin='round' d='M9 5H7a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h10a2 2 0 0 0 2-2V7a2 2 0 0 0-2-2h-2M9 5a2 2 0 0 0 2 2h2a2 2 0 0 0 2-2M9 5a2 2 0 0 1 2-2h2a2 2 0 0 1 2 2m-6 9 2 2 4-4' /%3e%3c/svg%3e");--copy-code-c-text: var(--code-c-line-number);--copy-code-c-hover: var(--code-c-highlight-bg)}.hint-container{position:relative;border-color:var(--hint-c-accent);background:var(--hint-c-soft);transition:background var(--vp-t-color),color var(--vp-t-color)}@media print{.hint-container{page-break-inside:avoid}}.hint-container>.hint-container-title{color:var(--hint-c-title)}.hint-container :not(pre)>code{background:var(--hint-c-soft)}.hint-container .hint-container-title{position:relative;margin-block:.75em;font-weight:600;line-height:1.25}.hint-container.important,.hint-container.info,.hint-container.note,.hint-container.tip,.hint-container.warning,.hint-container.caution{margin-block:.75rem;padding:.25em 1em;border-radius:.5em;color:inherit;font-size:var(--hint-font-size)}@media print{.hint-container.important,.hint-container.info,.hint-container.note,.hint-container.tip,.hint-container.warning,.hint-container.caution{border-inline-start-width:.25em;border-inline-start-style:solid}}.hint-container.important .hint-container-title,.hint-container.info .hint-container-title,.hint-container.note .hint-container-title,.hint-container.tip .hint-container-title,.hint-container.warning .hint-container-title,.hint-container.caution .hint-container-title{padding-inline-start:1.75em}@media print{.hint-container.important .hint-container-title,.hint-container.info .hint-container-title,.hint-container.note .hint-container-title,.hint-container.tip .hint-container-title,.hint-container.warning .hint-container-title,.hint-container.caution .hint-container-title{padding-inline-start:0}}.hint-container.important .hint-container-title:before,.hint-container.info .hint-container-title:before,.hint-container.note .hint-container-title:before,.hint-container.tip .hint-container-title:before,.hint-container.warning .hint-container-title:before,.hint-container.caution .hint-container-title:before{content:" ";position:absolute;inset-inline-start:0;top:calc(50% - .6125em);width:1.25em;height:1.25em;font-size:1.25em}@media print{.hint-container.important .hint-container-title:before,.hint-container.info .hint-container-title:before,.hint-container.note .hint-container-title:before,.hint-container.tip .hint-container-title:before,.hint-container.warning .hint-container-title:before,.hint-container.caution .hint-container-title:before{display:none}}.hint-container.important p,.hint-container.info p,.hint-container.note p,.hint-container.tip p,.hint-container.warning p,.hint-container.caution p{line-height:1.5}.hint-container.important a,.hint-container.info a,.hint-container.note a,.hint-container.tip a,.hint-container.warning a,.hint-container.caution a{color:var(--vp-c-accent)}.hint-container.important{--hint-c-accent: var(--important-c-accent);--hint-c-title: var(--important-c-text);--hint-c-soft: var(--important-c-soft)}.hint-container.important>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 1024 1024'%3E%3Cpath d='M512 981.333a84.992 84.992 0 0 1-84.907-84.906h169.814A84.992 84.992 0 0 1 512 981.333zm384-128H128v-42.666l85.333-85.334v-256A298.325 298.325 0 0 1 448 177.92V128a64 64 0 0 1 128 0v49.92a298.325 298.325 0 0 1 234.667 291.413v256L896 810.667v42.666zm-426.667-256v85.334h85.334v-85.334h-85.334zm0-256V512h85.334V341.333h-85.334z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 1024 1024'%3E%3Cpath d='M512 981.333a84.992 84.992 0 0 1-84.907-84.906h169.814A84.992 84.992 0 0 1 512 981.333zm384-128H128v-42.666l85.333-85.334v-256A298.325 298.325 0 0 1 448 177.92V128a64 64 0 0 1 128 0v49.92a298.325 298.325 0 0 1 234.667 291.413v256L896 810.667v42.666zm-426.667-256v85.334h85.334v-85.334h-85.334zm0-256V512h85.334V341.333h-85.334z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.info{--hint-c-accent: var(--info-c-accent);--hint-c-title: var(--info-c-text);--hint-c-soft: var(--info-c-soft)}.hint-container.info>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 22C6.477 22 2 17.523 2 12S6.477 2 12 2s10 4.477 10 10-4.477 10-10 10zm-1-11v6h2v-6h-2zm0-4v2h2V7h-2z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 22C6.477 22 2 17.523 2 12S6.477 2 12 2s10 4.477 10 10-4.477 10-10 10zm-1-11v6h2v-6h-2zm0-4v2h2V7h-2z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.note{--hint-c-accent: var(--note-c-accent);--hint-c-title: var(--note-c-text);--hint-c-soft: var(--note-c-soft)}.hint-container.note>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 22C6.477 22 2 17.523 2 12S6.477 2 12 2s10 4.477 10 10-4.477 10-10 10zm-1-11v6h2v-6h-2zm0-4v2h2V7h-2z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 22C6.477 22 2 17.523 2 12S6.477 2 12 2s10 4.477 10 10-4.477 10-10 10zm-1-11v6h2v-6h-2zm0-4v2h2V7h-2z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.tip{--hint-c-accent: var(--tip-c-accent);--hint-c-title: var(--tip-c-text);--hint-c-soft: var(--tip-c-soft)}.hint-container.tip>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M7.941 18c-.297-1.273-1.637-2.314-2.187-3a8 8 0 1 1 12.49.002c-.55.685-1.888 1.726-2.185 2.998H7.94zM16 20v1a2 2 0 0 1-2 2h-4a2 2 0 0 1-2-2v-1h8zm-3-9.995V6l-4.5 6.005H11v4l4.5-6H13z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M7.941 18c-.297-1.273-1.637-2.314-2.187-3a8 8 0 1 1 12.49.002c-.55.685-1.888 1.726-2.185 2.998H7.94zM16 20v1a2 2 0 0 1-2 2h-4a2 2 0 0 1-2-2v-1h8zm-3-9.995V6l-4.5 6.005H11v4l4.5-6H13z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.warning{--hint-c-accent: var(--warning-c-accent);--hint-c-title: var(--warning-c-text);--hint-c-soft: var(--warning-c-soft)}.hint-container.warning>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 1024 1024'%3E%3Cpath d='M576.286 752.57v-95.425q0-7.031-4.771-11.802t-11.3-4.772h-96.43q-6.528 0-11.3 4.772t-4.77 11.802v95.424q0 7.031 4.77 11.803t11.3 4.77h96.43q6.528 0 11.3-4.77t4.77-11.803zm-1.005-187.836 9.04-230.524q0-6.027-5.022-9.543-6.529-5.524-12.053-5.524H456.754q-5.524 0-12.053 5.524-5.022 3.516-5.022 10.547l8.538 229.52q0 5.023 5.022 8.287t12.053 3.265h92.913q7.032 0 11.803-3.265t5.273-8.287zM568.25 95.65l385.714 707.142q17.578 31.641-1.004 63.282-8.538 14.564-23.354 23.102t-31.892 8.538H126.286q-17.076 0-31.892-8.538T71.04 866.074q-18.582-31.641-1.004-63.282L455.75 95.65q8.538-15.57 23.605-24.61T512 62t32.645 9.04 23.605 24.61z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 1024 1024'%3E%3Cpath d='M576.286 752.57v-95.425q0-7.031-4.771-11.802t-11.3-4.772h-96.43q-6.528 0-11.3 4.772t-4.77 11.802v95.424q0 7.031 4.77 11.803t11.3 4.77h96.43q6.528 0 11.3-4.77t4.77-11.803zm-1.005-187.836 9.04-230.524q0-6.027-5.022-9.543-6.529-5.524-12.053-5.524H456.754q-5.524 0-12.053 5.524-5.022 3.516-5.022 10.547l8.538 229.52q0 5.023 5.022 8.287t12.053 3.265h92.913q7.032 0 11.803-3.265t5.273-8.287zM568.25 95.65l385.714 707.142q17.578 31.641-1.004 63.282-8.538 14.564-23.354 23.102t-31.892 8.538H126.286q-17.076 0-31.892-8.538T71.04 866.074q-18.582-31.641-1.004-63.282L455.75 95.65q8.538-15.57 23.605-24.61T512 62t32.645 9.04 23.605 24.61z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.caution{--hint-c-accent: var(--caution-c-accent);--hint-c-title: var(--caution-c-text);--hint-c-soft: var(--caution-c-soft)}.hint-container.caution>.hint-container-title:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 2c5.523 0 10 4.477 10 10v3.764a2 2 0 0 1-1.106 1.789L18 19v1a3 3 0 0 1-2.824 2.995L14.95 23a2.5 2.5 0 0 0 .044-.33L15 22.5V22a2 2 0 0 0-1.85-1.995L13 20h-2a2 2 0 0 0-1.995 1.85L9 22v.5c0 .171.017.339.05.5H9a3 3 0 0 1-3-3v-1l-2.894-1.447A2 2 0 0 1 2 15.763V12C2 6.477 6.477 2 12 2zm-4 9a2 2 0 1 0 0 4 2 2 0 0 0 0-4zm8 0a2 2 0 1 0 0 4 2 2 0 0 0 0-4z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M12 2c5.523 0 10 4.477 10 10v3.764a2 2 0 0 1-1.106 1.789L18 19v1a3 3 0 0 1-2.824 2.995L14.95 23a2.5 2.5 0 0 0 .044-.33L15 22.5V22a2 2 0 0 0-1.85-1.995L13 20h-2a2 2 0 0 0-1.995 1.85L9 22v.5c0 .171.017.339.05.5H9a3 3 0 0 1-3-3v-1l-2.894-1.447A2 2 0 0 1 2 15.763V12C2 6.477 6.477 2 12 2zm-4 9a2 2 0 1 0 0 4 2 2 0 0 0 0-4zm8 0a2 2 0 1 0 0 4 2 2 0 0 0 0-4z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat}.hint-container.details{position:relative;display:block;margin-block:.75rem;padding:1.25rem 1rem;border-radius:.5rem;background:var(--detail-c-bg);transition:background var(--vp-t-transform),color var(--vp-t-transform)}.hint-container.details h4{margin-top:0}.hint-container.details figure:last-child,.hint-container.details p:last-child{margin-bottom:0;padding-bottom:0}.hint-container.details a{color:var(--vp-c-accent)}.hint-container.details :not(pre)>code{background:var(--detail-c-soft)}.hint-container.details summary{position:relative;margin:-1rem;padding-block:1em;padding-inline:3em 1.5em;list-style:none;font-size:var(--hint-font-size);cursor:pointer}.hint-container.details summary::-webkit-details-marker{display:none}.hint-container.details summary::marker{color:#0000;font-size:0}.hint-container.details summary:before{background-color:currentColor;-webkit-mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");mask-image:url("data:image/svg+xml;utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");-webkit-mask-position:50%;mask-position:50%;-webkit-mask-size:1em;mask-size:1em;-webkit-mask-repeat:no-repeat;mask-repeat:no-repeat;content:" ";position:absolute;inset-inline-start:.8em;top:calc(50% - .5em);width:1em;height:1em;font-size:1.25rem;line-height:normal;transition:color,var(--vp-t-color),transform var(--vp-t-transform);transform:rotate(90deg)}.hint-container.details[open]>summary{margin-bottom:.5em}.hint-container.details[open]>summary:before{transform:rotate(180deg)}:root{--hint-font-size: .9rem;--important-c-accent: var(--vp-c-purple-bg);--important-c-text: var(--vp-c-purple-text);--important-c-soft: var(--vp-c-purple-soft);--info-c-accent: var(--vp-c-blue-bg);--info-c-text: var(--vp-c-blue-text);--info-c-soft: var(--vp-c-blue-soft);--note-c-accent: var(--vp-c-grey-bg);--note-c-text: var(--vp-c-grey-text);--note-c-soft: var(--vp-c-grey-soft);--tip-c-accent: var(--vp-c-green-bg);--tip-c-text: var(--vp-c-green-text);--tip-c-soft: var(--vp-c-green-soft);--warning-c-accent: var(--vp-c-yellow-bg);--warning-c-text: var(--vp-c-yellow-text);--warning-c-soft: var(--vp-c-yellow-soft);--caution-c-accent: var(--vp-c-red-bg);--caution-c-text: var(--vp-c-red-text);--caution-c-soft: var(--vp-c-red-soft);--detail-c-bg: var(--vp-c-control);--detail-c-icon: var(--vp-c-border);--detail-c-soft: var(--vp-c-grey-soft)}figure{text-align:center}figure>a[href*="://"]:after,figure>a[target=_blank]:after{display:none!important}figcaption{font-size:.8rem}[data-theme=light] figure:has(img[data-mode=darkmode-only]),[data-theme=light] img[data-mode=darkmode-only]{display:none!important}[data-theme=dark] figure:has(img[data-mode=lightmode-only]),[data-theme=dark] img[data-mode=lightmode-only]{display:none!important}@font-face{font-family:KaTeX_AMS;font-style:normal;font-weight:400;src:url(/assets/KaTeX_AMS-Regular-BQhdFMY1.woff2) format("woff2"),url(/assets/KaTeX_AMS-Regular-DMm9YOAa.woff) format("woff"),url(/assets/KaTeX_AMS-Regular-DRggAlZN.ttf) format("truetype")}@font-face{font-family:KaTeX_Caligraphic;font-style:normal;font-weight:700;src:url(/assets/KaTeX_Caligraphic-Bold-Dq_IR9rO.woff2) format("woff2"),url(/assets/KaTeX_Caligraphic-Bold-BEiXGLvX.woff) format("woff"),url(/assets/KaTeX_Caligraphic-Bold-ATXxdsX0.ttf) format("truetype")}@font-face{font-family:KaTeX_Caligraphic;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Caligraphic-Regular-Di6jR-x-.woff2) format("woff2"),url(/assets/KaTeX_Caligraphic-Regular-CTRA-rTL.woff) format("woff"),url(/assets/KaTeX_Caligraphic-Regular-wX97UBjC.ttf) format("truetype")}@font-face{font-family:KaTeX_Fraktur;font-style:normal;font-weight:700;src:url(/assets/KaTeX_Fraktur-Bold-CL6g_b3V.woff2) format("woff2"),url(/assets/KaTeX_Fraktur-Bold-BsDP51OF.woff) format("woff"),url(/assets/KaTeX_Fraktur-Bold-BdnERNNW.ttf) format("truetype")}@font-face{font-family:KaTeX_Fraktur;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Fraktur-Regular-CTYiF6lA.woff2) format("woff2"),url(/assets/KaTeX_Fraktur-Regular-Dxdc4cR9.woff) format("woff"),url(/assets/KaTeX_Fraktur-Regular-CB_wures.ttf) format("truetype")}@font-face{font-family:KaTeX_Main;font-style:normal;font-weight:700;src:url(/assets/KaTeX_Main-Bold-Cx986IdX.woff2) format("woff2"),url(/assets/KaTeX_Main-Bold-Jm3AIy58.woff) format("woff"),url(/assets/KaTeX_Main-Bold-waoOVXN0.ttf) format("truetype")}@font-face{font-family:KaTeX_Main;font-style:italic;font-weight:700;src:url(/assets/KaTeX_Main-BoldItalic-DxDJ3AOS.woff2) format("woff2"),url(/assets/KaTeX_Main-BoldItalic-SpSLRI95.woff) format("woff"),url(/assets/KaTeX_Main-BoldItalic-DzxPMmG6.ttf) format("truetype")}@font-face{font-family:KaTeX_Main;font-style:italic;font-weight:400;src:url(/assets/KaTeX_Main-Italic-NWA7e6Wa.woff2) format("woff2"),url(/assets/KaTeX_Main-Italic-BMLOBm91.woff) format("woff"),url(/assets/KaTeX_Main-Italic-3WenGoN9.ttf) format("truetype")}@font-face{font-family:KaTeX_Main;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Main-Regular-B22Nviop.woff2) format("woff2"),url(/assets/KaTeX_Main-Regular-Dr94JaBh.woff) format("woff"),url(/assets/KaTeX_Main-Regular-ypZvNtVU.ttf) format("truetype")}@font-face{font-family:KaTeX_Math;font-style:italic;font-weight:700;src:url(/assets/KaTeX_Math-BoldItalic-CZnvNsCZ.woff2) format("woff2"),url(/assets/KaTeX_Math-BoldItalic-iY-2wyZ7.woff) format("woff"),url(/assets/KaTeX_Math-BoldItalic-B3XSjfu4.ttf) format("truetype")}@font-face{font-family:KaTeX_Math;font-style:italic;font-weight:400;src:url(/assets/KaTeX_Math-Italic-t53AETM-.woff2) format("woff2"),url(/assets/KaTeX_Math-Italic-DA0__PXp.woff) format("woff"),url(/assets/KaTeX_Math-Italic-flOr_0UB.ttf) format("truetype")}@font-face{font-family:KaTeX_SansSerif;font-style:normal;font-weight:700;src:url(/assets/KaTeX_SansSerif-Bold-D1sUS0GD.woff2) format("woff2"),url(/assets/KaTeX_SansSerif-Bold-DbIhKOiC.woff) format("woff"),url(/assets/KaTeX_SansSerif-Bold-CFMepnvq.ttf) format("truetype")}@font-face{font-family:KaTeX_SansSerif;font-style:italic;font-weight:400;src:url(/assets/KaTeX_SansSerif-Italic-C3H0VqGB.woff2) format("woff2"),url(/assets/KaTeX_SansSerif-Italic-DN2j7dab.woff) format("woff"),url(/assets/KaTeX_SansSerif-Italic-YYjJ1zSn.ttf) format("truetype")}@font-face{font-family:KaTeX_SansSerif;font-style:normal;font-weight:400;src:url(/assets/KaTeX_SansSerif-Regular-DDBCnlJ7.woff2) format("woff2"),url(/assets/KaTeX_SansSerif-Regular-CS6fqUqJ.woff) format("woff"),url(/assets/KaTeX_SansSerif-Regular-BNo7hRIc.ttf) format("truetype")}@font-face{font-family:KaTeX_Script;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Script-Regular-D3wIWfF6.woff2) format("woff2"),url(/assets/KaTeX_Script-Regular-D5yQViql.woff) format("woff"),url(/assets/KaTeX_Script-Regular-C5JkGWo-.ttf) format("truetype")}@font-face{font-family:KaTeX_Size1;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Size1-Regular-mCD8mA8B.woff2) format("woff2"),url(/assets/KaTeX_Size1-Regular-C195tn64.woff) format("woff"),url(/assets/KaTeX_Size1-Regular-Dbsnue_I.ttf) format("truetype")}@font-face{font-family:KaTeX_Size2;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Size2-Regular-Dy4dx90m.woff2) format("woff2"),url(/assets/KaTeX_Size2-Regular-oD1tc_U0.woff) format("woff"),url(/assets/KaTeX_Size2-Regular-B7gKUWhC.ttf) format("truetype")}@font-face{font-family:KaTeX_Size3;font-style:normal;font-weight:400;src:url(data:font/woff2;base64,d09GMgABAAAAAA4oAA4AAAAAHbQAAA3TAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmAAgRQIDgmcDBEICo1oijYBNgIkA14LMgAEIAWJAAeBHAyBHBvbGiMRdnO0IkRRkiYDgr9KsJ1NUAf2kILNxgUmgqIgq1P89vcbIcmsQbRps3vCcXdYOKSWEPEKgZgQkprQQsxIXUgq0DqpGKmIvrgkeVGtEQD9DzAO29fM9jYhxZEsL2FeURH2JN4MIcTdO049NCVdxQ/w9NrSYFEBKTDKpLKfNkCGDc1RwjZLQcm3vqJ2UW9Xfa3tgAHz6ivp6vgC2yD4/6352ndnN0X0TL7seypkjZlMsjmZnf0Mm5Q+JykRWQBKCVCVPbARPXWyQtb5VgLB6Biq7/Uixcj2WGqdI8tGSgkuRG+t910GKP2D7AQH0DB9FMDW/obJZ8giFI3Wg8Cvevz0M+5m0rTh7XDBlvo9Y4vm13EXmfttwI4mBo1EG15fxJhUiCLbiiyCf/ZA6MFAhg3pGIZGdGIVjtPn6UcMk9A/UUr9PhoNsCENw1APAq0gpH73e+M+0ueyHbabc3vkbcdtzcf/fiy+NxQEjf9ud/ELBHAXJ0nk4z+MXH2Ev/kWyV4k7SkvpPc9Qr38F6RPWnM9cN6DJ0AdD1BhtgABtmoRoFCvPsBAumNm6soZG2Gk5GyVTo2sJncSyp0jQTYoR6WDvTwaaEcHsxHfvuWhHA3a6bN7twRKtcGok6NsCi7jYRrM2jExsUFMxMQYuJbMhuWNOumEJy9hi29Dmg5zMp/A5+hhPG19j1vBrq8JTLr8ki5VLPmG/PynJHVul440bxg5xuymHUFPBshC+nA9I1FmwbRBTNHAcik3Oae0cxKoI3MOriM42UrPe51nsaGxJ+WfXubAsP84aabUlQSJ1IiE0iPETLUU4CATgfXSCSpuRFRmCGbO+wSpAnzaeaCYW1VNEysRtuXCEL1kUFUbbtMv3Tilt/1c11jt3Q5bbMa84cpWipp8Elw3MZhOHsOlwwVUQM3lAR35JiFQbaYCRnMF2lxAWoOg2gyoIV4PouX8HytNIfLhqpJtXB4vjiViUI8IJ7bkC4ikkQvKksnOTKICwnqWSZ9YS5f0WCxmpgjbIq7EJcM4aI2nmhLNY2JIUgOjXZFWBHb+x5oh6cwb0Tv1ackHdKi0I9OO2wE9aogIOn540CCCziyhN+IaejtgAONKznHlHyutPrHGwCx9S6B8kfS4Mfi4Eyv7OU730bT1SCBjt834cXsf43zVjPUqqJjgrjeGnBxSG4aYAKFuVbeCfkDIjAqMb6yLNIbCuvXhMH2/+k2vkNpkORhR59N1CkzoOENvneIosjYmuTxlhUzaGEJQ/iWqx4dmwpmKjrwTiTGTCVozNAYqk/zXOndWxuWSmJkQpJw3pK5KX6QrLt5LATMqpmPAQhkhK6PUjzHUn7E0gHE0kPE0iKkolgkUx9SZmVAdDgpffdyJKg3k7VmzYGCwVXGz/tXmkOIp+vcWs+EMuhhvN0h9uhfzWJziBQmCREGSIFmQIkgVpAnSBRmC//6hkLZwaVhwxlrJSOdqlFtOYxlau9F2QN5Y98xmIAsiM1HVp2VFX+DHHGg6Ecjh3vmqtidX3qHI2qycTk/iwxSt5UzTmEP92ZBnEWTk4Mx8Mpl78ZDokxg/KWb+Q0QkvdKVmq3TMW+RXEgrsziSAfNXFMhDc60N5N9jQzjfO0kBKpUZl0ZmwJ41j/B9Hz6wmRaJB84niNmQrzp9eSlQCDDzazGDdVi3P36VZQ+Jy4f9UBNp+3zTjqI4abaFAm+GShVaXlsGdF3FYzZcDI6cori4kMxUECl9IjJZpzkvitAoxKue+90pDMvcKRxLl53TmOKCmV/xRolNKSqqUxc6LStOETmFOiLZZptlZepcKiAzteG8PEdpnQpbOMNcMsR4RR2Bs0cKFEvSmIjAFcnarqwUL4lDhHmnVkwu1IwshbiCcgvOheZuYyOteufZZwlcTlLgnZ3o/WcYdzZHW/WGaqaVfmTZ1aWCceJjkbZqsfbkOtcFlUZM/jy+hXHDbaUobWqqXaeWobbLO99yG5N3U4wxco0rQGGcOLASFMXeJoham8M+/x6O2WywK2l4HGbq1CoUyC/IZikQhdq3SiuNrvAEj0AVu9x2x3lp/xWzahaxidezFVtdcb5uEnzyl0ZmYiuKI0exvCd4Xc9CV1KB0db00z92wDPde0kukbvZIWN6jUWFTmPIC/Y4UPCm8UfDTFZpZNon1qLFTkBhxzB+FjQRA2Q/YRJT8pQigslMaUpFyAG8TMlXigiqmAZX4xgijKjRlGpLE0GdplRfCaJo0JQaSxNBk6ZmMzcya0FmrcisDdn0Q3HI2sWSppYigmlM1XT/kLQZSNpMJG0WkjYbSZuDpM1F0uYhFc1HxU4m1QJjDK6iL0S5uSj5rgXc3RejEigtcRBtqYPQsiTskmO5vosV+q4VGIKbOkDg0jtRrq+Em1YloaTFar3EGr1EUC8R0kus1Uus00usL97ABr2BjXoDm/QGNhuWtMVBKOwg/i78lT7hBsAvDmwHc/ao3vmUbBmhjeYySZNWvGkfZAgISDSaDo1SVpzGDsAEkF8B+gEapViUoZgUWXcRIGFZNm6gWbAKk0bp0k1MHG9fLYtV4iS2SmLEQFARzRcnf9PUS0LVn05/J9MiRRBU3v2IrvW974v4N00L7ZMk0wXP1409CHo/an8zTRHD3eSJ6m8D4YMkZNl3M79sqeuAsr/m3f+8/yl7A50aiAEJgeBeMWzu7ui9UfUBCe2TIqZIoOd/3/udRBOQidQZUERzb2/VwZN1H/Sju82ew2H2Wfr6qvfVf3hqwDvAIpkQVFy4B9Pe9e4/XvPeceu7h3dvO56iJPf0+A6cqA2ip18ER+iFgggiuOkvj24bby0N9j2UHIkgqIt+sVgfodC4YghLSMjSZbH0VR/6dMDrYJeKHilKTemt6v6kvzvn3/RrdWtr0GoN/xL+Sex/cPYLUpepx9cz/D46UPU5KXgAQa+NDps1v6J3xP1i2HtaDB0M9aX2deA7SYff//+gUCovMmIK/qfsFcOk+4Y5ZN97XlG6zebqtMbKgeRFi51vnxTQYBUik2rS/Cn6PC8ADR8FGxsRPB82dzfND90gIcshOcYUkfjherBz53odpm6TP8txlwOZ71xmfHHOvq053qFF/MRlS3jP0ELudrf2OeN8DHvp6ZceLe8qKYvWz/7yp0u4dKPfli3CYq0O13Ih71mylJ80tOi10On8wi+F4+LWgDPeJ30msSQt9/vkmHq9/Lvo2b461mP801v3W4xTcs6CbvF9UDdrSt+A8OUbpSh55qAUFXWznBBfdeJ8a4d7ugT5tvxUza3h9m4H7ptTqiG4z0g5dc0X29OcGlhpGFMpQo9ytTS+NViZpNdvU4kWx+LKxNY10kQ1yqGXrhe4/1nvP7E+nd5A92TtaRplbHSqoIdOqtRWti+fkB5/n1+/VvCmz12pG1kpQWsfi1ftlBobm0bpngs16CHkbIwdLnParxtTV3QYRlfJ0KFskH7pdN/YDn+yRuSd7sNH3aO0DYPggk6uWuXrfOc+fa3VTxFVvKaNxHsiHmsXyCLIE5yuOeN3/Jdf8HBL/5M6shjyhxHx9BjB1O0+4NLOnjLLSxwO7ukN4jMbOIcD879KLSi6Pk61Oqm2377n8079PXEEQ7cy7OKEC9nbpet118fxweTafpt69x/Bt8UqGzNQt7aelpc44dn5cqhwf71+qKp/Zf/+a0zcizOUWpl/iBcSXip0pplkatCchoH5c5aUM8I7/dWxAej8WicPL1URFZ9BDJelUwEwTkGqUhgSlydVes95YdXvhh9Gfz/aeFWvgVb4tuLbcv4+wLdutVZv/cUonwBD/6eDlE0aSiKK/uoH3+J1wDE/jMVqY2ysGufN84oIXB0sPzy8ollX/LegY74DgJXJR57sn+VGza0x3DnuIgABFM15LmajjjsNlYj+JEZGbuRYcAMOWxFkPN2w6Wd46xo4gVWQR/X4lyI/R6K/YK0110GzudPRW7Y+UOBGTfNNzHeYT0fiH0taunBpq9HEW8OKSaBGj21L0MqenEmNRWBAWDWAk4CpNoEZJ2tTaPFgbQYj8HxtFilErs3BTRwT8uO1NXQaWfIotchmPkAF5mMBAliEmZiOGVgCG9LgRzpscMAOOwowlT3JhusdazXGSC/hxR3UlmWVwWHpOIKheqONvjyhSiTHIkVUco5bnji8m//zL7PKaT1Vl5I6UE609f+gkr6MZKVyKc7zJRmCahLsdlyA5fdQkRSan9LgnnLEyGSkaKJCJog0wAgvepWBt80+1yKln1bMVtCljfNWDueKLsWwaEbBSfSPTEmVRsUcYYMnEjcjeyCZzBXK9E9BYBXLKjOSpUDR+nEV3TFSUdQaz+ot98QxgXwx0GQ+EEUAKB2qZPkQQ0GqFD8UPFMqyaCHM24BZmSGic9EYMagKizOw9Hz50DMrDLrqqLkTAhplMictiCAx5S3BIUQdeJeLnBy2CNtMfz6cV4u8XKoFZQesbf9YZiIERiHjaNodDW6LgcirX/mPnJIkBGDUpTBhSa0EIr38D5hCIszhCM8URGBqImoWjpvpt1ebu/v3Gl3qJfMnNM+9V+kiRFyROTPHQWOcs1dNW94/ukKMPZBvDi55i5CttdeJz84DLngLqjcdwEZ87bFFR8CIG35OAkDVN6VRDZ7aq67NteYqZ2lpT8oYB2CytoBd6VuAx4WgiAsnuj3WohG+LugzXiQRDeM3XYXlULv4dp5VFYC) format("woff2"),url(/assets/KaTeX_Size3-Regular-CTq5MqoE.woff) format("woff"),url(/assets/KaTeX_Size3-Regular-DgpXs0kz.ttf) format("truetype")}@font-face{font-family:KaTeX_Size4;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Size4-Regular-Dl5lxZxV.woff2) format("woff2"),url(/assets/KaTeX_Size4-Regular-BF-4gkZK.woff) format("woff"),url(/assets/KaTeX_Size4-Regular-DWFBv043.ttf) format("truetype")}@font-face{font-family:KaTeX_Typewriter;font-style:normal;font-weight:400;src:url(/assets/KaTeX_Typewriter-Regular-CO6r4hn1.woff2) format("woff2"),url(/assets/KaTeX_Typewriter-Regular-C0xS9mPB.woff) format("woff"),url(/assets/KaTeX_Typewriter-Regular-D3Ib7_Hf.ttf) format("truetype")}.katex{font: 1.21em KaTeX_Main,Times New Roman,serif;line-height:1.2;text-indent:0;text-rendering:auto}.katex *{-ms-high-contrast-adjust:none!important;border-color:currentColor}.katex .katex-version:after{content:"0.16.11"}.katex .katex-mathml{clip:rect(1px,1px,1px,1px);border:0;height:1px;overflow:hidden;padding:0;position:absolute;width:1px}.katex .katex-html>.newline{display:block}.katex .base{position:relative;white-space:nowrap;width:-moz-min-content;width:min-content}.katex .base,.katex .strut{display:inline-block}.katex .textbf{font-weight:700}.katex .textit{font-style:italic}.katex .textrm{font-family:KaTeX_Main}.katex .textsf{font-family:KaTeX_SansSerif}.katex .texttt{font-family:KaTeX_Typewriter}.katex .mathnormal{font-family:KaTeX_Math;font-style:italic}.katex .mathit{font-family:KaTeX_Main;font-style:italic}.katex .mathrm{font-style:normal}.katex .mathbf{font-family:KaTeX_Main;font-weight:700}.katex .boldsymbol{font-family:KaTeX_Math;font-style:italic;font-weight:700}.katex .amsrm,.katex .mathbb,.katex .textbb{font-family:KaTeX_AMS}.katex .mathcal{font-family:KaTeX_Caligraphic}.katex .mathfrak,.katex .textfrak{font-family:KaTeX_Fraktur}.katex .mathboldfrak,.katex .textboldfrak{font-family:KaTeX_Fraktur;font-weight:700}.katex .mathtt{font-family:KaTeX_Typewriter}.katex .mathscr,.katex .textscr{font-family:KaTeX_Script}.katex .mathsf,.katex .textsf{font-family:KaTeX_SansSerif}.katex .mathboldsf,.katex .textboldsf{font-family:KaTeX_SansSerif;font-weight:700}.katex .mathitsf,.katex .textitsf{font-family:KaTeX_SansSerif;font-style:italic}.katex .mainrm{font-family:KaTeX_Main;font-style:normal}.katex .vlist-t{border-collapse:collapse;display:inline-table;table-layout:fixed}.katex .vlist-r{display:table-row}.katex .vlist{display:table-cell;position:relative;vertical-align:bottom}.katex .vlist>span{display:block;height:0;position:relative}.katex .vlist>span>span{display:inline-block}.katex .vlist>span>.pstrut{overflow:hidden;width:0}.katex .vlist-t2{margin-right:-2px}.katex .vlist-s{display:table-cell;font-size:1px;min-width:2px;vertical-align:bottom;width:2px}.katex .vbox{align-items:baseline;display:inline-flex;flex-direction:column}.katex .hbox{width:100%}.katex .hbox,.katex .thinbox{display:inline-flex;flex-direction:row}.katex .thinbox{max-width:0;width:0}.katex .msupsub{text-align:left}.katex .mfrac>span>span{text-align:center}.katex .mfrac .frac-line{border-bottom-style:solid;display:inline-block;width:100%}.katex .hdashline,.katex .hline,.katex .mfrac .frac-line,.katex .overline .overline-line,.katex .rule,.katex .underline .underline-line{min-height:1px}.katex .mspace{display:inline-block}.katex .clap,.katex .llap,.katex .rlap{position:relative;width:0}.katex .clap>.inner,.katex .llap>.inner,.katex .rlap>.inner{position:absolute}.katex .clap>.fix,.katex .llap>.fix,.katex .rlap>.fix{display:inline-block}.katex .llap>.inner{right:0}.katex .clap>.inner,.katex .rlap>.inner{left:0}.katex .clap>.inner>span{margin-left:-50%;margin-right:50%}.katex .rule{border:0 solid;display:inline-block;position:relative}.katex .hline,.katex .overline .overline-line,.katex .underline .underline-line{border-bottom-style:solid;display:inline-block;width:100%}.katex .hdashline{border-bottom-style:dashed;display:inline-block;width:100%}.katex .sqrt>.root{margin-left:.2777777778em;margin-right:-.5555555556em}.katex .fontsize-ensurer.reset-size1.size1,.katex .sizing.reset-size1.size1{font-size:1em}.katex .fontsize-ensurer.reset-size1.size2,.katex .sizing.reset-size1.size2{font-size:1.2em}.katex .fontsize-ensurer.reset-size1.size3,.katex .sizing.reset-size1.size3{font-size:1.4em}.katex .fontsize-ensurer.reset-size1.size4,.katex .sizing.reset-size1.size4{font-size:1.6em}.katex .fontsize-ensurer.reset-size1.size5,.katex .sizing.reset-size1.size5{font-size:1.8em}.katex .fontsize-ensurer.reset-size1.size6,.katex .sizing.reset-size1.size6{font-size:2em}.katex .fontsize-ensurer.reset-size1.size7,.katex .sizing.reset-size1.size7{font-size:2.4em}.katex .fontsize-ensurer.reset-size1.size8,.katex .sizing.reset-size1.size8{font-size:2.88em}.katex .fontsize-ensurer.reset-size1.size9,.katex .sizing.reset-size1.size9{font-size:3.456em}.katex .fontsize-ensurer.reset-size1.size10,.katex .sizing.reset-size1.size10{font-size:4.148em}.katex .fontsize-ensurer.reset-size1.size11,.katex .sizing.reset-size1.size11{font-size:4.976em}.katex .fontsize-ensurer.reset-size2.size1,.katex .sizing.reset-size2.size1{font-size:.8333333333em}.katex .fontsize-ensurer.reset-size2.size2,.katex .sizing.reset-size2.size2{font-size:1em}.katex .fontsize-ensurer.reset-size2.size3,.katex .sizing.reset-size2.size3{font-size:1.1666666667em}.katex .fontsize-ensurer.reset-size2.size4,.katex .sizing.reset-size2.size4{font-size:1.3333333333em}.katex .fontsize-ensurer.reset-size2.size5,.katex .sizing.reset-size2.size5{font-size:1.5em}.katex .fontsize-ensurer.reset-size2.size6,.katex .sizing.reset-size2.size6{font-size:1.6666666667em}.katex .fontsize-ensurer.reset-size2.size7,.katex .sizing.reset-size2.size7{font-size:2em}.katex .fontsize-ensurer.reset-size2.size8,.katex .sizing.reset-size2.size8{font-size:2.4em}.katex .fontsize-ensurer.reset-size2.size9,.katex .sizing.reset-size2.size9{font-size:2.88em}.katex .fontsize-ensurer.reset-size2.size10,.katex .sizing.reset-size2.size10{font-size:3.4566666667em}.katex .fontsize-ensurer.reset-size2.size11,.katex .sizing.reset-size2.size11{font-size:4.1466666667em}.katex .fontsize-ensurer.reset-size3.size1,.katex .sizing.reset-size3.size1{font-size:.7142857143em}.katex .fontsize-ensurer.reset-size3.size2,.katex .sizing.reset-size3.size2{font-size:.8571428571em}.katex .fontsize-ensurer.reset-size3.size3,.katex .sizing.reset-size3.size3{font-size:1em}.katex .fontsize-ensurer.reset-size3.size4,.katex .sizing.reset-size3.size4{font-size:1.1428571429em}.katex .fontsize-ensurer.reset-size3.size5,.katex .sizing.reset-size3.size5{font-size:1.2857142857em}.katex .fontsize-ensurer.reset-size3.size6,.katex .sizing.reset-size3.size6{font-size:1.4285714286em}.katex .fontsize-ensurer.reset-size3.size7,.katex .sizing.reset-size3.size7{font-size:1.7142857143em}.katex .fontsize-ensurer.reset-size3.size8,.katex .sizing.reset-size3.size8{font-size:2.0571428571em}.katex .fontsize-ensurer.reset-size3.size9,.katex .sizing.reset-size3.size9{font-size:2.4685714286em}.katex .fontsize-ensurer.reset-size3.size10,.katex .sizing.reset-size3.size10{font-size:2.9628571429em}.katex .fontsize-ensurer.reset-size3.size11,.katex .sizing.reset-size3.size11{font-size:3.5542857143em}.katex .fontsize-ensurer.reset-size4.size1,.katex .sizing.reset-size4.size1{font-size:.625em}.katex .fontsize-ensurer.reset-size4.size2,.katex .sizing.reset-size4.size2{font-size:.75em}.katex .fontsize-ensurer.reset-size4.size3,.katex .sizing.reset-size4.size3{font-size:.875em}.katex .fontsize-ensurer.reset-size4.size4,.katex .sizing.reset-size4.size4{font-size:1em}.katex .fontsize-ensurer.reset-size4.size5,.katex .sizing.reset-size4.size5{font-size:1.125em}.katex .fontsize-ensurer.reset-size4.size6,.katex .sizing.reset-size4.size6{font-size:1.25em}.katex .fontsize-ensurer.reset-size4.size7,.katex .sizing.reset-size4.size7{font-size:1.5em}.katex .fontsize-ensurer.reset-size4.size8,.katex .sizing.reset-size4.size8{font-size:1.8em}.katex .fontsize-ensurer.reset-size4.size9,.katex .sizing.reset-size4.size9{font-size:2.16em}.katex .fontsize-ensurer.reset-size4.size10,.katex .sizing.reset-size4.size10{font-size:2.5925em}.katex .fontsize-ensurer.reset-size4.size11,.katex .sizing.reset-size4.size11{font-size:3.11em}.katex .fontsize-ensurer.reset-size5.size1,.katex .sizing.reset-size5.size1{font-size:.5555555556em}.katex .fontsize-ensurer.reset-size5.size2,.katex .sizing.reset-size5.size2{font-size:.6666666667em}.katex .fontsize-ensurer.reset-size5.size3,.katex .sizing.reset-size5.size3{font-size:.7777777778em}.katex .fontsize-ensurer.reset-size5.size4,.katex .sizing.reset-size5.size4{font-size:.8888888889em}.katex .fontsize-ensurer.reset-size5.size5,.katex .sizing.reset-size5.size5{font-size:1em}.katex .fontsize-ensurer.reset-size5.size6,.katex .sizing.reset-size5.size6{font-size:1.1111111111em}.katex .fontsize-ensurer.reset-size5.size7,.katex .sizing.reset-size5.size7{font-size:1.3333333333em}.katex .fontsize-ensurer.reset-size5.size8,.katex .sizing.reset-size5.size8{font-size:1.6em}.katex .fontsize-ensurer.reset-size5.size9,.katex .sizing.reset-size5.size9{font-size:1.92em}.katex .fontsize-ensurer.reset-size5.size10,.katex .sizing.reset-size5.size10{font-size:2.3044444444em}.katex .fontsize-ensurer.reset-size5.size11,.katex .sizing.reset-size5.size11{font-size:2.7644444444em}.katex .fontsize-ensurer.reset-size6.size1,.katex .sizing.reset-size6.size1{font-size:.5em}.katex .fontsize-ensurer.reset-size6.size2,.katex .sizing.reset-size6.size2{font-size:.6em}.katex .fontsize-ensurer.reset-size6.size3,.katex .sizing.reset-size6.size3{font-size:.7em}.katex .fontsize-ensurer.reset-size6.size4,.katex .sizing.reset-size6.size4{font-size:.8em}.katex .fontsize-ensurer.reset-size6.size5,.katex .sizing.reset-size6.size5{font-size:.9em}.katex .fontsize-ensurer.reset-size6.size6,.katex .sizing.reset-size6.size6{font-size:1em}.katex .fontsize-ensurer.reset-size6.size7,.katex .sizing.reset-size6.size7{font-size:1.2em}.katex .fontsize-ensurer.reset-size6.size8,.katex .sizing.reset-size6.size8{font-size:1.44em}.katex .fontsize-ensurer.reset-size6.size9,.katex .sizing.reset-size6.size9{font-size:1.728em}.katex .fontsize-ensurer.reset-size6.size10,.katex .sizing.reset-size6.size10{font-size:2.074em}.katex .fontsize-ensurer.reset-size6.size11,.katex .sizing.reset-size6.size11{font-size:2.488em}.katex .fontsize-ensurer.reset-size7.size1,.katex .sizing.reset-size7.size1{font-size:.4166666667em}.katex .fontsize-ensurer.reset-size7.size2,.katex .sizing.reset-size7.size2{font-size:.5em}.katex .fontsize-ensurer.reset-size7.size3,.katex .sizing.reset-size7.size3{font-size:.5833333333em}.katex .fontsize-ensurer.reset-size7.size4,.katex .sizing.reset-size7.size4{font-size:.6666666667em}.katex .fontsize-ensurer.reset-size7.size5,.katex .sizing.reset-size7.size5{font-size:.75em}.katex .fontsize-ensurer.reset-size7.size6,.katex .sizing.reset-size7.size6{font-size:.8333333333em}.katex .fontsize-ensurer.reset-size7.size7,.katex .sizing.reset-size7.size7{font-size:1em}.katex .fontsize-ensurer.reset-size7.size8,.katex .sizing.reset-size7.size8{font-size:1.2em}.katex .fontsize-ensurer.reset-size7.size9,.katex .sizing.reset-size7.size9{font-size:1.44em}.katex .fontsize-ensurer.reset-size7.size10,.katex .sizing.reset-size7.size10{font-size:1.7283333333em}.katex .fontsize-ensurer.reset-size7.size11,.katex .sizing.reset-size7.size11{font-size:2.0733333333em}.katex .fontsize-ensurer.reset-size8.size1,.katex .sizing.reset-size8.size1{font-size:.3472222222em}.katex .fontsize-ensurer.reset-size8.size2,.katex .sizing.reset-size8.size2{font-size:.4166666667em}.katex .fontsize-ensurer.reset-size8.size3,.katex .sizing.reset-size8.size3{font-size:.4861111111em}.katex .fontsize-ensurer.reset-size8.size4,.katex .sizing.reset-size8.size4{font-size:.5555555556em}.katex .fontsize-ensurer.reset-size8.size5,.katex .sizing.reset-size8.size5{font-size:.625em}.katex .fontsize-ensurer.reset-size8.size6,.katex .sizing.reset-size8.size6{font-size:.6944444444em}.katex .fontsize-ensurer.reset-size8.size7,.katex .sizing.reset-size8.size7{font-size:.8333333333em}.katex .fontsize-ensurer.reset-size8.size8,.katex .sizing.reset-size8.size8{font-size:1em}.katex .fontsize-ensurer.reset-size8.size9,.katex .sizing.reset-size8.size9{font-size:1.2em}.katex .fontsize-ensurer.reset-size8.size10,.katex .sizing.reset-size8.size10{font-size:1.4402777778em}.katex .fontsize-ensurer.reset-size8.size11,.katex .sizing.reset-size8.size11{font-size:1.7277777778em}.katex .fontsize-ensurer.reset-size9.size1,.katex .sizing.reset-size9.size1{font-size:.2893518519em}.katex .fontsize-ensurer.reset-size9.size2,.katex .sizing.reset-size9.size2{font-size:.3472222222em}.katex .fontsize-ensurer.reset-size9.size3,.katex .sizing.reset-size9.size3{font-size:.4050925926em}.katex .fontsize-ensurer.reset-size9.size4,.katex .sizing.reset-size9.size4{font-size:.462962963em}.katex .fontsize-ensurer.reset-size9.size5,.katex .sizing.reset-size9.size5{font-size:.5208333333em}.katex .fontsize-ensurer.reset-size9.size6,.katex .sizing.reset-size9.size6{font-size:.5787037037em}.katex .fontsize-ensurer.reset-size9.size7,.katex .sizing.reset-size9.size7{font-size:.6944444444em}.katex .fontsize-ensurer.reset-size9.size8,.katex .sizing.reset-size9.size8{font-size:.8333333333em}.katex .fontsize-ensurer.reset-size9.size9,.katex .sizing.reset-size9.size9{font-size:1em}.katex .fontsize-ensurer.reset-size9.size10,.katex .sizing.reset-size9.size10{font-size:1.2002314815em}.katex .fontsize-ensurer.reset-size9.size11,.katex .sizing.reset-size9.size11{font-size:1.4398148148em}.katex .fontsize-ensurer.reset-size10.size1,.katex .sizing.reset-size10.size1{font-size:.2410800386em}.katex .fontsize-ensurer.reset-size10.size2,.katex .sizing.reset-size10.size2{font-size:.2892960463em}.katex .fontsize-ensurer.reset-size10.size3,.katex .sizing.reset-size10.size3{font-size:.337512054em}.katex .fontsize-ensurer.reset-size10.size4,.katex .sizing.reset-size10.size4{font-size:.3857280617em}.katex .fontsize-ensurer.reset-size10.size5,.katex .sizing.reset-size10.size5{font-size:.4339440694em}.katex .fontsize-ensurer.reset-size10.size6,.katex .sizing.reset-size10.size6{font-size:.4821600771em}.katex .fontsize-ensurer.reset-size10.size7,.katex .sizing.reset-size10.size7{font-size:.5785920926em}.katex .fontsize-ensurer.reset-size10.size8,.katex .sizing.reset-size10.size8{font-size:.6943105111em}.katex .fontsize-ensurer.reset-size10.size9,.katex .sizing.reset-size10.size9{font-size:.8331726133em}.katex .fontsize-ensurer.reset-size10.size10,.katex .sizing.reset-size10.size10{font-size:1em}.katex .fontsize-ensurer.reset-size10.size11,.katex .sizing.reset-size10.size11{font-size:1.1996142719em}.katex .fontsize-ensurer.reset-size11.size1,.katex .sizing.reset-size11.size1{font-size:.2009646302em}.katex .fontsize-ensurer.reset-size11.size2,.katex .sizing.reset-size11.size2{font-size:.2411575563em}.katex .fontsize-ensurer.reset-size11.size3,.katex .sizing.reset-size11.size3{font-size:.2813504823em}.katex .fontsize-ensurer.reset-size11.size4,.katex .sizing.reset-size11.size4{font-size:.3215434084em}.katex .fontsize-ensurer.reset-size11.size5,.katex .sizing.reset-size11.size5{font-size:.3617363344em}.katex .fontsize-ensurer.reset-size11.size6,.katex .sizing.reset-size11.size6{font-size:.4019292605em}.katex .fontsize-ensurer.reset-size11.size7,.katex .sizing.reset-size11.size7{font-size:.4823151125em}.katex .fontsize-ensurer.reset-size11.size8,.katex .sizing.reset-size11.size8{font-size:.578778135em}.katex .fontsize-ensurer.reset-size11.size9,.katex .sizing.reset-size11.size9{font-size:.6945337621em}.katex .fontsize-ensurer.reset-size11.size10,.katex .sizing.reset-size11.size10{font-size:.8336012862em}.katex .fontsize-ensurer.reset-size11.size11,.katex .sizing.reset-size11.size11{font-size:1em}.katex .delimsizing.size1{font-family:KaTeX_Size1}.katex .delimsizing.size2{font-family:KaTeX_Size2}.katex .delimsizing.size3{font-family:KaTeX_Size3}.katex .delimsizing.size4{font-family:KaTeX_Size4}.katex .delimsizing.mult .delim-size1>span{font-family:KaTeX_Size1}.katex .delimsizing.mult .delim-size4>span{font-family:KaTeX_Size4}.katex .nulldelimiter{display:inline-block;width:.12em}.katex .delimcenter,.katex .op-symbol{position:relative}.katex .op-symbol.small-op{font-family:KaTeX_Size1}.katex .op-symbol.large-op{font-family:KaTeX_Size2}.katex .accent>.vlist-t,.katex .op-limits>.vlist-t{text-align:center}.katex .accent .accent-body{position:relative}.katex .accent .accent-body:not(.accent-full){width:0}.katex .overlay{display:block}.katex .mtable .vertical-separator{display:inline-block;min-width:1px}.katex .mtable .arraycolsep{display:inline-block}.katex .mtable .col-align-c>.vlist-t{text-align:center}.katex .mtable .col-align-l>.vlist-t{text-align:left}.katex .mtable .col-align-r>.vlist-t{text-align:right}.katex .svg-align{text-align:left}.katex svg{fill:currentColor;stroke:currentColor;fill-rule:nonzero;fill-opacity:1;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;display:block;height:inherit;position:absolute;width:100%}.katex svg path{stroke:none}.katex img{border-style:none;max-height:none;max-width:none;min-height:0;min-width:0}.katex .stretchy{display:block;overflow:hidden;position:relative;width:100%}.katex .stretchy:after,.katex .stretchy:before{content:""}.katex .hide-tail{overflow:hidden;position:relative;width:100%}.katex .halfarrow-left{left:0;overflow:hidden;position:absolute;width:50.2%}.katex .halfarrow-right{overflow:hidden;position:absolute;right:0;width:50.2%}.katex .brace-left{left:0;overflow:hidden;position:absolute;width:25.1%}.katex .brace-center{left:25%;overflow:hidden;position:absolute;width:50%}.katex .brace-right{overflow:hidden;position:absolute;right:0;width:25.1%}.katex .x-arrow-pad{padding:0 .5em}.katex .cd-arrow-pad{padding:0 .55556em 0 .27778em}.katex .mover,.katex .munder,.katex .x-arrow{text-align:center}.katex .boxpad{padding:0 .3em}.katex .fbox,.katex .fcolorbox{border:.04em solid;box-sizing:border-box}.katex .cancel-pad{padding:0 .2em}.katex .cancel-lap{margin-left:-.2em;margin-right:-.2em}.katex .sout{border-bottom-style:solid;border-bottom-width:.08em}.katex .angl{border-right:.049em solid;border-top:.049em solid;box-sizing:border-box;margin-right:.03889em}.katex .anglpad{padding:0 .03889em}.katex .eqn-num:before{content:"(" counter(katexEqnNo) ")";counter-increment:katexEqnNo}.katex .mml-eqn-num:before{content:"(" counter(mmlEqnNo) ")";counter-increment:mmlEqnNo}.katex .mtr-glue{width:50%}.katex .cd-vert-arrow{display:inline-block;position:relative}.katex .cd-label-left{display:inline-block;position:absolute;right:calc(50% + .3em);text-align:left}.katex .cd-label-right{display:inline-block;left:calc(50% + .3em);position:absolute;text-align:right}.katex-display{display:block;margin:1em 0;text-align:center}.katex-display>.katex{display:block;text-align:center;white-space:nowrap}.katex-display>.katex>.katex-html{display:block;position:relative}.katex-display>.katex>.katex-html>.tag{position:absolute;right:0}.katex-display.leqno>.katex>.katex-html>.tag{left:0;right:auto}.katex-display.fleqn>.katex{padding-left:2em;text-align:left}body{counter-reset:katexEqnNo mmlEqnNo}.katex{direction:ltr}.katex .cjk_fallback{font-size:.83em}.katex-display{overflow:auto hidden;padding-top:.2em;padding-bottom:.2em;-webkit-overflow-scrolling:touch;scrollbar-width:thin}.katex-display::-webkit-scrollbar{height:3px}.katex-error{color:red}.vp-code-tabs-nav{overflow-x:auto;margin:.75rem 0 -.75rem;padding:0;border-radius:6px 6px 0 0;background:var(--code-tabs-c-bg);list-style:none;white-space:nowrap;transition:background var(--vp-t-color)}@media print{.vp-code-tabs-nav{display:none}}@media (max-width: 419px){.vp-code-tabs-nav{margin-inline:-1.5rem;border-radius:0}}.vp-code-tab-nav{position:relative;min-width:3rem;margin:0;padding:6px 12px;border-width:0;border-radius:6px 6px 0 0;background:#0000;color:var(--code-tabs-c-text);font-weight:600;font-size:.875em;line-height:1.4;cursor:pointer;transition:background var(--vp-t-color),color var(--vp-t-color)}.vp-code-tab-nav:hover{background:var(--code-tabs-c-hover)}.vp-code-tab-nav:before,.vp-code-tab-nav:after{content:" ";position:absolute;bottom:0;z-index:1;width:6px;height:6px}.vp-code-tab-nav:before{right:100%}.vp-code-tab-nav:after{left:100%}.vp-code-tab-nav.active{background:var(--code-c-bg)}.vp-code-tab-nav.active:before{background:radial-gradient(12px at left top,transparent 50%,var(--code-c-bg) 50%)}.vp-code-tab-nav.active:after{background:radial-gradient(12px at right top,transparent 50%,var(--code-c-bg) 50%)}.vp-code-tab-nav:first-child:before{display:none}[dir=rtl] .vp-code-tab-nav:first-child:before{display:block}[dir=rtl] .vp-code-tab-nav:first-child:after{display:none}.vp-code-tab{display:none}@media print{.vp-code-tab{display:block}}.vp-code-tab.active{display:block}.vp-code-tab div[class*=language-]{border-top-left-radius:0;border-top-right-radius:0}@media (max-width: 419px){.vp-code-tab div[class*=language-]{margin:.75rem -1.5rem;border-radius:0}}.vp-code-tab div[class*=language-].line-numbers-mode:after{border-top-left-radius:0}.vp-code-tab div[class*=language-] pre{border-top-left-radius:0;border-top-right-radius:0}@media (max-width: 419px){.vp-code-tab div[class*=language-] pre{border-radius:0}}@media print{.vp-code-tab div[class*=language-] code{white-space:pre-wrap}}.vp-code-tab-title{display:none;font-weight:500}@media print{.vp-code-tab-title{display:block}}:root{--code-tabs-c-text: var(--code-c-text);--code-tabs-c-bg: var(--code-c-highlight-bg);--code-tabs-c-hover: var(--code-c-bg);--tab-c-bg: var(--vp-c-bg);--tab-c-nav: var(--vp-c-text);--tab-c-bg-nav: var(--vp-c-grey-bg);--tab-c-bg-nav-hover: var(--vp-c-control-hover)}.footnote-item{margin-top:calc(0rem - var(--header-offset, 3.6rem));padding-top:calc(var(--header-offset, 3.6rem) + .5rem)}.footnote-item>p{margin-bottom:0}.footnote-ref{position:relative}.footnote-anchor{position:absolute;top:calc(-.5rem - var(--header-offset, 3.6rem))}:root{--container-c-bg-header: #eee}[data-theme=dark]{--container-c-bg-header: #333}.vp-container{overflow:hidden;margin:.75rem 0;border:1px solid var(--vp-c-border);border-radius:.5rem}.vp-container-header{position:relative;display:flex;align-items:center;padding:.5rem .75rem;background:var(--container-c-bg-header, #eee);font-weight:500;text-align:start;transition:background var(--vp-t-color),border-color var(--vp-t-color)}.vp-container-title{flex:1;overflow:hidden;font-size:1.25rem;text-overflow:ellipsis;white-space:nowrap}@media print{.vp-playground{display:none!important}}.vp-playground-actions{display:flex;align-items:center}.vp-playground-action{display:inline-flex;margin-inline-start:10px}.vp-playground-action .icon{width:1.5rem;height:1.5rem;fill:var(--vp-c-text-mute)}.vp-playground-action:hover .icon{fill:var(--vp-c-accent-bg)}.vp-playground-container{position:relative;overflow:hidden;background:var(--vp-c-bg);transition:background var(--vp-t-color)}@media print{.vp-playground-container{page-break-inside:avoid}}.vp-playground-container iframe{display:block;resize:vertical;width:100%;height:100%;min-height:400px;border:none}.search-pro-button{border-width:0;background:transparent;display:inline-flex;align-items:center;box-sizing:content-box;height:1.25rem;margin-inline:1rem 0;margin-top:0;margin-bottom:0;padding:.5rem;border:0;border:1px solid var(--vp-c-border);border-radius:1rem;background:var(--vp-c-control);color:var(--vp-c-text);font-weight:500;cursor:pointer;transition:background var(--vp-t-color),color var(--vp-t-color)}@media print{.search-pro-button{display:none}}@media (max-width: 959px){.search-pro-button{border-radius:50%}}.search-pro-button:hover{border:1px solid var(--vp-c-accent-bg);background-color:var(--vp-c-control-hover)}.search-pro-button .search-icon{width:1.25rem;height:1.25rem}.search-pro-placeholder{margin-inline:.25rem;font-size:1rem}@media (max-width: 959px){.search-pro-placeholder{display:none}}.search-pro-key-hints{font-size:.75rem}@media (max-width: 959px){.search-pro-key-hints{display:none}}.search-pro-key{display:inline-block;min-width:1em;margin-inline:.125rem;padding:.25rem;border:1px solid var(--vp-c-border);border-radius:4px;box-shadow:1px 1px 4px 0 var(--vp-c-shadow);line-height:1;letter-spacing:-.1em;transition:background var(--vp-t-color),color var(--vp-t-color),border var(--vp-t-color),box-shadow var(--vp-t-transform)}@keyframes search-pro-fade-in{0%{opacity:.2}to{opacity:1}}.search-pro-modal-wrapper{position:fixed;top:0;right:0;bottom:0;left:0;z-index:997;display:flex;align-items:center;justify-content:center;overflow:auto;cursor:default}.search-pro-mask{position:fixed;top:0;right:0;bottom:0;left:0;z-index:998;-webkit-backdrop-filter:blur(10px);backdrop-filter:blur(10px);animation:.25s search-pro-fade-in}.search-pro-modal{position:absolute;z-index:999;display:flex;flex-flow:column;width:calc(100% - 6rem);max-width:50em;border-radius:10px;background:var(--vp-c-bg);box-shadow:2px 2px 10px 0 var(--vp-c-shadow);transition:background var(--vp-t-color);animation:.15s pwa-opened}@media (max-width: 1280px){.search-pro-modal{animation:.25s pwa-mobile}}@media (max-width: 719px){.search-pro-modal{top:0;right:0;bottom:0;left:0;box-sizing:border-box;width:100%;max-width:unset;padding:env(--safe-area-inset-top) env(--safe-area-inset-right) env(--safe-area-inset-bottom) env(--safe-area-inset-left)}}.search-pro-box{display:flex;margin:1rem}.search-pro-box form{position:relative;display:flex;flex:1}.search-pro-box label{position:absolute;inset-inline-start:.5rem;top:calc(50% - .75rem);color:var(--vp-c-accent)}.search-pro-box label .search-icon{width:1.5rem;height:1.5rem}.search-pro-clear-button{border-width:0;background:transparent;cursor:pointer;position:absolute;inset-inline-end:.75rem;top:calc(50% - 10px);padding:0;color:var(--vp-c-accent-bg)}.search-pro-clear-button:hover{border-radius:50%;background-color:#0000001a}.search-pro-close-button{border-width:0;background:transparent;cursor:pointer;display:none;margin-inline:.5rem -.5rem;padding:.5rem;color:var(--vp-c-text-mute);font-size:1rem}@media (max-width: 719px){.search-pro-close-button{display:block}}.search-pro-input{flex:1;width:0;margin:0;padding-block:.25rem;padding-inline:2.5rem 2rem;border:0;border:2px solid var(--vp-c-accent-bg);border-radius:8px;background:var(--vp-c-bg);color:var(--vp-c-text);outline:none;font-size:1.25rem;line-height:2.5;-webkit-appearance:none;-moz-appearance:none;appearance:none}.search-pro-input::-webkit-search-cancel-button{display:none}.search-pro-suggestions{position:absolute;inset:calc(100% + 4px) 0 auto;z-index:20;overflow:visible;overflow-y:auto;max-height:50vh;margin:0;padding:0;border-radius:.5rem;background-color:var(--vp-c-bg);box-shadow:2px 2px 10px 0 var(--vp-c-shadow);list-style:none;line-height:1.5}.search-pro-suggestion{padding:.25rem 1rem;border-top:1px solid var(--vp-c-border);cursor:pointer}.search-pro-suggestion:first-child{border-top:none}.search-pro-suggestion.active,.search-pro-suggestion:hover{background-color:var(--vp-c-bg-alt)}.search-pro-auto-complete{display:none;float:right;margin:0 .5rem;padding:4px;border:1px solid var(--vp-c-border);border-radius:4px;box-shadow:1px 1px 4px 0 var(--vp-c-shadow);font-size:12px;line-height:1}.search-pro-suggestion.active .search-pro-auto-complete{display:block}.search-pro-result-wrapper{flex-grow:1;overflow-y:auto;min-height:40vh;max-height:calc(80vh - 10rem);padding:0 1rem}@media (max-width: 719px){.search-pro-result-wrapper{min-height:unset;max-height:unset}}.search-pro-result-wrapper.loading,.search-pro-result-wrapper.empty{display:flex;align-items:center;justify-content:center;padding:1.5rem;font-weight:600;font-size:22px;text-align:center}.search-pro-hints{margin-top:1rem;padding:.75rem .5rem;box-shadow:0 -1px 4px 0 var(--vp-c-shadow);line-height:1}.search-pro-hint{display:inline-flex;align-items:center;margin:0 .5rem}.search-pro-hint kbd{margin:0 .5rem;padding:2px;border:1px solid var(--vp-c-border);border-radius:4px;box-shadow:1px 1px 4px 0 var(--vp-c-shadow)}.search-pro-hint kbd+kbd{margin-inline-start:-.25rem}.search-pro-hint svg{display:block;width:15px;height:15px}.redirect-modal-fade-enter-active,.redirect-modal-fade-leave-active{transition:opacity .5s}.redirect-modal-fade-enter,.redirect-modal-fade-leave-to{opacity:0}.redirect-modal-mask{position:fixed;top:0;right:0;bottom:0;left:0;z-index:var(--redirect-z-index);display:flex;align-items:center;justify-content:center;-webkit-backdrop-filter:blur(10px);backdrop-filter:blur(10px)}@media print{.redirect-modal-mask{display:none}}.redirect-modal-wrapper{position:relative;z-index:1500;overflow:hidden;max-width:80vw;padding:1rem 2rem;border-radius:8px;background:var(--redirect-c-bg);box-shadow:0 2px 6px 0 var(--redirect-c-shadow)}.redirect-modal-hint{margin-top:.5rem;color:var(--vp-c-text-mute);font-size:14px;text-align:start}.redirect-modal-hint input[type=checkbox]{position:relative;vertical-align:text-bottom;height:1em;margin-inline-end:18px;cursor:pointer;-webkit-appearance:none;-moz-appearance:none;appearance:none}.redirect-modal-hint input[type=checkbox]:after{content:" ";position:absolute;top:0;display:inline-block;box-sizing:border-box;width:14px;height:14px;padding-inline-start:0;border:1px solid var(--vp-c-border);border-radius:50%;background:var(--vp-c-control);text-align:center;visibility:visible}.redirect-modal-hint input[type=checkbox]:checked:after{content:"";border-color:var(--vp-c-accent-bg);background:var(--vp-c-accent-bg)}.redirect-modal-hint input[type=checkbox]:checked:before{content:"";position:absolute;inset-inline-start:5px;top:2px;z-index:1;width:2px;height:6px;border:solid var(--vp-c-white);border-width:0 2px 2px 0;transform:rotate(45deg)}.redirect-modal-hint label{display:inline-block}.redirect-modal-action{display:block;width:100%;margin:1rem 0;padding:.5rem .75rem;border:none;border-radius:8px;background-color:var(--redirect-c-control);color:inherit;cursor:pointer}.redirect-modal-action:hover{background-color:var(--redirect-c-control-hover)}.redirect-modal-action.primary{background-color:var(--redirect-c-accent-bg);color:var(--redirect-c-accent-text)}.redirect-modal-action.primary:hover{background-color:var(--redirect-c-accent-hover)}:root{--redirect-z-index: 1499;--redirect-c-bg: var(--vp-c-bg-elv);--redirect-c-text: var(--vp-c-text);--redirect-c-accent-bg: var(--vp-c-accent-bg);--redirect-c-accent-hover: var(--vp-c-accent-hover);--redirect-c-accent-text: var(--vp-c-accent-text);--redirect-c-control: var(--vp-c-control);--redirect-c-control-hover: var(--vp-c-control-hover);--redirect-c-shadow: var(--vp-c-shadow)}:root{--balloon-border-radius: 2px;--balloon-color: rgba(16, 16, 16, .95);--balloon-text-color: #fff;--balloon-font-size: 12px;--balloon-move: 4px}button[aria-label][data-balloon-pos]{overflow:visible}[aria-label][data-balloon-pos]{position:relative;cursor:pointer}[aria-label][data-balloon-pos]:after{opacity:0;pointer-events:none;transition:all .18s ease-out .18s;text-indent:0;font-family:-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen,Ubuntu,Cantarell,Open Sans,Helvetica Neue,sans-serif;font-weight:400;font-style:normal;text-shadow:none;font-size:var(--balloon-font-size);background:var(--balloon-color);border-radius:2px;color:var(--balloon-text-color);border-radius:var(--balloon-border-radius);content:attr(aria-label);padding:.5em 1em;position:absolute;white-space:nowrap;z-index:10}[aria-label][data-balloon-pos]:before{width:0;height:0;border:5px solid transparent;border-top-color:var(--balloon-color);opacity:0;pointer-events:none;transition:all .18s ease-out .18s;content:"";position:absolute;z-index:10}[aria-label][data-balloon-pos]:hover:before,[aria-label][data-balloon-pos]:hover:after,[aria-label][data-balloon-pos][data-balloon-visible]:before,[aria-label][data-balloon-pos][data-balloon-visible]:after,[aria-label][data-balloon-pos]:not([data-balloon-nofocus]):focus:before,[aria-label][data-balloon-pos]:not([data-balloon-nofocus]):focus:after{opacity:1;pointer-events:none}[aria-label][data-balloon-pos].font-awesome:after{font-family:FontAwesome,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen,Ubuntu,Cantarell,Open Sans,Helvetica Neue,sans-serif}[aria-label][data-balloon-pos][data-balloon-break]:after{white-space:pre}[aria-label][data-balloon-pos][data-balloon-break][data-balloon-length]:after{white-space:pre-line;word-break:break-word}[aria-label][data-balloon-pos][data-balloon-blunt]:before,[aria-label][data-balloon-pos][data-balloon-blunt]:after{transition:none}[aria-label][data-balloon-pos][data-balloon-pos=up]:hover:after,[aria-label][data-balloon-pos][data-balloon-pos=up][data-balloon-visible]:after,[aria-label][data-balloon-pos][data-balloon-pos=down]:hover:after,[aria-label][data-balloon-pos][data-balloon-pos=down][data-balloon-visible]:after{transform:translate(-50%)}[aria-label][data-balloon-pos][data-balloon-pos=up]:hover:before,[aria-label][data-balloon-pos][data-balloon-pos=up][data-balloon-visible]:before,[aria-label][data-balloon-pos][data-balloon-pos=down]:hover:before,[aria-label][data-balloon-pos][data-balloon-pos=down][data-balloon-visible]:before{transform:translate(-50%)}[aria-label][data-balloon-pos][data-balloon-pos*=-left]:after{left:0}[aria-label][data-balloon-pos][data-balloon-pos*=-left]:before{left:5px}[aria-label][data-balloon-pos][data-balloon-pos*=-right]:after{right:0}[aria-label][data-balloon-pos][data-balloon-pos*=-right]:before{right:5px}[aria-label][data-balloon-pos][data-balloon-po*=-left]:hover:after,[aria-label][data-balloon-pos][data-balloon-po*=-left][data-balloon-visible]:after,[aria-label][data-balloon-pos][data-balloon-pos*=-right]:hover:after,[aria-label][data-balloon-pos][data-balloon-pos*=-right][data-balloon-visible]:after{transform:translate(0)}[aria-label][data-balloon-pos][data-balloon-po*=-left]:hover:before,[aria-label][data-balloon-pos][data-balloon-po*=-left][data-balloon-visible]:before,[aria-label][data-balloon-pos][data-balloon-pos*=-right]:hover:before,[aria-label][data-balloon-pos][data-balloon-pos*=-right][data-balloon-visible]:before{transform:translate(0)}[aria-label][data-balloon-pos][data-balloon-pos^=up]:before,[aria-label][data-balloon-pos][data-balloon-pos^=up]:after{bottom:100%;transform-origin:top;transform:translateY(var(--balloon-move))}[aria-label][data-balloon-pos][data-balloon-pos^=up]:after{margin-bottom:10px}[aria-label][data-balloon-pos][data-balloon-pos=up]:before,[aria-label][data-balloon-pos][data-balloon-pos=up]:after{left:50%;transform:translate(-50%,var(--balloon-move))}[aria-label][data-balloon-pos][data-balloon-pos^=down]:before,[aria-label][data-balloon-pos][data-balloon-pos^=down]:after{top:100%;transform:translateY(calc(var(--balloon-move) * -1))}[aria-label][data-balloon-pos][data-balloon-pos^=down]:after{margin-top:10px}[aria-label][data-balloon-pos][data-balloon-pos^=down]:before{width:0;height:0;border:5px solid transparent;border-bottom-color:var(--balloon-color)}[aria-label][data-balloon-pos][data-balloon-pos=down]:after,[aria-label][data-balloon-pos][data-balloon-pos=down]:before{left:50%;transform:translate(-50%,calc(var(--balloon-move) * -1))}[aria-label][data-balloon-pos][data-balloon-pos=left]:hover:after,[aria-label][data-balloon-pos][data-balloon-pos=left][data-balloon-visible]:after,[aria-label][data-balloon-pos][data-balloon-pos=right]:hover:after,[aria-label][data-balloon-pos][data-balloon-pos=right][data-balloon-visible]:after{transform:translateY(-50%)}[aria-label][data-balloon-pos][data-balloon-pos=left]:hover:before,[aria-label][data-balloon-pos][data-balloon-pos=left][data-balloon-visible]:before,[aria-label][data-balloon-pos][data-balloon-pos=right]:hover:before,[aria-label][data-balloon-pos][data-balloon-pos=right][data-balloon-visible]:before{transform:translateY(-50%)}[aria-label][data-balloon-pos][data-balloon-pos=left]:after,[aria-label][data-balloon-pos][data-balloon-pos=left]:before{right:100%;top:50%;transform:translate(var(--balloon-move),-50%)}[aria-label][data-balloon-pos][data-balloon-pos=left]:after{margin-right:10px}[aria-label][data-balloon-pos][data-balloon-pos=left]:before{width:0;height:0;border:5px solid transparent;border-left-color:var(--balloon-color)}[aria-label][data-balloon-pos][data-balloon-pos=right]:after,[aria-label][data-balloon-pos][data-balloon-pos=right]:before{left:100%;top:50%;transform:translate(calc(var(--balloon-move) * -1),-50%)}[aria-label][data-balloon-pos][data-balloon-pos=right]:after{margin-left:10px}[aria-label][data-balloon-pos][data-balloon-pos=right]:before{width:0;height:0;border:5px solid transparent;border-right-color:var(--balloon-color)}[aria-label][data-balloon-pos][data-balloon-length]:after{white-space:normal}[aria-label][data-balloon-pos][data-balloon-length=small]:after{width:80px}[aria-label][data-balloon-pos][data-balloon-length=medium]:after{width:150px}[aria-label][data-balloon-pos][data-balloon-length=large]:after{width:260px}[aria-label][data-balloon-pos][data-balloon-length=xlarge]:after{width:380px}@media screen and (max-width: 768px){[aria-label][data-balloon-pos][data-balloon-length=xlarge]:after{width:90vw}}[aria-label][data-balloon-pos][data-balloon-length=fit]:after{width:100%}:root{--vp-c-white: #fff;--vp-c-black: #000;--vp-c-grey-text: #656869;--vp-c-grey-hover: #e4e4e9;--vp-c-grey-bg: #ebebef;--vp-c-grey-soft: rgb(142 150 170 / 14%);--vp-c-indigo-text: #3451b2;--vp-c-indigo-hover: #3a5ccc;--vp-c-indigo-bg: #5672cd;--vp-c-indigo-soft: rgb(100 108 255 / 14%);--vp-c-purple-text: #6f42c1;--vp-c-purple-hover: #7e4cc9;--vp-c-purple-bg: #8e5cd9;--vp-c-purple-soft: rgb(159 122 234 / 14%);--vp-c-blue-text: #2888a7;--vp-c-blue-hover: #2d98ba;--vp-c-blue-bg: #2fa1c5;--vp-c-blue-soft: rgb(27 178 229 / 14%);--vp-c-green-text: #18794e;--vp-c-green-hover: #299764;--vp-c-green-bg: #30a46c;--vp-c-green-soft: rgb(16 185 129 / 14%);--vp-c-yellow-text: #915930;--vp-c-yellow-hover: #946300;--vp-c-yellow-bg: #c28100;--vp-c-yellow-soft: rgb(234 179 8 / 14%);--vp-c-red-text: #b8272c;--vp-c-red-hover: #d5393e;--vp-c-red-bg: #e0575b;--vp-c-red-soft: rgb(244 63 94 / 14%)}[data-theme=dark]{--vp-c-white: #000;--vp-c-black: #fff;--vp-c-grey-text: #939499;--vp-c-grey-hover: #414853;--vp-c-grey-bg: #32363f;--vp-c-grey-soft: rgb(101 117 133 / 16%);--vp-c-indigo-text: #a8b1ff;--vp-c-indigo-hover: #5c73e7;--vp-c-indigo-bg: #3e63dd;--vp-c-indigo-soft: rgb(100 108 255 / 16%);--vp-c-blue-text: #c9e8f2;--vp-c-blue-hover: #a6d9ea;--vp-c-blue-bg: #2785a3;--vp-c-blue-soft: rgb(27 178 229 / 16%);--vp-c-purple-text: #c8abfa;--vp-c-purple-hover: #a879e6;--vp-c-purple-bg: #8e5cd9;--vp-c-purple-soft: rgb(159 122 234 / 16%);--vp-c-green-text: #3dd68c;--vp-c-green-hover: #30a46c;--vp-c-green-bg: #298459;--vp-c-green-soft: rgb(16 185 129 / 16%);--vp-c-yellow-text: #f9b44e;--vp-c-yellow-hover: #da8b17;--vp-c-yellow-bg: #a46a0a;--vp-c-yellow-soft: rgb(234 179 8 / 16%);--vp-c-red-text: #f66f81;--vp-c-red-hover: #f14158;--vp-c-red-bg: #b62a3c;--vp-c-red-soft: rgb(244 63 94 / 16%)}[data-theme=dark]{color-scheme:dark}html,body{background:var(--vp-c-bg, #fff);accent-color:var(--vp-c-accent, #299764);transition:background-color var(--vp-t-color)}html{font-size:16px;font-display:optional;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;-webkit-tap-highlight-color:rgba(0,0,0,0);-webkit-text-size-adjust:none;-moz-text-size-adjust:none;text-size-adjust:none}@media print{html{font-size:12pt}}html[data-theme=dark]{color-scheme:dark}body{min-height:100vh;margin:0;padding:0;color:var(--vp-c-text, rgb(60, 60, 67));font-size:1rem;font-synthesis:style}h1,h2,h3,h4,h5,h6{font-weight:600;line-height:1.25;overflow-wrap:break-word}h1:focus-visible,h2:focus-visible,h3:focus-visible,h4:focus-visible,h5:focus-visible,h6:focus-visible{outline:none}h1{font-size:2rem}h2{padding-bottom:.3rem;border-bottom:1px solid var(--vp-c-gutter, #e2e2e3);font-size:1.65rem;transition:border-color var(--vp-t-color)}h3{font-size:1.35rem}h4{font-size:1.15rem}h5{font-size:1.05rem}h6{font-size:1rem}p,ul,ol{line-height:1.6;overflow-wrap:break-word}@media print{p,ul,ol{line-height:1.5}}ul,ol{padding-inline-start:1.2em}a{color:var(--vp-c-accent, #299764);font-weight:500;text-decoration:none;overflow-wrap:break-word}a.header-anchor{position:relative;color:inherit;text-decoration:none}a.header-anchor:before{content:"¶";position:absolute;top:.4167em;left:-.75em;display:none;color:var(--vp-c-accent, #299764);font-size:.75em}[dir=rtl] a.header-anchor:before{right:-.75em}a.header-anchor:hover:before{display:block}a.header-anchor:focus-visible{outline:none}a.header-anchor:focus-visible:before{display:block;outline:auto}strong{font-weight:600}blockquote{margin:1rem 0;padding:.25rem 0 .25rem 1rem;border-inline-start:.2rem solid var(--vp-c-border-hard, #b8b8ba);color:var(--vp-c-text-mute, rgba(60, 60, 67, .78));font-size:1rem;overflow-wrap:break-word;transition:border-color var(--vp-t-color),color var(--vp-t-color)}blockquote>p{margin:0}hr{border:0;border-bottom:1px solid var(--vp-c-gutter, #e2e2e3);transition:border-color var(--vp-t-color)}:not(pre)>code{margin:0;padding:3px 6px;border-radius:4px;background:var(--vp-c-grey-soft, rgba(142, 150, 170, .14));font-size:.875em;overflow-wrap:break-word;transition:background-color var(--vp-t-color),color var(--vp-t-color)}p a code{color:var(--vp-c-accent, #299764);font-weight:400}table code{padding:.1rem .4rem}kbd{display:inline-block;min-width:1em;margin-inline:.125rem;padding:.25em;border:1px solid var(--vp-c-border, #c2c2c4);border-radius:.25em;box-shadow:1px 1px 4px 0 var(--vp-c-shadow, rgba(0, 0, 0, .15));line-height:1;letter-spacing:-.1em;text-align:center}table{display:block;overflow-x:auto;margin:1rem 0;border-collapse:collapse}tbody tr:nth-child(odd){background:var(--vp-c-bg-alt, #f6f8fa);transition:background-color var(--vp-t-color)}th,td{padding:.6em 1em;border:1px solid var(--vp-c-border-hard, #d1d4d7);transition:border-color var(--vp-t-color)}pre{text-align:left;direction:ltr;white-space:pre;word-spacing:normal;word-wrap:normal;word-break:normal;overflow-wrap:unset;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-hyphens:none;hyphens:none}@media print{pre{white-space:pre-wrap}}pre code{padding:0;border-radius:0}@page{margin:2cm;font-size:12pt;size:a4}@media print{*,:after,:before{box-shadow:none!important;text-shadow:none!important}h2,h3,p{orphans:3;widows:3}h2,h3{page-break-after:avoid}a{color:inherit;font-weight:inherit!important;font-size:inherit!important;text-decoration:underline}a.header-anchor{text-decoration:none}abbr[title]:after{content:" (" attr(title) ")"}pre{border:1px solid #eee;white-space:pre-wrap!important}pre>code{white-space:pre-wrap!important}blockquote{border-inline-start:.2rem solid #ddd;color:inherit}blockquote,pre{orphans:5;widows:5}img,tr,canvas{page-break-inside:avoid}}@media (prefers-reduced-motion: reduce){*,:before,:after{background-attachment:initial!important;scroll-behavior:auto!important;transition-delay:0s!important;transition-duration:0s!important;animation-duration:1ms!important;animation-delay:-1ms!important;animation-iteration-count:1!important}}:root{--external-link-icon: url("data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' %3E%3Cpath d='M0 0h24v24H0V0z' fill='none' /%3E%3Cpath d='M9 5v2h6.59L4 18.59 5.41 20 17 8.41V15h2V5H9z' /%3E%3C/svg%3E");--external-link-c-icon: var(--vp-c-text-mute)}#app{--navbar-c-bg: var(--vp-c-bg-elv-soft);--sidebar-c-bg: var(--vp-c-bg-soft);--sidebar-space: var(--sidebar-width);--catalog-header-offset: var(--navbar-height);--message-offset: var(--navbar-height)}@media (max-width: 959px){#app{--navbar-height: var(--navbar-mobile-height);--navbar-padding-y: var(--navbar-mobile-padding-y);--navbar-padding-x: var(--navbar-mobile-padding-x);--sidebar-width: var(--sidebar-mobile-width)}}@media (min-width: 1440px){#app{--sidebar-space: clamp( var(--sidebar-width), max(0px, calc((100vw - var(--content-width)) / 2 - 2rem)) , 100vw )}}@font-face{font-weight:400;font-style:normal;font-family:Crimson;src:url(data:font/truetype;charset=utf-8;base64,AAEAAAANAIAAAwBQRkZUTYr5mwEAAAyMAAAAHEdERUYAKQATAAAMbAAAAB5PUy8yVsJ0MgAAAVgAAABgY21hcBiKDzgAAAHcAAABWGdhc3D//wADAAAMZAAAAAhnbHlmr+DBdQAAA1AAAAdsaGVhZBZwt+8AAADcAAAANmhoZWEFawEuAAABFAAAACRobXR4BksA9gAAAbgAAAAibG9jYQlsC24AAAM0AAAAHG1heHAAEQBZAAABOAAAACBuYW1lLaFDVAAACrwAAAFrcG9zdAC1AHoAAAwoAAAAPAABAAAAAQAAqBd2H18PPPUACwQAAAAAANqqufwAAAAA2qq5/AAb/9wB4QMeAAAACAACAAAAAAAAAAEAAAMs/ywAXAH9AAAAAAHhAAEAAAAAAAAAAAAAAAAAAAAEAAEAAAANAFkAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAH1AZAABQAAApkCzAAAAI8CmQLMAAAB6wAzAQkAAAIABgMAAAAAAAAAAAABEAAAAAAAAAAAAAAAUGZFZADAADAAOQMs/ywAXAMsANQAAAABAAAAAAMYAAAAAAAgAAEBpwAfAAAAAAFVAAAB/QAfAH0ALQA+ABsAPgAyACgAPgAxAAAAAAADAAAAAwAAABwAAQAAAAAAUgADAAEAAAAcAAQANgAAAAQABAABAAAAOf//AAAAL///AAAAAQAEAAAAAAADAAQABQAGAAcACAAJAAoACwAMAAABBgAAAQAAAAAAAAABAgAAAAIAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAwQFBgcICQoLDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYAJgAmAGIAwAEeAZIBzgJAApYC2gNiA7YAAQAf/9wBhwMeABIAAAEGBwYHATAXFjM2NzY3ASYnJjcBgxwLCgH+zgMECxIKCgIBLgEDAwMDHhQFBgP85wMEAQgJBgMOAwMDEwAAAAIAH//9Ad0CkAAQACEAABMWFxYXNjc2NzQnJicGBwYHNyY3NjcWFxYXFAcGByYnJjcfATo6amo7OQE5OmxrOjkBXQIlJEE5IyIBIyJEOSQjAgFOkV5eBAReXoqJXl4EBF5eggJ0UlEDA09Qe3xVVgMDU1OEAAAAAAEAff/9AYACkQA+AAA3FAcGBwYHBiMGFQYXNjc2MzIXFhc2JzQnIicmJyY1JjURNjc2MSYnJicjBgcGBwYVFBUUFxYXNjc2NzIXFhXkAQEEBRgYDAMBBB4ZGhweGxofBAEDDBgZBQQBAQMEAQIDBAIFNTZCAgMDBA0XFw0LBQV3GBMVDAgEBAUKCgUCAQICAQIFCgoFBAQIDBUTGAGnLxkbBAYFAQIZGh4BAgECBQUEAwUHBwEICRYAAAAAAQAtAAAB0QKRADoAADcGFxYXITY3NjcmJyYjIgcGBwYHBisBNjc2NzY3NjUmJyYnBgcGBxQXFhc2NzY3FhcWFxYHBgcGBwYHLgEEAwMBYwURERADBwYFBAMDAg8VEx/LJkBAOhsQDwIxMkxSMjIHCAYGCSYmPTIfHwEBCgoeLkJBQg8EBQQCETAwKQICAgEBBCgUEylJSUYhJicsRDIzAgY1NRoEBQYBEyEhAwEjIjYlJCQtQlBQSAAAAAABAD7/+wG+ApEASgAANwYXFhcWFxYzNjc2NyYnJic2NzY3JicmIwYHBgcUFxYXNjc2NxYXFhcGBwYHBgcUFRQXNjc2NxYXFhcGBwYnIicmJyYnJiciBwYXPwEIBwUaHB0VZU5NBAMvLi8eIB4DAywsKzwrKxgEAwUIHR4wLRscAQMvLz8BAQYKEhEQNSYmAgImJSsWExQPCw0NFREMDQE7DgsLBQwFBgE8PWpMKSoGECQkMkAiIQIdHyUHBwcBCRscAwEbGSpCIyUOAgMCAwwIAwUEAQEoKD9XJSQBBQYODg8PAQ0NFQAAAgAb//oB4QKTACIAJQAANxQXFhchFRQXFjMyNzYjNTM2NzY1NCcmJyMRNCcmIwYHBgcBExEbAgMFASEJCRIdCAkBRgIBAQUEBTwFAwgHCQkG/vjmxgUGBgOwBQIBAwKzAgQDCBAMDQEBlAYGBgEICQf+cwEs/tQAAQA+//sBvgKTAEoAADcGFxYXFhcWMzY3NjcmJyYnIgcGBzY3NjczMjc2NzY3NjU0JyYnBgcGByMGBwYHFBcWMzY3NjMWFxYHBgcGJyInJicmJyYnIgcGFz8BCAcFGhwdFWVOTQQBMjJbFx8gFwoJCQlWKB0dFQ4JCAQDBQMdHSKXCREQEgMCBA4bGhNYJyUBAiYlKxYTFA8LDQ0VEQwNATsOCwsFDAUGATw9akU2NwMFBggrMC8uAgICExcZBgQCAgMBAwQBMVNUWAUFBAYFBAMxMTNZIyQBBQYODg8PAQ0NFQAAAgAy//oBzQKXACAAMwAANxQXFhc2NzY3NicmJyIHBgc2NzY3NCcmJwYHBgcGBwYXNyY3Njc2FxYXFgcGBwYHJicmNzM1NV5aOTsCAioqahoiIRsnWFhFAwIHQ0tMOTAZGQFbBAQaGxkXRB8fAQEfIDE9Hh4E511FRwQDPT1ZPEJBBQwLF4Y9PRMGCwwBEiwsPDZFRkkTHyAbCAcBAjAwREYsLQEFREVQAAAAAAEAKP/7AdUCiwApAAATFhcWMzI3Njc2NzYzIQYHBgcWFxYzMjcBNjc2NzQnJiMiBwYjIQYHBgcoAwYHAwYDAwELEBEdAQUJYWJXAQ8PDgcDAQ4LCQgBAQEEBhUVFv7JBgsNDAH6DQMCAQEFKRITFMjHjQcFBgMCPxYSEwoEAgMBAhkrKiAAAAADAD7/9wG/ApIAKABBAFgAADcGFxYXNjc2NyYnJicmJzQ3Njc2NyYnJiMGBwYHFhcWFxYVFAcGBwYHNyY3Njc2MzIzMhcyFxYXFhcGBwYHIicmNxMmNzY3FhcWFRQHBgcGByIjIicmJyY3PwE1M1ZQODgDAykpMQIBAyYlJQMCMC9HRjExAgIiIiMCAiMvLwNTBBQTKgEBAQECAQIBEjU1CAEdHjMrISICGAMYGSYvGxoTEx8CAQIBBAMfJCQBoU8tLQECMjFPOC4uGwIBAgEWJiU7SCYoAjEwQzopKhMBAgECEykpQAQsIiEbAQEBBywsQjUeHQEiI0QBZSMhIAECJiYvKh8gFAEBAhAfIEYAAAIAMf/6AcsClwAgADMAABMGFxYXMjc2NwYHBgcUFxYXNjc2NzY3NjUmJyYnBgcGBzcmNzY3FhcWFRQHBgcGJyYnJjc0AyopahoiIRsoV1hFAwIHQ0tMODEZGQE2NF5ZOjoBWgMfHzE9Hh4EGhoaF0QeHwUBy0dBQgUMCxeFPj0SBwsLAREsLD01RkVPV0dFBQQ8PU8UPCwtAQVFRUklIRsHCAECMDBPAAAADACWAAEAAAAAAAEABwAQAAEAAAAAAAIABwAoAAEAAAAAAAMABwBAAAEAAAAAAAQABwBYAAEAAAAAAAUAHgCeAAEAAAAAAAYABwDNAAMAAQQJAAEADgAAAAMAAQQJAAIADgAYAAMAAQQJAAMADgAwAAMAAQQJAAQADgBIAAMAAQQJAAUAPABgAAMAAQQJAAYADgC9AEMAcgBpAG0AcwBvAG4AAENyaW1zb24AAEMAcgBpAG0AcwBvAG4AAENyaW1zb24AAEMAcgBpAG0AcwBvAG4AAENyaW1zb24AAEMAcgBpAG0AcwBvAG4AAENyaW1zb24AAFYAZQByAHMAaQBvAG4AIAAxAC4AMAA7ACAARgBvAG4AdABFAGQAaQB0AG8AcgAgACgAdgAxAC4AMAApAABWZXJzaW9uIDEuMDsgRm9udEVkaXRvciAodjEuMCkAAEMAcgBpAG0AcwBvAG4AAENyaW1zb24AAAACAAAAAAAAADIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0AAAABAAIAEwAUABUAFgAXABgAGQAaABsAHAAAAAH//wACAAEAAAAMAAAAFgAAAAIAAQADAAwAAQAEAAAAAgAAAAAAAAABAAAAANWkJwgAAAAA2qq5/AAAAADaqrn8) format("truetype")}:root{color-scheme:light}body{font-family:var(--vp-font)}@media (min-width: 1440px){body{font-size:17px}}h1,h2,h3,h4,h5,h6{font-family:var(--vp-font-heading)}@media (max-width: 419px){h1{font-size:1.9rem}}code{font-family:var(--vp-font-mono)}@media print{@page{--vp-c-bg: #fff !important;--vp-c-text: #000 !important}div[class*=language-]{position:relative!important}}.theme-hope-content:not(.custom)>*:first-child{margin-top:0}.vp-breadcrumb{max-width:var(--content-width, 740px);margin-inline:auto;padding-inline:2.5rem;position:relative;z-index:2;padding-top:1rem;font-size:15px}@media (max-width: 959px){.vp-breadcrumb{padding-inline:1.5rem}}@media print{.vp-breadcrumb{max-width:unset}}@media (max-width: 959px){.vp-breadcrumb{font-size:14px}}@media (max-width: 419px){.vp-breadcrumb{padding-top:.5rem;font-size:12.8px}}@media print{.vp-breadcrumb{display:none}}.vp-breadcrumb .icon{margin-inline-end:.25em;font-size:1em}.vp-breadcrumb img.icon{vertical-align:-.125em;height:1em}.vp-breadcrumb a{display:inline-block;padding:0 .5em}.vp-breadcrumb a:before{position:relative;bottom:.125rem;margin-inline-end:.25em}.vp-breadcrumb a:hover{color:var(--vp-c-accent)}.vp-breadcrumb ol{margin:0;padding-inline-start:0;list-style:none}.vp-breadcrumb li{display:inline-block;line-height:1.5}.vp-breadcrumb li:first-child a{padding-inline-start:0}.vp-breadcrumb li:last-child a{padding-inline-end:0}.vp-breadcrumb li.is-active a{color:var(--vp-c-text-mute);cursor:default;pointer-events:none}.vp-breadcrumb li+li:before{content:"/";color:var(--vp-c-text-mute)}.toggle-sidebar-wrapper{position:fixed;inset-inline-start:var(--sidebar-space);top:var(--navbar-height);bottom:0;z-index:100;display:flex;align-items:center;justify-content:center;font-size:2rem;transition:inset-inline-start var(--vp-t-transform)}@media (max-width: 719px){.toggle-sidebar-wrapper{display:none}}@media (min-width: 1440px){.toggle-sidebar-wrapper{display:none}}@media print{.toggle-sidebar-wrapper{display:none}}.toggle-sidebar-wrapper:hover{background:#7f7f7f0d;cursor:pointer}.toggle-sidebar-wrapper .arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s}[data-theme=dark] .toggle-sidebar-wrapper .arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.toggle-sidebar-wrapper .arrow.down{transform:rotate(180deg)}[dir=rtl] .toggle-sidebar-wrapper .arrow.down{transform:rotate(-180deg)}.toggle-sidebar-wrapper .arrow.end{transform:rotate(90deg)}[dir=rtl] .toggle-sidebar-wrapper .arrow.end,.toggle-sidebar-wrapper .arrow.start{transform:rotate(-90deg)}[dir=rtl] .toggle-sidebar-wrapper .arrow.start{transform:rotate(90deg)}.theme-container{display:flex;flex-flow:column;justify-content:space-between;min-height:100vh}.theme-container .vp-page{padding-top:var(--navbar-height);padding-inline-start:calc(var(--sidebar-space) + 2rem)}@media (max-width: 719px){.theme-container .vp-page{padding-inline:0}}@media (min-width: 1440px){.theme-container .vp-page{padding-inline-end:calc(100vw - var(--content-width) - var(--sidebar-space) - 6rem)}}.theme-container .vp-sidebar{top:var(--navbar-height)}.theme-container.no-navbar .vp-page{padding-top:0}.theme-container.no-navbar .vp-sidebar{top:0}@media (max-width: 719px){.theme-container.no-navbar .vp-sidebar{top:0}}@media (max-width: 719px){.theme-container.hide-navbar .vp-sidebar{top:0}}.theme-container.sidebar-collapsed .vp-page{padding-inline-start:0}.theme-container.sidebar-collapsed .vp-sidebar{box-shadow:none;transform:translate(-100%)}[dir=rtl] .theme-container.sidebar-collapsed .vp-sidebar{transform:translate(100%)}.theme-container.sidebar-collapsed .toggle-sidebar-wrapper{inset-inline-start:0}.theme-container.no-sidebar .vp-page{padding-inline:0}@media (min-width: 1440px){.theme-container.no-sidebar.has-toc .vp-page{padding-inline-end:16rem}}.theme-container.no-sidebar .vp-toggle-sidebar-button,.theme-container.no-sidebar .toggle-sidebar-wrapper,.theme-container.no-sidebar .vp-sidebar{display:none}.theme-container.sidebar-open .vp-sidebar{box-shadow:2px 0 8px var(--vp-c-shadow);transform:translate(0)}.vp-external-link-icon:after{content:"";display:inline-block;flex-shrink:0;width:11px;height:11px;margin-top:-1px;margin-left:4px;background:var(--external-link-c-icon);-webkit-mask-image:var(--external-link-icon);mask-image:var(--external-link-icon)}.external-link-icon .external-link:not(.no-external-link-icon):after{content:"";display:inline-block;flex-shrink:0;width:11px;height:11px;margin-top:-1px;margin-left:4px;background:var(--external-link-c-icon);-webkit-mask-image:var(--external-link-icon);mask-image:var(--external-link-icon)}.external-link-icon .theme-hope-content a[href*="://"]:not(.no-external-link-icon):after,.external-link-icon .theme-hope-content a[target=_blank]:not(.no-external-link-icon):after{content:"";display:inline-block;flex-shrink:0;width:11px;height:11px;margin-top:-1px;margin-left:4px;background:var(--external-link-c-icon);-webkit-mask-image:var(--external-link-icon);mask-image:var(--external-link-icon)}.fade-slide-y-enter-active{transition:all .3s ease!important}.fade-slide-y-leave-active{transition:all .3s cubic-bezier(1,.5,.8,1)!important}.fade-slide-y-enter-from,.fade-slide-y-leave-to{opacity:0;transform:translateY(10px)}.vp-feature-wrapper{position:relative}.vp-feature-bg{position:absolute;top:0;right:0;bottom:0;left:0;z-index:0;background-attachment:fixed;background-position:50%;background-size:cover}.vp-feature-bg.light{display:inline-block}.vp-feature-bg.dark,[data-theme=dark] .vp-feature-bg.light{display:none}[data-theme=dark] .vp-feature-bg.dark{display:inline-block}.vp-feature{position:relative;z-index:1;margin:0 auto;padding:1.5rem 1rem;color:var(--vp-c-text-mute);text-align:center}.vp-feature-bg+.vp-feature{color:#222}[data-theme=dark] .vp-feature-bg+.vp-feature{color:#eee}.vp-feature-bg+.vp-feature .icon{color:inherit}.vp-feature-image{height:10rem;margin:0 auto}@media (max-width: 959px){.vp-feature-image{height:8rem}}.vp-feature-image.light{display:inline-block}.vp-feature-image.dark,[data-theme=dark] .vp-feature-image.light{display:none}[data-theme=dark] .vp-feature-image.dark{display:inline-block}.vp-feature-header{margin-bottom:1.5rem;border-bottom:none;font-size:3rem;font-family:var(--vp-font);text-align:center}@media (max-width: 959px){.vp-feature-header{font-size:2.5rem}}@media (max-width: 719px){.vp-feature-header{font-size:2.25rem}}@media (max-width: 419px){.vp-feature-header{font-size:2rem}}.vp-feature-description{font-size:1.125rem}.vp-features{z-index:1;display:flex;flex-wrap:wrap;place-content:stretch center;align-items:stretch;margin:1rem 0;text-align:start}@media print{.vp-features{display:block}}.vp-features:first-child{border-top:1px solid var(--vp-c-border)}.vp-feature-item{position:relative;display:block;flex-basis:calc(33% - 3rem);margin:.5rem;padding:1rem;border-radius:.5rem;color:inherit;transition:background var(--vp-t-color),box-shadow var(--vp-t-transform),transform var(--vp-t-transform)}@media (min-width: 1440px){.vp-feature-item{flex-basis:calc(25% - 3rem)}}@media (max-width: 959px){.vp-feature-item{flex-basis:calc(50% - 3rem)}}@media (max-width: 719px){.vp-feature-item{flex-basis:100%;font-size:.95rem}}@media (max-width: 419px){.vp-feature-item{margin:.5rem 0;font-size:.9rem}}.vp-feature-item.link{cursor:pointer;transition:transform var(--vp-t-transform)}@media print{.vp-feature-item.link{text-decoration:none}}.vp-feature-item.link:hover{background-color:var(--vp-c-grey-soft)}.vp-feature-bg+.vp-feature .vp-feature-item.link:hover{background-color:transparent;-webkit-backdrop-filter:blur(12px);backdrop-filter:blur(12px)}.vp-feature-item.link:hover:before{content:"➜";display:block;float:right}.vp-feature-item.link:active{transform:scale(.96)}.vp-feature-item .icon{display:inline-block;height:1.1em;margin-inline-end:.5rem;color:var(--vp-c-accent);font-weight:400;font-size:1.1em}.vp-feature-item:only-child{flex-basis:100%}.vp-feature-item:first-child:nth-last-child(2),.vp-feature-item:nth-child(2):last-child{flex-basis:calc(50% - 3rem)}@media (max-width: 719px){.vp-feature-item:first-child:nth-last-child(2),.vp-feature-item:nth-child(2):last-child{flex-basis:100%}}.vp-feature-title{margin:.25rem 0 .5rem;font-weight:700;font-size:1.3rem;font-family:var(--vp-font)}@media (max-width: 419px){.vp-feature-title{font-size:1.2rem}}.vp-feature-details{margin:0;line-height:1.4}.vp-footer-wrapper{position:relative;display:flex;flex-wrap:wrap;align-items:center;justify-content:space-evenly;padding-block:.75rem;padding-inline:calc(var(--sidebar-space) + 2rem) 2rem;border-top:1px solid var(--vp-c-border);background:var(--vp-c-bg);color:var(--vp-c-text-mute);text-align:center;transition:border-top-color var(--vp-t-color),background var(--vp-t-color),padding var(--vp-t-transform)}@media (max-width: 719px){.vp-footer-wrapper{padding-inline-start:2rem}}@media (min-width: 1440px){.vp-footer-wrapper{z-index:50;padding-inline-start:2rem}}@media print{.vp-footer-wrapper{margin:0!important;padding:0!important}}@media (max-width: 419px){.vp-footer-wrapper{display:block}}.no-sidebar .vp-footer-wrapper,.sidebar-collapsed .vp-footer-wrapper{padding-inline-start:2rem}.vp-footer{margin:.5rem 1rem;font-size:14px}@media print{.vp-footer{display:none}}.vp-copyright{margin:6px 0;font-size:13px}.vp-page:not(.not-found)+.vp-footer-wrapper{margin-top:-2rem}.vp-hero-info-wrapper{position:relative;display:flex;align-items:center;justify-content:center;margin-inline:auto}.vp-hero-info-wrapper.fullscreen{height:calc(100vh - var(--navbar-height))!important}.vp-hero-info{z-index:1;width:100%;padding-inline:2.5rem}@media (max-width: 959px){.vp-hero-info{padding-inline:1.5rem}}@media (min-width: 959px){.vp-hero-info{display:flex;align-items:center;justify-content:space-evenly}}.vp-hero-mask{position:absolute;top:0;right:0;bottom:0;left:0;z-index:0;background-position:50%;background-size:cover}.vp-hero-mask:after{content:" ";position:absolute;top:0;right:0;bottom:0;left:0;z-index:1;display:block}.vp-hero-mask.light{display:block}[data-theme=dark] .vp-hero-mask.light,.vp-hero-mask.dark{display:none}[data-theme=dark] .vp-hero-mask.dark{display:block}.vp-hero-infos{z-index:1;margin:0 .5rem}.vp-hero-image{display:block;max-width:100%;max-height:18rem;margin:1rem}@media (max-width: 959px){.vp-hero-image{margin:2rem auto}}@media (max-width: 719px){.vp-hero-image{max-height:16rem;margin:1.5rem auto}}@media (max-width: 419px){.vp-hero-image{max-height:14rem}}.vp-hero-image.light{display:block}[data-theme=dark] .vp-hero-image.light,.vp-hero-image.dark{display:none}[data-theme=dark] .vp-hero-image.dark{display:block}.vp-hero-title{margin:.5rem 0;background:linear-gradient(120deg,var(--vp-c-accent-hover),var(--vp-c-accent) 30%,rgb(78.9346733668,44.8492462312,133.6507537688) 100%);-webkit-background-clip:text;background-clip:text;font-weight:700;font-size:3.6rem;font-family:var(--vp-font);line-height:1.5;-webkit-text-fill-color:transparent}@media (max-width: 719px){.vp-hero-title{margin:0}}@media (max-width: 959px){.vp-hero-title{font-size:2.5rem;text-align:center}}@media (max-width: 719px){.vp-hero-title{font-size:2.25rem;text-align:center}}@media (max-width: 419px){.vp-hero-title{margin:0 auto;font-size:2rem}}.vp-hero-title [data-theme=dark]{background:linear-gradient(120deg,var(--vp-c-accent-hover),var(--vp-c-accent) 30%,rgb(126.9874371859,83.1633165829,197.3366834171) 100%)}#main-description,.vp-hero-actions{margin:1.8rem 0}@media (max-width: 719px){#main-description,.vp-hero-actions{margin:1.5rem 0}}@media (max-width: 959px){#main-description,.vp-hero-actions{margin:1.5rem auto;text-align:center}}@media (max-width: 419px){#main-description,.vp-hero-actions{margin:1.2rem 0}}#main-description{max-width:35rem;color:var(--vp-c-text-mute);font-weight:500;font-size:1.6rem;line-height:1.3}@media (max-width: 719px){#main-description{font-size:1.4rem}}@media (max-width: 419px){#main-description{font-size:1.2rem}}.vp-hero-action{display:inline-block;overflow:hidden;min-width:4rem;margin:.5rem;padding:.5em 1.5rem;border-radius:2rem;background:var(--vp-c-control);color:var(--vp-c-text);font-size:1.2rem;text-align:center;transition:color var(--vp-t-color),color var(--vp-t-color),transform var(--vp-t-transform)}@media (max-width: 719px){.vp-hero-action{padding:.5rem 1rem;font-size:1.1rem}}@media (max-width: 419px){.vp-hero-action{font-size:1rem}}@media print{.vp-hero-action{text-decoration:none}}.vp-hero-action:hover{background:var(--vp-c-control-hover)}.vp-hero-action.primary{border-color:var(--vp-c-accent-bg);background:var(--vp-c-accent-bg);color:var(--vp-c-white)}.vp-hero-action.primary:hover{border-color:var(--vp-c-accent-hover);background:var(--vp-c-accent-hover)}.theme-container:not(.pure) .vp-hero-action:active{transform:scale(.96)}.vp-hero-action .icon{margin-inline-end:.25em}.vp-highlight-wrapper{position:relative;display:flex;align-items:center;justify-content:center}.vp-highlight-wrapper:nth-child(odd) .vp-highlight{flex-flow:row-reverse}.vp-highlight{z-index:1;display:flex;flex:1;align-items:center;justify-content:flex-end;max-width:var(--home-page-width);margin:0 auto;padding:1.5rem 2.5rem}@media (max-width: 719px){.vp-highlight{display:block;padding-inline:1.5rem;text-align:center}}.vp-highlight-bg{position:absolute;top:0;right:0;bottom:0;left:0;z-index:0;background-attachment:fixed;background-position:50%;background-size:cover}.vp-highlight-bg.light{display:inline-block}.vp-highlight-bg.dark,[data-theme=dark] .vp-highlight-bg.light{display:none}[data-theme=dark] .vp-highlight-bg.dark{display:inline-block}.vp-highlight-image{width:12rem;margin:2rem 4rem}@media (max-width: 959px){.vp-highlight-image{width:10rem}}@media (max-width: 719px){.vp-highlight-image{width:8rem;margin:0 auto}}.vp-highlight-image.light{display:inline-block}.vp-highlight-image.dark,[data-theme=dark] .vp-highlight-image.light{display:none}[data-theme=dark] .vp-highlight-image.dark{display:inline-block}.vp-highlight-info-wrapper{display:flex;flex:1;justify-content:center;padding:2rem}@media (max-width: 719px){.vp-highlight-info-wrapper{padding:1rem 0}}.vp-highlight-info-wrapper:only-child{flex:1 0 100%}.vp-highlight-info{text-align:start}.vp-highlight-header{margin-bottom:1.5rem;border-bottom:none;font-size:3rem;font-family:var(--vp-font)}@media (max-width: 959px){.vp-highlight-header{font-size:2.5rem}}@media (max-width: 719px){.vp-highlight-header{font-size:2.25rem;text-align:center}}@media (max-width: 419px){.vp-highlight-header{font-size:2rem}}.vp-highlight-description{font-size:1.125rem}.vp-highlights{margin-inline-start:-1.25em;padding-inline-start:0}.vp-highlights :not(pre)>code{color:var(--vp-c-text)}.vp-highlight-item-wrapper{position:relative;padding:.5em .5em .5em 1.75em;border-radius:.5rem;list-style:none}.vp-highlight-item-wrapper.link{cursor:pointer;transition:transform var(--vp-t-transform)}.vp-highlight-item-wrapper.link:hover{background-color:var(--vp-c-bg-alt)}.vp-highlight-bg+.vp-highlight .vp-highlight-item-wrapper.link:hover{background-color:transparent;-webkit-backdrop-filter:blur(12px);backdrop-filter:blur(12px)}.vp-highlight-item-wrapper.link:hover:before{content:"➜";display:block;float:right}.vp-highlight-item-wrapper.link:active{transform:scale(.96)}.vp-highlight-item-wrapper::marker{font-weight:700}.vp-highlight-item{display:list-item;color:inherit;list-style:initial}@media print{.vp-highlight-item{text-decoration:none}}.vp-highlight-title{margin:0;font-weight:600;font-size:1.125rem;font-family:var(--vp-font)}.vp-highlight-title .icon{margin-inline-end:.25em;font-size:1em}.vp-highlight-title img.icon{vertical-align:-.125em;height:1em}.vp-highlight-details{margin:.5rem 0 0}.vp-project-home{--content-width: var(--home-page-width);display:block;flex:1;padding-top:var(--navbar-height)}@media screen{.vp-project-home .vp-hero-info-wrapper:not(.fullscreen) .vp-hero-info{max-width:var(--home-page-width)}}@media screen{.vp-project-home .vp-feature{max-width:var(--home-page-width)}}.vp-project-home .theme-hope-content{padding-bottom:1.5rem!important}.vp-project-home .theme-hope-content:empty{padding:0!important}.not-found-hint{padding:2rem}.not-found-hint .error-code{margin:0;font-weight:700;font-size:4rem;line-height:4rem}.not-found-hint .error-title{font-weight:700}.not-found-hint .error-hint{margin:0;padding:12px 0;font-weight:600;font-size:20px;line-height:20px;letter-spacing:2px}.vp-page.not-found{display:flex;flex-flow:column;align-items:center;justify-content:center;box-sizing:border-box;width:100vw;max-width:var(--home-page-width);margin:0 auto;padding:calc(var(--navbar-height) + 1rem) 1rem 1rem!important;text-align:center}.vp-page.not-found .action-button{display:inline-block;box-sizing:border-box;margin:.25rem;padding:.75rem 1rem;border-width:0;border-radius:3rem;background:var(--vp-c-accent-bg);color:var(--vp-c-white);outline:none;font-size:1rem;transition:background var(--vp-t-color)}.vp-page.not-found .action-button:hover{background:var(--vp-c-accent-hover);cursor:pointer}.vp-page-nav{display:flex;flex-wrap:wrap;max-width:var(--content-width, 740px);min-height:2rem;margin-inline:auto;margin-top:0;padding-block:.5rem;padding-inline:2rem;border-top:1px solid var(--vp-c-border)}@media (max-width: 959px){.vp-page-nav{padding-inline:1rem}}@media print{.vp-page-nav{display:none}}.vp-page-nav .auto-link{display:inline-block;flex-grow:1;margin:.25rem;padding:.25rem .5rem;border:1px solid var(--vp-c-border);border-radius:.25rem}.vp-page-nav .auto-link:hover{background:var(--vp-c-control)}.vp-page-nav .auto-link .hint{color:var(--vp-c-text-mute);font-size:.875rem;line-height:2}.vp-page-nav .auto-link .arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s;font-size:.75rem}[data-theme=dark] .vp-page-nav .auto-link .arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.vp-page-nav .auto-link .arrow.down{transform:rotate(180deg)}[dir=rtl] .vp-page-nav .auto-link .arrow.down{transform:rotate(-180deg)}.vp-page-nav .auto-link .arrow.end{transform:rotate(90deg)}[dir=rtl] .vp-page-nav .auto-link .arrow.end,.vp-page-nav .auto-link .arrow.start{transform:rotate(-90deg)}[dir=rtl] .vp-page-nav .auto-link .arrow.start{transform:rotate(90deg)}.vp-page-nav .prev{text-align:start}.vp-page-nav .prev .icon{margin-inline-end:.25em;font-size:1em}.vp-page-nav .prev img.icon{vertical-align:-.125em;height:1em}.vp-page-nav .next{text-align:end}.vp-page-nav .next .icon{margin-inline-start:.25em;font-size:1em}.vp-page-nav .next img.icon{vertical-align:-.125em;height:1em}.vp-page-title{max-width:var(--content-width, 740px);margin-inline:auto;padding-inline:2.5rem;position:relative;z-index:1;padding-top:1rem;padding-bottom:0}@media (max-width: 959px){.vp-page-title{padding-inline:1.5rem}}@media print{.vp-page-title{max-width:unset}}@media print{.vp-page-title{padding-inline:0!important}}@media (max-width: 959px){.vp-page-title{padding-top:.5rem}}.vp-page-title h1{margin-top:calc(0px - var(--navbar-height))!important;margin-bottom:1rem;padding-top:var(--navbar-height)!important;font-size:2.2rem}@media (max-width: 959px){.vp-page-title h1{margin-bottom:.5rem}}.vp-page-title h1 .icon{margin-inline-end:.25em;color:var(--vp-c-accent);font-size:.9em}.vp-page-title h1 img.icon{vertical-align:-.125em;height:1em}.theme-hope-content:not(.custom){padding-top:0!important}.theme-hope-content:not(.custom) h1:first-child,.theme-hope-content:not(.custom) h2:first-child,.theme-hope-content:not(.custom) h3:first-child,.theme-hope-content:not(.custom) h4:first-child,.theme-hope-content:not(.custom) h5:first-child,.theme-hope-content:not(.custom) h6:first-child{margin-top:calc(.5rem - var(--navbar-height))!important;padding-top:var(--navbar-height)!important}.theme-hope-content:not(.custom)>h1:first-child{display:none}.vp-page{display:block;flex-grow:1;padding-bottom:2rem;transition:padding var(--vp-t-transform)}@media print{.vp-page{min-height:auto!important;margin:0!important;padding:0!important}}.page-cover{width:var(--content-width);margin-inline:auto}@media (max-width: 719px){.page-cover{width:100%}}.page-cover img{-o-object-fit:cover;object-fit:cover;width:100%;max-height:25vh;border-radius:.5rem}@media (max-width: 719px){.page-cover img{border-radius:0}}[vp-comment]{max-width:var(--content-width, 740px);margin:0 auto;padding:2rem 2.5rem}@media (max-width: 959px){[vp-comment]{padding:1.5rem}}@media (max-width: 419px){[vp-comment]{padding:1rem 1.5rem}}@media print{[vp-comment]{max-width:unset}}@keyframes cursor-blink{0%{opacity:1}50%{opacity:0}to{opacity:1}}.vp-portfolio{position:relative;z-index:1;overflow:hidden;box-sizing:border-box}.vp-portfolio:not(.bg){background:var(--vp-c-accent-soft)}.vp-portfolio:not(.bg):after{content:"";position:absolute;top:-200px;left:-200px;z-index:-1;width:1000px;height:1000px;border-radius:50%;background-color:var(--vp-c-white)}@media (max-width: 959px){.vp-portfolio:not(.bg):after{display:none}}.vp-portfolio-mask{position:absolute;top:0;right:0;bottom:0;left:0}.vp-portfolio-mask:after{content:" ";position:absolute;top:0;right:0;bottom:0;left:0;z-index:1;display:block;background:#888;opacity:.2}.vp-portfolio-mask.light{display:block}[data-theme=dark] .vp-portfolio-mask.light,.vp-portfolio-mask.dark{display:none}[data-theme=dark] .vp-portfolio-mask.dark{display:block}.vp-portfolio-avatar{position:absolute;top:0;bottom:0;left:0;display:flex;align-items:end;justify-content:center;width:50vw;height:100vh;border-radius:10px}@media (min-width: 1440px){.vp-portfolio-avatar{width:60vw}}@media (max-width: 959px){.vp-portfolio-avatar{width:100vw}}.vp-portfolio-avatar img{max-height:93vh}.vp-portfolio-avatar img.light{display:block}[data-theme=dark] .vp-portfolio-avatar img.light,.vp-portfolio-avatar img.dark{display:none}[data-theme=dark] .vp-portfolio-avatar img.dark{display:block}.vp-portfolio-container{position:relative;z-index:1;display:flex;align-items:center;justify-content:flex-end;box-sizing:border-box;min-height:100vh;padding-top:120px;padding-bottom:70px}.vp-portfolio-info{position:relative;flex:0 0 50%;box-sizing:border-box;max-width:50%;padding:0 25px}@media (max-width: 959px){.vp-portfolio-info{position:absolute;right:15px;bottom:15px;left:15px;flex:0 0 100%;max-width:unset;padding:2rem 1.5rem;border-radius:.5rem;background:var(--vp-c-bg-soft);text-align:center}}.vp-portfolio-info .vp-social-medias{justify-content:start}@media (max-width: 959px){.vp-portfolio-info .vp-social-medias{justify-content:center}}.vp-portfolio-welcome{margin:0 0 10px;padding:0;color:var(--vp-c-accent);font-weight:600;font-size:28px}@media (max-width: 959px){.vp-portfolio-welcome{font-size:18px}}.vp-portfolio-name{margin:0 0 10px;padding:0;color:var(--black);font-weight:700;font-size:64px}@media (min-width: 1440px){.vp-portfolio-name{font-size:72px}}@media (max-width: 959px){.vp-portfolio-name{font-size:36px}}.vp-portfolio-title{position:relative;margin:0;padding:0;border-bottom:none;color:var(--vp-c-accent);font-weight:600;font-size:25px}@media (max-width: 959px){.vp-portfolio-title{font-size:18px}}.vp-portfolio-title:after{content:"";display:inline-block;vertical-align:top;width:2px;height:1.3em;background:var(--vp-c-accent-bg);animation-name:cursor-blink;animation-duration:1s;animation-iteration-count:infinite}.vp-portfolio-medias{display:flex;flex-wrap:wrap;justify-content:center;padding-top:20px}@media (min-width: 959px){.vp-portfolio-medias{justify-content:flex-start}}.vp-portfolio-media{display:inline-flex;align-items:center;justify-content:center;width:2rem;height:2rem;border-radius:50%;background:var(--vp-c-accent-bg);color:var(--vp-c-white);transition:ease all .35s}.vp-portfolio-media:hover{background-color:var(--vp-c-accent-hover);cursor:pointer}.vp-portfolio-media:after{--balloon-font-size: 10px;padding:.2em .4em!important}.vp-portfolio-media+a{margin-left:5px}.theme-hope-content.vp-portfolio-content{--content-width: min(84%, 1200px);--header-underline: rgba(44.8492462312, 99.5653266332, 133.6507537688, .4);display:flex;flex-flow:column;align-items:center}@media (min-width: 1280px){.theme-hope-content.vp-portfolio-content{font-size:18px}}@media (max-width: 419px){.theme-hope-content.vp-portfolio-content{font-size:14px}}[data-theme=dark] .theme-hope-content.vp-portfolio-content{--header-underline: rgba(83.1633165829, 153.5125628141, 197.3366834171, .4)}.theme-hope-content.vp-portfolio-content>h2,.theme-hope-content.vp-portfolio-content>h3,.theme-hope-content.vp-portfolio-content>h4,.theme-hope-content.vp-portfolio-content>h5,.theme-hope-content.vp-portfolio-content>h6{margin-bottom:1rem;border-bottom:none;text-align:center}.theme-hope-content.vp-portfolio-content>h2{font-size:2.5rem}@media (max-width: 419px){.theme-hope-content.vp-portfolio-content>h2{font-size:2rem}}.theme-hope-content.vp-portfolio-content>h3{font-size:2rem}@media (max-width: 419px){.theme-hope-content.vp-portfolio-content>h3{font-size:1.75rem}}.theme-hope-content.vp-portfolio-content>p{align-self:stretch}.theme-hope-content.vp-portfolio-content .header-anchor>span{background:linear-gradient(var(--header-underline),var(--header-underline)) no-repeat;background-position:-.1em calc(100% - .05em);background-size:calc(100% + .1em) .2em;text-shadow:.05em 0 var(--vp-c-bg),-.05em 0 var(--vp-c-bg)}.theme-hope-content.vp-portfolio-content .header-anchor>span:before,.theme-hope-content.vp-portfolio-content .header-anchor>span:after{content:"";position:relative;bottom:.05em;display:inline-block;vertical-align:text-bottom;width:.1em;height:.2em;background-color:var(--header-underline)}.theme-hope-content.vp-portfolio-content .header-anchor>span:before{left:-.1em;border-radius:.2em 0 0 .2em}.theme-hope-content.vp-portfolio-content .header-anchor>span:after{right:-.1em;border-radius:0 .2em .2em 0}.vp-skip-link{inset-inline-start:.25rem;top:.25rem;z-index:999;padding:.65rem 1.5rem;border-radius:.5rem;background:var(--vp-c-bg);color:var(--vp-c-accent);box-shadow:var(--vp-c-shadow);font-weight:700;font-size:.9em;text-decoration:none}@media print{.vp-skip-link{display:none}}.vp-skip-link:focus{clip-path:none;clip:auto;width:auto;height:auto}div[class*=language-]{margin:.75rem 0;transition:background-color var(--vp-t-color),color var(--vp-t-color)}@media (max-width: 419px){.theme-hope-content>div[class*=language-]{--code-border-radius: 0;margin:.75rem -1.5rem}}@media print{div[class*=language-] pre code{padding:.5rem}}div[class*=language-] .line.diff,div[class*=language-] .line.highlighted{transition:background-color var(--vp-t-color)}:root{--code-c-text: #383a42;--code-c-bg: #ecf4fa;--code-c-highlight-bg: rgb(215.75625, 233.00625, 245.94375);--code-c-line-number: rgba(56, 58, 66, .67)}[data-theme=dark]{--code-c-text: #abb2bf;--code-c-bg: #282c34;--code-c-highlight-bg: rgb(46.6326086957, 53.1775362319, 66.2673913043);--code-c-line-number: rgba(171, 178, 191, .67)}.sr-only{position:absolute;overflow:hidden;clip:rect(0,0,0,0);width:1px;height:1px;margin:-1px;padding:0;border-width:0;white-space:nowrap;-webkit-user-select:none;-moz-user-select:none;user-select:none}@media print{.theme-hope-content{margin:0!important;padding-inline:0!important}}.theme-hope-content.custom{margin:0;padding:0}.theme-hope-content:not(.custom){max-width:var(--content-width, 740px);margin:0 auto;padding:2rem 2.5rem;padding-top:0}@media (max-width: 959px){.theme-hope-content:not(.custom){padding:1.5rem}}@media (max-width: 419px){.theme-hope-content:not(.custom){padding:1rem 1.5rem}}@media print{.theme-hope-content:not(.custom){max-width:unset}}.theme-hope-content:not(.custom)>h1,.theme-hope-content:not(.custom)>h2,.theme-hope-content:not(.custom)>h3,.theme-hope-content:not(.custom)>h4,.theme-hope-content:not(.custom)>h5,.theme-hope-content:not(.custom)>h6{margin-top:calc(.5rem - var(--navbar-height));margin-bottom:.5rem;padding-top:calc(1rem + var(--navbar-height));outline:none}.theme-container.no-navbar .theme-hope-content:not(.custom)>h1,.theme-container.no-navbar .theme-hope-content:not(.custom)>h2,.theme-container.no-navbar .theme-hope-content:not(.custom)>h3,.theme-container.no-navbar .theme-hope-content:not(.custom)>h4,.theme-container.no-navbar .theme-hope-content:not(.custom)>h5,.theme-container.no-navbar .theme-hope-content:not(.custom)>h6{margin-top:1.5rem;padding-top:0}.theme-hope-content:not(.custom)>p,.theme-hope-content:not(.custom)>ul p,.theme-hope-content:not(.custom)>ol p{text-align:justify;overflow-wrap:break-word;-webkit-hyphens:auto;hyphens:auto}@media (max-width: 419px){.theme-hope-content:not(.custom)>p,.theme-hope-content:not(.custom)>ul p,.theme-hope-content:not(.custom)>ol p{text-align:start}}@media print{.theme-hope-content:not(.custom)>p,.theme-hope-content:not(.custom)>ul p,.theme-hope-content:not(.custom)>ol p{text-align:start}}.theme-hope-content a:not(.header-anchor):hover{text-decoration:underline}.theme-hope-content img{max-width:100%}.theme-hope-content table img{max-width:unset}::view-transition-old(root),::view-transition-new(root){mix-blend-mode:normal;animation:none}[data-theme=light]::view-transition-old(root),[data-theme=dark]::view-transition-new(root){z-index:1}[data-theme=light]::view-transition-new(root),[data-theme=dark]::view-transition-old(root){z-index:99999}#docsearch-container{min-width:145.7px!important}@media (max-width: 959px){#docsearch-container{min-width:36px!important}}.DocSearch.DocSearch-Button{margin-left:0}@media (max-width: 959px){.DocSearch.DocSearch-Button{min-width:36px!important}}.DocSearch .DocSearch-Button-Placeholder{display:inline-block;padding:4px 12px 4px 6px;font-size:14px}@media (max-width: 719px){.DocSearch .DocSearch-Button-Placeholder{display:none}}.DocSearch .DocSearch-Search-Icon{width:1.25em;height:1.25em}@media (max-width: 959px){.DocSearch .DocSearch-Button-Keys{display:none}}.DocSearch .DocSearch-Button-Key{background:var(--vp-c-bg);box-shadow:none}@media (max-width: 419px){.hint-container{margin-inline:-.75rem}}:root{scrollbar-width:thin}@media (prefers-reduced-motion: no-preference){:root{scroll-behavior:smooth}}::-webkit-scrollbar{width:6px;height:6px}::-webkit-scrollbar-track-piece{border-radius:6px;background:#0000001a}::-webkit-scrollbar-thumb{border-radius:6px;background:var(--vp-c-accent-bg)}::-webkit-scrollbar-thumb:active{background:var(--vp-c-accent-hover)}@media (max-width: 719px){.hide-in-mobile{display:none!important}}@media (max-width: 959px){.hide-in-pad{display:none!important}}.page-author-item{display:inline-block;margin:0 4px;font-weight:400;overflow-wrap:break-word}.page-category-info{flex-wrap:wrap}.page-category-item{display:inline-block;margin:.125em .25em;padding:0 .25em;border-radius:.25em;background:var(--vp-c-grey-soft);color:var(--vp-c-text-mute);font-weight:700;font-size:.75rem;line-height:2;transition:background var(--vp-t-color),color var(--vp-t-color)}@media print{.page-category-item{padding:0;font-weight:400}.page-category-item:after{content:", "}.page-category-item:last-of-type:after{content:""}}.page-category-item.clickable{cursor:pointer}.page-category-item.clickable:not([class*=color]):hover{color:var(--vp-c-accent-hover)}.page-category-item.color0{background:#fde5e7;color:#ec2f3e}[data-theme=dark] .page-category-item.color0{background:#340509;color:#ba111f}.page-category-item.color0.clickable:hover{background:#f9bec3}[data-theme=dark] .page-category-item.color0.clickable:hover{background:#53080e}.page-category-item.color1{background:#ffeee8;color:#fb7649}[data-theme=dark] .page-category-item.color1{background:#441201;color:#f54205}.page-category-item.color1.clickable:hover{background:#fed4c6}[data-theme=dark] .page-category-item.color1.clickable:hover{background:#6d1d02}.page-category-item.color2{background:#fef5e7;color:#f5b041}[data-theme=dark] .page-category-item.color2{background:#3e2703;color:#e08e0b}.page-category-item.color2.clickable:hover{background:#fce6c4}[data-theme=dark] .page-category-item.color2.clickable:hover{background:#633f05}.page-category-item.color3{background:#eafaf1;color:#55d98d}[data-theme=dark] .page-category-item.color3{background:#0c331c;color:#29b866}.page-category-item.color3.clickable:hover{background:#caf3db}[data-theme=dark] .page-category-item.color3.clickable:hover{background:#12522d}.page-category-item.color4{background:#e6f9ee;color:#36d278}[data-theme=dark] .page-category-item.color4{background:#092917;color:#219552}.page-category-item.color4.clickable:hover{background:#c0f1d5}[data-theme=dark] .page-category-item.color4.clickable:hover{background:#0f4224}.page-category-item.color5{background:#e1fcfc;color:#16e1e1}[data-theme=dark] .page-category-item.color5{background:#042929;color:#0e9595}.page-category-item.color5.clickable:hover{background:#b4f8f8}[data-theme=dark] .page-category-item.color5.clickable:hover{background:#064242}.page-category-item.color6{background:#e4f0fe;color:#2589f6}[data-theme=dark] .page-category-item.color6{background:#021b36;color:#0862c3}.page-category-item.color6.clickable:hover{background:#bbdafc}[data-theme=dark] .page-category-item.color6.clickable:hover{background:#042c57}.page-category-item.color7{background:#f7f1fd;color:#bb8ced}[data-theme=dark] .page-category-item.color7{background:#2a0b4b;color:#9851e4}.page-category-item.color7.clickable:hover{background:#eadbfa}[data-theme=dark] .page-category-item.color7.clickable:hover{background:#431277}.page-category-item.color8{background:#fdeaf5;color:#ef59ab}[data-theme=dark] .page-category-item.color8{background:#400626;color:#e81689}.page-category-item.color8.clickable:hover{background:#facbe5}[data-theme=dark] .page-category-item.color8.clickable:hover{background:#670a3d}.page-original-info{position:relative;display:inline-block;vertical-align:middle;overflow:hidden;padding:0 .5em;border:.5px solid var(--vp-c-border-hard);border-radius:.75em;background:var(--vp-c-bg);font-size:.75em;line-height:1.5!important}.page-info{display:flex;flex-wrap:wrap;place-content:stretch flex-start;align-items:center;color:var(--vp-c-text-mute);font-size:14px}@media print{.page-info{display:flex!important}}.page-info>span{display:flex;align-items:center;max-width:100%;margin-inline-end:.5em;line-height:2}@media (min-width: 1440px){.page-info>span{font-size:1.1em}}@media (max-width: 419px){.page-info>span{margin-inline-end:.3em;font-size:.875em}}@media print{.page-info>span{display:flex!important}}.page-info .icon{position:relative;display:inline-block;vertical-align:middle;width:1em;height:1em;margin-inline-end:.25em}.page-info a{color:inherit}.page-info a:hover,.page-info a:active{color:var(--vp-c-accent)}.vp-page-meta{max-width:var(--content-width, 740px);margin-inline:auto;padding-inline:2.5rem;display:flex;flex-wrap:wrap;justify-content:space-between;overflow:auto;padding-top:.75rem;padding-bottom:.75rem}@media (max-width: 959px){.vp-page-meta{padding-inline:1.5rem}}@media print{.vp-page-meta{max-width:unset}}@media print{.vp-page-meta{margin:0!important;padding-inline:0!important}}@media (max-width: 719px){.vp-page-meta{display:block}}.vp-page-meta .vp-meta-item{flex-grow:1}.vp-page-meta .vp-meta-item .vp-meta-label{font-weight:500}.vp-page-meta .vp-meta-item .vp-meta-label:not(a){color:var(--vp-c-text)}.vp-page-meta .vp-meta-item .vp-meta-info{color:var(--vp-c-text-mute);font-weight:400}.vp-page-meta .git-info{text-align:end}.vp-page-meta .edit-link{margin-top:.25rem;margin-bottom:.25rem;margin-inline-end:.5rem;font-size:14px}@media print{.vp-page-meta .edit-link{display:none}}.vp-page-meta .edit-link .icon{position:relative;bottom:-.125em;width:1em;height:1em;margin-inline-end:.25em}.vp-page-meta .update-time,.vp-page-meta .contributors{margin-top:.25rem;margin-bottom:.25rem;font-size:14px}@media (max-width: 719px){.vp-page-meta .update-time,.vp-page-meta .contributors{font-size:13px;text-align:start}}.print-button{border-width:0;background:transparent;cursor:pointer;box-sizing:content-box;width:1rem;height:1rem;padding:.5rem;border-radius:.25em;color:inherit;font-size:1rem;transform:translateY(.25rem)}@media print{.print-button{display:none}}.page-tag-info{flex-wrap:wrap}.page-tag-item{position:relative;display:inline-block;vertical-align:middle;overflow:hidden;min-width:1.5rem;margin:.125rem;padding:.125rem .25rem .125rem .625rem;background:var(--vp-c-grey-soft);background:linear-gradient(135deg,transparent .75em,var(--vp-c-grey-soft) 0) top,linear-gradient(45deg,transparent .75em,var(--vp-c-grey-soft) 0) bottom;background-size:100% 52%!important;background-repeat:no-repeat!important;color:var(--vp-c-text-mute);font-weight:700;font-size:.625rem;line-height:1.5;text-align:center;transition:background var(--vp-t-color),color var(--vp-t-color)}@media print{.page-tag-item{padding:0;font-weight:400}.page-tag-item:after{content:", "}.page-tag-item:last-of-type:after{content:""}}.page-tag-item.clickable{cursor:pointer}.page-tag-item.clickable:not([class*=color]):hover{color:var(--vp-c-accent)}.page-tag-item.color0{background:#fde5e7;background:linear-gradient(135deg,transparent .75em,rgb(252.6123893805,228.9876106195,230.8725663717) 0) top,linear-gradient(45deg,transparent .75em,rgb(252.6123893805,228.9876106195,230.8725663717) 0) bottom;color:#ec2f3e}[data-theme=dark] .page-tag-item.color0{background:#340509;background:linear-gradient(135deg,transparent .75em,rgb(51.75,4.75,8.5) 0) top,linear-gradient(45deg,transparent .75em,rgb(51.75,4.75,8.5) 0) bottom;color:#ba111f}.page-tag-item.color0.clickable:hover{background:#f9bec3;background:linear-gradient(135deg,transparent .75em,rgb(249.0309734513,189.9690265487,194.6814159292) 0) top,linear-gradient(45deg,transparent .75em,rgb(249.0309734513,189.9690265487,194.6814159292) 0) bottom}[data-theme=dark] .page-tag-item.color0.clickable:hover{background:#53080e;background:linear-gradient(135deg,transparent .75em,rgb(82.8,7.6,13.6) 0) top,linear-gradient(45deg,transparent .75em,rgb(82.8,7.6,13.6) 0) bottom}.page-tag-item.color1{background:#ffeee8;background:linear-gradient(135deg,transparent .75em,rgb(254.5,237.9,232.3) 0) top,linear-gradient(45deg,transparent .75em,rgb(254.5,237.9,232.3) 0) bottom;color:#fb7649}[data-theme=dark] .page-tag-item.color1{background:#441201;background:linear-gradient(135deg,transparent .75em,rgb(68.0021551724,18.2737068966,1.4978448276) 0) top,linear-gradient(45deg,transparent .75em,rgb(68.0021551724,18.2737068966,1.4978448276) 0) bottom;color:#f54205}.page-tag-item.color1.clickable:hover{background:#fed4c6;background:linear-gradient(135deg,transparent .75em,rgb(253.75,212.25,198.25) 0) top,linear-gradient(45deg,transparent .75em,rgb(253.75,212.25,198.25) 0) bottom}[data-theme=dark] .page-tag-item.color1.clickable:hover{background:#6d1d02;background:linear-gradient(135deg,transparent .75em,rgb(108.8034482759,29.2379310345,2.3965517241) 0) top,linear-gradient(45deg,transparent .75em,rgb(108.8034482759,29.2379310345,2.3965517241) 0) bottom}.page-tag-item.color2{background:#fef5e7;background:linear-gradient(135deg,transparent .75em,rgb(253.8,245.1,231.3) 0) top,linear-gradient(45deg,transparent .75em,rgb(253.8,245.1,231.3) 0) bottom;color:#f5b041}[data-theme=dark] .page-tag-item.color2{background:#3e2703;background:linear-gradient(135deg,transparent .75em,rgb(62.1054216867,39.3072289157,3.1445783133) 0) top,linear-gradient(45deg,transparent .75em,rgb(62.1054216867,39.3072289157,3.1445783133) 0) bottom;color:#e08e0b}.page-tag-item.color2.clickable:hover{background:#fce6c4;background:linear-gradient(135deg,transparent .75em,rgb(252,230.25,195.75) 0) top,linear-gradient(45deg,transparent .75em,rgb(252,230.25,195.75) 0) bottom}[data-theme=dark] .page-tag-item.color2.clickable:hover{background:#633f05;background:linear-gradient(135deg,transparent .75em,rgb(99.3686746988,62.8915662651,5.0313253012) 0) top,linear-gradient(45deg,transparent .75em,rgb(99.3686746988,62.8915662651,5.0313253012) 0) bottom}.page-tag-item.color3{background:#eafaf1;background:linear-gradient(135deg,transparent .75em,rgb(233.784,250.216,240.752) 0) top,linear-gradient(45deg,transparent .75em,rgb(233.784,250.216,240.752) 0) bottom;color:#55d98d}[data-theme=dark] .page-tag-item.color3{background:#0c331c;background:linear-gradient(135deg,transparent .75em,rgb(11.5,51,28.25) 0) top,linear-gradient(45deg,transparent .75em,rgb(11.5,51,28.25) 0) bottom;color:#29b866}.page-tag-item.color3.clickable:hover{background:#caf3db;background:linear-gradient(135deg,transparent .75em,rgb(201.96,243.04,219.38) 0) top,linear-gradient(45deg,transparent .75em,rgb(201.96,243.04,219.38) 0) bottom}[data-theme=dark] .page-tag-item.color3.clickable:hover{background:#12522d;background:linear-gradient(135deg,transparent .75em,rgb(18.4,81.6,45.2) 0) top,linear-gradient(45deg,transparent .75em,rgb(18.4,81.6,45.2) 0) bottom}.page-tag-item.color4{background:#e6f9ee;background:linear-gradient(135deg,transparent .75em,rgb(229.8415841584,249.3584158416,238.0752475248) 0) top,linear-gradient(45deg,transparent .75em,rgb(229.8415841584,249.3584158416,238.0752475248) 0) bottom;color:#36d278}[data-theme=dark] .page-tag-item.color4{background:#092917;background:linear-gradient(135deg,transparent .75em,rgb(9.25,41.25,22.75) 0) top,linear-gradient(45deg,transparent .75em,rgb(9.25,41.25,22.75) 0) bottom;color:#219552}.page-tag-item.color4.clickable:hover{background:#c0f1d5;background:linear-gradient(135deg,transparent .75em,rgb(192.103960396,240.896039604,212.6881188119) 0) top,linear-gradient(45deg,transparent .75em,rgb(192.103960396,240.896039604,212.6881188119) 0) bottom}[data-theme=dark] .page-tag-item.color4.clickable:hover{background:#0f4224;background:linear-gradient(135deg,transparent .75em,rgb(14.8,66,36.4) 0) top,linear-gradient(45deg,transparent .75em,rgb(14.8,66,36.4) 0) bottom}.page-tag-item.color5{background:#e1fcfc;background:linear-gradient(135deg,transparent .75em,rgb(225.0082872928,252.0917127072,252.0917127072) 0) top,linear-gradient(45deg,transparent .75em,rgb(225.0082872928,252.0917127072,252.0917127072) 0) bottom;color:#16e1e1}[data-theme=dark] .page-tag-item.color5{background:#042929;background:linear-gradient(135deg,transparent .75em,rgb(4,41.25,41.25) 0) top,linear-gradient(45deg,transparent .75em,rgb(4,41.25,41.25) 0) bottom;color:#0e9595}.page-tag-item.color5.clickable:hover{background:#b4f8f8;background:linear-gradient(135deg,transparent .75em,rgb(180.020718232,247.729281768,247.729281768) 0) top,linear-gradient(45deg,transparent .75em,rgb(180.020718232,247.729281768,247.729281768) 0) bottom}[data-theme=dark] .page-tag-item.color5.clickable:hover{background:#064242;background:linear-gradient(135deg,transparent .75em,rgb(6.4,66,66) 0) top,linear-gradient(45deg,transparent .75em,rgb(6.4,66,66) 0) bottom}.page-tag-item.color6{background:#e4f0fe;background:linear-gradient(135deg,transparent .75em,rgb(227.7309734513,240.2973451327,253.8690265487) 0) top,linear-gradient(45deg,transparent .75em,rgb(227.7309734513,240.2973451327,253.8690265487) 0) bottom;color:#2589f6}[data-theme=dark] .page-tag-item.color6{background:#021b36;background:linear-gradient(135deg,transparent .75em,rgb(2.25,27.25,54.25) 0) top,linear-gradient(45deg,transparent .75em,rgb(2.25,27.25,54.25) 0) bottom;color:#0862c3}.page-tag-item.color6.clickable:hover{background:#bbdafc;background:linear-gradient(135deg,transparent .75em,rgb(186.8274336283,218.2433628319,252.1725663717) 0) top,linear-gradient(45deg,transparent .75em,rgb(186.8274336283,218.2433628319,252.1725663717) 0) bottom}[data-theme=dark] .page-tag-item.color6.clickable:hover{background:#042c57;background:linear-gradient(135deg,transparent .75em,rgb(3.6,43.6,86.8) 0) top,linear-gradient(45deg,transparent .75em,rgb(3.6,43.6,86.8) 0) bottom}.page-tag-item.color7{background:#f7f1fd;background:linear-gradient(135deg,transparent .75em,rgb(246.5,240.6,252.8) 0) top,linear-gradient(45deg,transparent .75em,rgb(246.5,240.6,252.8) 0) bottom;color:#bb8ced}[data-theme=dark] .page-tag-item.color7{background:#2a0b4b;background:linear-gradient(135deg,transparent .75em,rgb(41.9638554217,11.3975903614,74.6024096386) 0) top,linear-gradient(45deg,transparent .75em,rgb(41.9638554217,11.3975903614,74.6024096386) 0) bottom;color:#9851e4}.page-tag-item.color7.clickable:hover{background:#eadbfa;background:linear-gradient(135deg,transparent .75em,rgb(233.75,219,249.5) 0) top,linear-gradient(45deg,transparent .75em,rgb(233.75,219,249.5) 0) bottom}[data-theme=dark] .page-tag-item.color7.clickable:hover{background:#431277;background:linear-gradient(135deg,transparent .75em,rgb(67.1421686747,18.2361445783,119.3638554217) 0) top,linear-gradient(45deg,transparent .75em,rgb(67.1421686747,18.2361445783,119.3638554217) 0) bottom}.page-tag-item.color8{background:#fdeaf5;background:linear-gradient(135deg,transparent .75em,rgb(253,234.2,244.5) 0) top,linear-gradient(45deg,transparent .75em,rgb(253,234.2,244.5) 0) bottom;color:#ef59ab}[data-theme=dark] .page-tag-item.color8{background:#400626;background:linear-gradient(135deg,transparent .75em,rgb(64.3157894737,6.1842105263,38.0328947368) 0) top,linear-gradient(45deg,transparent .75em,rgb(64.3157894737,6.1842105263,38.0328947368) 0) bottom;color:#e81689}.page-tag-item.color8.clickable:hover{background:#facbe5;background:linear-gradient(135deg,transparent .75em,rgb(250,203,228.75) 0) top,linear-gradient(45deg,transparent .75em,rgb(250,203,228.75) 0) bottom}[data-theme=dark] .page-tag-item.color8.clickable:hover{background:#670a3d;background:linear-gradient(135deg,transparent .75em,rgb(102.9052631579,9.8947368421,60.8526315789) 0) top,linear-gradient(45deg,transparent .75em,rgb(102.9052631579,9.8947368421,60.8526315789) 0) bottom}.vp-toc-placeholder{margin-inline:auto;padding-inline:2.5rem;position:sticky;top:calc(var(--navbar-height) + .5rem);z-index:99;display:none;max-width:var(--content-width, 740px)}@media (max-width: 959px){.vp-toc-placeholder{padding-inline:1.5rem}}@media print{.vp-toc-placeholder{max-width:unset}}@media (max-width: 719px){.hide-navbar .vp-toc-placeholder{top:.5rem}}@media (min-width: 1440px){.vp-toc-placeholder{top:calc(var(--navbar-height) + 2rem)}}@media print{.vp-toc-placeholder{display:none!important}}.vp-toc-placeholder+.theme-hope-content:not(.custom){padding-top:0}.has-toc .vp-toc-placeholder{display:block}#toc{margin-bottom:1rem;border-radius:8px;background:var(--vp-c-bg-alt)}@media (min-width: 1440px){#toc{position:absolute;inset-inline-start:calc(100% + 1rem);min-width:10rem;max-width:15rem;margin-bottom:0;border-radius:0;background:transparent}}.vp-toc-header{padding:.5rem 1rem;font-weight:600}@media (min-width: 1440px){.vp-toc-header{padding-top:0;font-size:.875rem}}.vp-toc-header .arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s}[data-theme=dark] .vp-toc-header .arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.vp-toc-header .arrow.down{transform:rotate(180deg)}[dir=rtl] .vp-toc-header .arrow.down{transform:rotate(-180deg)}.vp-toc-header .arrow.end{transform:rotate(90deg)}[dir=rtl] .vp-toc-header .arrow.end,.vp-toc-header .arrow.start{transform:rotate(-90deg)}[dir=rtl] .vp-toc-header .arrow.start{transform:rotate(90deg)}@media (min-width: 1440px){.vp-toc-header .arrow{display:none}}.vp-toc-header .print-button{display:none}@media (min-width: 1440px){.vp-toc-header .print-button{display:inline-block}}.vp-toc-wrapper{position:relative;overflow:hidden auto;height:0;max-height:8rem;margin:0 .5rem;text-overflow:ellipsis;white-space:nowrap;scroll-behavior:smooth;transition:height .5s}@media (min-width: 1440px){.vp-toc-wrapper{height:auto;max-height:75vh}}.vp-toc-wrapper.open{height:auto;margin-top:.5rem;padding-bottom:.5rem}.vp-toc-wrapper::-webkit-scrollbar-track-piece{background:transparent}.vp-toc-wrapper::-webkit-scrollbar{width:3px}.vp-toc-wrapper::-webkit-scrollbar-thumb:vertical{background:var(--vp-c-border)}.vp-toc-wrapper>.vp-toc-list{padding-inline-start:8px}.vp-toc-wrapper>.vp-toc-list:before{content:" ";position:absolute;inset-inline-start:4px;top:0;bottom:0;z-index:-1;width:2px;background:var(--vp-c-border)}.vp-toc-list{position:relative;margin:0;padding:0}.vp-toc-marker{position:absolute;inset-inline-start:4px;top:0;z-index:2;display:none;width:2px;height:1.7rem;background:var(--vp-c-accent-bg);transition:top var(--vp-t-transform)}@media (min-width: 1440px){.vp-toc-marker{display:block}}.vp-toc-link{position:relative;display:block;overflow:hidden;max-width:100%;color:var(--vp-c-text-mute);line-height:inherit;text-overflow:ellipsis;white-space:nowrap}.vp-toc-link.level2{padding-inline-start:0px;font-size:14px}.vp-toc-link.level3{padding-inline-start:8px;font-size:13px}.vp-toc-link.level4{padding-inline-start:16px;font-size:12px}.vp-toc-link.level5{padding-inline-start:24px;font-size:11px}.vp-toc-link.level6{padding-inline-start:32px;font-size:10px}.vp-toc-item{position:relative;box-sizing:border-box;height:1.7rem;list-style:none;line-height:1.7rem}@media (min-width: 1440px){.vp-toc-item{padding:0 .5rem}}.vp-toc-item:hover>.vp-toc-link{color:var(--vp-c-accent)}.vp-toc-item.active>.vp-toc-link{color:var(--vp-c-accent);font-weight:700}.nav-screen-links{display:none;padding-bottom:.75rem}@media (max-width: 719px){.nav-screen-links{display:block}}.nav-screen-links .navbar-links-item{position:relative;display:block;padding:12px 4px 11px 0;border-bottom:1px solid var(--vp-c-border);font-size:16px;line-height:1.5rem}.nav-screen-links .auto-link{display:inline-block;width:100%;color:var(--vp-c-text);font-weight:400}.nav-screen-links .auto-link:hover{color:var(--vp-c-text)}.nav-screen-links .auto-link.route-link-active{color:var(--vp-c-accent)}.vp-nav-screen-menu-title{border-width:0;background:transparent;position:relative;display:flex;align-items:center;width:100%;padding:0;color:var(--vp-c-text);font-size:inherit;font-family:inherit;text-align:start;cursor:pointer}.vp-nav-screen-menu-title:hover,.vp-nav-screen-menu-title.active{color:var(--vp-c-text)}.vp-nav-screen-menu-title .text{flex:1}.vp-nav-screen-menu-title .arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s}[data-theme=dark] .vp-nav-screen-menu-title .arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.vp-nav-screen-menu-title .arrow.down{transform:rotate(180deg)}[dir=rtl] .vp-nav-screen-menu-title .arrow.down{transform:rotate(-180deg)}.vp-nav-screen-menu-title .arrow.end{transform:rotate(90deg)}[dir=rtl] .vp-nav-screen-menu-title .arrow.end,.vp-nav-screen-menu-title .arrow.start{transform:rotate(-90deg)}[dir=rtl] .vp-nav-screen-menu-title .arrow.start{transform:rotate(90deg)}.vp-nav-screen-menu{overflow:hidden;margin:.5rem 0 0;padding:0;list-style:none;transition:transform .1s ease-out;transform:scaleY(1);transform-origin:top}.vp-nav-screen-menu.hide{height:0;margin:0;transform:scaleY(0)}.vp-nav-screen-menu .auto-link{position:relative;display:block;padding-inline-start:.5rem;font-weight:400;line-height:2}.vp-nav-screen-menu .auto-link:hover,.vp-nav-screen-menu .auto-link.route-link-active{color:var(--vp-c-accent)}.vp-nav-screen-menu .auto-link .icon{font-size:1em}.vp-nav-screen-menu-item{color:inherit;line-height:1.7rem}.vp-nav-screen-menu-subtitle{margin:0;padding-inline-start:.25rem;color:var(--vp-c-text-mute);font-weight:600;font-size:.75rem;line-height:2;text-transform:uppercase}.vp-nav-screen-menu-subtitle .auto-link{padding:0}.vp-nav-screen-menu-subitems{margin:0;padding:0;list-style:none}.vp-nav-screen-menu-subitem{padding-inline-start:.5rem;font-size:.9em}.vp-nav-screen{position:fixed;inset:var(--navbar-height) 0 0 0;z-index:150;display:none;overflow-y:auto;padding:0 2rem;background:var(--vp-c-bg)}@media (max-width: 719px){.vp-nav-screen{display:block}}.vp-nav-screen.fade-enter-active,.vp-nav-screen.fade-leave-active{transition:opacity .25s}.vp-nav-screen.fade-enter-active .vp-nav-screen-container,.vp-nav-screen.fade-leave-active .vp-nav-screen-container{transition:transform .25s ease}.vp-nav-screen.fade-enter-from,.vp-nav-screen.fade-leave-to{opacity:0}.vp-nav-screen.fade-enter-from .vp-nav-screen-container,.vp-nav-screen.fade-leave-to .vp-nav-screen-container{transform:translateY(-8px)}.vp-nav-screen .icon{margin-inline-end:.25em;font-size:1em}.vp-nav-screen img.icon{vertical-align:-.125em;height:1em}.vp-nav-screen-container{max-width:320px;margin:0 auto;padding:2rem 0 4rem}.vp-outlook-wrapper{display:flex;justify-content:space-around}.vp-nav-logo{vertical-align:top;height:var(--navbar-line-height);margin-inline-end:.8rem}.vp-nav-logo.light{display:inline-block}.vp-nav-logo.dark,[data-theme=dark] .vp-nav-logo.light{display:none}[data-theme=dark] .vp-nav-logo.dark{display:inline-block}.vp-site-name{position:relative;color:var(--vp-c-text);font-size:1.25rem}@media (max-width: 719px){.vp-site-name{overflow:hidden;width:calc(100vw - 9.4rem);text-overflow:ellipsis;white-space:nowrap}}.vp-brand:hover .vp-site-name{color:var(--vp-c-accent)}.vp-dropdown-wrapper{cursor:pointer}.vp-dropdown-wrapper:not(:hover) .arrow{transform:rotate(-180deg)}.vp-dropdown-wrapper .auto-link{position:relative;display:block;margin-bottom:0;border-bottom:none;color:var(--vp-c-text);font-weight:400;font-size:.875rem;line-height:1.7rem;transition:color var(--vp-t-color)}.vp-dropdown-wrapper .auto-link:hover,.vp-dropdown-wrapper .auto-link.route-link-active{color:var(--vp-c-accent)}.vp-dropdown-title{border-width:0;background:transparent;cursor:pointer;padding:0 .25rem;color:var(--vp-c-text);font-weight:500;font-size:inherit;font-family:inherit;line-height:inherit;cursor:inherit}.vp-dropdown-title:hover{border-color:transparent}.vp-dropdown-title .icon{margin-inline-end:.25em;font-size:1em}.vp-dropdown-title .arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s;font-size:1.2em}[data-theme=dark] .vp-dropdown-title .arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.vp-dropdown-title .arrow.down{transform:rotate(180deg)}[dir=rtl] .vp-dropdown-title .arrow.down{transform:rotate(-180deg)}.vp-dropdown-title .arrow.end{transform:rotate(90deg)}[dir=rtl] .vp-dropdown-title .arrow.end,.vp-dropdown-title .arrow.start{transform:rotate(-90deg)}[dir=rtl] .vp-dropdown-title .arrow.start{transform:rotate(90deg)}.vp-dropdown{position:absolute;inset-inline-end:0;top:100%;overflow-y:auto;box-sizing:border-box;min-width:6rem;max-height:calc(100vh - var(--navbar-height));margin:0;padding:.5rem .75rem;border:1px solid var(--vp-c-gutter);border-radius:.5rem;background:var(--vp-c-bg-elv);box-shadow:2px 2px 10px var(--vp-c-shadow);list-style-type:none;text-align:start;white-space:nowrap;opacity:0;visibility:hidden;transition:all .18s ease-out;transform:scale(.9)}.vp-dropdown-wrapper:hover .vp-dropdown,.vp-dropdown-wrapper.open .vp-dropdown{z-index:2;opacity:1;visibility:visible;transform:none}.vp-dropdown-item{color:inherit;line-height:1.7rem}.vp-dropdown-subtitle{margin:0;padding:.5rem .25rem 0;color:var(--vp-c-text-mute);font-weight:600;font-size:.75rem;line-height:2;text-transform:uppercase}.vp-dropdown-item:first-child .vp-dropdown-subtitle{padding-top:0}.vp-dropdown-subitems{margin:0;padding:0 0 .25rem;list-style-type:none}.vp-dropdown-item:last-child .vp-dropdown-subitems{padding-bottom:0}.vp-nav-links{display:flex;align-items:center;font-size:.875rem}.vp-nav-item{position:relative;margin:0 .25rem;line-height:2rem}.vp-nav-item:first-child{margin-inline-start:0}.vp-nav-item:last-child{margin-inline-end:0}.vp-nav-item>.auto-link{color:var(--vp-c-text)}.vp-nav-item>.auto-link:before{content:" ";position:absolute;inset:auto 50% 0;height:2px;border-radius:1px;background:var(--vp-c-accent-hover);visibility:hidden;transition:inset .2s ease-in-out}.vp-nav-item>.auto-link.route-link-active{color:var(--vp-c-accent)}.vp-nav-item>.auto-link:hover:before,.vp-nav-item>.auto-link.route-link-active:before{inset:auto 0 0;visibility:visible}.vp-nav-item .i18n-icon{color:var(--vp-c-text-mute)}.vp-navbar{--navbar-line-height: calc( var(--navbar-height) - var(--navbar-padding-y) * 2 );position:fixed;inset:0 0 auto;z-index:175;display:flex;align-items:center;justify-content:space-between;box-sizing:border-box;height:var(--navbar-height);padding:var(--navbar-padding-y) var(--navbar-padding-x);background:var(--navbar-c-bg);box-shadow:0 2px 8px var(--vp-c-shadow);line-height:var(--navbar-line-height);white-space:nowrap;-webkit-backdrop-filter:saturate(150%) blur(12px);backdrop-filter:saturate(150%) blur(12px);transition:transform var(--vp-t-transform)}@media print{.vp-navbar{display:none}}.hide-navbar .vp-navbar.auto-hide{transform:translateY(-100%)}.vp-navbar .auto-link{padding:0 .25rem;color:var(--vp-c-text)}.vp-navbar .auto-link.route-link-active{color:var(--vp-c-accent)}.vp-navbar .auto-link .icon{margin-inline-end:.25em;font-size:1em}.vp-navbar .auto-link img.icon{vertical-align:-.125em;height:1em}.vp-navbar-start,.vp-navbar-end,.vp-navbar-center{display:flex;flex:1;align-items:center}.vp-navbar-start>*,.vp-navbar-end>*,.vp-navbar-center>*{position:relative;margin:0 .25rem!important}.vp-navbar-start>*:first-child,.vp-navbar-end>*:first-child,.vp-navbar-center>*:first-child{margin-inline-start:0!important}.vp-navbar-start>*:last-child,.vp-navbar-end>*:last-child,.vp-navbar-center>*:last-child{margin-inline-end:0!important}.vp-navbar-start{justify-content:start}.vp-navbar-center{justify-content:center}.vp-navbar-end{justify-content:end}.vp-navbar .vp-action{margin:0!important}.vp-navbar .vp-action-link{display:inline-block;margin:auto;padding:6px;color:var(--vp-c-text-mute);line-height:1}.vp-navbar .vp-action-link:hover,.vp-navbar .vp-action-link:active{color:var(--vp-c-accent-bg)}.vp-toggle-navbar-button{border-width:0;background:transparent;cursor:pointer;position:relative;display:none;align-items:center;justify-content:center;padding:6px}@media screen and (max-width: 719px){.vp-toggle-navbar-button{display:flex}}.vp-toggle-navbar-button>span{position:relative;overflow:hidden;width:16px;height:14px}.vp-toggle-navbar-button .vp-top,.vp-toggle-navbar-button .vp-middle,.vp-toggle-navbar-button .vp-bottom{position:absolute;width:16px;height:2px;background:var(--vp-c-text);transition:top .25s,background .5s,transform .25s}.vp-toggle-navbar-button .vp-top{top:0;left:0;transform:translate(0)}.vp-toggle-navbar-button .vp-middle{top:6px;left:0;transform:translate(8px)}.vp-toggle-navbar-button .vp-bottom{top:12px;left:0;transform:translate(4px)}.vp-toggle-navbar-button:hover .vp-top{top:0;left:0;transform:translate(4px)}.vp-toggle-navbar-button:hover .vp-middle{top:6;left:0;transform:translate(0)}.vp-toggle-navbar-button:hover .vp-bottom{top:12px;left:0;transform:translate(8px)}.vp-toggle-navbar-button.is-active .vp-top{top:6px;transform:translate(0) rotate(225deg)}.vp-toggle-navbar-button.is-active .vp-middle{top:6px;transform:translate(16px)}.vp-toggle-navbar-button.is-active .vp-bottom{top:6px;transform:translate(0) rotate(135deg)}.vp-toggle-navbar-button.is-active:hover .vp-top,.vp-toggle-navbar-button.is-active:hover .vp-middle,.vp-toggle-navbar-button.is-active:hover .vp-bottom{background:var(--vp-c-accent-bg);transition:top .25s,background .25s,transform .25s}.vp-toggle-sidebar-button{border-width:0;background:transparent;cursor:pointer;display:none;vertical-align:middle;box-sizing:content-box;width:1rem;height:1rem;padding:.5rem;font:unset;transition:transform .2s ease-in-out}@media screen and (max-width: 719px){.vp-toggle-sidebar-button{display:block;padding-inline-end:var(--navbar-mobile-padding-x)}}.vp-toggle-sidebar-button:before,.vp-toggle-sidebar-button:after,.vp-toggle-sidebar-button .icon{display:block;width:100%;height:2px;border-radius:.05em;background:var(--vp-c-text);transition:transform .2s ease-in-out}.vp-toggle-sidebar-button:before{content:" ";margin-top:.125em}.sidebar-open .vp-toggle-sidebar-button:before{transform:translateY(.34rem) rotate(135deg)}.vp-toggle-sidebar-button:after{content:" ";margin-bottom:.125em}.sidebar-open .vp-toggle-sidebar-button:after{transform:translateY(-.34rem) rotate(-135deg)}.vp-toggle-sidebar-button .icon{margin:.2em 0}.sidebar-open .vp-toggle-sidebar-button .icon{transform:scale(0)}.vp-color-mode-switch{border-width:0;background:transparent;vertical-align:middle;padding:6px;color:var(--vp-c-text-mute);cursor:pointer;transition:color var(--vp-t-color)}.vp-color-mode-switch:hover{color:var(--vp-c-accent-bg)}.vp-color-mode-switch .icon{width:1.25rem;height:1.25rem}.vp-color-mode-title{display:block;margin:0;padding:0 .25rem;color:var(--vp-c-text-subtle);font-weight:600;font-size:.75rem;line-height:2}.vp-outlook-button{border-width:0;background:transparent;cursor:pointer;position:relative;padding:.375rem;color:var(--vp-c-text-mute)}.vp-outlook-button .icon{vertical-align:middle;width:1.25rem;height:1.25rem}.vp-outlook-dropdown{position:absolute;inset-inline-end:0;top:100%;overflow-y:auto;box-sizing:border-box;min-width:100px;margin:0;padding:.5rem .75rem;border:1px solid var(--vp-c-gutter);border-radius:.25rem;background:var(--vp-c-bg);box-shadow:2px 2px 10px var(--vp-c-shadow);text-align:start;white-space:nowrap;opacity:0;visibility:hidden;transition:all .18s ease-out;transform:scale(.8)}.vp-outlook-dropdown>*:not(:last-child){padding-bottom:.5rem;border-bottom:1px solid var(--vp-c-border)}.vp-outlook-button:hover .vp-outlook-dropdown,.vp-outlook-button.open .vp-outlook-dropdown{z-index:2;opacity:1;visibility:visible;transform:scale(1)}.vp-theme-color-picker{display:flex;margin:0;padding:0;list-style-type:none;font-size:14px}.vp-theme-color-picker li span{display:inline-block;vertical-align:middle;width:15px;height:15px;margin:0 2px;border-radius:2px}.vp-theme-color-picker li span.theme-color{background:#3a80ac}.vp-theme-color-picker li span.theme-color [data-theme=dark]{background:#3d87b5}.vp-theme-color-title{display:block;margin:0;padding:0 .25rem;color:var(--vp-c-text-subtle);font-weight:600;font-size:.75rem;line-height:2}.full-screen,.cancel-full-screen{border-width:0;background:transparent;vertical-align:middle;padding:.25rem;color:var(--vp-c-text-mute);cursor:pointer}@media print{.full-screen,.cancel-full-screen{display:none}}.full-screen:hover,.cancel-full-screen:hover{color:var(--vp-c-accent-hover)}.full-screen .icon,.cancel-full-screen .icon{width:1.25rem;height:1.25rem}.vp-sidebar-link{display:inline-block;box-sizing:border-box;width:calc(100% - 1rem);margin-inline:.5rem;padding:.25rem .5rem;border-radius:.375rem;color:var(--vp-c-text);font-weight:400;font-size:1em;line-height:1.5}.vp-sidebar-link:hover{background:var(--vp-c-control)}.vp-sidebar-link.active{background:var(--vp-c-accent-soft);color:var(--vp-c-accent);font-weight:500}.vp-sidebar-link.active .icon{color:var(--vp-c-accent)}.vp-sidebar-group:not(.collapsible) .vp-sidebar-header:not(.clickable){color:inherit;cursor:auto}.vp-sidebar-group .vp-sidebar-group .vp-sidebar-header{font-size:1em}.vp-sidebar-header{display:flex;align-items:center;overflow:hidden;box-sizing:border-box;width:calc(100% - 1rem);margin:0;margin-inline:.5rem;padding:.25rem .5rem;border-width:0;border-radius:.375rem;background:transparent;color:var(--vp-c-text);font-size:1.1em;line-height:1.5;text-align:start;-webkit-user-select:none;-moz-user-select:none;user-select:none;transition:color .15s ease;transform:rotate(0)}.vp-sidebar-header.open{color:inherit}.vp-sidebar-header.clickable{border-width:0;background:transparent;cursor:pointer;font-family:inherit}.vp-sidebar-header.clickable:hover{background:var(--vp-c-control)}.vp-sidebar-header.clickable.exact{border-inline-start-color:var(--vp-c-accent-bg);color:var(--vp-c-accent)}.vp-sidebar-header.clickable.exact a{color:inherit}.vp-sidebar-header .vp-sidebar-title{flex:1}.vp-sidebar-header .vp-arrow{display:inline-block;vertical-align:middle;width:1em;height:1em;background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(0,0,0,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E");background-position:center;background-repeat:no-repeat;line-height:normal;transition:all .3s;font-size:1.5em}[data-theme=dark] .vp-sidebar-header .vp-arrow{background-image:url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24'%3E%3Cpath fill='rgb(255,255,255,0.5)' d='M7.41 15.41L12 10.83l4.59 4.58L18 14l-6-6-6 6z'/%3E%3C/svg%3E")}.vp-sidebar-header .vp-arrow.down{transform:rotate(180deg)}[dir=rtl] .vp-sidebar-header .vp-arrow.down{transform:rotate(-180deg)}.vp-sidebar-header .vp-arrow.end{transform:rotate(90deg)}[dir=rtl] .vp-sidebar-header .vp-arrow.end,.vp-sidebar-header .vp-arrow.start{transform:rotate(-90deg)}[dir=rtl] .vp-sidebar-header .vp-arrow.start{transform:rotate(90deg)}.vp-sidebar-links{margin:0 0 0 .75em;padding:0}.vp-sidebar-links li{list-style-type:none}.vp-sidebar>.vp-sidebar-links{margin:0;padding:1.5rem 0}@media (max-width: 719px){.vp-sidebar>.vp-sidebar-links{padding:1rem 0}}.vp-sidebar>.vp-sidebar-links>li>.vp-sidebar-link{font-size:1.1em}.vp-sidebar>.vp-sidebar-links>li:not(:first-child){margin-top:.5rem}.vp-sidebar{position:fixed;inset-inline-start:0;top:0;bottom:0;z-index:1;overflow-y:auto;width:var(--sidebar-width);margin:0;padding-inline-start:calc(var(--sidebar-space) - var(--sidebar-width));background:var(--sidebar-c-bg);box-shadow:2px 0 8px var(--vp-c-shadow);font-size:.94rem;-webkit-backdrop-filter:saturate(150%) blur(12px);backdrop-filter:saturate(150%) blur(12px);transition:padding var(--vp-t-transform),transform var(--vp-t-transform);scrollbar-color:var(--vp-c-accent-bg) var(--vp-c-border);scrollbar-width:thin}@media (max-width: 959px){.vp-sidebar{font-size:.86em}}@media (max-width: 719px){.vp-sidebar{z-index:125;box-shadow:none;transform:translate(-100%)}[dir=rtl] .vp-sidebar{transform:translate(100%)}}@media (min-width: 1440px){.vp-sidebar{padding-bottom:3rem;box-shadow:none;font-size:1rem}}@media print{.vp-sidebar{display:none}}.vp-sidebar a{display:inline-block;color:var(--vp-c-text);font-weight:400}.vp-sidebar .icon{margin-inline-end:.25em;font-size:1em}.vp-sidebar img.icon{vertical-align:-.125em;height:1em}.vp-sidebar-mask{position:fixed;top:0;right:0;bottom:0;left:0;z-index:100;background:#00000026}.vp-sidebar-mask.fade-enter-active,.vp-sidebar-mask.fade-leave-active{transition:opacity .25s}.vp-sidebar-mask.fade-enter-from,.vp-sidebar-mask.fade-leave-to{opacity:0}h1,h2,h3,h4,h5{font-family:var(--font-family)}.vp-hero-infos{display:none}.image-container{height:150px;width:361px;max-width:calc(100% - 20px);padding:10px;float:right}.search-pro-result-wrapper{scrollbar-color:var(--vp-c-accent) var(--vp-c-border);scrollbar-width:thin}@media (max-width: 419px){.search-pro-result-wrapper{font-size:14px}}.search-pro-result-wrapper::-webkit-scrollbar{width:6px;height:6px}.search-pro-result-wrapper::-webkit-scrollbar-track-piece{border-radius:6px;background:#0000001a}.search-pro-result-wrapper::-webkit-scrollbar-thumb{border-radius:6px;background:var(--vp-c-accent-bg)}.search-pro-result-wrapper::-webkit-scrollbar-thumb:active{background:var(--vp-c-accent-hover)}.search-pro-result-wrapper mark{border-radius:.25em;line-height:1}.search-pro-result-list{margin:0;padding:0}.search-pro-result-list-item{display:block;list-style:none}.search-pro-result-title{position:sticky;top:-2px;z-index:10;margin:-4px;margin-bottom:.25rem;padding:4px;background:var(--vp-c-bg);color:var(--vp-c-accent);font-weight:600;font-size:.875em;line-height:2rem;text-indent:.5em}.search-pro-result-item.active .search-pro-result-title{color:var(--vp-c-accent)}.search-pro-result-type{display:block;width:1rem;height:1rem;margin-inline-start:-.5rem;padding:.5rem;color:var(--vp-c-accent)}.search-pro-remove-icon{border-width:0;background:transparent;cursor:pointer;box-sizing:content-box;height:1.5rem;padding:0;border-radius:50%;color:var(--vp-c-accent);font-size:1rem}.search-pro-remove-icon svg{width:1.5rem;height:1.5rem}.search-pro-remove-icon:hover{background:#8080804d}.search-pro-result-content{display:flex;flex-flow:column;flex-grow:1;align-items:stretch;justify-content:center;line-height:1.5}.search-pro-result-content .content-header{margin-bottom:.25rem;border-bottom:1px solid var(--vp-c-border-hard);font-size:.9em}.search-pro-result-item{display:flex;align-items:center;margin:.5rem 0;padding:.5rem .75rem;border-radius:.25rem;background:var(--vp-c-bg-alt);color:inherit;box-shadow:0 1px 3px 0 var(--vp-c-shadow);font-weight:400;white-space:pre-wrap;word-wrap:break-word}.search-pro-result-item strong{color:var(--vp-c-accent)}.search-pro-result-item:hover,.search-pro-result-item.active{background-color:var(--vp-c-accent-hover);color:var(--vp-c-white);cursor:pointer}.search-pro-result-item:hover .search-pro-result-type,.search-pro-result-item:hover .search-pro-remove-icon,.search-pro-result-item:hover strong,.search-pro-result-item.active .search-pro-result-type,.search-pro-result-item.active .search-pro-remove-icon,.search-pro-result-item.active strong{color:var(--vp-c-white)} diff --git a/assets/team.html-DZAqBiTA.js b/assets/team.html-DZAqBiTA.js new file mode 100644 index 000000000..acf8bdd28 --- /dev/null +++ b/assets/team.html-DZAqBiTA.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as n,o as i}from"./app-BIWb5uIp.js";const a={};function l(o,e){return i(),t("div",null,e[0]||(e[0]=[n('

    The funded project team includes:

    We thank additional contributors, including:

    ',4)]))}const p=r(a,[["render",l],["__file","team.html.vue"]]),s=JSON.parse('{"path":"/about/learnmore/team.html","title":"Team","lang":"en-US","frontmatter":{"title":"Team","icon":"group","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.21,"words":62},"filePathRelative":"about/learnmore/team.md","excerpt":"

    The funded project team includes:

    \\n
      \\n
    • Prof. Dr. Christian Fegeler • Homepage
      • \\n
    • Hauke Hund • GitHub
      • \\n
    • Maximilian Kurscheidt • GitHub
      • \\n
    • Simon Schweizer • GitHub
      • \\n
    • Christoph Zilske • GitHub
      • \\n
    • Reto Wettstein • GitHub
      • \\n
    • Alexander Kiel • GitHub
      • \\n
    "}');export{p as comp,s as data}; diff --git a/assets/upgrade-from-0.html-1HiNaMpm.js b/assets/upgrade-from-0.html-1HiNaMpm.js new file mode 100644 index 000000000..10875155b --- /dev/null +++ b/assets/upgrade-from-0.html-1HiNaMpm.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.3.2/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.3.2/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-BTr3Ngrn.js b/assets/upgrade-from-0.html-BTr3Ngrn.js new file mode 100644 index 000000000..062f81465 --- /dev/null +++ b/assets/upgrade-from-0.html-BTr3Ngrn.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.7.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.7.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-Bc8Lyi5a.js b/assets/upgrade-from-0.html-Bc8Lyi5a.js new file mode 100644 index 000000000..3e11e2616 --- /dev/null +++ b/assets/upgrade-from-0.html-Bc8Lyi5a.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as r}from"./app-BIWb5uIp.js";const a={};function i(p,e){return r(),o("div",null,e[0]||(e[0]=[n('

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    ',4)]))}const d=t(a,[["render",i],["__file","upgrade-from-0.html.vue"]]),c=JSON.parse('{"path":"/v1.0.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.45,"words":134},"filePathRelative":"v1.0.0/maintain/upgrade-from-0.md","excerpt":"
    \\n

    Do not upgrade unless prompted!

    \\n

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    \\n
    \\n

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    "}');export{d as comp,c as data}; diff --git a/assets/upgrade-from-0.html-BfIVWmGA.js b/assets/upgrade-from-0.html-BfIVWmGA.js new file mode 100644 index 000000000..8d114e7bb --- /dev/null +++ b/assets/upgrade-from-0.html-BfIVWmGA.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.3.1/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.3.1/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-Bpl0xGi5.js b/assets/upgrade-from-0.html-Bpl0xGi5.js new file mode 100644 index 000000000..a360bf1e9 --- /dev/null +++ b/assets/upgrade-from-0.html-Bpl0xGi5.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as r}from"./app-BIWb5uIp.js";const a={};function i(p,e){return r(),o("div",null,e[0]||(e[0]=[n('

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    ',4)]))}const d=t(a,[["render",i],["__file","upgrade-from-0.html.vue"]]),c=JSON.parse('{"path":"/v1.2.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.45,"words":134},"filePathRelative":"v1.2.0/maintain/upgrade-from-0.md","excerpt":"
    \\n

    Do not upgrade unless prompted!

    \\n

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    \\n
    \\n

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    "}');export{d as comp,c as data}; diff --git a/assets/upgrade-from-0.html-Bvg37v8B.js b/assets/upgrade-from-0.html-Bvg37v8B.js new file mode 100644 index 000000000..8fa495b11 --- /dev/null +++ b/assets/upgrade-from-0.html-Bvg37v8B.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.5.1/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.5.1/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-C0DwKz8X.js b/assets/upgrade-from-0.html-C0DwKz8X.js new file mode 100644 index 000000000..dba267317 --- /dev/null +++ b/assets/upgrade-from-0.html-C0DwKz8X.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.5.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.5.0/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-C2OeT5jI.js b/assets/upgrade-from-0.html-C2OeT5jI.js new file mode 100644 index 000000000..18b390969 --- /dev/null +++ b/assets/upgrade-from-0.html-C2OeT5jI.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.3.2/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.3.2/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-C84ezCmE.js b/assets/upgrade-from-0.html-C84ezCmE.js new file mode 100644 index 000000000..e71f16366 --- /dev/null +++ b/assets/upgrade-from-0.html-C84ezCmE.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/stable/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"stable/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-CF476DnM.js b/assets/upgrade-from-0.html-CF476DnM.js new file mode 100644 index 000000000..045991c49 --- /dev/null +++ b/assets/upgrade-from-0.html-CF476DnM.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.4.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.4.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-CnqVdKUA.js b/assets/upgrade-from-0.html-CnqVdKUA.js new file mode 100644 index 000000000..a778e2426 --- /dev/null +++ b/assets/upgrade-from-0.html-CnqVdKUA.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.7.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.7.0/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-CvOTkUrX.js b/assets/upgrade-from-0.html-CvOTkUrX.js new file mode 100644 index 000000000..870a1bd7f --- /dev/null +++ b/assets/upgrade-from-0.html-CvOTkUrX.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.0.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.0.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-D20VPAYx.js b/assets/upgrade-from-0.html-D20VPAYx.js new file mode 100644 index 000000000..62d522081 --- /dev/null +++ b/assets/upgrade-from-0.html-D20VPAYx.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.3.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.3.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-D9wYfXqp.js b/assets/upgrade-from-0.html-D9wYfXqp.js new file mode 100644 index 000000000..8f585f09c --- /dev/null +++ b/assets/upgrade-from-0.html-D9wYfXqp.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.4.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.4.0/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-DJWodOM6.js b/assets/upgrade-from-0.html-DJWodOM6.js new file mode 100644 index 000000000..111e2d710 --- /dev/null +++ b/assets/upgrade-from-0.html-DJWodOM6.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.3.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.3.0/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-DN3ya3ja.js b/assets/upgrade-from-0.html-DN3ya3ja.js new file mode 100644 index 000000000..696676b06 --- /dev/null +++ b/assets/upgrade-from-0.html-DN3ya3ja.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.6.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.6.0/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-DqBMBlca.js b/assets/upgrade-from-0.html-DqBMBlca.js new file mode 100644 index 000000000..8f9becd2b --- /dev/null +++ b/assets/upgrade-from-0.html-DqBMBlca.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.5.2/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.5.2/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-DqzXx2zx.js b/assets/upgrade-from-0.html-DqzXx2zx.js new file mode 100644 index 000000000..538815641 --- /dev/null +++ b/assets/upgrade-from-0.html-DqzXx2zx.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as a}from"./app-BIWb5uIp.js";const i={};function r(s,e){return a(),o("div",null,e[0]||(e[0]=[n('

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    ',6)]))}const p=t(i,[["render",r],["__file","upgrade-from-0.html.vue"]]),d=JSON.parse('{"path":"/v1.5.2/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":1.12,"words":337},"filePathRelative":"v1.5.2/maintain/upgrade-from-0.md","excerpt":"

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    \\n
    \\n

    Do not use your 0.9.x configuration as starting point

    \\n

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    \\n

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    \\n
    "}');export{p as comp,d as data}; diff --git a/assets/upgrade-from-0.html-DtQnIA8J.js b/assets/upgrade-from-0.html-DtQnIA8J.js new file mode 100644 index 000000000..0231bcfe1 --- /dev/null +++ b/assets/upgrade-from-0.html-DtQnIA8J.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.1.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.1.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-DwBqJg50.js b/assets/upgrade-from-0.html-DwBqJg50.js new file mode 100644 index 000000000..fb2f4a7f0 --- /dev/null +++ b/assets/upgrade-from-0.html-DwBqJg50.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.6.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.6.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-DzHXV-5I.js b/assets/upgrade-from-0.html-DzHXV-5I.js new file mode 100644 index 000000000..1109f8f0f --- /dev/null +++ b/assets/upgrade-from-0.html-DzHXV-5I.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.5.1/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.5.1/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-GTzYt6yH.js b/assets/upgrade-from-0.html-GTzYt6yH.js new file mode 100644 index 000000000..c29205d23 --- /dev/null +++ b/assets/upgrade-from-0.html-GTzYt6yH.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as a}from"./app-BIWb5uIp.js";const n={};function l(i,e){return a(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(n,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/stable/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"stable/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-HmQi5Tpk.js b/assets/upgrade-from-0.html-HmQi5Tpk.js new file mode 100644 index 000000000..3b898bcc0 --- /dev/null +++ b/assets/upgrade-from-0.html-HmQi5Tpk.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.3.1/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.3.1/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-PytT4X3s.js b/assets/upgrade-from-0.html-PytT4X3s.js new file mode 100644 index 000000000..38278ed45 --- /dev/null +++ b/assets/upgrade-from-0.html-PytT4X3s.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.2.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.2.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-dRnDKi2b.js b/assets/upgrade-from-0.html-dRnDKi2b.js new file mode 100644 index 000000000..4c5a933c9 --- /dev/null +++ b/assets/upgrade-from-0.html-dRnDKi2b.js @@ -0,0 +1 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as t,a as o,o as n}from"./app-BIWb5uIp.js";const a={};function l(i,e){return n(),t("div",null,e[0]||(e[0]=[o('

    Work in progress

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    ',1)]))}const d=r(a,[["render",l],["__file","upgrade-from-0.html.vue"]]),g=JSON.parse('{"path":"/v1.5.0/develop/upgrade-from-0.html","title":"Upgrade processes from 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade processes from 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.26,"words":79},"filePathRelative":"v1.5.0/develop/upgrade-from-0.md","excerpt":"
    \\n

    Work in progress

    \\n

    We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:

    \\n\\n
    "}');export{d as comp,g as data}; diff --git a/assets/upgrade-from-0.html-g2sDnFxf.js b/assets/upgrade-from-0.html-g2sDnFxf.js new file mode 100644 index 000000000..4fa1ec930 --- /dev/null +++ b/assets/upgrade-from-0.html-g2sDnFxf.js @@ -0,0 +1 @@ +import{_ as t}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as o,a as n,o as r}from"./app-BIWb5uIp.js";const a={};function i(p,e){return r(),o("div",null,e[0]||(e[0]=[n('

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    ',4)]))}const d=t(a,[["render",i],["__file","upgrade-from-0.html.vue"]]),c=JSON.parse('{"path":"/v1.1.0/maintain/upgrade-from-0.html","title":"Upgrade from DSF 0.9.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 0.9.x","icon":"update","gitInclude":[]},"headers":[],"readingTime":{"minutes":0.45,"words":134},"filePathRelative":"v1.1.0/maintain/upgrade-from-0.md","excerpt":"
    \\n

    Do not upgrade unless prompted!

    \\n

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    \\n
    \\n

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    "}');export{d as comp,c as data}; diff --git a/assets/upgrade-from-1.html-1Wof4LeJ.js b/assets/upgrade-from-1.html-1Wof4LeJ.js new file mode 100644 index 000000000..5e2a13341 --- /dev/null +++ b/assets/upgrade-from-1.html-1Wof4LeJ.js @@ -0,0 +1,18 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function l(t,e){return r(),s("div",null,e[0]||(e[0]=[a(`

    Upgrading the DSF from 1.5.2 to 1.6.0 involves modifying the docker-compose.yml files and recreating the containers.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.6.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.6.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.2
++   image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.2
++   image: ghcr.io/datasharingframework/fhir:1.6.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.6.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.6.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.2
++   image: ghcr.io/datasharingframework/bpe:1.6.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.6.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.6.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,9)]))}const o=i(n,[["render",l],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.6.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.5.2","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.5.2","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":0.99,"words":297},"filePathRelative":"v1.6.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.5.2 to 1.6.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n

    Modify DSF FHIR Server Setup

    \\n
      \\n
    1. \\n

      Preparation / Backup

      \\n
        \\n
      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        \\nFor example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.6.0_upgrade
        • \\n
      \\n
      2. \\n
    2. \\n

      Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.6.0.

      \\n
      3. \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-B6nw0zTc.js b/assets/upgrade-from-1.html-B6nw0zTc.js new file mode 100644 index 000000000..0adab5eef --- /dev/null +++ b/assets/upgrade-from-1.html-B6nw0zTc.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.4.0 to 1.5.0 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.4.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.4.0
++   image: ghcr.io/datasharingframework/fhir:1.5.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.4.0
++   image: ghcr.io/datasharingframework/bpe:1.5.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.5.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.4.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.4.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.5.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.4.0 to 1.5.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-BMtZHrEs.js b/assets/upgrade-from-1.html-BMtZHrEs.js new file mode 100644 index 000000000..dc1a29b8b --- /dev/null +++ b/assets/upgrade-from-1.html-BMtZHrEs.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.3.2 to 1.4.0 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.4.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.4.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.2
++   image: ghcr.io/datasharingframework/fhir_proxy:1.4.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.2
++   image: ghcr.io/datasharingframework/fhir:1.4.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.4.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.4.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.2
++   image: ghcr.io/datasharingframework/bpe:1.4.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.4.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.4.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.4.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.4.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.4.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.3.2","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.3.2","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.4.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.3.2 to 1.4.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-BSet6xf2.js b/assets/upgrade-from-1.html-BSet6xf2.js new file mode 100644 index 000000000..d883baea4 --- /dev/null +++ b/assets/upgrade-from-1.html-BSet6xf2.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.5.1 to 1.5.2 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.2.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.1
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.2
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.1
++   image: ghcr.io/datasharingframework/fhir:1.5.2
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.2.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.1
++   image: ghcr.io/datasharingframework/bpe:1.5.2
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.5.2/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.5.1","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.5.1","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.5.2/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.5.1 to 1.5.2 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-BakWeZYj.js b/assets/upgrade-from-1.html-BakWeZYj.js new file mode 100644 index 000000000..5f22e4ba3 --- /dev/null +++ b/assets/upgrade-from-1.html-BakWeZYj.js @@ -0,0 +1,89 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as e,a,o as n}from"./app-BIWb5uIp.js";const l={};function r(t,s){return n(),e("div",null,s[0]||(s[0]=[a(`

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
++    image: ghcr.io/datasharingframework/fhir_proxy:1.7.0
+     restart: on-failure
+...
+       - ssl_certificate_file.pem
+       - ssl_certificate_key_file.pem
+       - ssl_certificate_chain_file.pem
+-      - ssl_ca_certificate_file.pem
+-      - ssl_ca_dn_request_file.pem
+     environment:
+...
+       SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem
+       SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem
+       SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem
+-      SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem
+-      SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem
+     networks:
+...
+   app:
+-    image: ghcr.io/datasharingframework/fhir:1.6.0
++    image: ghcr.io/datasharingframework/fhir:1.7.0
+     restart: on-failure
+...
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_permanent_delete.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS:  /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password
+-      DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+-  ssl_ca_dn_request_file.pem:
+-    file: ./secrets/ssl_ca_dn_request_file.pem
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/datasharingframework/bpe:1.6.0
++    image: ghcr.io/datasharingframework/bpe:1.7.0
+     restart: on-failure
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_camunda.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password
+-      DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const c=i(l,[["render",r],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/stable/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.6.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.6.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.66,"words":499},"filePathRelative":"stable/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    "}');export{c as comp,h as data}; diff --git a/assets/upgrade-from-1.html-CWtjTQLA.js b/assets/upgrade-from-1.html-CWtjTQLA.js new file mode 100644 index 000000000..307764092 --- /dev/null +++ b/assets/upgrade-from-1.html-CWtjTQLA.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.3.1 to 1.3.2 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.2.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.1
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.2
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.1
++   image: ghcr.io/datasharingframework/fhir:1.3.2
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.2.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.1
++   image: ghcr.io/datasharingframework/bpe:1.3.2
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.3.2/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.3.1","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.3.1","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.3.2/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.3.1 to 1.3.2 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-DRWK4a79.js b/assets/upgrade-from-1.html-DRWK4a79.js new file mode 100644 index 000000000..40f2e15af --- /dev/null +++ b/assets/upgrade-from-1.html-DRWK4a79.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.5.0 to 1.5.1 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.1.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.1
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.0
++   image: ghcr.io/datasharingframework/fhir:1.5.1
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.1.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.0
++   image: ghcr.io/datasharingframework/bpe:1.5.1
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.5.1/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.5.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.5.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.5.1/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.5.0 to 1.5.1 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-Dj9m-NVD.js b/assets/upgrade-from-1.html-Dj9m-NVD.js new file mode 100644 index 000000000..1951c8035 --- /dev/null +++ b/assets/upgrade-from-1.html-Dj9m-NVD.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.2.0 to 1.3.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.2.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.2.0
++   image: ghcr.io/datasharingframework/fhir:1.3.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.2.0
++   image: ghcr.io/datasharingframework/bpe:1.3.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,11)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.3.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.2.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.2.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.14,"words":342},"filePathRelative":"v1.3.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.2.0 to 1.3.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Upgrade from 0.9.x

    \\n

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-I3a4-uzG.js b/assets/upgrade-from-1.html-I3a4-uzG.js new file mode 100644 index 000000000..a9ed9e90a --- /dev/null +++ b/assets/upgrade-from-1.html-I3a4-uzG.js @@ -0,0 +1,18 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function l(t,e){return r(),s("div",null,e[0]||(e[0]=[a(`

    Upgrading the DSF from 1.0.0 to 1.1.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.1.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.1.0

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.0.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.1.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.0.0
++   image: ghcr.io/datasharingframework/fhir:1.1.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.1.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.1.0

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.0.0
++   image: ghcr.io/datasharingframework/bpe:1.1.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.1.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.1.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.1.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.1.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=i(n,[["render",l],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.1.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.x","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.x","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.06,"words":317},"filePathRelative":"v1.1.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.0.0 to 1.1.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Upgrade from 0.9.x

    \\n

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-KyVmiK2h.js b/assets/upgrade-from-1.html-KyVmiK2h.js new file mode 100644 index 000000000..d583893fb --- /dev/null +++ b/assets/upgrade-from-1.html-KyVmiK2h.js @@ -0,0 +1,18 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as r}from"./app-BIWb5uIp.js";const n={};function t(l,i){return r(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.3.0 to 1.3.1 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.1.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.1
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.0
++   image: ghcr.io/datasharingframework/fhir:1.3.1
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.1.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.0
++   image: ghcr.io/datasharingframework/bpe:1.3.1
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const o=e(n,[["render",t],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.3.1/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.3.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.3.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.07,"words":322},"filePathRelative":"v1.3.1/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.3.0 to 1.3.1 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Update to DSF 1.2.0 first

    \\n

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    \\n
    "}');export{o as comp,h as data}; diff --git a/assets/upgrade-from-1.html-le86mUFE.js b/assets/upgrade-from-1.html-le86mUFE.js new file mode 100644 index 000000000..82319a1a4 --- /dev/null +++ b/assets/upgrade-from-1.html-le86mUFE.js @@ -0,0 +1,33 @@ +import{_ as e}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const r={};function l(t,i){return n(),s("div",null,i[0]||(i[0]=[a(`

    Upgrading the DSF from 1.1.0 to 1.2.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.2.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.1.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.2.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.1.0
++   image: ghcr.io/datasharingframework/fhir:1.2.0
+    restart: on-failure
+-   healthcheck:
+-     test: ["CMD", "java", "-cp", "dsf_fhir.jar", "dev.dsf.common.status.client.StatusClient"]
+-     interval: 10s
+-     timeout: 15s
+-     retries: 5
+...
    1. The role configuration is now optional. If you don't use roles, you can remove the role config (default for new installations):
      app:
+...
+    environment:
+...
+-     # TODO specify role configuration to allow access to the UI via web-browser or REST API for specific users, see documentation at dsf.dev
+-     DEV_DSF_FHIR_SERVER_ROLECONFIG: |
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.2.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.1.0
++   image: ghcr.io/datasharingframework/bpe:1.2.0
+    restart: on-failure
+-   healthcheck:
+-     test: ["CMD", "java", "-cp", "dsf_bpe.jar", "dev.dsf.common.status.client.StatusClient"]
+-     interval: 10s
+-     timeout: 15s
+-     retries: 5
+...

    1. DSF v1.2.0 is not compatible with the Ping/Pong process plugin v1.0.0.0, upgrade to the Ping/Pong plugin v1.0.1.0 by removing the old jar file and replacing it with the new v1.0.1.0 one.

    2. We have released a new version of the Allow List Process plugin where we added support for delete operations. Please upgrade to the Allow-List process v1.0.0.1 by removing the old jar file and replacing it with the new v1.0.0.1 one.

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.2.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.2.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.2.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.2.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,12)]))}const p=e(r,[["render",l],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.2.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.1.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.1.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.71,"words":513},"filePathRelative":"v1.2.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.1.0 to 1.2.0 involves modifying the docker-compose.yml files and recreating the containers.

    \\n
    \\n

    Upgrade from 0.9.x

    \\n

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    \\n
    "}');export{p as comp,h as data}; diff --git a/assets/upgrade-from-1.html-li54FQ6Z.js b/assets/upgrade-from-1.html-li54FQ6Z.js new file mode 100644 index 000000000..844420d39 --- /dev/null +++ b/assets/upgrade-from-1.html-li54FQ6Z.js @@ -0,0 +1,89 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as e,a,o as n}from"./app-BIWb5uIp.js";const l={};function r(t,s){return n(),e("div",null,s[0]||(s[0]=[a(`

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
++    image: ghcr.io/datasharingframework/fhir_proxy:1.7.0
+     restart: on-failure
+...
+       - ssl_certificate_file.pem
+       - ssl_certificate_key_file.pem
+       - ssl_certificate_chain_file.pem
+-      - ssl_ca_certificate_file.pem
+-      - ssl_ca_dn_request_file.pem
+     environment:
+...
+       SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem
+       SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem
+       SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem
+-      SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem
+-      SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem
+     networks:
+...
+   app:
+-    image: ghcr.io/datasharingframework/fhir:1.6.0
++    image: ghcr.io/datasharingframework/fhir:1.7.0
+     restart: on-failure
+...
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_permanent_delete.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS:  /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password
+-      DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+-  ssl_ca_dn_request_file.pem:
+-    file: ./secrets/ssl_ca_dn_request_file.pem
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/datasharingframework/bpe:1.6.0
++    image: ghcr.io/datasharingframework/bpe:1.7.0
+     restart: on-failure
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_camunda.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password
+-      DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    `,10)]))}const c=i(l,[["render",r],["__file","upgrade-from-1.html.vue"]]),h=JSON.parse('{"path":"/v1.7.0/maintain/upgrade-from-1.html","title":"Upgrade from DSF 1.6.0","lang":"en-US","frontmatter":{"title":"Upgrade from DSF 1.6.0","icon":"update","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.66,"words":499},"filePathRelative":"v1.7.0/maintain/upgrade-from-1.md","excerpt":"

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    "}');export{c as comp,h as data}; diff --git a/assets/upgradeFrom7.html-B6PaZf4F.js b/assets/upgradeFrom7.html-B6PaZf4F.js new file mode 100644 index 000000000..8a2eb8486 --- /dev/null +++ b/assets/upgradeFrom7.html-B6PaZf4F.js @@ -0,0 +1,90 @@ +import{_ as s}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as i,a,o as n}from"./app-BIWb5uIp.js";const r={};function l(t,e){return n(),i("div",null,e[0]||(e[0]=[a(`

    Upgrading the DSF from 0.7.0 to 0.9.0 involves replacing a config file, modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.7.0 with 0.9.0

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.7.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.0
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.7.0
++    image: ghcr.io/highmed/fhir:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Download prepared DSF FHIR server config files and extract/replace the external FHIR bundle

      The command will update the external FHIR bundle at /opt/fhir/conf/bundle.xml

      The output of the tar command should be

      fhir/conf/bundle.xml

    4. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.7.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -29,9 +29,6 @@ services:
+       - type: bind
+         source: ./log
+         target: /opt/bpe/log
+-      - type: bind
+-        source: ./last_event
+-        target: /opt/bpe/last_event
+       - type: bind
+         source: ./cache
+         target: /opt/bpe/cache
+@@ -48,8 +45,8 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
++        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0
+
+       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
+       #TODO add process specific environment variables, see process documentation

      • HiGHmed instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.7.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -29,9 +29,6 @@ services:
+       - type: bind
+         source: ./log
+         target: /opt/bpe/log
+-      - type: bind
+-        source: ./last_event
+-        target: /opt/bpe/last_event
+       - type: bind
+         source: ./psn
+         target: /opt/bpe/psn
+@@ -51,11 +48,11 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        highmedorg_computeFeasibility/0.6.0
+-        highmedorg_computeDataSharing/0.6.0
+-        highmedorg_updateAllowList/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
++        highmedorg_computeFeasibility/0.7.0
++        highmedorg_computeDataSharing/0.7.0
++        highmedorg_updateAllowList/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0
+
+       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
+       #TODO add process specific environment variables, see process documentation

    3. Upgrade DSF Plugins and Process-Plugins

      • NUM-CODEX (non HiGHmed) instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

      • HiGHmed instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release
          3. Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release
          4. Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release
          5. Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release
          6. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release
          7. Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

        • Plugins in '/opt/bpe/plugin':

          1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes
          2. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes

          Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    `,6)]))}const h=s(r,[["render",l],["__file","upgradeFrom7.html.vue"]]),o=JSON.parse('{"path":"/oldstable/releases/upgradeFrom7.html","title":"Upgrading from 0.7.0 to 0.9.0","lang":"en-US","frontmatter":{"title":"Upgrading from 0.7.0 to 0.9.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":3.63,"words":1088},"filePathRelative":"oldstable/releases/upgradeFrom7.md","excerpt":"

    Upgrading the DSF from 0.7.0 to 0.9.0 involves replacing a config file, modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    \\n

    If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first.

    "}');export{h as comp,o as data}; diff --git a/assets/upgradeFrom8.html-BiXdmn2Q.js b/assets/upgradeFrom8.html-BiXdmn2Q.js new file mode 100644 index 000000000..3a611f6b3 --- /dev/null +++ b/assets/upgradeFrom8.html-BiXdmn2Q.js @@ -0,0 +1,46 @@ +import{_ as r}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as n,b as s,d as i,e as l,f as t,a as o,r as d,o as p}from"./app-BIWb5uIp.js";const h={};function c(g,e){const a=d("RouteLink");return p(),n("div",null,[e[5]||(e[5]=s("p",null,"Upgrading the DSF from 0.8.0 to 0.9.0 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.",-1)),s("p",null,[e[3]||(e[3]=s("strong",null,[i("If you are upgrading from 0.6.0 please see the "),s("a",{href:"https://github.com/highmed/highmed-dsf/wiki/DSF-Upgrade-From-0.6.0-to-0.7.0",target:"_blank",rel:"noopener noreferrer"},"Upgrade from 0.6.0 to 0.7.0 guide"),i(" first and then visit the "),s("a",{href:"https://github.com/highmed/highmed-dsf/wiki/DSF-Upgrade-From-0.7.0-to-0.9.0",target:"_blank",rel:"noopener noreferrer"},"Upgrade from 0.7.0 to 0.9.0 guide"),i(".")],-1)),e[4]||(e[4]=s("br",null,null,-1)),s("strong",null,[e[1]||(e[1]=i("If you are upgrading from 0.7.0 please see the ")),l(a,{to:"/oldstable/releases/upgradeFrom7.html"},{default:t(()=>e[0]||(e[0]=[i("Upgrade from 0.7.0 to 0.9.0 guide")])),_:1}),e[2]||(e[2]=i("."))])]),e[6]||(e[6]=o(`

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.8.0 with 0.9.0

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.8.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.0
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.8.0
++    image: ghcr.io/highmed/fhir:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.8.0 to 0.9.0, update the process exclude config and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

      • HiGHmed instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -48,9 +48,9 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        highmedorg_computeFeasibility/0.6.0
+-        highmedorg_computeDataSharing/0.6.0
+-        highmedorg_updateAllowList/0.6.0
++        highmedorg_computeFeasibility/0.7.0
++        highmedorg_computeDataSharing/0.7.0
++        highmedorg_updateAllowList/0.7.0
+         wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
+         wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0

    3. Upgrade DSF Plugins and Process-Plugins

      • NUM-CODEX (non HiGHmed) instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

      • HiGHmed instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release
          3. Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release
          4. Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release
          5. Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release
          6. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release
          7. Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

        • Plugins in '/opt/bpe/plugin':

          1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes
          2. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes

          Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    `,4))])}const k=r(h,[["render",c],["__file","upgradeFrom8.html.vue"]]),f=JSON.parse('{"path":"/oldstable/releases/upgradeFrom8.html","title":"Upgrading from 0.8.0 to 0.9.0","lang":"en-US","frontmatter":{"title":"Upgrading from 0.8.0 to 0.9.0","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":2.99,"words":898},"filePathRelative":"oldstable/releases/upgradeFrom8.md","excerpt":"

    Upgrading the DSF from 0.8.0 to 0.9.0 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    \\n

    If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first and then visit the Upgrade from 0.7.0 to 0.9.0 guide.
    \\nIf you are upgrading from 0.7.0 please see the Upgrade from 0.7.0 to 0.9.0 guide.

    "}');export{k as comp,f as data}; diff --git a/assets/upgradeFrom90.html-DBOiKNdT.js b/assets/upgradeFrom90.html-DBOiKNdT.js new file mode 100644 index 000000000..f9b10fd51 --- /dev/null +++ b/assets/upgradeFrom90.html-DBOiKNdT.js @@ -0,0 +1,35 @@ +import{_ as n}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as r,b as i,d as s,e as l,f as t,a as d,r as p,o}from"./app-BIWb5uIp.js";const h={};function c(g,e){const a=p("RouteLink");return o(),r("div",null,[e[3]||(e[3]=i("p",null,"Upgrading the DSF from 0.9.0 to 0.9.1 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.",-1)),i("p",null,[i("strong",null,[e[1]||(e[1]=s("If you are upgrading from 0.8.0 please see the ")),l(a,{to:"/oldstable/releases/upgradeFrom8.html"},{default:t(()=>e[0]||(e[0]=[s("Upgrade from 0.8.0 to 0.9.0 guide")])),_:1}),e[2]||(e[2]=s("."))])]),e[4]||(e[4]=d(`

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.0 with 0.9.1

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.1
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.0
++    image: ghcr.io/highmed/fhir:0.9.1
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.9.0 to 0.9.1

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.0
++    image: ghcr.io/highmed/bpe:0.9.1
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

      • HiGHmed instance:
        Change the bpe container version from 0.9.0 to 0.9.1

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade DSF Plugins and Process-Plugins
      * Plugins in '/opt/bpe/plugin':
      1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.1.zip, see DSF release notes
      1. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.1.zip, see DSF release notes

           Make sure the plugins in \`/opt/bpe/plugin\` are configured with \`chmod 440\` and \`chown root:bpe\`.  
+

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    `,4))])}const m=n(h,[["render",c],["__file","upgradeFrom90.html.vue"]]),v=JSON.parse('{"path":"/oldstable/releases/upgradeFrom90.html","title":"Upgrading from 0.9.0 to 0.9.1","lang":"en-US","frontmatter":{"title":"Upgrading from 0.9.0 to 0.9.1","icon":"install","gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.83,"words":549},"filePathRelative":"oldstable/releases/upgradeFrom90.md","excerpt":"

    Upgrading the DSF from 0.9.0 to 0.9.1 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    \\n

    If you are upgrading from 0.8.0 please see the Upgrade from 0.8.0 to 0.9.0 guide.

    "}');export{m as comp,v as data}; diff --git a/assets/upgradeFrom91.html-BpKtvCHj.js b/assets/upgradeFrom91.html-BpKtvCHj.js new file mode 100644 index 000000000..cd93fe0cb --- /dev/null +++ b/assets/upgradeFrom91.html-BpKtvCHj.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const r={};function l(t,e){return n(),s("div",null,e[0]||(e[0]=[a(`

    Upgrading from 0.9.1

    Upgrading the DSF from 0.9.1 to 0.9.2 involves modifying the docker-compose.yml files and recreating the containers.

    As the upgrade from 0.9.0 to 0.9.1 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.1
++    image: ghcr.io/highmed/fhir_proxy:0.9.2
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.1
++    image: ghcr.io/highmed/fhir:0.9.2
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.1
++    image: ghcr.io/highmed/bpe:0.9.2
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    `,7)]))}const o=i(r,[["render",l],["__file","upgradeFrom91.html.vue"]]),h=JSON.parse('{"path":"/oldstable/releases/upgradeFrom91.html","title":"Upgrading from 0.9.1","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.26,"words":379},"filePathRelative":"oldstable/releases/upgradeFrom91.md","excerpt":"\\n

    Upgrading the DSF from 0.9.1 to 0.9.2 involves modifying the docker-compose.yml files and recreating the containers.

    \\n

    As the upgrade from 0.9.0 to 0.9.1 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    "}');export{o as comp,h as data}; diff --git a/assets/upgradeFrom92.html-CUfALwuj.js b/assets/upgradeFrom92.html-CUfALwuj.js new file mode 100644 index 000000000..0288736a8 --- /dev/null +++ b/assets/upgradeFrom92.html-CUfALwuj.js @@ -0,0 +1,26 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as s,a,o as n}from"./app-BIWb5uIp.js";const r={};function l(t,e){return n(),s("div",null,e[0]||(e[0]=[a(`

    Upgrading from 0.9.2

    Upgrading the DSF from 0.9.2 to 0.9.3 involves modifying the docker-compose.yml files and recreating the containers.

    As the upgrade from 0.9.0 to 0.9.1 and 0.9.1 to 0.9.2 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.3_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.2
++    image: ghcr.io/highmed/fhir_proxy:0.9.3
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.2
++    image: ghcr.io/highmed/fhir:0.9.3
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.3_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.2
++    image: ghcr.io/highmed/bpe:0.9.3
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.3. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.3, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.3. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.3, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    `,7)]))}const o=i(r,[["render",l],["__file","upgradeFrom92.html.vue"]]),h=JSON.parse('{"path":"/oldstable/releases/upgradeFrom92.html","title":"Upgrading from 0.9.2","lang":"en-US","frontmatter":{"gitInclude":[]},"headers":[{"level":2,"title":"Modify DSF FHIR Server Setup","slug":"modify-dsf-fhir-server-setup","link":"#modify-dsf-fhir-server-setup","children":[]},{"level":2,"title":"Modify DSF BPE Server Setup","slug":"modify-dsf-bpe-server-setup","link":"#modify-dsf-bpe-server-setup","children":[]}],"readingTime":{"minutes":1.28,"words":385},"filePathRelative":"oldstable/releases/upgradeFrom92.md","excerpt":"\\n

    Upgrading the DSF from 0.9.2 to 0.9.3 involves modifying the docker-compose.yml files and recreating the containers.

    \\n

    As the upgrade from 0.9.0 to 0.9.1 and 0.9.1 to 0.9.2 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    "}');export{o as comp,h as data}; diff --git a/assets/usingTheGitHubMaven.html-Hb3vEwIO.js b/assets/usingTheGitHubMaven.html-Hb3vEwIO.js new file mode 100644 index 000000000..0477498ef --- /dev/null +++ b/assets/usingTheGitHubMaven.html-Hb3vEwIO.js @@ -0,0 +1,38 @@ +import{_ as i}from"./plugin-vue_export-helper-DlAUqK2U.js";import{c as a,a as n,o as t}from"./app-BIWb5uIp.js";const e={};function l(h,s){return t(),a("div",null,s[0]||(s[0]=[n(`

    Authenticating to GitHub Packages

    For more information take a look at this GitHub documentation about authentication.

    In order to install the HiGHmed DSF packages using Maven in your own projects you need a personal GitHub access token. This GitHub documentation shows you how to generate one.

    After that, add the following configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the scope read:packages.

        <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+  <activeProfiles>
+    <activeProfile>github</activeProfile>
+  </activeProfiles>
+
+  <profiles>
+    <profile>
+      <id>github</id>
+      <repositories>
+        <repository>
+          <id>github</id>
+          <name>GitHub HiGHmed Apache Maven Packages</name>
+          <url>https://maven.pkg.github.com/highmed/highmed-dsf</url>
+          <releases><enabled>true</enabled></releases>
+          <snapshots><enabled>true</enabled></snapshots>
+        </repository>
+      </repositories>
+    </profile>
+  </profiles>
+
+  <servers>
+    <server>
+      <id>github</id>
+      <username>USERNAME</username>
+      <password>TOKEN</password>
+    </server>
+  </servers>
+</settings>

    Installing a Package

    For more information take a look at this GitHub documentation about package installation.

    To install an Apache Maven package from GitHub Packages edit the element dependencies in the pom.xml file by including the package. This could look as follows to include the dsf-bpe-process-base package (replace VERSION with the package version, e.g. 0.4.0-SNAPSHOT):

    <dependencies>
+  <dependency>
+    <groupId>org.highmed.dsf</groupId>
+    <artifactId>dsf-bpe-process-base</artifactId>
+    <version>VERSION</version>
+  </dependency>
+<dependencies>
    `,9)]))}const r=i(e,[["render",l],["__file","usingTheGitHubMaven.html.vue"]]),d=JSON.parse('{"path":"/oldstable/code/usingTheGitHubMaven.html","title":"Using the Github Maven Package Registry","lang":"en-US","frontmatter":{"title":"Using the Github Maven Package Registry","icon":"code","gitInclude":[]},"headers":[{"level":2,"title":"Authenticating to GitHub Packages","slug":"authenticating-to-github-packages","link":"#authenticating-to-github-packages","children":[]},{"level":2,"title":"Installing a Package","slug":"installing-a-package","link":"#installing-a-package","children":[]}],"readingTime":{"minutes":0.94,"words":283},"filePathRelative":"oldstable/code/usingTheGitHubMaven.md","excerpt":"

    Authenticating to GitHub Packages

    \\n

    For more information take a look at this GitHub documentation about authentication.

    "}');export{r as comp,d as data}; diff --git a/download/1.7.0/client_cert_ca_chains.pem b/download/1.7.0/client_cert_ca_chains.pem new file mode 100644 index 000000000..13eec0932 --- /dev/null +++ b/download/1.7.0/client_cert_ca_chains.pem @@ -0,0 +1,913 @@ +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Limited Basic Root CA 1 2019 +-----BEGIN CERTIFICATE----- +MIIETjCCAzagAwIBAgIDD+UpMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTArBgNVBAMMJEQtVFJVU1QgTGltaXRl +ZCBCYXNpYyBSb290IENBIDEgMjAxOTAeFw0xOTA2MTkwODE1NTFaFw0zNDA2MTkw +ODE1NTFaMFMxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTAr +BgNVBAMMJEQtVFJVU1QgTGltaXRlZCBCYXNpYyBSb290IENBIDEgMjAxOTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN81X083S74JbInkPxAL5tQg5SOF +ttjX/rviq7s4HG4zBvUF4KgwqXysC+mA5nRwEkFXnI6ZQTB8M0DI6vSBnpAOghZN +QgXFu07WsQWOTTlywst138t1t6YU8QPUVb1UbxiVu4WtycFaq98Rbfcsu6YIoENB +gjeXZRJPzxPhIf1oLtSkgBihX/7eVxZdVRGzAtuMZP9TqI3bQpZ1yY/7Od54ra4Q +SPy2La4VOqUSAyS2yRreugLL8aqSt7dh+YsDSgtHEn2HgrunptIFN45kVM4PEOHx +/gi5lpZ+pKRmLuoXMmvBUwa/HlySSV7bVv6xfHFZjjs3YjXvZh+8StvEY9cCAwEA +AaOCASkwggElMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFONo4hcITMmOHGJE +DKkpkQJiC6OTMA4GA1UdDwEB/wQEAwIBBjCB4gYDVR0fBIHaMIHXMIGJoIGGoIGD +hoGAbGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwTGlt +aXRlZCUyMEJhc2ljJTIwUm9vdCUyMENBJTIwMSUyMDIwMTksTz1ELVRydXN0JTIw +R21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwSaBHoEWGQ2h0dHA6 +Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3RfbGltaXRlZF9iYXNpY19yb290 +X2NhXzFfMjAxOS5jcmwwDQYJKoZIhvcNAQELBQADggEBALzcGA/9SQuKkkdFSUT+ +8mU4RTV7PWB3DpmqNt9kcB00oYqohwCyRXJygjcN/lNHi4828us0H7DtGdl2CQp4 +WbTcWtdBbjwaU0XH/FXdtxgo9BzM/VVfFUZUai8CtlDn6fJjLhVmPWQtX1EByEe/ +ulEwyxHipVD5pI1dY+ctdqXtWZ+HsudvZC5a/CFS/hElq2yTlS2SuKeTovGGM8GB +Y+XI16N3w/ItEjnQJJNPxPRfNjQdvhicaujXEOErHP8UGWgCJ+aDGboSq2dVbczE +m4DnKPXpWydVWZLI9d6a1RUWwmB9GD1/JKvxPThbwkHnWixlLkSKKr7uMaiWGaCX +oVQ= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Limited Basic CA 1-2 2019 +-----BEGIN CERTIFICATE----- +MIIFuTCCBKGgAwIBAgIDD+VKMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTArBgNVBAMMJEQtVFJVU1QgTGltaXRl +ZCBCYXNpYyBSb290IENBIDEgMjAxOTAeFw0xOTA4MjAxMjMyMjJaFw0zNDA2MTkw +ODE1NTFaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAo +BgNVBAMMIUQtVFJVU1QgTGltaXRlZCBCYXNpYyBDQSAxLTIgMjAxOTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBANxlUGXW81Y2JG/BtEO5dlbELYat4Zx9 +5b4RUux5scPTZX3wrEW+PK4EwQCvV8FH0SoDatOJcFiGduX2r29c0aFFyVKu6xHF +DApYNYV99+z5TiqXFdVkOUti56r10KsaO3FkcgAt4wDFgYd0dDseYo2SQqpKeqFR +QMVQVdLCt66yU8qbiaZ/sL2pcNsJMD/DkEV/axpTwzzk6H+kGUIJ+jpKpYw2pMFF +wYlqW91ICfLtTHvJqFb3DZ7yFNSiXgYBYH9R142vjflh1vg+GuqORiTLi/AhIjlb +3XUAFIZzJ77+PLQprYlRHGGBMaJ+3VbI+hWPTHpwVt6wHNVcfHUnA3kCAwEAAaOC +ApcwggKTMB8GA1UdIwQYMBaAFONo4hcITMmOHGJEDKkpkQJiC6OTMIIBMgYIKwYB +BQUHAQEEggEkMIIBIDBABggrBgEFBQcwAYY0aHR0cDovL2xpbWl0ZWQtYmFzaWMt +cm9vdC1jYS0xLTIwMTkub2NzcC5kLXRydXN0Lm5ldDBTBggrBgEFBQcwAoZHaHR0 +cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfTGltaXRlZF9CYXNp +Y19Sb290X0NBXzFfMjAxOS5jcnQwgYYGCCsGAQUFBzAChnpsZGFwOi8vZGlyZWN0 +b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBS +b290JTIwQ0ElMjAxJTIwMjAxOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y0FDZXJ0 +aWZpY2F0ZT9iYXNlPzAYBgNVHSAEETAPMA0GCysGAQQBpTQCg3QBMIHcBgNVHR8E +gdQwgdEwgc6ggcuggciGgYBsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NO +PUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBSb290JTIwQ0ElMjAxJTIwMjAx +OSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlz +dIZDaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9saW1pdGVkX2Jh +c2ljX3Jvb3RfY2FfMV8yMDE5LmNybDAdBgNVHQ4EFgQU0A0+3Aiv40EIZuDc8vqZ +ai3fGLkwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJKoZI +hvcNAQELBQADggEBAH8NXqPrIcKiZC51vfxvajB1HhFnRFFN/G3ZU4yR7XI+uGec +DjR8tOHdFYFmZG4qbDl70ZuRG4bs6H8cvfWyo1NmWZqjAkr6o1kIRTnFwn4JsssJ +7HR2RmJ4ar0C9miIk9sTNLwKy1/kBvCFqssdKdQwBSi85KRxPFYvv+vnMCvSL0Ob ++65q6V7QzvCk7ojiSrcfvHS8QnHJE9ReFRKD4KXAd7+OcZc1K3Mf+uNNHt3CP3ie +DN9K90sI81IWucEeN2NYvw/tJNDH5L4Ah3cn8XzxQVzOfAnn1isf2pci1IEj5f3Y +9JA7LYLLeH7n4+E5JWRiIUAhqNhQTchmwKLdR+E= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Limited Basic CA 1-3 2019 +-----BEGIN CERTIFICATE----- +MIIFvzCCBKegAwIBAgIDD+UsMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTArBgNVBAMMJEQtVFJVU1QgTGltaXRl +ZCBCYXNpYyBSb290IENBIDEgMjAxOTAeFw0xOTA2MjAxMTQ2NDlaFw0zNDA2MTkw +ODE1NTFaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAo +BgNVBAMMIUQtVFJVU1QgTGltaXRlZCBCYXNpYyBDQSAxLTMgMjAxOTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7RBVVVynr23OCuKpkrzJK87yspTQVh +vJRTtHS7zXG0jzpNLUV8D6Qjd3nOVs2VnW+rpfgQmFeic3E8G5jJmGv18O6LOGJS +CXbiF2eonBQ0oTF97oVukj/8SRYWEBjeBjB//U3gwdt14qATw1zk3B8K/u0zxtQ0 +1xMTL5ckilQ7/+x+RVCGanvx/FscQ1He0fkhfLgqaDJimWu7b0phwZqyyI1GEjEN +9FLWJxh4OeIzupAT4b1j5oaXHCY4BGT5zk6PbOYC7U2Jnt4zKU+pJVIJ+EhYOJS5 +tQM7YFG/eECAHcBtgdUIDgBZqrrx+k14aSQcW701sGqQT7cKcLen+yMCAwEAAaOC +Ap0wggKZMB8GA1UdIwQYMBaAFONo4hcITMmOHGJEDKkpkQJiC6OTMIIBMgYIKwYB +BQUHAQEEggEkMIIBIDBABggrBgEFBQcwAYY0aHR0cDovL2xpbWl0ZWQtYmFzaWMt +cm9vdC1jYS0xLTIwMTkub2NzcC5kLXRydXN0Lm5ldDBTBggrBgEFBQcwAoZHaHR0 +cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfTGltaXRlZF9CYXNp +Y19Sb290X0NBXzFfMjAxOS5jcnQwgYYGCCsGAQUFBzAChnpsZGFwOi8vZGlyZWN0 +b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBS +b290JTIwQ0ElMjAxJTIwMjAxOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y0FDZXJ0 +aWZpY2F0ZT9iYXNlPzAYBgNVHSAEETAPMA0GCysGAQQBpTQCg3QBMIHiBgNVHR8E +gdowgdcwgYmggYaggYOGgYBsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NO +PUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBSb290JTIwQ0ElMjAxJTIwMjAx +OSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlz +dDBJoEegRYZDaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9saW1p +dGVkX2Jhc2ljX3Jvb3RfY2FfMV8yMDE5LmNybDAdBgNVHQ4EFgQUZeInnG91+3Vn +CLczeuOdjnssKIgwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw +DQYJKoZIhvcNAQELBQADggEBAJLvDm1ZuBMhO2qR2R4H/GDDYETRBNqvtvWHRvBw +vryhtDm7tovqDg2v7x+vcSqZApFVW+zs+OvzNRXtyyIlkqxP5CL0okpHqqmKaaHn +tH8D93pV/p7xE39gFE6NNceSx6DHBxuOcOEha8zA8ixH+j+fzLX6SEOAhBIfCgDb +qg9Xtxi7+uupq4koQcXrDNTRHxuoNxAHnwYtgapwKwyBwMMaLliqxVyDcwN6aJEQ +tVoyOibUnUXej4bXh8FPCSU7m98nLY9aKk1O30jsgSiLxuVKBav8JaDPY1i69CSd +vn2adNlHjbl/57GVQ4VoTDzlmhRQGR9TIRPYA5F6VdeI4ak= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Root Class 3 CA 2 2009 +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha +ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM +HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 +UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 +tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R +ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM +lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp +/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G +A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G +A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj +dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy +MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl +cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js +L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL +BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni +acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K +zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 +PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y +Johw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST SSL Class 3 CA 1 2009 +-----BEGIN CERTIFICATE----- +MIIFMjCCBBqgAwIBAgIDCZBjMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMTIxMjQ2NTVaFw0yOTExMDUwODM1NTha +MEwxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJjAkBgNVBAMM +HUQtVFJVU1QgU1NMIENsYXNzIDMgQ0EgMSAyMDA5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAoal0SyLSijE0JkuhHJmOCbmQznyxuSY7DaEwhUsdUpI+ +2llkDLz6s9BWQe1zCVXDhrt3qz5U5H4h6jxm5Ec+ZbFiU3Gv2yxpI5cRPrqj9mJU +1CGgy1+29khuUnoopzSq66HPuGZGh06I7bJkXTQ7AQ92z1MdL2wATj1UWdNid3sQ +NiWIm+69nURHY6tmCNenNcG6aV4qjHMUPsjpCRabNY9nUO12rsmiDW2mbAC3gcxQ +lqLgLYur9HvB8cW0xu2JZ/B3PXmNphVuWskp3Y1u0SvIYzuEsE7lWDbBmtWZtabB +hzThkDQvd+3keQ1sU/beq1NeXfgKzQ5G+4Ql2PUY/wIDAQABo4ICGjCCAhYwHwYD +VR0jBBgwFoAU/doUxJ8w3iG9HkI5/KtjI0ng8YQwRAYIKwYBBQUHAQEEODA2MDQG +CCsGAQUFBzABhihodHRwOi8vcm9vdC1jMy1jYTItMjAwOS5vY3NwLmQtdHJ1c3Qu +bmV0MF8GA1UdIARYMFYwVAYEVR0gADBMMEoGCCsGAQUFBwIBFj5odHRwOi8vd3d3 +LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfUm9vdF9QS0lfQ1BT +LnBkZjAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRwOi8vd3d3LmQt +dHJ1c3QubmV0MIHTBgNVHR8EgcswgcgwgYCgfqB8hnpsZGFwOi8vZGlyZWN0b3J5 +LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El +MjAyJTIwMjAwOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZv +Y2F0aW9ubGlzdDBDoEGgP4Y9aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jcmwvZC10 +cnVzdF9yb290X2NsYXNzXzNfY2FfMl8yMDA5LmNybDAdBgNVHQ4EFgQUUBkylJrE +tQRNVtDAgyHVNVWwsXowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C +AQAwDQYJKoZIhvcNAQELBQADggEBABM5QRHX/yInsmZLWVlvmWmKb3c4IB3hAIVR +sAGhkvQJ/RD1GZjZUBBYMWkD1P37fTQxlqTOe3NecVvElkYZuCq7HSM6o7awzb3m +yLn1kN+hDCsxX0EYbVSNjEjkW3QEkqJH9owH4qeMDxf7tfXB7BVKO+rarYPa2PR8 +Wz2KhjFDmAeFg2J89YcpeJJEEJXoweAkgJEEwwEIfJ2yLjYo78RD0Rvij/+zkfj9 ++dSvTiZTuqicyo37qNoYHgchuqXnKodhWkW89oo2NKhfeNHHbqvXEJmx0PbI6YyQ +50GnYECZRHNKhgbPEtNy/QetU53aWlTlvu4NIwLW5XVsrxlQ2Zw= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA Client ECC Root CA 2021 +-----BEGIN CERTIFICATE----- +MIICWjCCAeGgAwIBAgIQMWjZ2OFiVx7SGUSI5hB98DAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTIxMDIxOTExMDMzNFoXDTQ1MDIxMzExMDMzM1owbzEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExJzAlBgNVBAMMHkhBUklDQSBDbGllbnQgRUND +IFJvb3QgQ0EgMjAyMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABAcYrZWWlNBcD4L3 +KkD6AsnJPTamowRqwW2VAYhgElRsXKIrbhM6iJUMHCaGNkqJGbcY3jvoqFAfyt9b +v0mAFdvjMOEdWscqigEH/m0sNO8oKJe8wflXhpWLNc+eWtFolaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUUgjSvjKBJf31GpfsTl8au1PNkK0wDgYDVR0P +AQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMEwxRUZPqOa+w3eyGhhLLYh7WOar +lGtEA7AX/9+Cc0RRLP2THQZ7FNKJ7EAM7yEBLgIwL8kuWmwsHdmV4J6wuVxSfPb4 +OMou8dQd8qJJopX4wVheT/5zCu8xsKsjWBOMi947 +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT S/MIME ECC 1 +-----BEGIN CERTIFICATE----- +MIIDdjCCAvugAwIBAgIQDJz22V5XPKzFUHJkSyvftjAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTE0MFoXDTM5MTIzMTExMTEzOVowYzEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdFQU5UIFMvTUlNRSBFQ0Mg +MTB2MBAGByqGSM49AgEGBSuBBAAiA2IABHHzZBx8BXADofSXSxbumNUgOW7oPUFD +MTBf97xIFnUvxGf449zwH17IBxs6EnsIRSZ80+3fMPGm7PcW4bogQmpStkHsbhl/ +yc+R0YudJcnXnC+HuGwkKlk9hoXX+gtBJ6OCAWYwggFiMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHwYDVR0jBBgwFoAUUgjSvjKBJf31GpfsTl8au1PNkK0wUAYIKwYBBQUH +AQEERDBCMEAGCCsGAQUFBzAChjRodHRwOi8vY3J0LmhhcmljYS5nci9IQVJJQ0Et +Q2xpZW50LVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8G +CCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUzAd +BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwRQYDVR0fBD4wPDA6oDigNoY0 +aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUNsaWVudC1Sb290LTIwMjEtRUND +LmNybDAdBgNVHQ4EFgQUccTTotYuiaWImnarwbliZz8kZeswDgYDVR0PAQH/BAQD +AgGGMAoGCCqGSM49BAMDA2kAMGYCMQDbRE4Sf4j5cdd9PlC4xjnNvJxfsDX5ouYb +3ffJ6ukmEjI7RnHm6xJ2V++40nWYVfgCMQDfXaawZpZymK4CBIMHxoViSYBHw/Mm +JOG3trrP+Q4Kb0AfJb/S2ojAD+EAKiiB5hM= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA S/MIME ECC +-----BEGIN CERTIFICATE----- +MIIDejCCAwGgAwIBAgIQR+QjpXN0lyzfL5Q4f0wP1DAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzY1OFoXDTM2MDMxNTA5MzY1N1owYjEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBTL01JTUUgRUND +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEbidoUrQSTETj3yKvZfP8hz4cjWJYLu2S +BQVAorbEw3a9bbiaYGSreAJJamuTKI/8EiGjOZ3gAxlWZirpKofebc+lqDa87zjh +E88mIhT+WYBu4S/0+lb0r59quKF8Y0pHo4IBbTCCAWkwEgYDVR0TAQH/BAgwBgEB +/wIBADAfBgNVHSMEGDAWgBRSCNK+MoEl/fUal+xOXxq7U82QrTBXBggrBgEFBQcB +AQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9I +QVJJQ0EtQ2xpZW50LVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0g +ADAxMC8GCCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRz +L0NQUzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwRQYDVR0fBD4wPDA6 +oDigNoY0aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUNsaWVudC1Sb290LTIw +MjEtRUNDLmNybDAdBgNVHQ4EFgQUTq8v2Rh752P2xakBhmVdLF4791YwDgYDVR0P +AQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMEayoDfZOkZgvT13XbjuSpKc2m/C +cEQqYDwGIyXBhZqyMoMyDcthQsiEwBW3lHT5IQIwIT2kzroVW2iWhRF3vaTEAo3m ++AosNW84YGle0MMG2SDIoQEJiqhjRfQwZHHeBzCE +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA Client RSA Root CA 2021 +-----BEGIN CERTIFICATE----- +MIIFqjCCA5KgAwIBAgIQVVL4HtsbJCyeu5YYzQIoPjANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTIxMDIxOTEwNTg0NloXDTQ1MDIxMzEwNTg0NVow +bzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExJzAlBgNVBAMMHkhBUklDQSBDbGllbnQg +UlNBIFJvb3QgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AIHbV0KQLHQ19Pi4dBlNqwlad0WBc2KwNZ/40LczAIcTtparDlQSMAe8m7dI19EZ +g66O2KnxqQCEsIxenugMj1Rpv/bUCE8mcP4YQWMaszKLQPgHq1cx8MYWdmeatN0v +8tFrxdCShJFxbg8uY+kfU6TdUhPMCYMpgQzFU3VEsQ5nUxjQwx+IS5+UJLQpvLvo +Tv1v0hUdSdyNcPIRGiBRVRG6iG/E91B51qox4oQ9XjLIdypQceULL+m26u+rCjM5 +Dv2PpWdDgo6YaQkJG0DNOGdH6snsl3ES3iT1cjzR90NMJveQsonpRUtVPTEFekHi +lbpDwBfFtoU9GY1kcPNbrM2f0yl1h0uVZ2qm+NHdvJCGiUMpqTdb9V2wJlpTQnaQ +K8+eVmwrVM9cmmXfW4tIYDh8+8ULz3YEYwIzKn31g2fn+sZD/SsP1CYvd6QywSTq +ZJ2/szhxMUTyR7iiZkGh+5t7vMdGanW/WqKM6GpEwbiWtcAyCC17dDVzssrG/q8R +chj258jCz6Uq6nvWWeh8oLJqQAlpDqWW29EAufGIbjbwiLKd8VLyw3y/MIk8Cmn5 +IqRl4ZvgdMaxhZeWLK6Uj1CmORIfvkfygXjTdTaefVogl+JSrpmfxnybZvP+2M/u +vZcGHS2F3D42U5Z7ILroyOGtlmI+EXyzAISep0xxq0o3AgMBAAGjQjBAMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFKDWBz1eJPd7oEQuJFINGaorBJGnMA4GA1Ud +DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEADUf5CWYxUux57sKo8mg+7ZZF +yzqmmGM/6itNTgPQHILhy9Pl1qtbZyi8nf4MmQqAVafOGyNhDbBX8P7gyr7mkNuD +LL6DjvR5tv7QDUKnWB9p6oH1BaX+RmjrbHjJ4Orn5t4xxdLVLIJjKJ1dqBp+iObn +K/Es1dAFntwtvTdm1ASip62/OsKoO63/jZ0z4LmahKGHH3b0gnTXDvkwSD5biD6q +XGvWLwzojnPCGJGDObZmWtAfYCddTeP2Og1mUJx4e6vzExCuDy+r6GSzGCCdRjVk +JXPqmxBcWDWJsUZIp/Ss1B2eW8yppRoTTyRQqtkbbbFA+53dWHTEwm8UcuzbNZ+4 +VHVFw6bIGig1Oq5l8qmYzq9byTiMMTt/zNyW/eJb1tBZ9Ha6C8tPgxDHQNAdYOkq +5UhYdwxFab4ZcQQk4uMkH0rIwT6Z9ZaYOEgloRWwG9fihBhb9nE1mmh7QMwYXAwk +ndSV9ZmqRuqurL/0FBkk6Izs4/W8BmiKKgwFXwqXdafcfsD913oY3zDROEsfsJhw +v8x8c/BuxDGlpJcdrL/ObCFKvicjZ/MGVoEKkY624QMFMyzaNAhNTlAjrR+lxdR6 +/uoJ7KcoYItGfLXqm91P+edrFcaIz0Pb5SfcBFZub0YV8VYt6FwMc8MjgTggy8kM +ac8sqzuEYDMZUv1pFDM= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT S/MIME RSA 1 +-----BEGIN CERTIFICATE----- +MIIGRDCCBCygAwIBAgIQFfmubKqNLtTTb3h/Htx7ATANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTMwOFoXDTM5MTIzMTExMTMwN1ow +YzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdFQU5UIFMvTUlNRSBS +U0EgMTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKu4bq/+byKjHo25 +Xz32YBmO+Wrkmc+UmfcdXSCI7yawwU9JSMEHAAKAASaJpLr9JAyt+tlB/rn/Sazn +SwY4ipBIffR0D5k/ndfiI553dWgI4i/tkOGlNej/7JyE2CS9kTlOOs6pg5HaDpwq +jAhCkje+IByg5gKWH6lzvMJo5jQOtsGB2q6e5cYKwa9LJOAcR8iquds9LFssbHSM +uVdSuTjpAjcGLqWfW++C0YXpWD+UonjQ6lNEuiKUDmrFc+SEtLw56lYtp4uuxm4L +W/HQSsx+oGwMBqaR6HhBQ3LydONjsbcbegRqJZFJoLsnwIHorEag44UIvjXzYJAx +/NTiwVdHldO7cEvWscDbyQLR9koBoliq2HrgYFQs7NQxU+7MLNSh8i6znWVNISUE +g36M//I8BZl4VqD70ELlhKKN7rx+i7BwKOd2gxdWgFJhkPyQu9o+82R9epXiRblo +/rdkyv+2BFR7VpbgPUzncdi8/0h4dP/qQFYnA+Df0FFj7gYczwIDAQABo4IBZjCC +AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSg1gc9XiT3e6BELiRS +DRmqKwSRpzBQBggrBgEFBQcBAQREMEIwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jcnQu +aGFyaWNhLmdyL0hBUklDQS1DbGllbnQtUm9vdC0yMDIxLVJTQS5jZXIwRAYDVR0g +BD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9yZXBvLmhhcmljYS5n +ci9kb2N1bWVudHMvQ1BTMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDBF +BgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtQ2xp +ZW50LVJvb3QtMjAyMS1SU0EuY3JsMB0GA1UdDgQWBBTrsi87/a4CzCpEBl0lzR0S +ImiwRzAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADveuEX23Dwr +kygKtsF7DmcTGmi8SE20jmJLe0TMT8Nws1NqppE0ACym1agtY1IjUFm5MWabG/Ic +vRTh8sB9cRZgDQMqZLNCLofqL4aj/dKBXH4bwH2MVdjNHBoGvZkyhRz/kBE+x1va +WXclhWQMOX5nVvRMfiEJiYotMP7KM88IaVZ9DkGJJEVftsnUWuvCWUtjagD6XWlq +LHjNl+LufiZ/h9lDvaWqG1/obfdStgofMc30RL+ES6gYKRwZpCA1coFzXV7Cnwx8 +toTl8bReqCNXexKzxlqAcRXPOmlKkJQuqRI297oNuMPnoNZCY+yLnxyd4kZuu0Xc +OTNTpVjM8bvg8ACqhSYanrNDi/zTiTk7gwm9GyH1X45fFNGNEFgpIaApjT2UELuk +DOmP18ZwC4EQeHawPJIqffMEmUJm6qbRPKGnNmcyygh4iZU3QbkRLLp3Z6QV3WoT +Eqyf5mL9qTGS6WJG65L8oaKw1Xh/bdGuVIDyBahpfP2c2pCd0UH6+x73Rrq9GFlO +ijVr2OQSvKhzETNG917SvcURCBhMnIQFUXqHQyIY60eH1po6WtNOq/1K5kpOG6Sq +1RVc02LEit48uK4tRMVUKekSOjruGXW38DmAriPcMHjI6VQbqjc0Sq1VPz76ee4F +M5uLviSUZHYqDDqMWa8LFImK9iiKI8E3 +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA S/MIME RSA +-----BEGIN CERTIFICATE----- +MIIGyjCCBLKgAwIBAgIQKU8NCxll7jtXyXGT7O5U0zANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzczOFoXDTM2MDMxNTA5MzczN1ow +YjELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBTL01JTUUg +UlNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5TUrmNU21Y8gpvrx +XCCOJS54uCyv6H6HQ1NCCz2FCg04VaNEuRYFGSXbxC88u/Q3M/MfegErs6MlLg5j +gaAD7UYRpFMs/rS6Z6Pr45LDaWHTsS7gjhYaq47+iO0+17eTc7VWeTFzZji3ocFA +CiXc+tEDRXSGal+qu4s6/Zmexmtp3P8QodrLgy6mAXO7necfkCoyBVjUcixIvPeR +1NeFWfy2io7QU+Wf4Wm18259W+oJgxH0mgfFKgGrz/c2BokxzdXFvuKggVWEh/p0 +jy8uRQOGcMRT2fyUh5LM6zRBGObE8xIiRfforJF2CGSu1B0wj0jCmFG8Z2UN55xk +EH+HKpQlm+S0mvez7YYUqMobN1RjTWHSZQoX2nuYk0no/cxbUl/AVXE0fq3DkNv4 +fdTGfLkTJ42qdyAIpjEjkLgrb4C4CT2IxPuNCLCE25SnVmydA7CuMmbwfljWwkE4 +JyO23QL90baDIcEg/NYp/IueW9qu8YwCX5ipJhflzqnjONFKDlC93FnoQ/i/ALIk +MOhjCrHePX3/F7OWXWAoIRdbqoCNvN4KnJfcFJCcPDOGY7qds5cMcII3uKhhsRCQ +Jg2KKGvVdwp1oBIibuVM+cIZi3QucK8TfssODws1WNce5RV+Gniv5U4dhS+5nPvC +gQr6a8wL4ha8hc8ovXEhrrBHtOMCAwEAAaOCAW0wggFpMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHwYDVR0jBBgwFoAUoNYHPV4k93ugRC4kUg0ZqisEkacwVwYIKwYBBQUH +AQEESzBJMEcGCCsGAQUFBzAChjtodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMv +SEFSSUNBLUNsaWVudC1Sb290LTIwMjEtUlNBLmNlcjBEBgNVHSAEPTA7MDkGBFUd +IAAwMTAvBggrBgEFBQcCARYjaHR0cDovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50 +cy9DUFMwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMEUGA1UdHwQ+MDww +OqA4oDaGNGh0dHA6Ly9jcmwuaGFyaWNhLmdyL0hBUklDQS1DbGllbnQtUm9vdC0y +MDIxLVJTQS5jcmwwHQYDVR0OBBYEFJX2FFz9LqSMQ6C3jgW0Orbsgg2fMA4GA1Ud +DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAL2XgP79Wk/ijkQOI55UihqPR +m68QXb1IDKYCmQiJFkqNQOf/Bt10RjtASV2kjDEQoI4cnmwB++Pd8A9kyFdWPwJ2 +bX68XvFvHX6FzejNwJ5b6wIiz1W3QlHZwhTSoV0KHh4H4gzD8N9X4HwfESVYRkQF +3tTg1VnZJI2ggCg5201X3BI6YLDc4GltF5EORVzT5xPpMiNHxDivoP8tEdijw5Jh +kpCDG8BbpbfXQ1HjPRawQ4w6w1aXgyhajLAhjZdLOfpmZO5EbYai46m/niK5mKTU +/RFupYhNsejfD5wm6JEZbisV5SXVPbmIXrTwvt66lGvgSb3X7waCFIVuwr71qc/q +YNyvXA4ALSchFU8xqWDu2StWrB3i3CzNR2DMz18yYpjeJehuuhsIZu+Ku4CML1O3 +nlKCXx3EbABVAJkXhbDqHnUw0kqPHh9enYcXdJ8zjLhHVBghdLfpOmp9ZtIOjquL +mi+OEwkhOv6bC4IXpY57c5bBzK9DCoffE1LG/JUfOSE0B6kuTVyXvFhfq7BK5LcJ +WieXlSD3COOcqBQ62eHKpRPEYOLdAHDdOq6MBHHMAVUkB/pAFgDj0twB+xP2FUUk +ycRBPSiBgQEnuI8QLrQXB3FDSXqh+I8jfUcVc7JvgvG4bLMjozgFB58A7gJ5YDce +4P4ckMdKzbAXPa5tY2Y= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA TLS ECC Root CA 2021 +-----BEGIN CERTIFICATE----- +MIICVDCCAdugAwIBAgIQZ3SdjXfYO2rbIvT/WeK/zjAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTIxMDIxOTExMDExMFoXDTQ1MDIxMzExMDEwOVowbDELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgRUNDIFJvb3Qg +Q0EgMjAyMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDgI/rGgltJ6rK9JOtDA4MM7 +KKrxcm1lAEeIhPyaJmuqS7psBAqIXhfyVYf8MLA04jRYVxqEU+kw2anylnTDUR9Y +STHMmE5gEYd103KUkE+bECUqqHgtvpBBWJAVcqeht6NCMEAwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUyRtTgRL+BNUW0aq8mm+3oJUZbsowDgYDVR0PAQH/BAQD +AgGGMAoGCCqGSM49BAMDA2cAMGQCMBHervjcToiwqfAircJRQO9gcS3ujwLEXQNw +SaSS6sUUiHCm0w2wqsosQJz76YJumgIwK0eaB8bRwoF8yguWGEEbo/QwCZ61IygN +nxS2PFOiTAZpffpskcYqSUXm7LcT4Tps +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT TLS ECC 1 +-----BEGIN CERTIFICATE----- +MIIDNzCCArygAwIBAgIQQv3c4SYWB+Gl5pNaQAFh3TAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTI1MDEwMzExMTQyMVoXDTM5MTIzMTExMTQyMFowYDELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExGDAWBgNVBAMMD0dFQU5UIFRMUyBFQ0MgMTB2MBAG +ByqGSM49AgEGBSuBBAAiA2IABANPWLwh0Za2UqtbLV7/qNRm78zsttgSuvhn73bU +GtxETsVOEZeMUfMjgHw8EwrsSJI9oj0CgZQFFSEY1NJfcxA/NJiOYJUKPsFbpOrY +dr0q4g+aBZsXWeh7bMCzx24g/aOCAS0wggEpMBIGA1UdEwEB/wQIMAYBAf8CAQAw +HwYDVR0jBBgwFoAUyRtTgRL+BNUW0aq8mm+3oJUZbsowTQYIKwYBBQUHAQEEQTA/ +MD0GCCsGAQUFBzAChjFodHRwOi8vY3J0LmhhcmljYS5nci9IQVJJQ0EtVExTLVJv +b3QtMjAyMS1FQ0MuY2VyMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggr +BgEFBQcDAgYIKwYBBQUHAwEwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC5o +YXJpY2EuZ3IvSEFSSUNBLVRMUy1Sb290LTIwMjEtRUNDLmNybDAdBgNVHQ4EFgQU +6ZkGjRcfq/uWGlrIW15dXuzanI8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMD +A2kAMGYCMQD2M1caaY2OwmthgmANUQg3LBLI0/2LiCdxa2zNq0G59wVzbjEk0cR/ +px52OegIwRACMQCk+iTmBlR6Xfv6igiiaFiPYfN2HfbcYLWbot5DZ2H1b4JVJV+V +rga7uu50SDG9hf4= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA OV TLS ECC +-----BEGIN CERTIFICATE----- +MIIDcjCCAvigAwIBAgIQbIPKxKaS8zQphK9yBQyPDDAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTIxMDMxOTA5MzM1MloXDTM2MDMxNTA5MzM1MVowYjELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBPViBUTFMgRUNDMHYw +EAYHKoZIzj0CAQYFK4EEACIDYgAECLBRkImpVT10VjeoeRvNhOsxxQe+XVQO37r8 +PPKVlSWR/+78tD+FMEUTLGGjVUd4+KFCM2Yc2V3fZyoQIaxUzbhUYwIavuaF0V9l +t0cfPISZ1rcQEHn3yAr1ON1eoT3jo4IBZzCCAWMwEgYDVR0TAQH/BAgwBgEB/wIB +ADAfBgNVHSMEGDAWgBTJG1OBEv4E1RbRqryab7eglRluyjBUBggrBgEFBQcBAQRI +MEYwRAYIKwYBBQUHMAKGOGh0dHA6Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9IQVJJ +Q0EtVExTLVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8G +CCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUzAd +BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwQgYDVR0fBDswOTA3oDWgM4Yx +aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLVRMUy1Sb290LTIwMjEtRUNDLmNy +bDAdBgNVHQ4EFgQUvrSdrMbKJ79Ox9kcg/5aTh6XB58wDgYDVR0PAQH/BAQDAgGG +MAoGCCqGSM49BAMDA2gAMGUCMQCBJIThQHLwid4SHT+YoWXd7tEFwKf6OsIX+M4U +fh2/UAp8bCiB7D/lcAvFj9YPajcCME5DsmcLbYE7D44HlLoqVcr7RDdh84nG6Dsp +8+YS3BnKAIONAWeGq4jawr3lD667Mw== +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA TLS RSA Root CA 2021 +-----BEGIN CERTIFICATE----- +MIIFpDCCA4ygAwIBAgIQOcqTHO9D88aOk8f0ZIk4fjANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTIxMDIxOTEwNTUzOFoXDTQ1MDIxMzEwNTUzN1owbDEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgUlNBIFJv +b3QgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIvC569l +mwVnlskNJLnQDmT8zuIkGCyEf3dRywQRNrhe7Wlxp57kJQmXZ8FHws+RFjZiPTgE +4VGC/6zStGndLuwRo0Xua2s7TL+MjaQenRG56Tj5eg4MmOIjHdFOY9TnuEFE+2uv +a9of08WRiFukiZLRgeaMOVig1mlDqa2YUlhu2wr7a89o+uOkXjpFc5gH6l8Cct4M +pbOfrqkdtx2z/IpZ525yZa31MJQjB/OCFks1mJxTuy/K5FrZx40d/JiZ+yykgmvw +Kh+OC19xXFyuQnspiYHLA6OZyoieC0AJQTPb5lh6/a6ZcMBaD9YThnEvdmn8kN3b +LW7R8pv1GmuebxWMevBLKKAiOIAkbDakO/IwkfN4E8/BPzWr8R0RI7VDIp4BkrcY +AuUR0YLbFQDMYTfBKnya4dC6s1BG7oKsnTH4+yPiAwBIcKMJJnkVU2DzOFytOOqB +AGMUuTNe3QvboEUHGjMJ+E20pwKmafTCWQWIZYVWrkvL4N48fS0ayOn7H6NhStYq +E613TBoYm5EPWNgGVMWX+Ko/IIqmhaZ39qb8HOLubpQzKoNQhArlT4b4UEV4AIHr +W2jjJo3Me1xR9BQsQL4aYB16cmEdH2MtiKrOokWQCPxrvrNQKlr9qEgYRtaQQJKQ +CoReaDH46+0N0x3GfZkYVVYnZS6NRcUk7M7jAgMBAAGjQjBAMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFApII6ZgpJIKM+qTW8VX6iVNvRLuMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPpBIqm5iFSVmewzVjIuJndftTgfvnNAU +X15QvWiWkKQUEapobQk1OUAJ2vQJLDSle1mESSmXdMgHHkdt8s4cUCbjnj1AUz/3 +f5Z2EMVGpdAgS1D0NTsY9FVqQRtHBmg8uwkIYtlfVUKqrFOFrJVWNlar5AWMxaja +H6NpvVMPxP/cyuN+8kyIhkdGGvMA9YCRotxDQpSbIPDRzbLrLFPCU3hKTwSUQZqP +JzLB5UkZv/HywouoCjkxKLR9YjYsTewfM7Z+d21+UPCfDtcRj88YxeMn/ibvBZ3P +zzfF0HvaO7AWhAw6k9a+F9sPPg4ZeAnHqQJyIkv3N3a6dcSFA1pj1bF1BcK5vZSt +jBWZp5N99sXzqnTPBIWUmAD04vnKJGW/4GKvyMX6ssmeVkjaef2WdhW+o45WxLM0 +/L5H9MG0qPzVMIho7suuyWPEdr6sOBjhXlzPrjoiUevRi7PzKzMHVIf6tLITe7pT +BGIBnfHAT+7hOtSLIBD6Alfm78ELt5BGnBkpjNxvoEppaZS3JGWg/6w/zgH7IS79 +aPib8qXPMThcFarmlwDB31qlpzmq6YR/PFGoOtmUW4y/Twhx5duoXNTSpv4Ao8YW +xw/ogM4cKGR0GQjTQuPOAF1/sdwTsOEFy9EgqoZ0njnnkf3/W9b3raYvAwtt41dU +63ZTGI0RmLo= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT TLS RSA 1 +-----BEGIN CERTIFICATE----- +MIIGBTCCA+2gAwIBAgIQFNV782kiKCGaVWf6kWUbIjANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTUwMFoXDTM5MTIzMTExMTQ1OVowYDEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGDAWBgNVBAMMD0dFQU5UIFRMUyBSU0EgMTCC +AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKEEaZSzEzznAPk8IEa17GSG +yJzPTj4cwRY7/vcq2BPT5+IRGxQtaCdgLXIEl2cdPdIkj2eyakFmgMjAtyeju8V8 +dRayQCD/bWjJ7thDlowgLljQaXirxnYbT8bzRHAhCZqBakYgi5KWw9dANLyDHGpX +UdY259ab0lWEaFE5Uu6IzQSMJOAy4l/Twym8GUiy0qMDEBFSlm31C9BXpdHKKAlh +vIjMiKoDeTWl5vZaLB2MMRGY1yW2ftPgIP0/MkX1uFITlvHmmMTngxplH1nybEIJ +FiwHg1KiLk1TprcZgeO2gxE5Lz3wTFWrsUlAzrh5xWmscWkjNi/4BpeuiT5+NExF +czboLnXOfjuci/7bsnPi1/aZN/iKNbJRnngFoLaKVMmqCS7Xo34f+BITatryQZFE +u2oDKExQGlxDBCfYMLgLucX/onpLzUSgeQITNLx6i5tGGbUYH+9Dy3GI66L/5tPj +qzlOsydki8ZYGE5SBJeWCZ2IrhUe0WzZ2b6Zhk6JAQIDAQABo4IBLTCCASkwEgYD +VR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQKSCOmYKSSCjPqk1vFV+olTb0S +7jBNBggrBgEFBQcBAQRBMD8wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jcnQuaGFyaWNh +LmdyL0hBUklDQS1UTFMtUm9vdC0yMDIxLVJTQS5jZXIwEQYDVR0gBAowCDAGBgRV +HSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBCBgNVHR8EOzA5MDeg +NaAzhjFodHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtVExTLVJvb3QtMjAyMS1S +U0EuY3JsMB0GA1UdDgQWBBSGAXI/jKlw4jEGUxbOAV9becg8OzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQELBQADggIBABkssjQzYrOo4GMsKegaChP16yNe6Sck +cWBymM455R2rMeuQ3zlxUNOEt+KUfgueOA2urp4j6TlPbs/XxpwuN3I1f09Luk5b ++ZgRXM7obE6ZLTerVQWKoTShyl34R2XlK8pEy7+67Ht4lcJzt+K6K5gEuoPSGQDP +ef+fUfmXrFcgBMcMbtfDb9dubFKNZZxo5nAXiqhFMOIyByag3H+tOTuH8zuId9pH +RDsUpAIHJ9/W2WBfLcKav7IKRlNBRD/sPBy903J9WHPKwl8kQSDA+aa7XCYk7bJt +Eyf+7GM9F5cZ7+YyknXqnv/rtQEkTKZdQo5Us18VFe9qqj94tXbLdk7PejJYNB4O +Zlli44Ld7rtqfFlUych7gIxFOmiyxMQQYrYmUi+74lEZvfoNhuref0CupuKpz6O3 +dLv6kO9T10uNdDBoBQTkge3UzHafTIe3R2o3ujXKUGPwyc9m7/FETyKLUCwSU/5O +AVOeBCU8QtkKKjM8AmbpKpe3pHWcyq3R7B3LmIALkMPTydyDfxen65IDqREbVq8N +xjhkJThUz40JqOlN6uqKqeDISj/IoucYwsqW24AlO7ZzNmohQmMi8ep23H4hBSh0 +GBTe2XvkuzaNf92syK8l2HzO+13GLCjzYLTPvXTO9UpK8DGyfGZOuamuwbAnbNpE +3RfjV9IaUQGJ +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA OV TLS RSA +-----BEGIN CERTIFICATE----- +MIIGwTCCBKmgAwIBAgIQHEYUQ2gTTV1QnQ3HytsfuDANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzQxN1oXDTM2MDMxNTA5MzQxNlowYjEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBPViBUTFMgUlNB +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBjrEt4NmTflA4DbZjPC +HIHeSKt4GSvZrb8Wr9K/xCe/US+tRc7lMvp0SJSxtfEbb9tNo5I99YYegbgT2JOo +8E/d7fblR/x25dHORtfe2xAO8liK8aswTmb69QXIP81zNnC7juFWgnfDZg8Loz7m +O8qcKeYS7pejngD4YeiVTf3j2jyJ5BI4Y24IWwcO9Er1hW282He04eQTa9z3Ta9K +00jG7foADE9q9ZOgPAiNV3tDzsaGC5HftgdmJurC/t+SD7wTLNSOGeCBf0g3jIhE +QW8FAZYp4OpytgVk8yEtos0izSIXqJn9AMG/HH21EO2tb6S09+8NZEFGh/+GoGuD +vDW2Nhw6FZm/yctI6nvJI4t2du39gyXql15w6ENucbM8nAyn3rcx6sHAjjgGZw98 +PRnaXXj3lMWvRSpWbBBrV0cj7eJaVFhDR+OG/2jPi8xqXaFaFGvInGW43HpQDAE5 +ATZ+8uywd1S8jA484TmyKr2XUx3OIwvpRxZDy0GvHWiqq03liS/d83vFVvZRq34H +AMKSeLpLt6XpucnwNWJyv5RvmzsTzKfL/XrwJ9tkXWWp+sqGuScZNZApKMUhS+7w +NKv84eX/YBKmtuQch6Xgbw0D8JjBk4my35qLw4wGhX8AM1gVErcotCrMwswiSTLy +XJxm/VX2p8xRWCgrS49G2eMCAwEAAaOCAWcwggFjMBIGA1UdEwEB/wQIMAYBAf8C +AQAwHwYDVR0jBBgwFoAUCkgjpmCkkgoz6pNbxVfqJU29Eu4wVAYIKwYBBQUHAQEE +SDBGMEQGCCsGAQUFBzAChjhodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMvSEFS +SUNBLVRMUy1Sb290LTIwMjEtUlNBLmNlcjBEBgNVHSAEPTA7MDkGBFUdIAAwMTAv +BggrBgEFBQcCARYjaHR0cDovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50cy9DUFMw +HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEIGA1UdHwQ7MDkwN6A1oDOG +MWh0dHA6Ly9jcmwuaGFyaWNhLmdyL0hBUklDQS1UTFMtUm9vdC0yMDIxLVJTQS5j +cmwwHQYDVR0OBBYEFOCbPX01Y8XsnQdzqKeJIPRPhPujMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQsFAAOCAgEAbd2n5s7VSvUO8NUXH11Ml5Pdh+W+AaWEJdwG +8qtnSX+/WL33OsJx1YN5jNjSoEWK4kswoEvrrMP7rg8w920kL5lzgoByQbP3jrJL +Pj4LnvuqIFj6lz9eMA1kgYqy5BvnepQB/smx58K/CNadvXhtxSU+PuIgoaoKexHM +9AWAMIIKFkE/SbYd8lR2mzp5rgeSD+rYExOxvpG/f713fDFRTH+SyqMREw34d2rD +dtSBK5GerrV1F7C//KGM016EWCz59kutui8qyZJNq7dw1BChbEo1ho9ekN5nQ8t/ +ckF7lJkrMoYRyZobJbQs45BfDMXyRFT4u4N1Z+2GyEvgryqlIQfQ3SUamELnQ6Ta +3oia4pLt/SYrRJOJ3I1EhlMgmi9dS/vCiXcDoMqConepk3/gDFtf8NatbQk2+vBW +mkTcSxlAktWFFu3iAN+0hOPQWDtXofUecFVLwNzAFMhVFw8yd9h8AuM3ThZPNSW1 +0IFer8+cEkvBy2VBbg2MtXn3Duu3NGJk9xf1e752048foDAfrRcuPTZdijtvRFJ+ +G1d/8t9mQqer39S8HONbR+1Zx6KjlFbTkq+Jaivcg6X1JapDjDG8PMiaPX8WE5Tt +jmZ8mSoDuXjqXaQ03VFrr+IweD985Ryq/eDM79dQc8SawzNwzLdNkmczMhLfE9ut +wIHJbMg= +-----END CERTIFICATE----- +Subject: C=DE,O=T-Systems Enterprise Services GmbH,OU=T-Systems Trust Center,CN=T-TeleSec GlobalRoot Class 2 +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- +Subject: C=DE,O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.,OU=DFN-PKI,CN=DFN-Verein Certification Authority 2 +-----BEGIN CERTIFICATE----- +MIIFEjCCA/qgAwIBAgIJAOML1fivJdmBMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD +VQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMg +R21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwc +VC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjAeFw0xNjAyMjIxMzM4MjJaFw0z +MTAyMjIyMzU5NTlaMIGVMQswCQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1 +ciBGb2VyZGVydW5nIGVpbmVzIERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUu +IFYuMRAwDgYDVQQLEwdERk4tUEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDLYNf/ZqFBzdL6h5eKc6uZTepnOVqhYIBHFU6MlbLlz87TV0uNzvhWbBVV +dgfqRv3IA0VjPnDUq1SAsSOcvjcoqQn/BV0YD8SYmTezIPZmeBeHwp0OzEoy5xad +rg6NKXkHACBU3BVfSpbXeLY008F0tZ3pv8B3Teq9WQfgWi9sPKUA3DW9ZQ2PfzJt +8lpqS2IB7qw4NFlFNkkF2njKam1bwIFrEczSPKiL+HEayjvigN0WtGd6izbqTpEp +PbNRXK2oDL6dNOPRDReDdcQ5HrCUCxLx1WmOJfS4PSu/wI7DHjulv1UQqyquF5de +M87I8/QJB+MChjFGawHFEAwRx1npAgMBAAGjggF0MIIBcDAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFJPj2DIm2tXxSqWRSuDqS+KiDM/hMB8GA1UdIwQYMBaAFL9Z +IDYAeaCgImuM1fJh0rgsy4JKMBIGA1UdEwEB/wQIMAYBAf8CAQIwMwYDVR0gBCww +KjAPBg0rBgEEAYGtIYIsAQEEMA0GCysGAQQBga0hgiweMAgGBmeBDAECAjBMBgNV +HR8ERTBDMEGgP6A9hjtodHRwOi8vcGtpMDMzNi50ZWxlc2VjLmRlL3JsL1RlbGVT +ZWNfR2xvYmFsUm9vdF9DbGFzc18yLmNybDCBhgYIKwYBBQUHAQEEejB4MCwGCCsG +AQUFBzABhiBodHRwOi8vb2NzcDAzMzYudGVsZXNlYy5kZS9vY3NwcjBIBggrBgEF +BQcwAoY8aHR0cDovL3BraTAzMzYudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19HbG9i +YWxSb290X0NsYXNzXzIuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCHC/8+AptlyFYt +1juamItxT9q6Kaoh+UYu9bKkD64ROHk4sw50unZdnugYgpZi20wz6N35at8yvSxM +R2BVf+d0a7Qsg9h5a7a3TVALZge17bOXrerufzDmmf0i4nJNPoRb7vnPmep/11I5 +LqyYAER+aTu/de7QCzsazeX3DyJsR4T2pUeg/dAaNH2t0j13s+70103/w+jlkk9Z +PpBHEEqwhVjAb3/4ru0IQp4e1N8ULk2PvJ6Uw+ft9hj4PEnnJqinNtgs3iLNi4LY +2XjiVRKjO4dEthEL1QxSr2mMDwbf0KJTi1eYe8/9ByT0/L3D/UqSApcb8re2z2WK +GqK1chk5 +-----END CERTIFICATE----- +Subject: C=DE,O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.,OU=DFN-PKI,CN=DFN-Verein Global Issuing CA +-----BEGIN CERTIFICATE----- +MIIFrDCCBJSgAwIBAgIHG2O60B4sPTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UE +BhMCREUxRTBDBgNVBAoTPFZlcmVpbiB6dXIgRm9lcmRlcnVuZyBlaW5lcyBEZXV0 +c2NoZW4gRm9yc2NodW5nc25ldHplcyBlLiBWLjEQMA4GA1UECxMHREZOLVBLSTEt +MCsGA1UEAxMkREZOLVZlcmVpbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4X +DTE2MDUyNDExMzg0MFoXDTMxMDIyMjIzNTk1OVowgY0xCzAJBgNVBAYTAkRFMUUw +QwYDVQQKDDxWZXJlaW4genVyIEZvZXJkZXJ1bmcgZWluZXMgRGV1dHNjaGVuIEZv +cnNjaHVuZ3NuZXR6ZXMgZS4gVi4xEDAOBgNVBAsMB0RGTi1QS0kxJTAjBgNVBAMM +HERGTi1WZXJlaW4gR2xvYmFsIElzc3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCdO3kcR94fhsvGadcQnjnX2aIw23IcBX8pX0to8a0Z1kzh +axuxC3+hq+B7i4vYLc5uiDoQ7lflHn8EUTbrunBtY6C+li5A4dGDTGY9HGRp5Zuk +rXKuaDlRh3nMF9OuL11jcUs5eutCp5eQaQW/kP+kQHC9A+e/nhiIH5+ZiE0OR41I +X2WZENLZKkntwbktHZ8SyxXTP38eVC86rpNXp354ytVK4hrl7UF9U1/Isyr1ijCs +7RcFJD+2oAsH/U0amgNSoDac3iSHZeTn+seWcyQUzdDoG2ieGFmudn730Qp4PIdL +sDfPU8o6OBDzy0dtjGQ9PFpFSrrKgHy48+enTEzNAgMBAAGjggIFMIICATASBgNV +HRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjApBgNVHSAEIjAgMA0GCysG +AQQBga0hgiweMA8GDSsGAQQBga0hgiwBAQQwHQYDVR0OBBYEFGs6mIv58lOJ2uCt +sjIeCR/oqjt0MB8GA1UdIwQYMBaAFJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGPBgNV +HR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJv +b3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAyLnBj +YS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwgd0G +CCsGAQUFBwEBBIHQMIHNMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZu +LmRlL09DU1AtU2VydmVyL09DU1AwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAxLnBj +YS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0 +MEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290 +LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEA +gXhFpE6kfw5V8Amxaj54zGg1qRzzlZ4/8/jfazh3iSyNta0+x/KUzaAGrrrMqLGt +Mwi2JIZiNkx4blDw1W5gjU9SMUOXRnXwYuRuZlHBQjFnUOVJ5zkey5/KhkjeCBT/ +FUsrZpugOJ8Azv2n69F/Vy3ITF/cEBGXPpYEAlyEqCk5bJT8EJIGe57u2Ea0G7UD +DDjZ3LCpP3EGC7IDBzPCjUhjJSU8entXbveKBTjvuKCuL/TbB9VbhBjBqbhLzmyQ +GoLkuT36d/HSHzMCv1PndvncJiVBby+mG/qkE5D6fH7ZC2Bd7L/KQaBh+xFJKdio +LXUV2EoY6hbvVTQiGhONBg== +-----END CERTIFICATE----- +Subject: C=DE,ST=Bayern,L=Muenchen,O=Fraunhofer,OU=Fraunhofer Corporate PKI,CN=Fraunhofer User CA - G02 +-----BEGIN CERTIFICATE----- +MIIFqzCCBJOgAwIBAgIHG2O6xotSQjANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UE +BhMCREUxRTBDBgNVBAoTPFZlcmVpbiB6dXIgRm9lcmRlcnVuZyBlaW5lcyBEZXV0 +c2NoZW4gRm9yc2NodW5nc25ldHplcyBlLiBWLjEQMA4GA1UECxMHREZOLVBLSTEt +MCsGA1UEAxMkREZOLVZlcmVpbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4X +DTE2MDUyNDExMzgzMFoXDTMxMDIyMjIzNTk1OVowgYwxCzAJBgNVBAYTAkRFMQ8w +DQYDVQQIDAZCYXllcm4xETAPBgNVBAcMCE11ZW5jaGVuMRMwEQYDVQQKDApGcmF1 +bmhvZmVyMSEwHwYDVQQLDBhGcmF1bmhvZmVyIENvcnBvcmF0ZSBQS0kxITAfBgNV +BAMMGEZyYXVuaG9mZXIgVXNlciBDQSAtIEcwMjCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL1FxEM9lv2hli0ZvDCDNvVn2mIcIJ4cvKUQ30l5ZARkKEtY +KlqSsrof2WmWFdxx1DPwFtp38QgbsbOPKSDoYiWw+ycW403f1ZJAvn6c5N07oT1A +j3xzYG/QxgY+qkLhKJnV0pr7afC+VIFB/wmNFhvlyXpAVy07NOikiRFlBzw/s4/H +HdHTL2VKEjCnfD6rzKtTN+D+24UYXiMvNzmPyWQMQhIxuDMPTwfoqBFL7leo334z +gHm78leaLK52DTzpHvlNHP4DnTRa2ipVpyj3yQWcOBw+75oVE71AbyFPzw1a0J9P +wisZljQ0eTb6/tkF81W5f6UD7NN4Ie2gxEvZkysCAwEAAaOCAgUwggIBMBIGA1Ud +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMCkGA1UdIAQiMCAwDQYLKwYB +BAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAdBgNVHQ4EFgQUoyb1mk/b2jvhtaru +WIvQ/P+1bVEwHwYDVR0jBBgwFoAUk+PYMiba1fFKpZFK4OpL4qIMz+EwgY8GA1Ud +HwSBhzCBhDBAoD6gPIY6aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9v +dC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDBAoD6gPIY6aHR0cDovL2NkcDIucGNh +LmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDCB3QYI +KwYBBQUHAQEEgdAwgc0wMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4u +ZGUvT0NTUC1TZXJ2ZXIvT0NTUDBKBggrBgEFBQcwAoY+aHR0cDovL2NkcDEucGNh +LmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQw +SgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3Qt +ZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQDE +klJ5thEqcbIyroBrhnWl00oAUXYuYQqXDpBTCzF08aBk41FyLZXH54w7NUecdTZp +aq0SgueogbSv9viT8EzQ5Bt6bapOl5pVjEb6yBrV0Y3d5Vb3h8WA+/E+DRz/uV5M +gKdVHdazimuXK1HHf0UHSFiEkgiY3xSQr6CRH7UzzivWj9s6B2GUuP4zzfKrgAxQ +N2IaEUtvWiwl5Mtv55p6wmnBOhCnCtj1Ge5Du7jR8o2xAh//fZ4tz5UQ7XXVoeu5 +iueZp3qNb0cTtiGGPJxVtFmoaFNltp+zI/y52hF9XgjC+mJBVYYahmacW3wMpIAO +R0lstmlDfiKvecyE6S4v +-----END CERTIFICATE----- +Subject: C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust ECC Certification Authority +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx +MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg +VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo +I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng +o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G +A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD +VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB +zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW +RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT OV ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDeTCCAv+gAwIBAgIRAOuOgRlxKfSvZO+BSi9QzukwCgYIKoZIzj0EAwMwgYgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz +ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD +EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx +ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNVBAoT +EEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIEVDQyBDQSA0MFkw +EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXYkvGrfrMs2IwdI5+IwpEwPh+igW/BOW +etmOwP/ZIXC8fNeC3/ZYPAAMyRpFS0v3/c55FDTE2xbOUZ5zeVZYQqOCAYswggGH +MB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTttKAz +ahsIkba9+kGSvZqrq2P0UzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB +/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAt +BgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAG +A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1 +c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw +PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RF +Q0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy +dXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjAfs9nsM0qaJGVu6DpWVy4qojiOpwV1 +h/MWZ5GJxy6CKv3+RMB3STkaFh0+Hifbk24CMQDRf/ujXAQ1b4nFpZGaSIKldygc +dCDAxbAd9tlxcN/+J534CJDblzd/40REzGWwS5k= +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT Personal ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDfjCCAwSgAwIBAgIQdpAhff5d1sLEUCfF3NFaJjAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMjE4 +MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBKMQswCQYDVQQGEwJOTDEZMBcGA1UEChMQ +R0VBTlQgVmVyZW5pZ2luZzEgMB4GA1UEAxMXR0VBTlQgUGVyc29uYWwgRUNDIENB +IDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQYZ2cR4O5tfdskg2NNo346Noyo +enQjWhWQElTQQ+brmMxr5leW1AfpAJ9bsaUadsCJJnA5ycFITYjXfl/XvfPko4IB +izCCAYcwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYE +FKgtbYEyZI3msk+s/hHyZZmFE6luMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E +CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAE +MTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D +UFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT +RVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEB +BGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU +cnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51 +c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCCX6P32oo7RiAIk1DIekZM +nFGZwY+xJoZ5HyChGc1Ncuupnh7Ezukr1EnL+MyAhNcCMD6DlSMWE5I++OBvznnX +1npjvntLcKogArAPjLglGGeymFt4U6pdy7/C0/miHCPuDA== +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT eScience Personal ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDiDCCAw6gAwIBAgIRAPFVZjGnycu/NlCaWpIPalkwCgYIKoZIzj0EAwMwgYgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz +ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD +EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx +ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowUzELMAkGA1UEBhMCTkwxGTAXBgNVBAoT +EEdFQU5UIFZlcmVuaWdpbmcxKTAnBgNVBAMTIEdFQU5UIGVTY2llbmNlIFBlcnNv +bmFsIEVDQyBDQSA0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3Oad56Xl15SY +nK3MmKcZUEu17k4jApQvPwTnGUqFxMbgDvAtxJtWqbKk8qvCOcZ/oCyrHkloS6Nf +AiTDTV5bZ6OCAYswggGHMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa +MB0GA1UdDgQWBBTt5lFk6mex24xLv7WAJ5g/2CMeZTAOBgNVHQ8BAf8EBAMCAYYw +EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH +AwQwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj +dGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy +dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2 +BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0 +LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0 +cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjA8KoDpeqid +slDXmfwHD7kr0XTY8rOdQBWMzT5uU7nPROEYLK00Dc9w/J4M8CGaLX8CMQDoaX4P +os4y0yfmvRAPaFZxyJi1ZHaZh+G0dX7ggOEyMHmT0P57T6TjdfcBr1G/J/M= +-----END CERTIFICATE----- +Subject: C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo ECC Organization Validation Secure Server CA +-----BEGIN CERTIFICATE----- +MIIDrjCCAzOgAwIBAgIQNb50Y4yz6d4oBXC3l4CzZzAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAy +MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT +EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMP +U2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIEVDQyBPcmdhbml6YXRp +b24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZI +zj0DAQcDQgAEnI5cCmFvoVij0NXO+vxE+f+6Bh57FhpyH0LTCrJmzfsPSXIhTSex +r92HOlz+aHqoGE0vSe/CSwLFoWcZ8W1jOaOCAW4wggFqMB8GA1UdIwQYMBaAFDrh +CYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRNSu/ERrMSrU9OmrFZ4lGrCBB4 +CDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAEC +AjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF +UlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE +ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy +dXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz +ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAOk//uo7i/MoeKdcyeqvjOXs +BJFGLI+1i0d+Tty7zEnn2w4DNS21TK8wmY3Kjm3EmQIxAPI1qHM/I+OS+hx0OZhG +fDoNifTe/GxgWZ1gOYQKzn6lwP0yGKlrP+7vrVC8IczJ4A== +-----END CERTIFICATE----- +Subject: C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw +MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV +BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B +3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY +tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ +Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 +VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT +79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 +c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT +Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l +c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee +UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE +Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF +Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO +VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 +ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs +8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR +iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze +Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ +XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ +qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB +VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB +L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG +jjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT OV RSA CA 4 +-----BEGIN CERTIFICATE----- +MIIG5TCCBM2gAwIBAgIRANpDvROb0li7TdYcrMTz2+AwDQYJKoZIhvcNAQEMBQAw +gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK +ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD +VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw +MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNV +BAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIFJTQSBDQSA0 +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApYhi1aEiPsg9ZKRMAw9Q +r8Mthsr6R20VSfFeh7TgwtLQi6RSRLOh4or4EMG/1th8lijv7xnBMVZkTysFiPmT +PiLOfvz+QwO1NwjvgY+Jrs7fSoVA/TQkXzcxu4Tl3WHi+qJmKLJVu/JOuHud6mOp +LWkIbhODSzOxANJ24IGPx9h4OXDyy6/342eE6UPXCtJ8AzeumTG6Dfv5KVx24lCF +TGUzHUB+j+g0lSKg/Sf1OzgCajJV9enmZ/84ydh48wPp6vbWf1H0O3Rd3LhpMSVn +TqFTLKZSbQeLcx/l9DOKZfBCC9ghWxsgTqW9gQ7v3T3aIfSaVC9rnwVxO0VjmDdP +FNbdoxnh0zYwf45nV1QQgpRwZJ93yWedhp4ch1a6Ajwqs+wv4mZzmBSjovtV0mKw +d+CQbSToalEUP4QeJq4Udz5WNmNMI4OYP6cgrnlJ50aa0DZPlJqrKQPGL69KQQz1 +2WgxvhCuVU70y6ZWAPopBa1ykbsttpLxADZre5cH573lIuLHdjx7NjpYIXRx2+QJ +URnX2qx37eZIxYXz8ggM+wXH6RDbU3V2o5DP67hXPHSAbA+p0orjAocpk2osxHKo +NSE3LCjNx8WVdxnXvuQ28tKdaK69knfm3bB7xpdfsNNTPH9ElcjscWZxpeZ5Iij8 +lyrCG1z0vSWtSBsgSnUyG/sCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qq +K0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRvHTVJEGwy+lmgnryK6B+VvnF6DDAO +BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUH +AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0 +dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u +QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6 +Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl +BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B +AQwFAAOCAgEAUtlC3e0xj/1BMfPhdQhUXeLjb0xp8UE28kzWE5xDzGKbfGgnrT2R +lw5gLIx+/cNVrad//+MrpTppMlxq59AsXYZW3xRasrvkjGfNR3vt/1RAl8iI31lG +hIg6dfIX5N4esLkrQeN8HiyHKH6khm4966IkVVtnxz5CgUPqEYn4eQ+4eeESrWBh +AqXaiv7HRvpsdwLYekAhnrlGpioZ/CJIT2PTTxf+GHM6cuUnNqdUzfvrQgA8kt1/ +ASXx2od/M+c8nlJqrGz29lrJveJOSEMX0c/ts02WhsfMhkYa6XujUZLmvR1Eq08r +48/EZ4l+t5L4wt0DV8VaPbsEBF1EOFpz/YS2H6mSwcFaNJbnYqqJHIvm3PLJHkFm +EoLXRVrQXdCT+3wgBfgU6heCV5CYBz/YkrdWES7tiiT8sVUDqXmVlTsbiRNiyLs2 +bmEWWFUl76jViIJog5fongEqN3jLIGTG/mXrJT1UyymIcobnIGrbwwRVz/mpFQo0 +vBYIi1k2ThVh0Dx88BbF9YiP84dd8Fkn5wbE6FxXYJ287qfRTgmhePecPc73Yrzt +apdRcsKVGkOpaTIJP/l+lAHRLZxk/dUtyN95G++bOSQqnOCpVPabUGl2E/OEyFrp +Ipwgu2L/WJclvd6g+ZA/iWkLSMcpnFb+uX6QBqvD6+RNxul1FaB5iHY= +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT Personal CA 4 +-----BEGIN CERTIFICATE----- +MIIG5jCCBM6gAwIBAgIQMQJw1DW+mySa+FbQ4eKFSTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw +MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBGMQswCQYDVQQGEwJOTDEZMBcGA1UE +ChMQR0VBTlQgVmVyZW5pZ2luZzEcMBoGA1UEAxMTR0VBTlQgUGVyc29uYWwgQ0Eg +NDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALNK4iJeJ1vpBFsUBDUy +IBSutNIxQMbNUMAeoUTKr55KYX8tkN5imzNqLaRCypYBPP9wED2AaO6e8njkbjzJ +wLgPqDBkW9sG3kmi3GW6cF4Hwr5ysZqve/5EJDhV+9OhfTu/4dMnoR4Q41HcjMk9 +MzLOADAQ0awBZ/29r0d49AUmIKELNeqEqmnTN6fndL7x/2K0TLToZLxqS7sy/Jvi +0wEFr0CfdjcAsioh7KaD+Jizyb1aRKQzJ6Q20VEHX7UqWc1SkzTkbz6xj0S5ydBB +FQh0fNiy+qM/deVpK4HgmPSJrrpQZ+LlbHfWabmwoDPxF71QZVYiqrrAoUrGRJ+4 +7iLBiIg8miIYS7Hd2ppvAUt24CugMXUjETjQ+oYh09fNi5n/AvoER8UBvTHLxt+b +lL0bvL+2z2YiUWk+2Qtn+dD+JU5Z2y71qV7+cr+4YXjvGzF5bYsi8HiwflTb4Php +3y+k1twKtchdcq2QGc0eDG6Y01nRHUiyr8/PtMAsLHEPNZ2wzsA7fb8mftHiV20Z +FmYqknJ8AIOfwdTVA+E62JayOJ+sxadqcmFDorsz/mrPwGZ8+txr4xSuvVjg0dlv +0yuA+1YpBDIYNfL4bkX+IcZ1mTstL4Xw0f4N2iW3bBmnPnYmoYxMM8gflCiTgss7 +3nBvG2f7v1PD7BDGYNO4iD4vAgMBAAGjggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9a +qitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUaQChxyFY+ODFGyCwCt2nUb8T2eQw +DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI +KwYBBQUHAwIGCCsGAQUFBwMEMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUF +BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9o +dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv +bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw +Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw +JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN +AQEMBQADggIBAAoFTnsNjx8TOQD9b+xixsPt7Req4wHMeNw/R5dddEPgQAQAYJZK +z5BEv1cjGbH7nbPH3AxrxhN6OVH40p6OLIo9MXSrrfMzGs7/P+FTCjwgNxFEtLQ1 +KC9NboA3asJcl7mIs3l8h9iAgEH1zLUvq2s+5n++NQmbzudDsTFDMapY3kX1TwyU +CTRzmItqcbsYIyg2MeIXWfRtqPqC5R4bufmpzA5BPINLX340Sp/CNQ9QZqw3Vkfy +HWwTo+vO9Gm2L6srNamJT6Lb+TeXZvl8UPL5a72O/pH0GgGHjt6z9QzPARnaRKsh +VWviNK6ST4WmZHllu3CJg0BXqx1vWyswawgvNeWt1qxITacYe9mSWTbNR2CftvTU +werruDSY2jMaZPoNqbjUpuG/blYwWzzvVerBUhviAahPXJF/9V48ybWPBq6qKOEo +kW+s3B4ad5sY96KlovEijaIQDip1HO0SD+rLNYaiBcr9MV2aK+DfbZ8w9BaNCQyF +EYwzxIKOVk3bYvzHRk5ihUDascmbk/bkiNl74c/KfuKQmJImaqWoWZR6jBcXcPV0 +WUIKz/nILTpFhGojZEQW77by3aezAi9jrEIUBHRG1LwzPbJc2V3SOzYyaJFQatzu +KZbN1Q9s9y/2x1QXtKwREY8jNgvx0iIfOK35gKgYJJcyDql4XfuEc2nV +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT eScience Personal CA 4 +-----BEGIN CERTIFICATE----- +MIIG8DCCBNigAwIBAgIRAKoycu7aGxmmN/byVir07vEwDQYJKoZIhvcNAQEMBQAw +gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK +ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD +VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw +MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowTzELMAkGA1UEBhMCTkwxGTAXBgNV +BAoTEEdFQU5UIFZlcmVuaWdpbmcxJTAjBgNVBAMTHEdFQU5UIGVTY2llbmNlIFBl +cnNvbmFsIENBIDQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCVokk9 +uR1UAJRcNg1NTatsuxEwya7FpTRm5wcbSJqSLeUd5gjI2zHzwjaevHwCjN716blp +iyvEVr96aGw2y+FrVo/0yr0+/XoK8WdkB64j3KmOdUttTTXERY1T1vXxvkZhchHl +JvD/VVDIt/V/xg2iDpAa2N3SW0SNSyuAGqtVaCTM4eOEgVT1Nyg5VtQJVLujMrvv +cW6+1W1rLR2O05FxQtINVnrblTKWotAitEv8yMe9qQr1Fz4sdyVj2cBwEk/zQLok +JRCSw981Hoh5kwt4AVMSxjfeSRjx0Wt0C6ioRJ8WAfSWGNDZwnUWZ4nJrW2UWtdJ +Z59t2VByBR3e8MlVTVE4pirg3R5lCCIzPhNLQm25Rap/a4m3+e9A+Jnjgfi3XzSB +fd+gcMh1xBXK+YOOfbnZW4H8T1Ty9I/HKsUp/isLV8TJsFOLZCyuV14qVfi8jmRU +0wYIK4vQRj2M7VxCyH4MPn6lgnyecIieL0b4gFNWhE2waH2gfigvpQWH6bQuSWIh +l0PaRDWFavo1SNTFKdAVQDK7w3Iw3XzOhQnjHgU/idvqd5eaqa2G4VN1vV1pNirC +LXJccKK49zDSS1IFMX9iQC4YFxc/BbWRndI3smg05dcYn7Di73B0EzFFO6dyg0WD +r2N9G/8fgjv89biSARMNzjtg2XR2cLxdT8PAYwIDAQABo4IBizCCAYcwHwYDVR0j +BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFLYvVVqwyWAZ788J +WtHxE51sjMkEMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G +A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAEMTAvMC0GBFUdIAAw +JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkw +RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNl +cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF +BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRy +dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t +MA0GCSqGSIb3DQEBDAUAA4ICAQB7IGXk1vGM4J73d8UD3f71UqLxom42Icu/IP0V +nrIRzbAmz+C++7Bir4mqkKWt89dd9ZlIK8Ez5Y97tDEEd2eICo6dTvy5JOxiYsWK +iubpyqmW/K0xjUqutANMxxGXQOJn13RnI9OHSxNXng5OoM66O5Eq08vXdcQbXF3i +qPf95g94OJVoyFwlmYiIMuV6cOCVNShbGKvFPpNB4p+7vr2FJ7ZeHEmiZKMXO8ex +3Uq5j1riVT/4tCemFz7dSpaCkHJ0xj5Ayknj14+t/lwF7IcOdP9/15uDp8HkgNh9 +xXkFqF3wtLkidVvmmbvDmOQiLJL6Hj6MxwEwI7Cf4ZN/UH0eIra7tEgMP+mkdNtR +K3tB4lQNLquWBr25PbzMiK5LfXPGL+odDAb/7mE1ClQtg28gohf+Ms9hQ4y2rZSG +sYUgh+U++Yn+HlYKI26tl7qB6lFcQb6Prc1SELAEFob8yMFkZ3UnXXLRUkLeM50K +WV9s5wu4Rn6Rzp722wdTQoBeaSxZ5bjmT3QerGV2GaRmuYjLxdYGZ5Co07DI+qEJ +Tj4mbpHx/OiqD7tR9i3rHpPyTjpD6MhJ3U4EjZfd6UMWGMz3Zcw0tvJe1cLpNRX8 +yjTdSxF1/H7ni7/IHkK4trIBuc58YPbZXAfYTcPugPwQE6N7RcfQHA4McFX91SZa +DskXUg== +-----END CERTIFICATE----- +Subject: C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Organization Validation Secure Server CA +-----BEGIN CERTIFICATE----- +MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx +MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV +BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE +ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6 +YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q +9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x +on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h +fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi +rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ +YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow +HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn +Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/ +AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG +BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl +cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy +bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy +dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ +aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA +lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6 +pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP +bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3 +OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn +R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc +SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf +FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO +s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc +6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV +idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH +MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU= +-----END CERTIFICATE----- diff --git a/download/1.7.0/client_cert_issuing_cas.pem b/download/1.7.0/client_cert_issuing_cas.pem new file mode 100644 index 000000000..c3a00c7ae --- /dev/null +++ b/download/1.7.0/client_cert_issuing_cas.pem @@ -0,0 +1,653 @@ +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Limited Basic CA 1-2 2019 +-----BEGIN CERTIFICATE----- +MIIFuTCCBKGgAwIBAgIDD+VKMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTArBgNVBAMMJEQtVFJVU1QgTGltaXRl +ZCBCYXNpYyBSb290IENBIDEgMjAxOTAeFw0xOTA4MjAxMjMyMjJaFw0zNDA2MTkw +ODE1NTFaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAo +BgNVBAMMIUQtVFJVU1QgTGltaXRlZCBCYXNpYyBDQSAxLTIgMjAxOTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBANxlUGXW81Y2JG/BtEO5dlbELYat4Zx9 +5b4RUux5scPTZX3wrEW+PK4EwQCvV8FH0SoDatOJcFiGduX2r29c0aFFyVKu6xHF +DApYNYV99+z5TiqXFdVkOUti56r10KsaO3FkcgAt4wDFgYd0dDseYo2SQqpKeqFR +QMVQVdLCt66yU8qbiaZ/sL2pcNsJMD/DkEV/axpTwzzk6H+kGUIJ+jpKpYw2pMFF +wYlqW91ICfLtTHvJqFb3DZ7yFNSiXgYBYH9R142vjflh1vg+GuqORiTLi/AhIjlb +3XUAFIZzJ77+PLQprYlRHGGBMaJ+3VbI+hWPTHpwVt6wHNVcfHUnA3kCAwEAAaOC +ApcwggKTMB8GA1UdIwQYMBaAFONo4hcITMmOHGJEDKkpkQJiC6OTMIIBMgYIKwYB +BQUHAQEEggEkMIIBIDBABggrBgEFBQcwAYY0aHR0cDovL2xpbWl0ZWQtYmFzaWMt +cm9vdC1jYS0xLTIwMTkub2NzcC5kLXRydXN0Lm5ldDBTBggrBgEFBQcwAoZHaHR0 +cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfTGltaXRlZF9CYXNp +Y19Sb290X0NBXzFfMjAxOS5jcnQwgYYGCCsGAQUFBzAChnpsZGFwOi8vZGlyZWN0 +b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBS +b290JTIwQ0ElMjAxJTIwMjAxOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y0FDZXJ0 +aWZpY2F0ZT9iYXNlPzAYBgNVHSAEETAPMA0GCysGAQQBpTQCg3QBMIHcBgNVHR8E +gdQwgdEwgc6ggcuggciGgYBsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NO +PUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBSb290JTIwQ0ElMjAxJTIwMjAx +OSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlz +dIZDaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9saW1pdGVkX2Jh +c2ljX3Jvb3RfY2FfMV8yMDE5LmNybDAdBgNVHQ4EFgQU0A0+3Aiv40EIZuDc8vqZ +ai3fGLkwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJKoZI +hvcNAQELBQADggEBAH8NXqPrIcKiZC51vfxvajB1HhFnRFFN/G3ZU4yR7XI+uGec +DjR8tOHdFYFmZG4qbDl70ZuRG4bs6H8cvfWyo1NmWZqjAkr6o1kIRTnFwn4JsssJ +7HR2RmJ4ar0C9miIk9sTNLwKy1/kBvCFqssdKdQwBSi85KRxPFYvv+vnMCvSL0Ob ++65q6V7QzvCk7ojiSrcfvHS8QnHJE9ReFRKD4KXAd7+OcZc1K3Mf+uNNHt3CP3ie +DN9K90sI81IWucEeN2NYvw/tJNDH5L4Ah3cn8XzxQVzOfAnn1isf2pci1IEj5f3Y +9JA7LYLLeH7n4+E5JWRiIUAhqNhQTchmwKLdR+E= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Limited Basic CA 1-3 2019 +-----BEGIN CERTIFICATE----- +MIIFvzCCBKegAwIBAgIDD+UsMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxLTArBgNVBAMMJEQtVFJVU1QgTGltaXRl +ZCBCYXNpYyBSb290IENBIDEgMjAxOTAeFw0xOTA2MjAxMTQ2NDlaFw0zNDA2MTkw +ODE1NTFaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAo +BgNVBAMMIUQtVFJVU1QgTGltaXRlZCBCYXNpYyBDQSAxLTMgMjAxOTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7RBVVVynr23OCuKpkrzJK87yspTQVh +vJRTtHS7zXG0jzpNLUV8D6Qjd3nOVs2VnW+rpfgQmFeic3E8G5jJmGv18O6LOGJS +CXbiF2eonBQ0oTF97oVukj/8SRYWEBjeBjB//U3gwdt14qATw1zk3B8K/u0zxtQ0 +1xMTL5ckilQ7/+x+RVCGanvx/FscQ1He0fkhfLgqaDJimWu7b0phwZqyyI1GEjEN +9FLWJxh4OeIzupAT4b1j5oaXHCY4BGT5zk6PbOYC7U2Jnt4zKU+pJVIJ+EhYOJS5 +tQM7YFG/eECAHcBtgdUIDgBZqrrx+k14aSQcW701sGqQT7cKcLen+yMCAwEAAaOC +Ap0wggKZMB8GA1UdIwQYMBaAFONo4hcITMmOHGJEDKkpkQJiC6OTMIIBMgYIKwYB +BQUHAQEEggEkMIIBIDBABggrBgEFBQcwAYY0aHR0cDovL2xpbWl0ZWQtYmFzaWMt +cm9vdC1jYS0xLTIwMTkub2NzcC5kLXRydXN0Lm5ldDBTBggrBgEFBQcwAoZHaHR0 +cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfTGltaXRlZF9CYXNp +Y19Sb290X0NBXzFfMjAxOS5jcnQwgYYGCCsGAQUFBzAChnpsZGFwOi8vZGlyZWN0 +b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBS +b290JTIwQ0ElMjAxJTIwMjAxOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y0FDZXJ0 +aWZpY2F0ZT9iYXNlPzAYBgNVHSAEETAPMA0GCysGAQQBpTQCg3QBMIHiBgNVHR8E +gdowgdcwgYmggYaggYOGgYBsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NO +PUQtVFJVU1QlMjBMaW1pdGVkJTIwQmFzaWMlMjBSb290JTIwQ0ElMjAxJTIwMjAx +OSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlz +dDBJoEegRYZDaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9saW1p +dGVkX2Jhc2ljX3Jvb3RfY2FfMV8yMDE5LmNybDAdBgNVHQ4EFgQUZeInnG91+3Vn +CLczeuOdjnssKIgwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw +DQYJKoZIhvcNAQELBQADggEBAJLvDm1ZuBMhO2qR2R4H/GDDYETRBNqvtvWHRvBw +vryhtDm7tovqDg2v7x+vcSqZApFVW+zs+OvzNRXtyyIlkqxP5CL0okpHqqmKaaHn +tH8D93pV/p7xE39gFE6NNceSx6DHBxuOcOEha8zA8ixH+j+fzLX6SEOAhBIfCgDb +qg9Xtxi7+uupq4koQcXrDNTRHxuoNxAHnwYtgapwKwyBwMMaLliqxVyDcwN6aJEQ +tVoyOibUnUXej4bXh8FPCSU7m98nLY9aKk1O30jsgSiLxuVKBav8JaDPY1i69CSd +vn2adNlHjbl/57GVQ4VoTDzlmhRQGR9TIRPYA5F6VdeI4ak= +-----END CERTIFICATE----- +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST SSL Class 3 CA 1 2009 +-----BEGIN CERTIFICATE----- +MIIFMjCCBBqgAwIBAgIDCZBjMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMTIxMjQ2NTVaFw0yOTExMDUwODM1NTha +MEwxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJjAkBgNVBAMM +HUQtVFJVU1QgU1NMIENsYXNzIDMgQ0EgMSAyMDA5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAoal0SyLSijE0JkuhHJmOCbmQznyxuSY7DaEwhUsdUpI+ +2llkDLz6s9BWQe1zCVXDhrt3qz5U5H4h6jxm5Ec+ZbFiU3Gv2yxpI5cRPrqj9mJU +1CGgy1+29khuUnoopzSq66HPuGZGh06I7bJkXTQ7AQ92z1MdL2wATj1UWdNid3sQ +NiWIm+69nURHY6tmCNenNcG6aV4qjHMUPsjpCRabNY9nUO12rsmiDW2mbAC3gcxQ +lqLgLYur9HvB8cW0xu2JZ/B3PXmNphVuWskp3Y1u0SvIYzuEsE7lWDbBmtWZtabB +hzThkDQvd+3keQ1sU/beq1NeXfgKzQ5G+4Ql2PUY/wIDAQABo4ICGjCCAhYwHwYD +VR0jBBgwFoAU/doUxJ8w3iG9HkI5/KtjI0ng8YQwRAYIKwYBBQUHAQEEODA2MDQG +CCsGAQUFBzABhihodHRwOi8vcm9vdC1jMy1jYTItMjAwOS5vY3NwLmQtdHJ1c3Qu +bmV0MF8GA1UdIARYMFYwVAYEVR0gADBMMEoGCCsGAQUFBwIBFj5odHRwOi8vd3d3 +LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfUm9vdF9QS0lfQ1BT +LnBkZjAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRwOi8vd3d3LmQt +dHJ1c3QubmV0MIHTBgNVHR8EgcswgcgwgYCgfqB8hnpsZGFwOi8vZGlyZWN0b3J5 +LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El +MjAyJTIwMjAwOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZv +Y2F0aW9ubGlzdDBDoEGgP4Y9aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jcmwvZC10 +cnVzdF9yb290X2NsYXNzXzNfY2FfMl8yMDA5LmNybDAdBgNVHQ4EFgQUUBkylJrE +tQRNVtDAgyHVNVWwsXowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C +AQAwDQYJKoZIhvcNAQELBQADggEBABM5QRHX/yInsmZLWVlvmWmKb3c4IB3hAIVR +sAGhkvQJ/RD1GZjZUBBYMWkD1P37fTQxlqTOe3NecVvElkYZuCq7HSM6o7awzb3m +yLn1kN+hDCsxX0EYbVSNjEjkW3QEkqJH9owH4qeMDxf7tfXB7BVKO+rarYPa2PR8 +Wz2KhjFDmAeFg2J89YcpeJJEEJXoweAkgJEEwwEIfJ2yLjYo78RD0Rvij/+zkfj9 ++dSvTiZTuqicyo37qNoYHgchuqXnKodhWkW89oo2NKhfeNHHbqvXEJmx0PbI6YyQ +50GnYECZRHNKhgbPEtNy/QetU53aWlTlvu4NIwLW5XVsrxlQ2Zw= +-----END CERTIFICATE----- +Subject: C=DE,O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V.,OU=DFN-PKI,CN=DFN-Verein Global Issuing CA +-----BEGIN CERTIFICATE----- +MIIFrDCCBJSgAwIBAgIHG2O60B4sPTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UE +BhMCREUxRTBDBgNVBAoTPFZlcmVpbiB6dXIgRm9lcmRlcnVuZyBlaW5lcyBEZXV0 +c2NoZW4gRm9yc2NodW5nc25ldHplcyBlLiBWLjEQMA4GA1UECxMHREZOLVBLSTEt +MCsGA1UEAxMkREZOLVZlcmVpbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4X +DTE2MDUyNDExMzg0MFoXDTMxMDIyMjIzNTk1OVowgY0xCzAJBgNVBAYTAkRFMUUw +QwYDVQQKDDxWZXJlaW4genVyIEZvZXJkZXJ1bmcgZWluZXMgRGV1dHNjaGVuIEZv +cnNjaHVuZ3NuZXR6ZXMgZS4gVi4xEDAOBgNVBAsMB0RGTi1QS0kxJTAjBgNVBAMM +HERGTi1WZXJlaW4gR2xvYmFsIElzc3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCdO3kcR94fhsvGadcQnjnX2aIw23IcBX8pX0to8a0Z1kzh +axuxC3+hq+B7i4vYLc5uiDoQ7lflHn8EUTbrunBtY6C+li5A4dGDTGY9HGRp5Zuk +rXKuaDlRh3nMF9OuL11jcUs5eutCp5eQaQW/kP+kQHC9A+e/nhiIH5+ZiE0OR41I +X2WZENLZKkntwbktHZ8SyxXTP38eVC86rpNXp354ytVK4hrl7UF9U1/Isyr1ijCs +7RcFJD+2oAsH/U0amgNSoDac3iSHZeTn+seWcyQUzdDoG2ieGFmudn730Qp4PIdL +sDfPU8o6OBDzy0dtjGQ9PFpFSrrKgHy48+enTEzNAgMBAAGjggIFMIICATASBgNV +HRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjApBgNVHSAEIjAgMA0GCysG +AQQBga0hgiweMA8GDSsGAQQBga0hgiwBAQQwHQYDVR0OBBYEFGs6mIv58lOJ2uCt +sjIeCR/oqjt0MB8GA1UdIwQYMBaAFJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGPBgNV +HR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJv +b3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAyLnBj +YS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwgd0G +CCsGAQUFBwEBBIHQMIHNMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZu +LmRlL09DU1AtU2VydmVyL09DU1AwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAxLnBj +YS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0 +MEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290 +LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEA +gXhFpE6kfw5V8Amxaj54zGg1qRzzlZ4/8/jfazh3iSyNta0+x/KUzaAGrrrMqLGt +Mwi2JIZiNkx4blDw1W5gjU9SMUOXRnXwYuRuZlHBQjFnUOVJ5zkey5/KhkjeCBT/ +FUsrZpugOJ8Azv2n69F/Vy3ITF/cEBGXPpYEAlyEqCk5bJT8EJIGe57u2Ea0G7UD +DDjZ3LCpP3EGC7IDBzPCjUhjJSU8entXbveKBTjvuKCuL/TbB9VbhBjBqbhLzmyQ +GoLkuT36d/HSHzMCv1PndvncJiVBby+mG/qkE5D6fH7ZC2Bd7L/KQaBh+xFJKdio +LXUV2EoY6hbvVTQiGhONBg== +-----END CERTIFICATE----- +Subject: C=DE,ST=Bayern,L=Muenchen,O=Fraunhofer,OU=Fraunhofer Corporate PKI,CN=Fraunhofer User CA - G02 +-----BEGIN CERTIFICATE----- +MIIFqzCCBJOgAwIBAgIHG2O6xotSQjANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UE +BhMCREUxRTBDBgNVBAoTPFZlcmVpbiB6dXIgRm9lcmRlcnVuZyBlaW5lcyBEZXV0 +c2NoZW4gRm9yc2NodW5nc25ldHplcyBlLiBWLjEQMA4GA1UECxMHREZOLVBLSTEt +MCsGA1UEAxMkREZOLVZlcmVpbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4X +DTE2MDUyNDExMzgzMFoXDTMxMDIyMjIzNTk1OVowgYwxCzAJBgNVBAYTAkRFMQ8w +DQYDVQQIDAZCYXllcm4xETAPBgNVBAcMCE11ZW5jaGVuMRMwEQYDVQQKDApGcmF1 +bmhvZmVyMSEwHwYDVQQLDBhGcmF1bmhvZmVyIENvcnBvcmF0ZSBQS0kxITAfBgNV +BAMMGEZyYXVuaG9mZXIgVXNlciBDQSAtIEcwMjCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAL1FxEM9lv2hli0ZvDCDNvVn2mIcIJ4cvKUQ30l5ZARkKEtY +KlqSsrof2WmWFdxx1DPwFtp38QgbsbOPKSDoYiWw+ycW403f1ZJAvn6c5N07oT1A +j3xzYG/QxgY+qkLhKJnV0pr7afC+VIFB/wmNFhvlyXpAVy07NOikiRFlBzw/s4/H +HdHTL2VKEjCnfD6rzKtTN+D+24UYXiMvNzmPyWQMQhIxuDMPTwfoqBFL7leo334z +gHm78leaLK52DTzpHvlNHP4DnTRa2ipVpyj3yQWcOBw+75oVE71AbyFPzw1a0J9P +wisZljQ0eTb6/tkF81W5f6UD7NN4Ie2gxEvZkysCAwEAAaOCAgUwggIBMBIGA1Ud +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMCkGA1UdIAQiMCAwDQYLKwYB +BAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAdBgNVHQ4EFgQUoyb1mk/b2jvhtaru +WIvQ/P+1bVEwHwYDVR0jBBgwFoAUk+PYMiba1fFKpZFK4OpL4qIMz+EwgY8GA1Ud +HwSBhzCBhDBAoD6gPIY6aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9v +dC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDBAoD6gPIY6aHR0cDovL2NkcDIucGNh +LmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDCB3QYI +KwYBBQUHAQEEgdAwgc0wMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4u +ZGUvT0NTUC1TZXJ2ZXIvT0NTUDBKBggrBgEFBQcwAoY+aHR0cDovL2NkcDEucGNh +LmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQw +SgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3Qt +ZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQDE +klJ5thEqcbIyroBrhnWl00oAUXYuYQqXDpBTCzF08aBk41FyLZXH54w7NUecdTZp +aq0SgueogbSv9viT8EzQ5Bt6bapOl5pVjEb6yBrV0Y3d5Vb3h8WA+/E+DRz/uV5M +gKdVHdazimuXK1HHf0UHSFiEkgiY3xSQr6CRH7UzzivWj9s6B2GUuP4zzfKrgAxQ +N2IaEUtvWiwl5Mtv55p6wmnBOhCnCtj1Ge5Du7jR8o2xAh//fZ4tz5UQ7XXVoeu5 +iueZp3qNb0cTtiGGPJxVtFmoaFNltp+zI/y52hF9XgjC+mJBVYYahmacW3wMpIAO +R0lstmlDfiKvecyE6S4v +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT OV ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDeTCCAv+gAwIBAgIRAOuOgRlxKfSvZO+BSi9QzukwCgYIKoZIzj0EAwMwgYgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz +ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD +EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx +ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNVBAoT +EEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIEVDQyBDQSA0MFkw +EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXYkvGrfrMs2IwdI5+IwpEwPh+igW/BOW +etmOwP/ZIXC8fNeC3/ZYPAAMyRpFS0v3/c55FDTE2xbOUZ5zeVZYQqOCAYswggGH +MB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTttKAz +ahsIkba9+kGSvZqrq2P0UzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB +/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAt +BgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAG +A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1 +c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw +PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RF +Q0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy +dXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjAfs9nsM0qaJGVu6DpWVy4qojiOpwV1 +h/MWZ5GJxy6CKv3+RMB3STkaFh0+Hifbk24CMQDRf/ujXAQ1b4nFpZGaSIKldygc +dCDAxbAd9tlxcN/+J534CJDblzd/40REzGWwS5k= +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT OV RSA CA 4 +-----BEGIN CERTIFICATE----- +MIIG5TCCBM2gAwIBAgIRANpDvROb0li7TdYcrMTz2+AwDQYJKoZIhvcNAQEMBQAw +gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK +ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD +VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw +MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNV +BAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIFJTQSBDQSA0 +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApYhi1aEiPsg9ZKRMAw9Q +r8Mthsr6R20VSfFeh7TgwtLQi6RSRLOh4or4EMG/1th8lijv7xnBMVZkTysFiPmT +PiLOfvz+QwO1NwjvgY+Jrs7fSoVA/TQkXzcxu4Tl3WHi+qJmKLJVu/JOuHud6mOp +LWkIbhODSzOxANJ24IGPx9h4OXDyy6/342eE6UPXCtJ8AzeumTG6Dfv5KVx24lCF +TGUzHUB+j+g0lSKg/Sf1OzgCajJV9enmZ/84ydh48wPp6vbWf1H0O3Rd3LhpMSVn +TqFTLKZSbQeLcx/l9DOKZfBCC9ghWxsgTqW9gQ7v3T3aIfSaVC9rnwVxO0VjmDdP +FNbdoxnh0zYwf45nV1QQgpRwZJ93yWedhp4ch1a6Ajwqs+wv4mZzmBSjovtV0mKw +d+CQbSToalEUP4QeJq4Udz5WNmNMI4OYP6cgrnlJ50aa0DZPlJqrKQPGL69KQQz1 +2WgxvhCuVU70y6ZWAPopBa1ykbsttpLxADZre5cH573lIuLHdjx7NjpYIXRx2+QJ +URnX2qx37eZIxYXz8ggM+wXH6RDbU3V2o5DP67hXPHSAbA+p0orjAocpk2osxHKo +NSE3LCjNx8WVdxnXvuQ28tKdaK69knfm3bB7xpdfsNNTPH9ElcjscWZxpeZ5Iij8 +lyrCG1z0vSWtSBsgSnUyG/sCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qq +K0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRvHTVJEGwy+lmgnryK6B+VvnF6DDAO +BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUH +AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0 +dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u +QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6 +Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl +BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B +AQwFAAOCAgEAUtlC3e0xj/1BMfPhdQhUXeLjb0xp8UE28kzWE5xDzGKbfGgnrT2R +lw5gLIx+/cNVrad//+MrpTppMlxq59AsXYZW3xRasrvkjGfNR3vt/1RAl8iI31lG +hIg6dfIX5N4esLkrQeN8HiyHKH6khm4966IkVVtnxz5CgUPqEYn4eQ+4eeESrWBh +AqXaiv7HRvpsdwLYekAhnrlGpioZ/CJIT2PTTxf+GHM6cuUnNqdUzfvrQgA8kt1/ +ASXx2od/M+c8nlJqrGz29lrJveJOSEMX0c/ts02WhsfMhkYa6XujUZLmvR1Eq08r +48/EZ4l+t5L4wt0DV8VaPbsEBF1EOFpz/YS2H6mSwcFaNJbnYqqJHIvm3PLJHkFm +EoLXRVrQXdCT+3wgBfgU6heCV5CYBz/YkrdWES7tiiT8sVUDqXmVlTsbiRNiyLs2 +bmEWWFUl76jViIJog5fongEqN3jLIGTG/mXrJT1UyymIcobnIGrbwwRVz/mpFQo0 +vBYIi1k2ThVh0Dx88BbF9YiP84dd8Fkn5wbE6FxXYJ287qfRTgmhePecPc73Yrzt +apdRcsKVGkOpaTIJP/l+lAHRLZxk/dUtyN95G++bOSQqnOCpVPabUGl2E/OEyFrp +Ipwgu2L/WJclvd6g+ZA/iWkLSMcpnFb+uX6QBqvD6+RNxul1FaB5iHY= +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT Personal CA 4 +-----BEGIN CERTIFICATE----- +MIIG5jCCBM6gAwIBAgIQMQJw1DW+mySa+FbQ4eKFSTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw +MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBGMQswCQYDVQQGEwJOTDEZMBcGA1UE +ChMQR0VBTlQgVmVyZW5pZ2luZzEcMBoGA1UEAxMTR0VBTlQgUGVyc29uYWwgQ0Eg +NDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALNK4iJeJ1vpBFsUBDUy +IBSutNIxQMbNUMAeoUTKr55KYX8tkN5imzNqLaRCypYBPP9wED2AaO6e8njkbjzJ +wLgPqDBkW9sG3kmi3GW6cF4Hwr5ysZqve/5EJDhV+9OhfTu/4dMnoR4Q41HcjMk9 +MzLOADAQ0awBZ/29r0d49AUmIKELNeqEqmnTN6fndL7x/2K0TLToZLxqS7sy/Jvi +0wEFr0CfdjcAsioh7KaD+Jizyb1aRKQzJ6Q20VEHX7UqWc1SkzTkbz6xj0S5ydBB +FQh0fNiy+qM/deVpK4HgmPSJrrpQZ+LlbHfWabmwoDPxF71QZVYiqrrAoUrGRJ+4 +7iLBiIg8miIYS7Hd2ppvAUt24CugMXUjETjQ+oYh09fNi5n/AvoER8UBvTHLxt+b +lL0bvL+2z2YiUWk+2Qtn+dD+JU5Z2y71qV7+cr+4YXjvGzF5bYsi8HiwflTb4Php +3y+k1twKtchdcq2QGc0eDG6Y01nRHUiyr8/PtMAsLHEPNZ2wzsA7fb8mftHiV20Z +FmYqknJ8AIOfwdTVA+E62JayOJ+sxadqcmFDorsz/mrPwGZ8+txr4xSuvVjg0dlv +0yuA+1YpBDIYNfL4bkX+IcZ1mTstL4Xw0f4N2iW3bBmnPnYmoYxMM8gflCiTgss7 +3nBvG2f7v1PD7BDGYNO4iD4vAgMBAAGjggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9a +qitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUaQChxyFY+ODFGyCwCt2nUb8T2eQw +DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI +KwYBBQUHAwIGCCsGAQUFBwMEMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUF +BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9o +dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv +bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw +Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw +JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN +AQEMBQADggIBAAoFTnsNjx8TOQD9b+xixsPt7Req4wHMeNw/R5dddEPgQAQAYJZK +z5BEv1cjGbH7nbPH3AxrxhN6OVH40p6OLIo9MXSrrfMzGs7/P+FTCjwgNxFEtLQ1 +KC9NboA3asJcl7mIs3l8h9iAgEH1zLUvq2s+5n++NQmbzudDsTFDMapY3kX1TwyU +CTRzmItqcbsYIyg2MeIXWfRtqPqC5R4bufmpzA5BPINLX340Sp/CNQ9QZqw3Vkfy +HWwTo+vO9Gm2L6srNamJT6Lb+TeXZvl8UPL5a72O/pH0GgGHjt6z9QzPARnaRKsh +VWviNK6ST4WmZHllu3CJg0BXqx1vWyswawgvNeWt1qxITacYe9mSWTbNR2CftvTU +werruDSY2jMaZPoNqbjUpuG/blYwWzzvVerBUhviAahPXJF/9V48ybWPBq6qKOEo +kW+s3B4ad5sY96KlovEijaIQDip1HO0SD+rLNYaiBcr9MV2aK+DfbZ8w9BaNCQyF +EYwzxIKOVk3bYvzHRk5ihUDascmbk/bkiNl74c/KfuKQmJImaqWoWZR6jBcXcPV0 +WUIKz/nILTpFhGojZEQW77by3aezAi9jrEIUBHRG1LwzPbJc2V3SOzYyaJFQatzu +KZbN1Q9s9y/2x1QXtKwREY8jNgvx0iIfOK35gKgYJJcyDql4XfuEc2nV +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT Personal ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDfjCCAwSgAwIBAgIQdpAhff5d1sLEUCfF3NFaJjAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMjE4 +MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBKMQswCQYDVQQGEwJOTDEZMBcGA1UEChMQ +R0VBTlQgVmVyZW5pZ2luZzEgMB4GA1UEAxMXR0VBTlQgUGVyc29uYWwgRUNDIENB +IDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQYZ2cR4O5tfdskg2NNo346Noyo +enQjWhWQElTQQ+brmMxr5leW1AfpAJ9bsaUadsCJJnA5ycFITYjXfl/XvfPko4IB +izCCAYcwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYE +FKgtbYEyZI3msk+s/hHyZZmFE6luMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E +CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAE +MTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D +UFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT +RVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEB +BGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU +cnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51 +c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCCX6P32oo7RiAIk1DIekZM +nFGZwY+xJoZ5HyChGc1Ncuupnh7Ezukr1EnL+MyAhNcCMD6DlSMWE5I++OBvznnX +1npjvntLcKogArAPjLglGGeymFt4U6pdy7/C0/miHCPuDA== +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT S/MIME ECC 1 +-----BEGIN CERTIFICATE----- +MIIDdjCCAvugAwIBAgIQDJz22V5XPKzFUHJkSyvftjAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTE0MFoXDTM5MTIzMTExMTEzOVowYzEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdFQU5UIFMvTUlNRSBFQ0Mg +MTB2MBAGByqGSM49AgEGBSuBBAAiA2IABHHzZBx8BXADofSXSxbumNUgOW7oPUFD +MTBf97xIFnUvxGf449zwH17IBxs6EnsIRSZ80+3fMPGm7PcW4bogQmpStkHsbhl/ +yc+R0YudJcnXnC+HuGwkKlk9hoXX+gtBJ6OCAWYwggFiMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHwYDVR0jBBgwFoAUUgjSvjKBJf31GpfsTl8au1PNkK0wUAYIKwYBBQUH +AQEERDBCMEAGCCsGAQUFBzAChjRodHRwOi8vY3J0LmhhcmljYS5nci9IQVJJQ0Et +Q2xpZW50LVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8G +CCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUzAd +BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwRQYDVR0fBD4wPDA6oDigNoY0 +aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUNsaWVudC1Sb290LTIwMjEtRUND +LmNybDAdBgNVHQ4EFgQUccTTotYuiaWImnarwbliZz8kZeswDgYDVR0PAQH/BAQD +AgGGMAoGCCqGSM49BAMDA2kAMGYCMQDbRE4Sf4j5cdd9PlC4xjnNvJxfsDX5ouYb +3ffJ6ukmEjI7RnHm6xJ2V++40nWYVfgCMQDfXaawZpZymK4CBIMHxoViSYBHw/Mm +JOG3trrP+Q4Kb0AfJb/S2ojAD+EAKiiB5hM= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT S/MIME RSA 1 +-----BEGIN CERTIFICATE----- +MIIGRDCCBCygAwIBAgIQFfmubKqNLtTTb3h/Htx7ATANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTMwOFoXDTM5MTIzMTExMTMwN1ow +YzELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGzAZBgNVBAMMEkdFQU5UIFMvTUlNRSBS +U0EgMTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKu4bq/+byKjHo25 +Xz32YBmO+Wrkmc+UmfcdXSCI7yawwU9JSMEHAAKAASaJpLr9JAyt+tlB/rn/Sazn +SwY4ipBIffR0D5k/ndfiI553dWgI4i/tkOGlNej/7JyE2CS9kTlOOs6pg5HaDpwq +jAhCkje+IByg5gKWH6lzvMJo5jQOtsGB2q6e5cYKwa9LJOAcR8iquds9LFssbHSM +uVdSuTjpAjcGLqWfW++C0YXpWD+UonjQ6lNEuiKUDmrFc+SEtLw56lYtp4uuxm4L +W/HQSsx+oGwMBqaR6HhBQ3LydONjsbcbegRqJZFJoLsnwIHorEag44UIvjXzYJAx +/NTiwVdHldO7cEvWscDbyQLR9koBoliq2HrgYFQs7NQxU+7MLNSh8i6znWVNISUE +g36M//I8BZl4VqD70ELlhKKN7rx+i7BwKOd2gxdWgFJhkPyQu9o+82R9epXiRblo +/rdkyv+2BFR7VpbgPUzncdi8/0h4dP/qQFYnA+Df0FFj7gYczwIDAQABo4IBZjCC +AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSg1gc9XiT3e6BELiRS +DRmqKwSRpzBQBggrBgEFBQcBAQREMEIwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jcnQu +aGFyaWNhLmdyL0hBUklDQS1DbGllbnQtUm9vdC0yMDIxLVJTQS5jZXIwRAYDVR0g +BD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9yZXBvLmhhcmljYS5n +ci9kb2N1bWVudHMvQ1BTMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDBF +BgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtQ2xp +ZW50LVJvb3QtMjAyMS1SU0EuY3JsMB0GA1UdDgQWBBTrsi87/a4CzCpEBl0lzR0S +ImiwRzAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADveuEX23Dwr +kygKtsF7DmcTGmi8SE20jmJLe0TMT8Nws1NqppE0ACym1agtY1IjUFm5MWabG/Ic +vRTh8sB9cRZgDQMqZLNCLofqL4aj/dKBXH4bwH2MVdjNHBoGvZkyhRz/kBE+x1va +WXclhWQMOX5nVvRMfiEJiYotMP7KM88IaVZ9DkGJJEVftsnUWuvCWUtjagD6XWlq +LHjNl+LufiZ/h9lDvaWqG1/obfdStgofMc30RL+ES6gYKRwZpCA1coFzXV7Cnwx8 +toTl8bReqCNXexKzxlqAcRXPOmlKkJQuqRI297oNuMPnoNZCY+yLnxyd4kZuu0Xc +OTNTpVjM8bvg8ACqhSYanrNDi/zTiTk7gwm9GyH1X45fFNGNEFgpIaApjT2UELuk +DOmP18ZwC4EQeHawPJIqffMEmUJm6qbRPKGnNmcyygh4iZU3QbkRLLp3Z6QV3WoT +Eqyf5mL9qTGS6WJG65L8oaKw1Xh/bdGuVIDyBahpfP2c2pCd0UH6+x73Rrq9GFlO +ijVr2OQSvKhzETNG917SvcURCBhMnIQFUXqHQyIY60eH1po6WtNOq/1K5kpOG6Sq +1RVc02LEit48uK4tRMVUKekSOjruGXW38DmAriPcMHjI6VQbqjc0Sq1VPz76ee4F +M5uLviSUZHYqDDqMWa8LFImK9iiKI8E3 +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT TLS ECC 1 +-----BEGIN CERTIFICATE----- +MIIDNzCCArygAwIBAgIQQv3c4SYWB+Gl5pNaQAFh3TAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTI1MDEwMzExMTQyMVoXDTM5MTIzMTExMTQyMFowYDELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExGDAWBgNVBAMMD0dFQU5UIFRMUyBFQ0MgMTB2MBAG +ByqGSM49AgEGBSuBBAAiA2IABANPWLwh0Za2UqtbLV7/qNRm78zsttgSuvhn73bU +GtxETsVOEZeMUfMjgHw8EwrsSJI9oj0CgZQFFSEY1NJfcxA/NJiOYJUKPsFbpOrY +dr0q4g+aBZsXWeh7bMCzx24g/aOCAS0wggEpMBIGA1UdEwEB/wQIMAYBAf8CAQAw +HwYDVR0jBBgwFoAUyRtTgRL+BNUW0aq8mm+3oJUZbsowTQYIKwYBBQUHAQEEQTA/ +MD0GCCsGAQUFBzAChjFodHRwOi8vY3J0LmhhcmljYS5nci9IQVJJQ0EtVExTLVJv +b3QtMjAyMS1FQ0MuY2VyMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggr +BgEFBQcDAgYIKwYBBQUHAwEwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC5o +YXJpY2EuZ3IvSEFSSUNBLVRMUy1Sb290LTIwMjEtRUNDLmNybDAdBgNVHQ4EFgQU +6ZkGjRcfq/uWGlrIW15dXuzanI8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMD +A2kAMGYCMQD2M1caaY2OwmthgmANUQg3LBLI0/2LiCdxa2zNq0G59wVzbjEk0cR/ +px52OegIwRACMQCk+iTmBlR6Xfv6igiiaFiPYfN2HfbcYLWbot5DZ2H1b4JVJV+V +rga7uu50SDG9hf4= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=GEANT TLS RSA 1 +-----BEGIN CERTIFICATE----- +MIIGBTCCA+2gAwIBAgIQFNV782kiKCGaVWf6kWUbIjANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTI1MDEwMzExMTUwMFoXDTM5MTIzMTExMTQ1OVowYDEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGDAWBgNVBAMMD0dFQU5UIFRMUyBSU0EgMTCC +AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKEEaZSzEzznAPk8IEa17GSG +yJzPTj4cwRY7/vcq2BPT5+IRGxQtaCdgLXIEl2cdPdIkj2eyakFmgMjAtyeju8V8 +dRayQCD/bWjJ7thDlowgLljQaXirxnYbT8bzRHAhCZqBakYgi5KWw9dANLyDHGpX +UdY259ab0lWEaFE5Uu6IzQSMJOAy4l/Twym8GUiy0qMDEBFSlm31C9BXpdHKKAlh +vIjMiKoDeTWl5vZaLB2MMRGY1yW2ftPgIP0/MkX1uFITlvHmmMTngxplH1nybEIJ +FiwHg1KiLk1TprcZgeO2gxE5Lz3wTFWrsUlAzrh5xWmscWkjNi/4BpeuiT5+NExF +czboLnXOfjuci/7bsnPi1/aZN/iKNbJRnngFoLaKVMmqCS7Xo34f+BITatryQZFE +u2oDKExQGlxDBCfYMLgLucX/onpLzUSgeQITNLx6i5tGGbUYH+9Dy3GI66L/5tPj +qzlOsydki8ZYGE5SBJeWCZ2IrhUe0WzZ2b6Zhk6JAQIDAQABo4IBLTCCASkwEgYD +VR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQKSCOmYKSSCjPqk1vFV+olTb0S +7jBNBggrBgEFBQcBAQRBMD8wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jcnQuaGFyaWNh +LmdyL0hBUklDQS1UTFMtUm9vdC0yMDIxLVJTQS5jZXIwEQYDVR0gBAowCDAGBgRV +HSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBCBgNVHR8EOzA5MDeg +NaAzhjFodHRwOi8vY3JsLmhhcmljYS5nci9IQVJJQ0EtVExTLVJvb3QtMjAyMS1S +U0EuY3JsMB0GA1UdDgQWBBSGAXI/jKlw4jEGUxbOAV9becg8OzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQELBQADggIBABkssjQzYrOo4GMsKegaChP16yNe6Sck +cWBymM455R2rMeuQ3zlxUNOEt+KUfgueOA2urp4j6TlPbs/XxpwuN3I1f09Luk5b ++ZgRXM7obE6ZLTerVQWKoTShyl34R2XlK8pEy7+67Ht4lcJzt+K6K5gEuoPSGQDP +ef+fUfmXrFcgBMcMbtfDb9dubFKNZZxo5nAXiqhFMOIyByag3H+tOTuH8zuId9pH +RDsUpAIHJ9/W2WBfLcKav7IKRlNBRD/sPBy903J9WHPKwl8kQSDA+aa7XCYk7bJt +Eyf+7GM9F5cZ7+YyknXqnv/rtQEkTKZdQo5Us18VFe9qqj94tXbLdk7PejJYNB4O +Zlli44Ld7rtqfFlUych7gIxFOmiyxMQQYrYmUi+74lEZvfoNhuref0CupuKpz6O3 +dLv6kO9T10uNdDBoBQTkge3UzHafTIe3R2o3ujXKUGPwyc9m7/FETyKLUCwSU/5O +AVOeBCU8QtkKKjM8AmbpKpe3pHWcyq3R7B3LmIALkMPTydyDfxen65IDqREbVq8N +xjhkJThUz40JqOlN6uqKqeDISj/IoucYwsqW24AlO7ZzNmohQmMi8ep23H4hBSh0 +GBTe2XvkuzaNf92syK8l2HzO+13GLCjzYLTPvXTO9UpK8DGyfGZOuamuwbAnbNpE +3RfjV9IaUQGJ +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT eScience Personal CA 4 +-----BEGIN CERTIFICATE----- +MIIG8DCCBNigAwIBAgIRAKoycu7aGxmmN/byVir07vEwDQYJKoZIhvcNAQEMBQAw +gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK +ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD +VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw +MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowTzELMAkGA1UEBhMCTkwxGTAXBgNV +BAoTEEdFQU5UIFZlcmVuaWdpbmcxJTAjBgNVBAMTHEdFQU5UIGVTY2llbmNlIFBl +cnNvbmFsIENBIDQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCVokk9 +uR1UAJRcNg1NTatsuxEwya7FpTRm5wcbSJqSLeUd5gjI2zHzwjaevHwCjN716blp +iyvEVr96aGw2y+FrVo/0yr0+/XoK8WdkB64j3KmOdUttTTXERY1T1vXxvkZhchHl +JvD/VVDIt/V/xg2iDpAa2N3SW0SNSyuAGqtVaCTM4eOEgVT1Nyg5VtQJVLujMrvv +cW6+1W1rLR2O05FxQtINVnrblTKWotAitEv8yMe9qQr1Fz4sdyVj2cBwEk/zQLok +JRCSw981Hoh5kwt4AVMSxjfeSRjx0Wt0C6ioRJ8WAfSWGNDZwnUWZ4nJrW2UWtdJ +Z59t2VByBR3e8MlVTVE4pirg3R5lCCIzPhNLQm25Rap/a4m3+e9A+Jnjgfi3XzSB +fd+gcMh1xBXK+YOOfbnZW4H8T1Ty9I/HKsUp/isLV8TJsFOLZCyuV14qVfi8jmRU +0wYIK4vQRj2M7VxCyH4MPn6lgnyecIieL0b4gFNWhE2waH2gfigvpQWH6bQuSWIh +l0PaRDWFavo1SNTFKdAVQDK7w3Iw3XzOhQnjHgU/idvqd5eaqa2G4VN1vV1pNirC +LXJccKK49zDSS1IFMX9iQC4YFxc/BbWRndI3smg05dcYn7Di73B0EzFFO6dyg0WD +r2N9G/8fgjv89biSARMNzjtg2XR2cLxdT8PAYwIDAQABo4IBizCCAYcwHwYDVR0j +BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFLYvVVqwyWAZ788J +WtHxE51sjMkEMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G +A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAEMTAvMC0GBFUdIAAw +JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkw +RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNl +cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF +BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRy +dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t +MA0GCSqGSIb3DQEBDAUAA4ICAQB7IGXk1vGM4J73d8UD3f71UqLxom42Icu/IP0V +nrIRzbAmz+C++7Bir4mqkKWt89dd9ZlIK8Ez5Y97tDEEd2eICo6dTvy5JOxiYsWK +iubpyqmW/K0xjUqutANMxxGXQOJn13RnI9OHSxNXng5OoM66O5Eq08vXdcQbXF3i +qPf95g94OJVoyFwlmYiIMuV6cOCVNShbGKvFPpNB4p+7vr2FJ7ZeHEmiZKMXO8ex +3Uq5j1riVT/4tCemFz7dSpaCkHJ0xj5Ayknj14+t/lwF7IcOdP9/15uDp8HkgNh9 +xXkFqF3wtLkidVvmmbvDmOQiLJL6Hj6MxwEwI7Cf4ZN/UH0eIra7tEgMP+mkdNtR +K3tB4lQNLquWBr25PbzMiK5LfXPGL+odDAb/7mE1ClQtg28gohf+Ms9hQ4y2rZSG +sYUgh+U++Yn+HlYKI26tl7qB6lFcQb6Prc1SELAEFob8yMFkZ3UnXXLRUkLeM50K +WV9s5wu4Rn6Rzp722wdTQoBeaSxZ5bjmT3QerGV2GaRmuYjLxdYGZ5Co07DI+qEJ +Tj4mbpHx/OiqD7tR9i3rHpPyTjpD6MhJ3U4EjZfd6UMWGMz3Zcw0tvJe1cLpNRX8 +yjTdSxF1/H7ni7/IHkK4trIBuc58YPbZXAfYTcPugPwQE6N7RcfQHA4McFX91SZa +DskXUg== +-----END CERTIFICATE----- +Subject: C=NL,O=GEANT Vereniging,CN=GEANT eScience Personal ECC CA 4 +-----BEGIN CERTIFICATE----- +MIIDiDCCAw6gAwIBAgIRAPFVZjGnycu/NlCaWpIPalkwCgYIKoZIzj0EAwMwgYgx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz +ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD +EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx +ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowUzELMAkGA1UEBhMCTkwxGTAXBgNVBAoT +EEdFQU5UIFZlcmVuaWdpbmcxKTAnBgNVBAMTIEdFQU5UIGVTY2llbmNlIFBlcnNv +bmFsIEVDQyBDQSA0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3Oad56Xl15SY +nK3MmKcZUEu17k4jApQvPwTnGUqFxMbgDvAtxJtWqbKk8qvCOcZ/oCyrHkloS6Nf +AiTDTV5bZ6OCAYswggGHMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa +MB0GA1UdDgQWBBTt5lFk6mex24xLv7WAJ5g/2CMeZTAOBgNVHQ8BAf8EBAMCAYYw +EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH +AwQwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj +dGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy +dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2 +BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0 +LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0 +cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjA8KoDpeqid +slDXmfwHD7kr0XTY8rOdQBWMzT5uU7nPROEYLK00Dc9w/J4M8CGaLX8CMQDoaX4P +os4y0yfmvRAPaFZxyJi1ZHaZh+G0dX7ggOEyMHmT0P57T6TjdfcBr1G/J/M= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA OV TLS ECC +-----BEGIN CERTIFICATE----- +MIIDcjCCAvigAwIBAgIQbIPKxKaS8zQphK9yBQyPDDAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTIxMDMxOTA5MzM1MloXDTM2MDMxNTA5MzM1MVowYjELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBPViBUTFMgRUNDMHYw +EAYHKoZIzj0CAQYFK4EEACIDYgAECLBRkImpVT10VjeoeRvNhOsxxQe+XVQO37r8 +PPKVlSWR/+78tD+FMEUTLGGjVUd4+KFCM2Yc2V3fZyoQIaxUzbhUYwIavuaF0V9l +t0cfPISZ1rcQEHn3yAr1ON1eoT3jo4IBZzCCAWMwEgYDVR0TAQH/BAgwBgEB/wIB +ADAfBgNVHSMEGDAWgBTJG1OBEv4E1RbRqryab7eglRluyjBUBggrBgEFBQcBAQRI +MEYwRAYIKwYBBQUHMAKGOGh0dHA6Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9IQVJJ +Q0EtVExTLVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8G +CCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUzAd +BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwQgYDVR0fBDswOTA3oDWgM4Yx +aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLVRMUy1Sb290LTIwMjEtRUNDLmNy +bDAdBgNVHQ4EFgQUvrSdrMbKJ79Ox9kcg/5aTh6XB58wDgYDVR0PAQH/BAQDAgGG +MAoGCCqGSM49BAMDA2gAMGUCMQCBJIThQHLwid4SHT+YoWXd7tEFwKf6OsIX+M4U +fh2/UAp8bCiB7D/lcAvFj9YPajcCME5DsmcLbYE7D44HlLoqVcr7RDdh84nG6Dsp +8+YS3BnKAIONAWeGq4jawr3lD667Mw== +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA OV TLS RSA +-----BEGIN CERTIFICATE----- +MIIGwTCCBKmgAwIBAgIQHEYUQ2gTTV1QnQ3HytsfuDANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzQxN1oXDTM2MDMxNTA5MzQxNlowYjEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBPViBUTFMgUlNB +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBjrEt4NmTflA4DbZjPC +HIHeSKt4GSvZrb8Wr9K/xCe/US+tRc7lMvp0SJSxtfEbb9tNo5I99YYegbgT2JOo +8E/d7fblR/x25dHORtfe2xAO8liK8aswTmb69QXIP81zNnC7juFWgnfDZg8Loz7m +O8qcKeYS7pejngD4YeiVTf3j2jyJ5BI4Y24IWwcO9Er1hW282He04eQTa9z3Ta9K +00jG7foADE9q9ZOgPAiNV3tDzsaGC5HftgdmJurC/t+SD7wTLNSOGeCBf0g3jIhE +QW8FAZYp4OpytgVk8yEtos0izSIXqJn9AMG/HH21EO2tb6S09+8NZEFGh/+GoGuD +vDW2Nhw6FZm/yctI6nvJI4t2du39gyXql15w6ENucbM8nAyn3rcx6sHAjjgGZw98 +PRnaXXj3lMWvRSpWbBBrV0cj7eJaVFhDR+OG/2jPi8xqXaFaFGvInGW43HpQDAE5 +ATZ+8uywd1S8jA484TmyKr2XUx3OIwvpRxZDy0GvHWiqq03liS/d83vFVvZRq34H +AMKSeLpLt6XpucnwNWJyv5RvmzsTzKfL/XrwJ9tkXWWp+sqGuScZNZApKMUhS+7w +NKv84eX/YBKmtuQch6Xgbw0D8JjBk4my35qLw4wGhX8AM1gVErcotCrMwswiSTLy +XJxm/VX2p8xRWCgrS49G2eMCAwEAAaOCAWcwggFjMBIGA1UdEwEB/wQIMAYBAf8C +AQAwHwYDVR0jBBgwFoAUCkgjpmCkkgoz6pNbxVfqJU29Eu4wVAYIKwYBBQUHAQEE +SDBGMEQGCCsGAQUFBzAChjhodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMvSEFS +SUNBLVRMUy1Sb290LTIwMjEtUlNBLmNlcjBEBgNVHSAEPTA7MDkGBFUdIAAwMTAv +BggrBgEFBQcCARYjaHR0cDovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50cy9DUFMw +HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEIGA1UdHwQ7MDkwN6A1oDOG +MWh0dHA6Ly9jcmwuaGFyaWNhLmdyL0hBUklDQS1UTFMtUm9vdC0yMDIxLVJTQS5j +cmwwHQYDVR0OBBYEFOCbPX01Y8XsnQdzqKeJIPRPhPujMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQsFAAOCAgEAbd2n5s7VSvUO8NUXH11Ml5Pdh+W+AaWEJdwG +8qtnSX+/WL33OsJx1YN5jNjSoEWK4kswoEvrrMP7rg8w920kL5lzgoByQbP3jrJL +Pj4LnvuqIFj6lz9eMA1kgYqy5BvnepQB/smx58K/CNadvXhtxSU+PuIgoaoKexHM +9AWAMIIKFkE/SbYd8lR2mzp5rgeSD+rYExOxvpG/f713fDFRTH+SyqMREw34d2rD +dtSBK5GerrV1F7C//KGM016EWCz59kutui8qyZJNq7dw1BChbEo1ho9ekN5nQ8t/ +ckF7lJkrMoYRyZobJbQs45BfDMXyRFT4u4N1Z+2GyEvgryqlIQfQ3SUamELnQ6Ta +3oia4pLt/SYrRJOJ3I1EhlMgmi9dS/vCiXcDoMqConepk3/gDFtf8NatbQk2+vBW +mkTcSxlAktWFFu3iAN+0hOPQWDtXofUecFVLwNzAFMhVFw8yd9h8AuM3ThZPNSW1 +0IFer8+cEkvBy2VBbg2MtXn3Duu3NGJk9xf1e752048foDAfrRcuPTZdijtvRFJ+ +G1d/8t9mQqer39S8HONbR+1Zx6KjlFbTkq+Jaivcg6X1JapDjDG8PMiaPX8WE5Tt +jmZ8mSoDuXjqXaQ03VFrr+IweD985Ryq/eDM79dQc8SawzNwzLdNkmczMhLfE9ut +wIHJbMg= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA S/MIME ECC +-----BEGIN CERTIFICATE----- +MIIDejCCAwGgAwIBAgIQR+QjpXN0lyzfL5Q4f0wP1DAKBggqhkjOPQQDAzBvMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBFQ0Mg +Um9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzY1OFoXDTM2MDMxNTA5MzY1N1owYjEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBTL01JTUUgRUND +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEbidoUrQSTETj3yKvZfP8hz4cjWJYLu2S +BQVAorbEw3a9bbiaYGSreAJJamuTKI/8EiGjOZ3gAxlWZirpKofebc+lqDa87zjh +E88mIhT+WYBu4S/0+lb0r59quKF8Y0pHo4IBbTCCAWkwEgYDVR0TAQH/BAgwBgEB +/wIBADAfBgNVHSMEGDAWgBRSCNK+MoEl/fUal+xOXxq7U82QrTBXBggrBgEFBQcB +AQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9I +QVJJQ0EtQ2xpZW50LVJvb3QtMjAyMS1FQ0MuY2VyMEQGA1UdIAQ9MDswOQYEVR0g +ADAxMC8GCCsGAQUFBwIBFiNodHRwOi8vcmVwby5oYXJpY2EuZ3IvZG9jdW1lbnRz +L0NQUzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwRQYDVR0fBD4wPDA6 +oDigNoY0aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUNsaWVudC1Sb290LTIw +MjEtRUNDLmNybDAdBgNVHQ4EFgQUTq8v2Rh752P2xakBhmVdLF4791YwDgYDVR0P +AQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMEayoDfZOkZgvT13XbjuSpKc2m/C +cEQqYDwGIyXBhZqyMoMyDcthQsiEwBW3lHT5IQIwIT2kzroVW2iWhRF3vaTEAo3m ++AosNW84YGle0MMG2SDIoQEJiqhjRfQwZHHeBzCE +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA S/MIME RSA +-----BEGIN CERTIFICATE----- +MIIGyjCCBLKgAwIBAgIQKU8NCxll7jtXyXGT7O5U0zANBgkqhkiG9w0BAQsFADBv +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEnMCUGA1UEAwweSEFSSUNBIENsaWVudCBS +U0EgUm9vdCBDQSAyMDIxMB4XDTIxMDMxOTA5MzczOFoXDTM2MDMxNTA5MzczN1ow +YjELMAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBS +ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ0ExGjAYBgNVBAMMEUhBUklDQSBTL01JTUUg +UlNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5TUrmNU21Y8gpvrx +XCCOJS54uCyv6H6HQ1NCCz2FCg04VaNEuRYFGSXbxC88u/Q3M/MfegErs6MlLg5j +gaAD7UYRpFMs/rS6Z6Pr45LDaWHTsS7gjhYaq47+iO0+17eTc7VWeTFzZji3ocFA +CiXc+tEDRXSGal+qu4s6/Zmexmtp3P8QodrLgy6mAXO7necfkCoyBVjUcixIvPeR +1NeFWfy2io7QU+Wf4Wm18259W+oJgxH0mgfFKgGrz/c2BokxzdXFvuKggVWEh/p0 +jy8uRQOGcMRT2fyUh5LM6zRBGObE8xIiRfforJF2CGSu1B0wj0jCmFG8Z2UN55xk +EH+HKpQlm+S0mvez7YYUqMobN1RjTWHSZQoX2nuYk0no/cxbUl/AVXE0fq3DkNv4 +fdTGfLkTJ42qdyAIpjEjkLgrb4C4CT2IxPuNCLCE25SnVmydA7CuMmbwfljWwkE4 +JyO23QL90baDIcEg/NYp/IueW9qu8YwCX5ipJhflzqnjONFKDlC93FnoQ/i/ALIk +MOhjCrHePX3/F7OWXWAoIRdbqoCNvN4KnJfcFJCcPDOGY7qds5cMcII3uKhhsRCQ +Jg2KKGvVdwp1oBIibuVM+cIZi3QucK8TfssODws1WNce5RV+Gniv5U4dhS+5nPvC +gQr6a8wL4ha8hc8ovXEhrrBHtOMCAwEAAaOCAW0wggFpMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHwYDVR0jBBgwFoAUoNYHPV4k93ugRC4kUg0ZqisEkacwVwYIKwYBBQUH +AQEESzBJMEcGCCsGAQUFBzAChjtodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMv +SEFSSUNBLUNsaWVudC1Sb290LTIwMjEtUlNBLmNlcjBEBgNVHSAEPTA7MDkGBFUd +IAAwMTAvBggrBgEFBQcCARYjaHR0cDovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50 +cy9DUFMwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMEUGA1UdHwQ+MDww +OqA4oDaGNGh0dHA6Ly9jcmwuaGFyaWNhLmdyL0hBUklDQS1DbGllbnQtUm9vdC0y +MDIxLVJTQS5jcmwwHQYDVR0OBBYEFJX2FFz9LqSMQ6C3jgW0Orbsgg2fMA4GA1Ud +DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAL2XgP79Wk/ijkQOI55UihqPR +m68QXb1IDKYCmQiJFkqNQOf/Bt10RjtASV2kjDEQoI4cnmwB++Pd8A9kyFdWPwJ2 +bX68XvFvHX6FzejNwJ5b6wIiz1W3QlHZwhTSoV0KHh4H4gzD8N9X4HwfESVYRkQF +3tTg1VnZJI2ggCg5201X3BI6YLDc4GltF5EORVzT5xPpMiNHxDivoP8tEdijw5Jh +kpCDG8BbpbfXQ1HjPRawQ4w6w1aXgyhajLAhjZdLOfpmZO5EbYai46m/niK5mKTU +/RFupYhNsejfD5wm6JEZbisV5SXVPbmIXrTwvt66lGvgSb3X7waCFIVuwr71qc/q +YNyvXA4ALSchFU8xqWDu2StWrB3i3CzNR2DMz18yYpjeJehuuhsIZu+Ku4CML1O3 +nlKCXx3EbABVAJkXhbDqHnUw0kqPHh9enYcXdJ8zjLhHVBghdLfpOmp9ZtIOjquL +mi+OEwkhOv6bC4IXpY57c5bBzK9DCoffE1LG/JUfOSE0B6kuTVyXvFhfq7BK5LcJ +WieXlSD3COOcqBQ62eHKpRPEYOLdAHDdOq6MBHHMAVUkB/pAFgDj0twB+xP2FUUk +ycRBPSiBgQEnuI8QLrQXB3FDSXqh+I8jfUcVc7JvgvG4bLMjozgFB58A7gJ5YDce +4P4ckMdKzbAXPa5tY2Y= +-----END CERTIFICATE----- +Subject: C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo ECC Organization Validation Secure Server CA +-----BEGIN CERTIFICATE----- +MIIDrjCCAzOgAwIBAgIQNb50Y4yz6d4oBXC3l4CzZzAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAy +MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT +EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMP +U2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIEVDQyBPcmdhbml6YXRp +b24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZI +zj0DAQcDQgAEnI5cCmFvoVij0NXO+vxE+f+6Bh57FhpyH0LTCrJmzfsPSXIhTSex +r92HOlz+aHqoGE0vSe/CSwLFoWcZ8W1jOaOCAW4wggFqMB8GA1UdIwQYMBaAFDrh +CYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRNSu/ERrMSrU9OmrFZ4lGrCBB4 +CDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAEC +AjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF +UlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE +ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy +dXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz +ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAOk//uo7i/MoeKdcyeqvjOXs +BJFGLI+1i0d+Tty7zEnn2w4DNS21TK8wmY3Kjm3EmQIxAPI1qHM/I+OS+hx0OZhG +fDoNifTe/GxgWZ1gOYQKzn6lwP0yGKlrP+7vrVC8IczJ4A== +-----END CERTIFICATE----- +Subject: C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Organization Validation Secure Server CA +-----BEGIN CERTIFICATE----- +MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx +MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV +BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE +ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6 +YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q +9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x +on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h +fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi +rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ +YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow +HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn +Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/ +AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG +BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl +cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy +bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy +dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ +aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA +lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6 +pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP +bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3 +OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn +R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc +SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf +FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO +s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc +6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV +idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH +MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU= +-----END CERTIFICATE----- diff --git a/download/1.7.0/server_cert_root_cas.pem b/download/1.7.0/server_cert_root_cas.pem new file mode 100644 index 000000000..5e85fca81 --- /dev/null +++ b/download/1.7.0/server_cert_root_cas.pem @@ -0,0 +1,152 @@ +Subject: C=DE,O=D-Trust GmbH,CN=D-TRUST Root Class 3 CA 2 2009 +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF +MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD +bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha +ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM +HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 +UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 +tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R +ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM +lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp +/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G +A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G +A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj +dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy +MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl +cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js +L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL +BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni +acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K +zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 +PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y +Johw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA TLS ECC Root CA 2021 +-----BEGIN CERTIFICATE----- +MIICVDCCAdugAwIBAgIQZ3SdjXfYO2rbIvT/WeK/zjAKBggqhkjOPQQDAzBsMQsw +CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh +cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v +dCBDQSAyMDIxMB4XDTIxMDIxOTExMDExMFoXDTQ1MDIxMzExMDEwOVowbDELMAkG +A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgRUNDIFJvb3Qg +Q0EgMjAyMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDgI/rGgltJ6rK9JOtDA4MM7 +KKrxcm1lAEeIhPyaJmuqS7psBAqIXhfyVYf8MLA04jRYVxqEU+kw2anylnTDUR9Y +STHMmE5gEYd103KUkE+bECUqqHgtvpBBWJAVcqeht6NCMEAwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUyRtTgRL+BNUW0aq8mm+3oJUZbsowDgYDVR0PAQH/BAQD +AgGGMAoGCCqGSM49BAMDA2cAMGQCMBHervjcToiwqfAircJRQO9gcS3ujwLEXQNw +SaSS6sUUiHCm0w2wqsosQJz76YJumgIwK0eaB8bRwoF8yguWGEEbo/QwCZ61IygN +nxS2PFOiTAZpffpskcYqSUXm7LcT4Tps +-----END CERTIFICATE----- +Subject: C=GR,O=Hellenic Academic and Research Institutions CA,CN=HARICA TLS RSA Root CA 2021 +-----BEGIN CERTIFICATE----- +MIIFpDCCA4ygAwIBAgIQOcqTHO9D88aOk8f0ZIk4fjANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl +c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg +Um9vdCBDQSAyMDIxMB4XDTIxMDIxOTEwNTUzOFoXDTQ1MDIxMzEwNTUzN1owbDEL +MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgUlNBIFJv +b3QgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIvC569l +mwVnlskNJLnQDmT8zuIkGCyEf3dRywQRNrhe7Wlxp57kJQmXZ8FHws+RFjZiPTgE +4VGC/6zStGndLuwRo0Xua2s7TL+MjaQenRG56Tj5eg4MmOIjHdFOY9TnuEFE+2uv +a9of08WRiFukiZLRgeaMOVig1mlDqa2YUlhu2wr7a89o+uOkXjpFc5gH6l8Cct4M +pbOfrqkdtx2z/IpZ525yZa31MJQjB/OCFks1mJxTuy/K5FrZx40d/JiZ+yykgmvw +Kh+OC19xXFyuQnspiYHLA6OZyoieC0AJQTPb5lh6/a6ZcMBaD9YThnEvdmn8kN3b +LW7R8pv1GmuebxWMevBLKKAiOIAkbDakO/IwkfN4E8/BPzWr8R0RI7VDIp4BkrcY +AuUR0YLbFQDMYTfBKnya4dC6s1BG7oKsnTH4+yPiAwBIcKMJJnkVU2DzOFytOOqB +AGMUuTNe3QvboEUHGjMJ+E20pwKmafTCWQWIZYVWrkvL4N48fS0ayOn7H6NhStYq +E613TBoYm5EPWNgGVMWX+Ko/IIqmhaZ39qb8HOLubpQzKoNQhArlT4b4UEV4AIHr +W2jjJo3Me1xR9BQsQL4aYB16cmEdH2MtiKrOokWQCPxrvrNQKlr9qEgYRtaQQJKQ +CoReaDH46+0N0x3GfZkYVVYnZS6NRcUk7M7jAgMBAAGjQjBAMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFApII6ZgpJIKM+qTW8VX6iVNvRLuMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPpBIqm5iFSVmewzVjIuJndftTgfvnNAU +X15QvWiWkKQUEapobQk1OUAJ2vQJLDSle1mESSmXdMgHHkdt8s4cUCbjnj1AUz/3 +f5Z2EMVGpdAgS1D0NTsY9FVqQRtHBmg8uwkIYtlfVUKqrFOFrJVWNlar5AWMxaja +H6NpvVMPxP/cyuN+8kyIhkdGGvMA9YCRotxDQpSbIPDRzbLrLFPCU3hKTwSUQZqP +JzLB5UkZv/HywouoCjkxKLR9YjYsTewfM7Z+d21+UPCfDtcRj88YxeMn/ibvBZ3P +zzfF0HvaO7AWhAw6k9a+F9sPPg4ZeAnHqQJyIkv3N3a6dcSFA1pj1bF1BcK5vZSt +jBWZp5N99sXzqnTPBIWUmAD04vnKJGW/4GKvyMX6ssmeVkjaef2WdhW+o45WxLM0 +/L5H9MG0qPzVMIho7suuyWPEdr6sOBjhXlzPrjoiUevRi7PzKzMHVIf6tLITe7pT +BGIBnfHAT+7hOtSLIBD6Alfm78ELt5BGnBkpjNxvoEppaZS3JGWg/6w/zgH7IS79 +aPib8qXPMThcFarmlwDB31qlpzmq6YR/PFGoOtmUW4y/Twhx5duoXNTSpv4Ao8YW +xw/ogM4cKGR0GQjTQuPOAF1/sdwTsOEFy9EgqoZ0njnnkf3/W9b3raYvAwtt41dU +63ZTGI0RmLo= +-----END CERTIFICATE----- +Subject: C=DE,O=T-Systems Enterprise Services GmbH,OU=T-Systems Trust Center,CN=T-TeleSec GlobalRoot Class 2 +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- +Subject: C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust ECC Certification Authority +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL +MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl +eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT +JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx +MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT +Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg +VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo +I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng +o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G +A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD +VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB +zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW +RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- +Subject: C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw +MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV +BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B +3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY +tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ +Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 +VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT +79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 +c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT +Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l +c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee +UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE +Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF +Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO +VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 +ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs +8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR +iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze +Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ +XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ +qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB +VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB +L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG +jjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- diff --git a/download/dsf_bpe_1_0_0.tar.gz b/download/dsf_bpe_1_0_0.tar.gz new file mode 100644 index 000000000..fbb3b74ff Binary files /dev/null and b/download/dsf_bpe_1_0_0.tar.gz differ diff --git a/download/dsf_bpe_1_1_0.tar.gz b/download/dsf_bpe_1_1_0.tar.gz new file mode 100644 index 000000000..4fa370d0e Binary files /dev/null and b/download/dsf_bpe_1_1_0.tar.gz differ diff --git a/download/dsf_bpe_1_2_0.tar.gz b/download/dsf_bpe_1_2_0.tar.gz new file mode 100644 index 000000000..10c168766 Binary files /dev/null and b/download/dsf_bpe_1_2_0.tar.gz differ diff --git a/download/dsf_bpe_1_3_0.tar.gz b/download/dsf_bpe_1_3_0.tar.gz new file mode 100644 index 000000000..3362f863e Binary files /dev/null and b/download/dsf_bpe_1_3_0.tar.gz differ diff --git a/download/dsf_bpe_1_3_1.tar.gz b/download/dsf_bpe_1_3_1.tar.gz new file mode 100644 index 000000000..2aa4491a7 Binary files /dev/null and b/download/dsf_bpe_1_3_1.tar.gz differ diff --git a/download/dsf_bpe_1_3_2.tar.gz b/download/dsf_bpe_1_3_2.tar.gz new file mode 100644 index 000000000..34008fd0e Binary files /dev/null and b/download/dsf_bpe_1_3_2.tar.gz differ diff --git a/download/dsf_bpe_1_4_0.tar.gz b/download/dsf_bpe_1_4_0.tar.gz new file mode 100644 index 000000000..1b84fca62 Binary files /dev/null and b/download/dsf_bpe_1_4_0.tar.gz differ diff --git a/download/dsf_bpe_1_5_0.tar.gz b/download/dsf_bpe_1_5_0.tar.gz new file mode 100644 index 000000000..60f117774 Binary files /dev/null and b/download/dsf_bpe_1_5_0.tar.gz differ diff --git a/download/dsf_bpe_1_5_1.tar.gz b/download/dsf_bpe_1_5_1.tar.gz new file mode 100644 index 000000000..eb92deee5 Binary files /dev/null and b/download/dsf_bpe_1_5_1.tar.gz differ diff --git a/download/dsf_bpe_1_5_2.tar.gz b/download/dsf_bpe_1_5_2.tar.gz new file mode 100644 index 000000000..054bf5c54 Binary files /dev/null and b/download/dsf_bpe_1_5_2.tar.gz differ diff --git a/download/dsf_bpe_1_6_0.tar.gz b/download/dsf_bpe_1_6_0.tar.gz new file mode 100644 index 000000000..15e94ff27 Binary files /dev/null and b/download/dsf_bpe_1_6_0.tar.gz differ diff --git a/download/dsf_bpe_1_7_0.tar.gz b/download/dsf_bpe_1_7_0.tar.gz new file mode 100644 index 000000000..268686d0c Binary files /dev/null and b/download/dsf_bpe_1_7_0.tar.gz differ diff --git a/download/dsf_fhir_1_0_0.tar.gz b/download/dsf_fhir_1_0_0.tar.gz new file mode 100644 index 000000000..4b4ebef6d Binary files /dev/null and b/download/dsf_fhir_1_0_0.tar.gz differ diff --git a/download/dsf_fhir_1_1_0.tar.gz b/download/dsf_fhir_1_1_0.tar.gz new file mode 100644 index 000000000..7f05e2002 Binary files /dev/null and b/download/dsf_fhir_1_1_0.tar.gz differ diff --git a/download/dsf_fhir_1_2_0.tar.gz b/download/dsf_fhir_1_2_0.tar.gz new file mode 100644 index 000000000..b79e705d0 Binary files /dev/null and b/download/dsf_fhir_1_2_0.tar.gz differ diff --git a/download/dsf_fhir_1_3_0.tar.gz b/download/dsf_fhir_1_3_0.tar.gz new file mode 100644 index 000000000..897f03d05 Binary files /dev/null and b/download/dsf_fhir_1_3_0.tar.gz differ diff --git a/download/dsf_fhir_1_3_1.tar.gz b/download/dsf_fhir_1_3_1.tar.gz new file mode 100644 index 000000000..263d7470d Binary files /dev/null and b/download/dsf_fhir_1_3_1.tar.gz differ diff --git a/download/dsf_fhir_1_3_2.tar.gz b/download/dsf_fhir_1_3_2.tar.gz new file mode 100644 index 000000000..9e650e9e6 Binary files /dev/null and b/download/dsf_fhir_1_3_2.tar.gz differ diff --git a/download/dsf_fhir_1_4_0.tar.gz b/download/dsf_fhir_1_4_0.tar.gz new file mode 100644 index 000000000..ef7d24b8b Binary files /dev/null and b/download/dsf_fhir_1_4_0.tar.gz differ diff --git a/download/dsf_fhir_1_5_0.tar.gz b/download/dsf_fhir_1_5_0.tar.gz new file mode 100644 index 000000000..7e9c6bc22 Binary files /dev/null and b/download/dsf_fhir_1_5_0.tar.gz differ diff --git a/download/dsf_fhir_1_5_1.tar.gz b/download/dsf_fhir_1_5_1.tar.gz new file mode 100644 index 000000000..511bab7c7 Binary files /dev/null and b/download/dsf_fhir_1_5_1.tar.gz differ diff --git a/download/dsf_fhir_1_5_2.tar.gz b/download/dsf_fhir_1_5_2.tar.gz new file mode 100644 index 000000000..de8a28ff5 Binary files /dev/null and b/download/dsf_fhir_1_5_2.tar.gz differ diff --git a/download/dsf_fhir_1_6_0.tar.gz b/download/dsf_fhir_1_6_0.tar.gz new file mode 100644 index 000000000..d77a98abf Binary files /dev/null and b/download/dsf_fhir_1_6_0.tar.gz differ diff --git a/download/dsf_fhir_1_7_0.tar.gz b/download/dsf_fhir_1_7_0.tar.gz new file mode 100644 index 000000000..1b4c75ee9 Binary files /dev/null and b/download/dsf_fhir_1_7_0.tar.gz differ diff --git a/for-you/index.html b/for-you/index.html new file mode 100644 index 000000000..9ea191dcd --- /dev/null +++ b/for-you/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for your project + + + + + +
    Skip to main content

    DSF for your project

    DSF-TeamAbout 1 min

    Summary

    • Use case agnostic middleware: DSF is adaptable to any distributed process, leveraging BPMN 2.0 and FHIR R4 for secure, efficient data sharing across various biomedical research scenarios.

    • Security: DSF prioritizes security through stringent authentication and authorization protocols, ensuring data is accessed and shared only by authorized organizations to maintain data confidentiality and integrity.

    • Proven in clinical research: Deployed in German university hospitals, DSF's effectiveness and reliability are validated in real-world settings.

    • Implementation guidance: DSF offers resources on how to implement new process plugins.

    Overview of DSF

    The Data Sharing Framework (DSF) is a secure middleware solution designed to facilitate data sharing across different organizations for biomedical research. It utilizes BPMN 2.0 and FHIR R4 standards to support processes such as data extraction, merging, pseudonymization, and provisioning. Funded by the German Federal Ministry of Education and Research as part of the Medical Informatics initiative, the DSF aims to improve data interoperability and security across institutional boundaries.

    Key features and benefits

    Distributed data sharing processes

    DSF enables distributed data sharing by providing each participating site with a FHIR endpoint and a business process engine. This setup ensures that data can be securely shared and processed across different sites, facilitating cross-site data sharing and feasibility analyses.

    Flexibility with data standards

    While DSF primarily uses the FHIR R4 standard to ensure high-quality data exchange, it is designed to be open and adaptable to other data formats. This flexibility allows for a wide range of data types to be incorporated into research projects.

    Security and access control

    Security is a critical component of DSF, which includes robust authentication and authorization protocols. These protocols ensure that data access and sharing are restricted to authorized organizations, maintaining the confidentiality and integrity of the data.

    Deployment in clinical environments

    DSF is already deployed and operational in Data Integration Centers at German university hospitals, demonstrating its applicability and reliability in real-world clinical research settings.

    Getting started with the DSF

    If you're looking to leverage the DSF for your research or you're interested in exploring how it can enhance your data sharing needs, we're here to support you. Visit the Learn how to implement your use case page to start your journey towards integrating the DSF into your research project.

    Should you have any questions or need personalized assistance, don't hesitate to reach out to the DSF core team directly at dsf-gecko@hs-heilbronn.de.

    Embark on your DSF journey today and join a community committed to advancing biomedical research through secure, interoperable data sharing.

    + + + diff --git a/for-you/learn.html b/for-you/learn.html new file mode 100644 index 000000000..e2563fcc1 --- /dev/null +++ b/for-you/learn.html @@ -0,0 +1,41 @@ + + + + + + + + + + How to implement your use-case + + + + + + + + + diff --git a/hackathon/index.html b/hackathon/index.html new file mode 100644 index 000000000..e0c922e8e --- /dev/null +++ b/hackathon/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Hackathon + + + + + +
    Skip to main content

    Hackathon

    DSF-TeamAbout 2 min

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    Hackathon vom 22.10.2024

    Zusammenfassung

    Liebe Community,

    die Modul 2B Projekte FDPG+ und DSF Community möchten Sie herzlich zu einem Hackathon am 22.10.2024 von 10:00-16:00 Uhr einladen.
    Leiten Sie bitte die Einladung an die technischen Kolleg*innen in den DIZ und den DMSt weiter.

    Fokus des Hackathons liegt auf der Erprobung der neuen Machbarkeit und des neuen Datenselektion- und -Extraktionstools (TORCH) im Zusammenspiel mit den DSF Data Sharing Prozessen. Ergänzend wird der FHIR Data Evaluator vorgestellt und Updates zum DSF, dem Feasibility Prozess Plugin und dem Allowlist Management präsentiert.

    Wie üblich sollen die Tools und Prozesse hands-on auf der Testinfrastruktur erprobt und deployed werden, dazu folgen weitere Informationen kurz vor dem Hackathon.

    Vorläufiger Zeitplan:

    10:00-12:30 : Vorstellungen und Updates

    • Vorstellung Datenselektion und Extraktionstool TORCH – FDPG+
    • Vorstellung FHIR Evaluator – FDPG+
    • DSF Updates – DSF Community
    • Feasibility Prozessplugin Updates – DSF Community & FDPG+
    • Allowlist Management Updates – DSF Community

    12:30-14:00 : Mittagspause

    14:00-16:00 : Hands-On

    • Erproben der vorgestellten Tools
    • Datenselektion und Extraktion mit Data Sharing
    • Support und Fragen zum Deployment und Betrieb
    • Wir freuen uns auf Ihre Teilnahme!

    Viele Grüße,
    Julian Gründner und Maximilian Kurscheidt
    für FDPG+ und DSF Community

    Vorbereitung

    In diesem Hackathon ist das Aktualisieren der Systeme ein aktiver Bestandteil und bedarf keiner speziellen Vorbereitung. Für das Testen der Data Sharing Prozesse sollten jedoch einige Voraussetzungen bereits vor dem Termin erfüllt sein.

    Netzwerkfreigaben

    Für den Hackathon werden wir primär die Test-DMS aus Heilbronn verwenden, dafür muss neben der Freigabe zur FDPG auch die Freigabe zum und vom MII-Test-System der HHN vorhanden sein (mii-test.gecko.hs-heilbronn.de).

    In diesem Kontext bietet es sich an, auch die Freigaben für weitere Test-DMSen zu beantragen. Weitere Details dazu befinden sich in der Liste der Firewallregeln im Test-Allowlist-Management-Tool (allowlist-test.gecko.hs-heilbronn.de) unter dem Punkt “Download Allowlist”. Wir planen während des Termins auch mit ausgewählten DIZen erste Funktionstests der Test-DMSen durchzuführen.

    Wir empfehlen auch sicherzustellen, dass Sie Zugriff auf die Weboberfläche Ihres DSF-FHIR-Servers haben.

    FHIR-Store

    Zur Datenausleitung im Kontext des Data Sharing Prozesses werden wir FHIR Bundles mit Testdaten zur Verfügung stellen, die in Form eines FHIR Bundles auf einem FHIR Store gespeichert werden müssen. Dabei kann ein beliebiger FHIR Server (z.B. HAPI FHIR oder Blaze) verwendet werden. Es kann auch der FHIR Server verwendet werden, der z.B. für Feasibility im Testsystem genutzt wird.

    Weitere Details zum Data Sharing Prozess sind hier zu finden:

    https://github.com/medizininformatik-initiative/mii-process-data-sharing/wiki

    Eine Installation kann vor oder während des Hackathons durchgeführt werden.

    Installationshinweise

    ⚠️

    Versionen der unten aufgeführten Tools können sich noch bis zum Hackathon ändern.

    DSF

    Installation oder Update

    Prozessplugins

    Weitere Anwendungen

    Data Sharing Demodaten

    Falls Sie Fragen zum Hackathon oder der Installation des DSF haben, melden Sie sich gerne über den DSF-Community Zulip-Channel oder dsf-gecko@hs-heilbronn.de.

    + + + diff --git a/index.html b/index.html new file mode 100644 index 000000000..e0d9c44e7 --- /dev/null +++ b/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Data Sharing Framework + + + + + +
    Skip to main content
    Data Sharing Framework

    Data Sharing Framework

    A performant, secure, and innovative framework that enables biomedical researchers to extract value from routine data.

    Introduction

    Introduction to the DSF and informations about Use-Cases/Projects.

    Get Started

    Get technical insights and install the DSF | Develop Process Plugins.

    About Us

    Contact, partners, the team behind the DSF and more... Join our community!

    GitHub

    Take a look at the open-source reference implementation.

    Data Sharing Framework

    The Data Sharing Framework (DSF) is a concept for a secure middleware to distribute data sharing processes based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed organizations. Every participating site runs a FHIR endpoint accessible by other sites and a business process engine in the local secured network. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing or feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organizational boundaries. The secure communication infrastructure is funded by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.

    DSF concept
    DSF concept

    Rolf Hansen Memorial Award 2023 goes to Hauke Hund

    We are very pleased to have won the Rolf Hansen Memorial Award at EFMI MIE 2023 in Gothenburg. The Rolf Hansen Memorial Award is presented annually by the European Federation for Medical Informatics (EFMI) for an outstanding paper as well as for an excellent presentation. It is named after Rolf Hansen (1931-1993), a well-known Norwegian medical informatician and former president of EFMI. Hauke Hund presented his Paper: No Transfer Without Validation: A Data Sharing Framework Use Case in May at the EFMI MIE. doi:10.3233/SHTI230066

    Feel free to contact us via dsf-gecko@hs-heilbronn.de and we will take care of your request as soon as possible.

    + + + diff --git a/intro/index.html b/intro/index.html new file mode 100644 index 000000000..6c17c15aa --- /dev/null +++ b/intro/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Documentation + + + + + + + + + diff --git a/intro/info/allowList.html b/intro/info/allowList.html new file mode 100644 index 000000000..b34ef0b90 --- /dev/null +++ b/intro/info/allowList.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow Lists + + + + + +
    Skip to main content

    Allow Lists

    DSF-TeamLess than 1 minute

    Goal

    The main objective is to allow only authorized organizations to do what "we" allow them to do (e.g. query data).
    First, we need a list of organizations that we trust. Secondly, we need a way to ensure that the other party is a member of the parent organization. Thirdly, a list of actions we want to allow the organization to perform is needed. An organization can have different roles in different use cases.

    The Allow List consists of Organization-, Endpoint- and OrganisationAffiliation- resources. With these resources the allow list defines communication partners and and parent organizations like research consortia and groups as well as the roles of each organization. Each DSF FHIR server stores their own allow list. To make sure that processes can be executed, parties must allow access via their allow list.

    Architecture
    Architecture

    Allow List Managment

    Here you can read all the information if you want to create or update an Allow List.

    Feel free to contact us via E-Mail (dsf-gecko@hs-heilbronn.de) and we will take care of your request as soon as possible.

    + + + diff --git a/intro/info/architecture.html b/intro/info/architecture.html new file mode 100644 index 000000000..b40d2d579 --- /dev/null +++ b/intro/info/architecture.html @@ -0,0 +1,41 @@ + + + + + + + + + + Architecture + + + + + +
    Skip to main content

    Architecture

    DSF-TeamAbout 2 min

    The Data Sharing Framework implements a distributed business process engine based on the BPMN 2.0 and FHIR R4 standards. Every participating organisation (e.g. ORG. A) runs a FHIR endpoint accessible by other sites and a business process engine (BPE) in the local secured network. Once the DSF has been installed in an organisation, it can be used for multiple use cases.

    Simplified DSF Architecture
    Simplified DSF Architecture

    The following architecture diagram also shows three organisations, each of which has installed the DSF. The FHIR endpoint (green) is located in a demilitarised zone (DMZ) and is accessible from outside for communication with other organisations. It can be compared to a mailbox. The Business Process Engine (BPE - blue) is located in the intranet of an organisation and is responsible for the execution of processes. The metaphor: control centre helps here.

    DSF Architecture
    DSF Architecture

    DSF FHIR Server 📫

    As mentioned above, the externally accessible DSF FHIR server acts as a mailbox for communication. This means that an organisation creates a task resource in its DSF and drops the task resource (letters) into the mailbox of another organisation, requesting that something happen. Task resources have been explained in more detail in the section Basics and Standards.
    It is important to understand that the DSF FHIR server is not used for persisting medical data.

    DSF FHIR Server
    DSF FHIR Server

    Business Process Engine (BPE)

    The BPE located in the secure internal network executes the processes (BPMN/Java). The BPE is deployed in the internal network and has access to the local systems, such as the organisation's own FHIR server, on which medical data is stored. These FHIR servers are not to be confused with the DSF FHIR server, on which no medical data is persisted.
    Different processes can be executed simultaneously. For this, only a new process plugin file has to be added and configured. More about this in the Process Plugins.

    BPE
    BPE

    The DSF BPE uses websocket (WSS) and webservice (HTTPS) connections to communicate with the DSF FHIR server. FHIR resources are created, read, updated and deleted via HTTP requests against the FHIR webservice API. The FHIR subscription mechanism is used to communicate Task resources with status 'requested' and QuestionnaireResponse resources with status 'completed' to the BPE via websockets. When the BPE starts and before the websocket connections are established, 'requested' Task resources and 'completed' QuestionnaireResponse not seen by the BPE are read via webservice requests.

    Flexible Deployment

    The deployment of the architecture is flexible. The organisations can be deployed as a star schema (left) or as a mesh schema (right). In the Star schema (left), all Data Integration Centres (DIC) are connected to a central node (CRR - Central Research Repository), which transfers the information to all nodes (DIC). For security reasons, a data transfer hub (DTH) is connected upstream, which provides additional security so that the medical data is never transferred together with the authenticating data.

    In the mesh scheme (right), the nodes (DIC) are all directly connected to each other and the information is transferred from node to node. Here in the FDPG (Forschungsdatenportal - Research Data Portal), the data can then be accessed for research purposes. More about this here.

    Star schema Mesh schema

    Network Setup & Additional Reverse Proxy in external DMZ

    You can find more information about the network setup here

    + + + diff --git a/intro/info/basics.html b/intro/info/basics.html new file mode 100644 index 000000000..7597cefe6 --- /dev/null +++ b/intro/info/basics.html @@ -0,0 +1,41 @@ + + + + + + + + + + Basics and Standards + + + + + +
    Skip to main content

    Basics and Standards

    DSF-TeamAbout 3 min

    Here you can find some basic information about interoperability and the standards were using within the DSF before we go into details about the architecture. Here we only describe how the standards (FHIR and BPMN) are used within the DSF. If you want to gain a deeper knowledge of the standards, we recommend visiting these websites: HL7 FHIR and BPMN

    Interoperability

    Interoperability is the ability of different systems to work together as seamlessly as possible. We can divide interoperability into four levels.

    • The foundational level defines the basic interconnectivity requirements which are necessary for a system or application to securely transmit data to and receive data from another system or application. Techniques such as HTTPS or REST are used for this.
    • The second level is the structural level. It defines the format and the syntax of the data exchange. Therefore, data formats like JSON or XML can be used.
    • The semantic level ensures the correct interpretation of the contents of the exchanged data between the different systems. Therefore, information models as FHIR or CDA or medical terminology systems like SNOMED CT or ICD can be used.
    • The final level, the organizational level, includes policy, social, legal and organizational aspects that enable secure, seamless and timely communication and use of data both within and between organizations. And importantly, these components enable shared consent, trust and integrated end-user processes and workflows.
    Levels of interoperability
    Levels of interoperability

    HL7 FHIR 🔥

    HL7 FHIR is a standard for data exchange that can be used as an information model for communication within and between systems. The standard is based on resources, references and profiles. With this concept, FHIR offers interoperability out of the box. The resources describe data formats. 150 specified resources cover the entire health system. An example of a resource would be a patient, which consists of data such as name or gender. These resources can refer to other resources by means of references. This connects the information units into a network. For seamless exchange of information, FHIR supports RESTful architectures and web standards such as XML or JSON, which makes it easier for developers to use FHIR.
    The FHIR profiles can be understood as a set of rules. They explain, for example, which attributes must be mandatorily specified or which terminology may be used. In addition, profiles and controlled vocabulary can be validated.

    BPMN

    Business Process Modelling Notation is a modelling language that can be used to model and implement processes. The models can be used for the documentation of processes and for communication between different stakeholders. Furthermore, BPMN forms a standardised bridge between process design and process implementation. This is because it simplifies implementation. These processes are executed by a Business Process Engine. Basically, a BPE is a server that can read and execute the business process. More about this in the section on architecture.

    Example of a BPMN model (Ping-Pong-Process of the DSF)
    Example of a BPMN model (Ping-Pong-Process of the DSF)

    Why are we using FHIR and BPMN?

    On the one hand we use FHIR because of the mentioned benefits. On the other hand FHIR fits great with BPMN and these two in combination are a great fit for what we do:
    Execute distributed data sharing Processes.

    We do not need all 150 FHIR resources. The following FHIR resources are the ones we need and have implemented: ActivityDefinition, Binary, Bundle, CodeSystem, DocumentReference, Endpoint, Group, Library, Measure, MeasureReport, NamingSystem, Organization, Questionnaire, QuestionnaireResponse, ResearchStudy, StructureDefinition, Subscription, Task and ValueSet.

    Don't worry, it is not important to understand them all now. But to understand why we use FHIR and BPMN, it is important to look at the ActivityDefinition and TaskResources on the FHIR side and the Message Events on the BPMN side.
    In the following picture you can see parts of BPMN. These Message Events enable the communication between different organizations. Every time there is a Message Event between two business processes, there is a corresponding TaskResource on the FHIR side. When one organization sends a message for example “do some work” to another organization or when we send a message to ourselves to start or continue a process, we do this by creating a FHIR TaskResource with the status “requested”. After that the Business Process Engine starts the work and the status switches to “in-progress” and if the work is done to “completed” or if there is a problem to “failed”.

    The ActivityDefinition is needed to publish what can be done in an instance. That means the ActivityDefinition contains the process description with the authorisation who is allowed to send a message.

    BPMN MessageEvents
    BPMN MessageEvents
    + + + diff --git a/intro/info/index.html b/intro/info/index.html new file mode 100644 index 000000000..864ec4b53 --- /dev/null +++ b/intro/info/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Info + + + + + + + + + diff --git a/intro/info/introduction.html b/intro/info/introduction.html new file mode 100644 index 000000000..3c1ee6e73 --- /dev/null +++ b/intro/info/introduction.html @@ -0,0 +1,41 @@ + + + + + + + + + + Introduction + + + + + +
    Skip to main content

    Introduction

    DSF-TeamAbout 1 min

    The German Federal Ministry of Education and Research is funding the Medical Informatics Initiative with the aim of making routine data available digitally, reliably and quickly for medical research. University hospitals have founded consortia with partners such as research institutions and other companies to create the conditions for research and patient care to share their data across sites. Data Integration Centers (DIC) have been established at the university hospitals and partner institutions to create the technical and organizational conditions for data exchange between patient care and medical research.

    The Data Sharing Framework (DSF) was developed within the HiGHmed consortium of the Medical Informatics Initiative and is now funded as an independent project by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.

    The DSF is a concept for a secure middleware to distribute data sharing processes, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed DICs. A researcher can use the DSF for example to submit feasibility queries to several DICs and thus has the opportunity to obtain sufficient data from different locations for his or her research. By using international standards such as FHIR and BPMN 2.0, the problem of heterogeneous data models, primary systems, architectures and federated legislation between DICs can be solved. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organisational boundaries.

    DSF concept
    DSF concept

    The DSF is a secure communication infrastructure, that (1) scales with communication relationships, (2) orchestrates processes and instances, (3) separates execution logic from program code, (4) enables automated and user-centeric process steps ​(5) and can be used for heterogeny structures.

    Federated data exchange between distributed DICs (CRP=Central Research Portal, DMU=Data Management Unit)
    Federated data exchange between distributed DICs (CRP=Central Research Portal, DMU=Data Management Unit)
    + + + diff --git a/intro/info/networkSetup.html b/intro/info/networkSetup.html new file mode 100644 index 000000000..8152d4205 --- /dev/null +++ b/intro/info/networkSetup.html @@ -0,0 +1,41 @@ + + + + + + + + + + Network Setup and General Architecture + + + + + +
    Skip to main content

    Network Setup and General Architecture

    DSF-TeamAbout 2 min

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    Network Setup Diagramm
    Network Setup Diagramm
    • FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.
    • FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server
    • FHIR DB Server: PostgreSQL database for the FHIR App Server.
    • BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.
    • BPE DB Server: PostgreSQL database for the BPE App Server.
    • PDP: IHE Policy Decision Point for deciding on patient consent.
    • MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).
    • MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.
    • Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.

    More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates

    Additional Reverse Proxy in external DMZ

    In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.

    Network Setup Diagramm
    Network Setup Diagramm
    + + + diff --git a/intro/info/process-plugins.html b/intro/info/process-plugins.html new file mode 100644 index 000000000..1a2bd20e1 --- /dev/null +++ b/intro/info/process-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins + + + + + +
    Skip to main content

    Process Plugins

    DSF-TeamAbout 2 min

    Overview

    It is important to understand that the DSF is only the silent helper in the background: a middleware. The DSF is use case agnostic. This means that process plugins make it possible to execute almost any use case you can imagine with the DSF. Process plugins provide individual functionality. For example, it is possible to use the Ping Pong process to test bilateral communication or the Feasibility process to perform feasibility queries for research.
    However, it is possible to deploy several process plugins together, even the same process plugin in different versions. A process plugin is basically an archive of BPMN 2.0 models, FHIR R4 resources and Java code. This process plugin is deployed as a Jar file on the BPE.

    BPMN: Example

    BPMN models can be created with Camunda Modeler. The following model is a BPMN model consisting of two lanes: These are the square boxes, i.e. Organization A and B. This process is intended only as an example to illustrate the formalities. We will look at realistic processes in the next chapter.

    BPMN: Example
    BPMN: Example

    Ping Pong Process

    The ping process plugin can be used for (periodic) connection testing between organizations that are part of your DSF allow list. The following figure shows a representation of the process.

    Ping-Pong Process
    Ping-Pong Process

    The ping pong process is composed of 3 different subprocesses:

    Autostart Ping Process

    The autostart ping process is used to execute connection tests in a predefined interval. This subprocess performs the following steps:

    • Start a timer with a predefined interval (default 24 h)
    • Start the ping process once per interval
    • Stop the timer after the current interval completes

    Ping Process

    The ping process is used to check outgoing and incoming connections to organizations in your allow-list. This subprocess performs the following steps:

    • Select organizations in your allow list that should receive a ping message
    • Send ping message to selected organizations
    • Receive pong message from selected organizations
    • Log status of ping/pong messages
    • Log errors if any occur

    Pong Process

    The pong process is used to send a response during the connection test to the requesting organization. This subprocess performs the following steps:

    • Receive ping message from requesting organizations
    • Send pong message to requesting organizations
    • Log status of ping/pong message
    • Log errors if any occur
    + + + diff --git a/intro/info/security.html b/intro/info/security.html new file mode 100644 index 000000000..f5fb5d4f0 --- /dev/null +++ b/intro/info/security.html @@ -0,0 +1,41 @@ + + + + + + + + + + Security by Design + + + + + +
    Skip to main content

    Security by Design

    DSF-TeamAbout 2 min

    Basics Security

    The open-source Data Sharing Framework is EU-GDPR compliant and meets the highest security standards by design. DSF FHIR servers only accept certain FHIR resources from internal systems/administrators (e.g. tasks, binary resources...). In addition, the communication partners are defined via Allow Lists. This means that an organisation can only communicate with organisations that are included in the allow list of approved organisations of the participating organisations. More information about allow lists can be found in the next chapter.
    For transport encryption, the TLS protocol is used. Secure Web Socket (WSS) connections provide security for the connection between the DSF FHIR server (DMZ) and the BPE (internal network). In addition, the DSF is being actively developed and there is an excellent community, both of which guarantee fast security patches.

    Authentication

    Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.

    A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf

    More information about client and server certificates can be found here.

    Certificate Requests 🔒

    FHIR Endpoint

    Server certificates are used to authenticate the FHIR endpoint on the local network and to other organisations

    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: Web Server
      • D-Trust via TMF e.V.: Advanced SSL ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from other organizations (external FQDN)
    • Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)

    More information: Parameters FHIR Server

    Business Process Engine Server

    Client certificates are used to authenticate against remote FHIR endpoints (when either the BPE server or the FHIR endpoint server acts as the client).
    In addition, client certificates are used to authenticate the Business Process Engine server on the local network.

    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: 802.1X Client
      • D-Trust via TMF e.V.: Basic Team ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from the local network (local FQDN)

    More information: Parameters BPE Server

    + + + diff --git a/intro/publications.html b/intro/publications.html new file mode 100644 index 000000000..561304f13 --- /dev/null +++ b/intro/publications.html @@ -0,0 +1,41 @@ + + + + + + + + + + Publications and Talks + + + + + +
    Skip to main content

    Publications and Talks

    DSF-TeamAbout 1 min

    Publications

    • H. Hund, R. Wettstein, C.M. Heidt, C. Fegeler, Executing Distributed Healthcare and Research Processes – The HiGHmed Data Sharing Framework, Stud Health Technol Inform, 278 (2021) 126-133, doi:10.3233/SHTI210060

    • R. Wettstein, H. Hund, I. Kobylinski, C. Fegeler, O. Heinze, Feasibility Queries in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 278 (2021) 134-141, doi:10.3233/SHTI210061

    • C.M. Heidt, H. Hund, C. Fegeler, A Federated Record Linkage Algorithm for Secure Medical Data Sharing, Stud Health Technol Inform, 278 (2021) 142-149, doi:10.3233/SHTI210062

    • R. Wettstein, H. Hund, C. Fegeler, O. Heinze, Data Sharing in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 283 (2021) 111-118, doi:10.3233/SHTI210548

    • H.-U. Prokosch, T. Bahls, M. Bialke, J. Eils, C. Fegeler, J. Gruendner, B. Haarbrandt, C. Hampf, W. Hoffmann, H. Hund, et al. The COVID-19 Data Exchange Platform of the German University Medicine, Stud Health Technol Inform, 294 (2022) 674-678, doi:10.3233/SHTI220554

    • R. Wettstein, T. Kussel, H. Hund, C. Fegeler, M. Dugas, K. Hamacher, Secure Multi-Party Computation Based Distributed Feasibility Queries – A HiGHmed Use Case, Stud Health Technol Inform, 296 (2022) 41-49, doi:10.3233/SHTI220802

    • C. Zilske, M. Kurscheidt, S.T. Schweizer, H. Hund, S. Mödinger, C. Fegeler, Monitoring Distributed Business Processes in Biomedical Research, Stud Health Technol Inform, 302 (2023) 252-256, doi:10.3233/SHTI230113

    • H. Hund, R. Wettstein, C. Hampf, M. Bialke, M. Kurscheidt, S.T. Schweizer, C. Zilske, S. Mödinger, C. Fegeler, No Transfer Without Validation: A Data Sharing Framework Use Case, Stud Health Technol Inform, 302 (2023) 68-72, doi:10.3233/SHTI230066

    • H. Hund, R. Wettstein, M. Kurscheidt, S.T. Schweizer, C. Zilske, C. Fegeler, Interoperability Is a Process- The Data Sharing Framework, Stud Health Technol Inform, 310 (2024) 28-32, doi:10.3233/SHTI230921

    • S.T. Schweizer, H. Hund, M. Kurscheidt, C. Zilske, J.P. Böhringer, C. Fegeler, Handling Complexity in Decentralized Research Networks: The Data Sharing Framework Allowlist Management Application, Stud Health Technol Inform, 317 (2024) 85-93, doi:10.3233/SHTI240841

    Recorded Talks

    GMDS Conference 2022

    GMDS Conference 2020

    + + + diff --git a/intro/tutorials/GMDS2022-dev.html b/intro/tutorials/GMDS2022-dev.html new file mode 100644 index 000000000..4188c3b4c --- /dev/null +++ b/intro/tutorials/GMDS2022-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + GMDS2022 - Process Development + + + + + + + + + diff --git a/intro/tutorials/MIE2023.html b/intro/tutorials/MIE2023.html new file mode 100644 index 000000000..f6da628f8 --- /dev/null +++ b/intro/tutorials/MIE2023.html @@ -0,0 +1,41 @@ + + + + + + + + + + MIE May 2023 + + + + + +
    Skip to main content

    MIE May 2023

    DSF-TeamAbout 2 min

    Abstract

    With this tutorial, participants will gain a detailed insight into the Data Sharing Framework (DSF) (https://github.com/highmed/highmed-dsf). The open source DSF enables users to execute biomedical research and healthcare delivery processes across organizations, and the tutorial will demonstrate this with examples from the German Medical Informatics Initiative (MII) (https://www.medizininformatik-initiative.de/en/start) funded by the Federal Ministry of Education and Research (BMBF). The tutorial will cover fundamental concepts of distributed processes, the DSFs architecture and key standards such as HL7 FHIR and BPMN 2.0. Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization will be covered, as well as guidance on using the DSF for other use cases. This tutorial is designed for those involved in distributed research projects, including project members and software developers, as well as individuals interested in multi-organizational research projects.

    Topic

    The use of real-world data collected by healthcare providers for bio-medical research requires the data to be available and accessible. This is especially important when considering the usage of data across organizations. Distributed processes such as feasibility studies, record linkage, and data sharing need to be established for effective consolidation and analysis.
    While even multi-center retrospective studies using real-world data become commonplace, maintaining infrastructure components for every project conducted is not sustainable. To address this, the Data Sharing Framework (DSF) was developed as an open source, use case independent distributed business process engine to execute cross-organizational research and healthcare delivery processes.

    The tutorial will cover the fundamental concepts of distributed processes and will provide an overview of the DSF's architecture and key standards such as HL7 FHIR and BPMN 2.0 that are used in the framework. The tutorial will present real-world examples to illustrate the DSFs capabilities and delve into specific issues the DSF addresses for the German Medical Informatics Initiative (MII).

    Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization, onboarding of new organizations and guidance on using the DSF for other use cases, such as specific research projects or new infrastructure developments, will be covered.
    Finally, the tutorial will present lessons learned from the last years of using the DSF in test and production environments in multiple research consortia and will present ideas for future improvements based on feedback from end-users, process developers, project managers and administrative staff.

    Target Group

    Decision makers and project members with data sharing ideas looking for an architecture, as well as medical informatics professionals and software developers tasked with building multi-centric data sharing applications, are the target audience for this tutorial.

    What you need

    You need a laptop with a web browser for the hands-on portion of the tutorial.

    What you will learn

    You will...

    • … gain knowledge on various distributed processes specific to bio-medical research.
    • … understand the unique challenges and considerations from the German MII resulting in the design and architecture of the DSF.
    • … be introduced to the key concepts of the DSF and the various contexts in which it can be applied.
    • … learn how to evaluate if the DSF is appropriate for their particular project or application your planning.
    • … understand the difficulties that can occur when implementing distributed processes, as well as strategies for addressing them.
    + + + diff --git a/intro/tutorials/Talks.html b/intro/tutorials/Talks.html new file mode 100644 index 000000000..17e93ea82 --- /dev/null +++ b/intro/tutorials/Talks.html @@ -0,0 +1,41 @@ + + + + + + + + + + Recorded talks + + + + + + + + + diff --git a/intro/tutorials/index.html b/intro/tutorials/index.html new file mode 100644 index 000000000..ffc706423 --- /dev/null +++ b/intro/tutorials/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Tutorials + + + + + + + + + diff --git a/intro/use-cases/feasibility.html b/intro/use-cases/feasibility.html new file mode 100644 index 000000000..9573ed4bf --- /dev/null +++ b/intro/use-cases/feasibility.html @@ -0,0 +1,41 @@ + + + + + + + + + + Feasibility + + + + + +
    Skip to main content

    Feasibility

    DSF-TeamAbout 1 min

    Overview

    Funded by the German Federal Ministry of Research and Education, 25 sites have installed the DSF to execute the Feasibility process. To perform feasibility queries, a researcher can register and query data on the FDPG (Forschungsdaten Portal für Gesundheit - Research Data Portal) website. Basic data of hospitalizations of over 8 million patients with over 40 million diagnoses and much more such as laboratory values or drug prescriptions are available. After a successful query, the data is made available in standardized FHIR format. Further information can be found in the flyer.

    The Feasibility Process

    Medical routine data holds great promise for advancing research, yet its integration into a research context poses significant challenges. To address this, Medical Data Integration Centers have been established, by the medical informatics initiative to consolidate data from primary information systems into a central repository. However, relying on data from only one organization is rarely sufficient to answer complex research questions, so merging data across institutional boundaries is necessary.

    To enable researchers to leverage this integrated data for specific research projects, there is a critical need for the ability to query cohort sizes across institutions. The feasibility process allows researchers to conduct automated and distributed feasibility queries, i.e., cohort size estimates. This process is executed according to the open standard BPMN 2.0, the underlying process data model is based on HL7 FHIR R4 resources.

    Technical Information

    + + + diff --git a/intro/use-cases/index.html b/intro/use-cases/index.html new file mode 100644 index 000000000..9ffb68061 --- /dev/null +++ b/intro/use-cases/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Use-Cases + + + + + + + + + diff --git a/intro/use-cases/num.html b/intro/use-cases/num.html new file mode 100644 index 000000000..6549ce684 --- /dev/null +++ b/intro/use-cases/num.html @@ -0,0 +1,41 @@ + + + + + + + + + + Network University Medicine + + + + + +
    Skip to main content

    Network University Medicine

    DSF-TeamLess than 1 minute

    The Network University Medicine was established in April 2020 as part of the COVID-19 pandemic crisis management. The aim of the NUM is to better coordinate COVID-19 research at all 36 university hospitals in Germany.'

    As part of the CODEX | COVID-19 Data Exchange Platform project, a nationwide, uniform, privacy-compliant infrastructure for storing and providing COVID-19 research datasets was established. Since 2022, the work continues within the project NUM RDP. All 36 university hospitals have installed the DSF to share Covid-19 research data.

    The Data Transfer Process

    The Data Transfer Process is used in NUM CODEX to send data from a Data Integration Center (DIC), via the Gecco Transfer Hub (GTH), to the Central Research Repository (CRR). The infrastructure and communincation messages on which the process is based can be seen in the following figure. All organizations use the Data Sharing Framework (DSF) for deployment and execution of the process.

    More technical information can be found on GitHub.

    + + + diff --git a/oldstable/build/build.html b/oldstable/build/build.html new file mode 100644 index 000000000..9d7adc958 --- /dev/null +++ b/oldstable/build/build.html @@ -0,0 +1,51 @@ + + + + + + + + + + Build and Test + + + + + +
    Skip to main content

    Build and Test

    DSF-TeamAbout 2 min

    Build Project

    Prerequisite: Java 11, Maven 3.6, Docker

    mvn install

    Manual Integration Testing (without Docker)

    Prerequisite: Java 11, Maven 3.6, PostgreSQL 11

    • Build the entire project from the root directory of the repository
      mvn install
    • Install PostgreSQL 11 (localhost:5432)
    • Add DB User liquibase_user
      CREATE USER liquibase_user WITH LOGIN NOSUPERUSER INHERIT CREATEDB CREATEROLE NOREPLICATION
+PASSWORD 'fLp6ZSd5QrMAkGZMjxqXjmcWrTfa3Dn8fA57h92Y';
    • Create Databases fhir and bpe with owner liquibase_user
      CREATE DATABASE bpe OWNER liquibase_user;
+CREATE DATABASE fhir OWNER liquibase_user;
    • Start org.highmed.dsf.fhir.FhirJettyServerHttps from your IDE with execution folder: .../highmed-dsf/dsf-fhir/dsf-fhir-server-jetty
    • Start org.highmed.dsf.bpe.BpeJettyServerHttps from your IDE with execition folder: .../highmed-dsf/dsf-bpe/dsf-bpe-server-jetty
    • To access the FHIR endpoint (https://localhost:8001/fhir/...) and BPE rest interface (https://localhost:8002/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for "Webbrowser Test User" and the "Test CA" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.

    Manual Integration Testing (local with Docker)

    Prerequisite: Java 11, Maven 3.6, Docker 18

    • Build the entire project from the root directory of this repository
      mvn install
    • Build docker images
      • Windows: in the .../dsf-docker-test-setup folder execute
        docker-build.bat
      • Unix/Linux: in the .../dsf-docker-test-setup folder execute
        docker-build.sh
    • Start docker containers
      • To start the FHIR server execute in the .../dsf-docker-test-setup/fhir folder
        dev:
+docker-compose up
+
+prod: 
+docker-compose -f docker-compose.yml -f docker-compose.prod.yml up
      • To start the BPE server execute in the .../dsf-docker-test-setup/bpe folder
        dev:
+docker-compose up
+    
+prod: 
+docker-compose -f docker-compose.yml -f docker-compose.prod.yml up
    • To access the FHIR endpoint (https://localhost/fhir/...) and BPE rest interface (https://localhost:8443/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for "Webbrowser Test User" and the "Test CA" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.

    Troubleshooting

    • If you run in docker network troubles, clean up your network using docker network ls -q | xargs docker network rm
    • In production: if the warning Service "db" is using volume "/var/lib/postgresql/data" from the previous container appears, run the command
      docker-compose down -v
      before starting the containers.

    Manual Integration Testing (VMs for Docker-Registry, 3 MeDICs, TTP)

    • For hints on setting up 5 Ubuntu VMs with Docker running on a Windows 10 host with Hyper-V and Ansible see test_setup_windows.txt
    • For hints on setting up 5 Ubuntu VMs with Docker running on a MacOS Catalina host with VirtualBox and Ansible see test_setup_macos.txt

    Starting the Processes

    Each process contains an ExampleStarter which creates FHIR resources and sends them to a designated FHIR-Endpoint in order to start the corresponding process in the Manual Integration Test Setup. The same client certificate can be used as above: .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

    The following configuration is needed:

    • The path to the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PATH or args[0] has to be set
    • The password of the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PASSWORD or args[1] has to be set
    + + + diff --git a/oldstable/build/index.html b/oldstable/build/index.html new file mode 100644 index 000000000..423263f4d --- /dev/null +++ b/oldstable/build/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Build and Test + + + + + + + + + diff --git a/oldstable/build/proxyTestTool.html b/oldstable/build/proxyTestTool.html new file mode 100644 index 000000000..2ecab07fd --- /dev/null +++ b/oldstable/build/proxyTestTool.html @@ -0,0 +1,41 @@ + + + + + + + + + + Proxy Test Tool + + + + + +
    Skip to main content

    Proxy Test Tool

    DSF-TeamLess than 1 minute

    If the BPE will be deployed behind a proxy, you can test the internet access of the BPE using the tool in dsf-tools/dsf-tools-proxy-test.

    The proxy test jar takes three input variables:

    The proxy password will be asked as command line input. The name of the main class is ProxyTest.

    + + + diff --git a/oldstable/build/releaseANewVersion.html b/oldstable/build/releaseANewVersion.html new file mode 100644 index 000000000..81243c1fd --- /dev/null +++ b/oldstable/build/releaseANewVersion.html @@ -0,0 +1,41 @@ + + + + + + + + + + Release a new version + + + + + +
    Skip to main content

    Release a new version

    DSF-TeamLess than 1 minute

    Release a new final version

    1. Write release notes
    2. Create new release/x.y.z branch from develop
    3. Remove -SNAPSHOT from version in pom.xml files
    4. Change status from draft to active and update dates, verify versions in FHIR resources
    5. Update version and date-released in CITATION.cff
    6. Push branch release/x.y.z
    7. Create pull request (release/x.y.z -> main)
    8. Build maven
    9. Build docker images and run manual tests in 3MeDIC/TTP test setup
    10. Execute trivy and check CVEs for the docker images
    11. Merge release/x.y.z into main
    12. Git tag main branch
    13. Push main branch (including Git tag)
    14. Build maven
    15. Run multi-arch docker build (including push)
    16. Update release notes with docker links, check Git tag
    17. Publish release notes
    18. Create 'start next development cycle' issue and branch
    19. Merge main into issue branch
    20. Increase version
    21. Merge next development cycle issue branch into develop via PR

    Release a new candidate version

    1. Write release notes
    2. Create new release/x.y.z-RC# branch from develop
    3. Replace -SNAPSHOT in versions with -RC# in pom.xml files
    4. Change status from draft to active and update dates, verify versions in FHIR resources
    5. Update version and date-released in CITATION.cff
    6. Git tag release/x.y.z-RC# branch
    7. Build maven
    8. Build docker images and run manual tests in 3MeDIC/TTP test setup
    9. Execute trivy and check CVEs for the docker images
    10. Push release/x.y.z-RC# branch (including Git tag)
    11. Run multi-arch docker build (including push)
    12. Update release notes with docker links, check Git tag
    13. Publish release notes
    + + + diff --git a/oldstable/code/addingANewFhirR.html b/oldstable/code/addingANewFhirR.html new file mode 100644 index 000000000..8c8591e7e --- /dev/null +++ b/oldstable/code/addingANewFhirR.html @@ -0,0 +1,41 @@ + + + + + + + + + + Adding FHIR Resources + + + + + +
    Skip to main content

    Adding FHIR Resources

    DSF-TeamAbout 2 min

    This wiki entry walks through the steps to add a new FHIR resource to the server

    Database

    • dsf-fhir-server > resources > db copy/past one file and change content to new resource (don't forget to allow permanent deletes like in db.questionnaires.changelog-0.6.0.xml)
    • dsf-fhir-server > resources > db > db.changelog.xml include new generated db changelog file (are in alphabetic order)
    • dsf-fhir-server > resources > db > trigger_functions copy/paste existing functions for insert/update triggers and change content to new resource
    • dsf-fhir-server > resources > db > db.read_access.changelog.xml include new generated functions for insert/update triggers (are in alphabetic order)

    JSON/XML Adapter

    • dsf-fhir-rest-adapter > java copy/paste existing adapter for json/xml/html and change content to new resource
    • dsf-fhir-webservice-client > java > FhirWebserviceClientJersey.javaregister generated json/xml (not html) adapters according to existing registrations (are in alphabetic order)

    DAO

    • dsf-fhir-server > java > dao copy/paste dao interface and change content to new resource
    • dsf-fhir-server > java > search > parameters copy/paste a search parameter class based on type of the parameter (extends abstract search parameter type) and change content to new resource (existing search parameters can be found on the resources specification website)
    • dsf-fhir-server > java > search > parameters > rev > include copy/paste rev include class and adapt content to resource to be rev included
    • dsf-fhir-server > java > search > parameters > user copy/paste a search user filter class and adapt content to new resource
    • dsf-fhir-server > java > dao > jdbc copy/paste dao jdbc class and adapt content (add search user filter and parameter)
    • dsf-fhir-server > java > spring > config > DaoConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order) and add it in the `daoProvider()´ method
    • dsf-fhir-server > java > spring > config > EventConfig.java add the new created bean from the DaoConfig to the MatcherFactory according to existing dao's (are in alphabetic order)
    • dsf-fhir-server > java > dao > provider > DaoProvider.java add a method similar to the existing one
    • dsf-fhir-server > java > dao > provider > DaoProviderImpl.java adapt the class according to the other resource and implement the method similar to the existing one

    Resolve Resource References if needed

    • dsf-fhir-rest-adapter > java > service > ReferenceExtractor.java add a method similar to the existing ones
    • dsf-fhir-rest-adapter > java > service > ReferenceExtractorImpl.java implement the method similar to the existing ones

    Authorization

    • dsf-fhir-server > java > authorization copy/paste class and change content to new resource
    • dsf-fhir-server > java > spring > config > AuthorizationConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order) and add it in the authorizationRuleProvider() and the binaryAuthorizationRule() method

    Webservice

    • dsf-fhir-server > java > webservice > specification copy/paste interface and change content to new resource
    • dsf-fhir-server > java > webservice > impl copy/paste class and change content to new resource
    • dsf-fhir-server > java > webservice > jaxrs copy/paste class and change content to new resource
    • dsf-fhir-server > java > webservice > secure copy/paste class and change content to new resource
    • dsf-fhir-server > java > webservice > impl > ConformanceServiceImpl add new Resource to list and add Search Parameter created above
    • dsf-fhir-server > java > spring > config > WebserviceConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order)

    Test

    • dsf-fhir-server > test-java > dao copy/paste class and change tests to new resource
    • dsf-fhir-server > test-java > integration copy/paste class and change tests to new resource and above create search parameters
    + + + diff --git a/oldstable/code/addingANewMpiClient.html b/oldstable/code/addingANewMpiClient.html new file mode 100644 index 000000000..5f96b34e7 --- /dev/null +++ b/oldstable/code/addingANewMpiClient.html @@ -0,0 +1,41 @@ + + + + + + + + + + Adding MPI Clients + + + + + +
    Skip to main content

    Adding MPI Clients

    DSF-TeamLess than 1 minute

    The Master Patient Index (MPI) client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.mpi.webservice.factory.class and loaded using a service loader, which searches for a class of type MasterPatientIndexClientFactory on startup of the BPE.

    The framework currently includes an MPI client using the IHE PDQ interface, also supporting client certificate authentication. To use it, add the jar of the dsf-mpi-client-pdq module to the plugin configuration folder and set the property value to org.highmed.mpi.client.pdq.MasterPatientIndexClientPdqFactory.

    To implement a new MPI client, the following has to be taken into account:

    • The plugin needs to supply an MPI client factory implementing the interface MasterPatientIndexClientFactory from the dsf-mpi-client module.
    • The resources folder must contain a file with the name META-INF/services/org.highmed.mpi.client.MasterPatientIndexClientFactory containing the name of the new MPI client factory including the full package name.
    • The client needs to implement the interface MasterPatientIndexClient. The interface defines a method returning instances of the interface Idat based on patient-ids used within the openEHR repository.

    An example of an MPI client implementation can be found in the dsf-mpi-client-pdq module.

    + + + diff --git a/oldstable/code/addingANewOpenEhrClient.html b/oldstable/code/addingANewOpenEhrClient.html new file mode 100644 index 000000000..0b5e13951 --- /dev/null +++ b/oldstable/code/addingANewOpenEhrClient.html @@ -0,0 +1,41 @@ + + + + + + + + + + Adding openEHR Clients + + + + + +
    Skip to main content

    Adding openEHR Clients

    DSF-TeamLess than 1 minute

    The openEHR client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.openehr.webservice.factory.class and loaded using a service loader, which searches for a class of type OpenEhrClientFactory on startup of the BPE.

    The framework currently includes an openEHR Jersey REST client using basic authentication. To use it, add the jar of the dsf-openehr-client-impl module to the plugin configuration folder and set the property value to org.highmed.openehr.client.impl.OpenEhrClientJerseyFactory.

    To implement a new openEHR client, the following has to be taken into account:

    • The plugin needs to supply an openEHR client factory implementing the interface OpenEhrClientFactory from the dsf-openehr-client module.
    • The resources folder must contain a file with the name META-INF/services/org.highmed.openehr.client.OpenEhrClientFactory containing the name of the new openehr client factory including the full package name.
    • The client needs to implement the interface OpenEhrClient. The interface defines a method executing an openEHR query returning an instance of an openEHR ResultSet.

    An example of an openEHR client implementation can be found in the dsf-openehr-client-impl module.

    + + + diff --git a/oldstable/code/changingBpmnProcesses.html b/oldstable/code/changingBpmnProcesses.html new file mode 100644 index 000000000..579cbbbc5 --- /dev/null +++ b/oldstable/code/changingBpmnProcesses.html @@ -0,0 +1,41 @@ + + + + + + + + + + Changing BPMN Processes by Service Task Overwrites + + + + + +
    Skip to main content

    Changing BPMN Processes by Service Task Overwrites

    DSF-TeamLess than 1 minute

    DEPRECATED SINCE VERSION 0.4.0

    A service task of a process integrated in the framework can be overwritten using the plugin interface. This means that entire processes do not have to be replaced when only individual steps need adaption. An example can be found in the module dsf-bpe > dsf-bpe-process-plugin-example > dsf-bpe-process-service-overwrite.

    A plugin has as its only dependency the process module which contains the service task to be overwritten.

    For a plugin replacing one service task, two new files must be generated:

    • A new service task extending the task it overwrites. The method to be overwritten is doExecute(DelegateExecution execution).
    • A new configuration file containing a method that has as return type the service task you want to overwrite. This method then returns a Bean of your own implementation of this specific service task. The method has to be annotated with @Primary.
    + + + diff --git a/oldstable/code/code.html b/oldstable/code/code.html new file mode 100644 index 000000000..a012d98ac --- /dev/null +++ b/oldstable/code/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Writing Code + + + + + +
    Skip to main content

    Writing Code

    DSF-TeamLess than 1 minute

    Code Style

    HiGHmed DSF code-style configurations for Eclipse and IntelliJ IDEA can be found here:

    Pull Requests are only approved, if the code is formatted according to the code-style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Git Workflow

    Since Release 0.1.0, we follow git-flow as described here.
    New features should branch from develop and merged back if done. Hot-Fixes for the latest release will branch of master and will be merged into develop and later into master. A new release will branch of develop for a ramp down phase and will then be merged into master. The new master should merge back into develop to start a new development cycle.

    Branch Naming:

    • Features: issue/<issue-number>_<issue-name>
    • Hot-Fix: hot-fix/<issue-number>_<issue-name>
    • Release: release/<version>
    + + + diff --git a/oldstable/code/eclipseContent.html b/oldstable/code/eclipseContent.html new file mode 100644 index 000000000..a3ab1f564 --- /dev/null +++ b/oldstable/code/eclipseContent.html @@ -0,0 +1,362 @@ + + + + + + + + + + Eclipse code-style configurations + + + + + +
    Skip to main content

    Eclipse code-style configurations

    DSF-TeamAbout 7 min

    Back

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<profiles version="15">
+    <profile kind="CodeFormatterProfile" name="highmed_dsf" version="15">
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_ellipsis" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_at_in_annotation_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_for_statment" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.new_lines_at_block_boundaries" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.insert_new_line_for_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_package" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_method_invocation" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_after_imports" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_while" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.insert_new_line_before_root_tags" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_annotation_type_member_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_throws" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_switch_statement" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_javadoc_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.indentation.size" value="4"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_postfix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_enum_constant_declaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_increments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_inits" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_with_spaces" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.disabling_tag" value="@formatter:off"/>
+        <setting id="org.eclipse.jdt.core.formatter.continuation_indentation" value="2"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_enum_constants" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_imports" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_after_package" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_binary_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_local_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_if_while_statement" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_enum_constant" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.indent_root_tags" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_or_operator_multicatch" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.enabling_tag" value="@formatter:on"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_brace_in_block" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.count_line_length_from_starting_position" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_return" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_method_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_parameter" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_then_statement_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_field" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_explicitconstructorcall_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_prefix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_between_type_declarations" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_catch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_method" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_switch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameterized_type_references" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_anonymous_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_annotation_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_enum_constant" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.never_indent_line_comments_on_first_column" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_and_in_type_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_for_inits" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_statements_compare_to_block" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_anonymous_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_question_in_wildcard" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_invocation_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_switch" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.align_tags_descriptions_grouped" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.line_length" value="120"/>
+        <setting id="org.eclipse.jdt.core.formatter.use_on_off_tags" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_method_body_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_brackets_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_loop_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_constant" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_assignment_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.preserve_white_space_between_code_and_line_comments" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_local_variable" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_method_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_enum_constant_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_variable_declarations_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_union_type_in_multicatch" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_type_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.number_of_blank_lines_at_beginning_of_method_body" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_else_statement_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_binary_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_catch_clause" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_parameterized_type_reference" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_multiple_field_declarations" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_explicit_constructor_call" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_anonymous_type_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_annotation_declaration_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_superinterfaces" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_default" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_question_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_block" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_constructor_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_lambda_body" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.compact_else_if" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_catch" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.put_empty_statement_on_new_line" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameters_in_constructor_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_type_parameters" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_invocation_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_method_invocation" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_throws_clause_in_constructor_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_compact_loops" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_block_comment" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_catch_in_try_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_try" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_for_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_at_end_of_file_if_missing" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.clear_blank_lines_in_javadoc_comment" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_binary_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_unary_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_expressions_in_array_initializer" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.format_line_comment_starting_on_first_column" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.number_of_empty_lines_to_preserve" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_annotation" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_case" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_ellipsis" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_try_resources" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_assert" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_if" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_and_in_type_parameter" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_line_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_labeled_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_type_members_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_assignment" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_module_statements" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_type_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.align_tags_names_descriptions" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_type_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_if_then_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_first_class_body_declaration" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_conditional_expression" value="80"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_closing_brace_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.format_guardian_clause_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_if" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_assignment_statements_on_columns" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_annotation_on_type" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_block" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_enum_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_block_in_case" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_header" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_invocation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_while" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_switch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_method_declaration" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.join_wrapped_lines" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_parens_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_conditional_operator" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_cases" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_synchronized" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.align_fields_grouping_blank_lines" value="2147483647"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.new_lines_at_javadoc_boundaries" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_annotation_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_resources_in_try" value="80"/>
+        <setting id="org.eclipse.jdt.core.formatter.use_tabs_only_for_leading_indentations" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_try_clause" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_selector_in_method_invocation" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.never_indent_block_comments_on_first_column" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_code_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_synchronized" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_constructor_declaration_throws" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.tabulation.size" value="4"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_allocation_expression" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_colon_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_source_code" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_try" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_semicolon_in_try_resources" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_field" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.continuation_indentation_for_array_initializer" value="2"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_question_in_wildcard" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_method" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superclass_in_type_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_superinterfaces_in_enum_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_parenthesized_expression_in_throw" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_assignment_operator" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_labeled_statement" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_switch" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_superinterfaces" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_type_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_brace_in_array_initializer" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_parenthesized_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_html" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_at_in_annotation_type_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_angle_bracket_in_type_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_method_delcaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_compact_if" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_lambda_body_block_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_empty_lines" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_type_arguments" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_unary_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_annotation" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_empty_array_initializer_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_switchstatements_compare_to_switch" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_else_in_if_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_assignment_operator" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_new_chunk" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_label" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_declaration_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_constructor_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_method_declaration_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_cast" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_assert" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_member_type" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_while_in_do_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_parameterized_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_arguments_in_qualified_allocation_expression" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_after_opening_brace_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_breaks_compare_to_cases" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_if" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_postfix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_try" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_cast" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.format_block_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_lambda_arrow" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_imple_if_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_enum_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_parameters_in_method_declaration" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_brackets_in_array_type_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_semicolon_in_for" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_method_declaration_throws" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_allocation_expression" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_statements_compare_to_body" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_multiple_fields" value="16"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_enum_constant_arguments" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_while_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_prefix_operator" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_array_initializer" value="end_of_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_before_binary_operator" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_method_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_type_parameters" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_catch" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_comma_in_annotation" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_enum_constant_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.parentheses_positions_in_lambda_declaration" value="common_lines"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_between_empty_braces_in_array_initializer" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_colon_in_case" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_local_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_do_while_body_on_same_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_annotation_type_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_bracket_in_array_reference" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_enum_declaration_on_one_line" value="one_line_never"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_method_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.wrap_outer_expressions_when_nested" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_closing_paren_in_cast" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_enum_constant" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.brace_position_for_type_declaration" value="next_line"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_before_package" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_for" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_synchronized" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_for_increments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_annotation_type_member_declaration" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.alignment_for_expressions_in_for_loop_header" value="0"/>
+        <setting id="org.eclipse.jdt.core.formatter.keep_simple_getter_setter_on_one_line" value="false"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_while" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_enum_constant" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_explicitconstructorcall_arguments" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.indent_body_declarations_compare_to_enum_constant_header" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_lambda_arrow" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_brace_in_constructor_declaration" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_constructor_declaration_throws" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.join_lines_in_comments" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_closing_angle_bracket_in_type_parameters" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_question_in_conditional" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.comment.indent_parameter_description" value="true"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_new_line_before_finally_in_try_statement" value="insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.tabulation.char" value="tab"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_comma_in_multiple_field_declarations" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.blank_lines_between_import_groups" value="1"/>
+        <setting id="org.eclipse.jdt.core.formatter.lineSplit" value="120"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_after_opening_paren_in_annotation" value="do not insert"/>
+        <setting id="org.eclipse.jdt.core.formatter.insert_space_before_opening_paren_in_switch" value="insert"/>
+    </profile>
+</profiles>

    Back

    + + + diff --git a/oldstable/code/index.html b/oldstable/code/index.html new file mode 100644 index 000000000..9fd67e957 --- /dev/null +++ b/oldstable/code/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Code + + + + + + + + + diff --git a/oldstable/code/intelliJContent.html b/oldstable/code/intelliJContent.html new file mode 100644 index 000000000..6a5360576 --- /dev/null +++ b/oldstable/code/intelliJContent.html @@ -0,0 +1,107 @@ + + + + + + + + + + IntelliJ code-style configurations + + + + + +
    Skip to main content

    IntelliJ code-style configurations

    DSF-TeamAbout 1 min

    Back

    <code_scheme name="highmed_dsf" version="173">
+  <option name="FORMATTER_TAGS_ENABLED" value="true" />
+  <JavaCodeStyleSettings>
+    <option name="ANNOTATION_PARAMETER_WRAP" value="1" />
+    <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+    <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
+    <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
+      <value />
+    </option>
+    <option name="IMPORT_LAYOUT_TABLE">
+      <value>
+        <package name="" withSubpackages="true" static="true" />
+        <emptyLine />
+        <package name="java" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="javax" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="org" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="com" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="ca" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="de" withSubpackages="true" static="false" />
+        <emptyLine />
+        <package name="" withSubpackages="true" static="false" />
+        <emptyLine />
+      </value>
+    </option>
+  </JavaCodeStyleSettings>
+  <codeStyleSettings language="JAVA">
+    <option name="KEEP_LINE_BREAKS" value="false" />
+    <option name="KEEP_FIRST_COLUMN_COMMENT" value="false" />
+    <option name="KEEP_CONTROL_STATEMENT_IN_ONE_LINE" value="false" />
+    <option name="KEEP_BLANK_LINES_IN_DECLARATIONS" value="1" />
+    <option name="KEEP_BLANK_LINES_IN_CODE" value="1" />
+    <option name="KEEP_BLANK_LINES_BEFORE_RBRACE" value="1" />
+    <option name="BRACE_STYLE" value="2" />
+    <option name="CLASS_BRACE_STYLE" value="2" />
+    <option name="METHOD_BRACE_STYLE" value="2" />
+    <option name="ELSE_ON_NEW_LINE" value="true" />
+    <option name="WHILE_ON_NEW_LINE" value="true" />
+    <option name="CATCH_ON_NEW_LINE" value="true" />
+    <option name="FINALLY_ON_NEW_LINE" value="true" />
+    <option name="ALIGN_MULTILINE_PARAMETERS" value="false" />
+    <option name="ALIGN_MULTILINE_RESOURCES" value="false" />
+    <option name="SPACE_WITHIN_ARRAY_INITIALIZER_BRACES" value="true" />
+    <option name="SPACE_BEFORE_ARRAY_INITIALIZER_LBRACE" value="true" />
+    <option name="CALL_PARAMETERS_WRAP" value="1" />
+    <option name="METHOD_PARAMETERS_WRAP" value="1" />
+    <option name="RESOURCE_LIST_WRAP" value="5" />
+    <option name="EXTENDS_LIST_WRAP" value="1" />
+    <option name="THROWS_LIST_WRAP" value="1" />
+    <option name="EXTENDS_KEYWORD_WRAP" value="1" />
+    <option name="THROWS_KEYWORD_WRAP" value="1" />
+    <option name="METHOD_CALL_CHAIN_WRAP" value="1" />
+    <option name="BINARY_OPERATION_WRAP" value="1" />
+    <option name="BINARY_OPERATION_SIGN_ON_NEXT_LINE" value="true" />
+    <option name="TERNARY_OPERATION_WRAP" value="5" />
+    <option name="ARRAY_INITIALIZER_WRAP" value="1" />
+    <option name="PARAMETER_ANNOTATION_WRAP" value="2" />
+    <option name="VARIABLE_ANNOTATION_WRAP" value="2" />
+    <indentOptions>
+      <option name="USE_TAB_CHARACTER" value="true" />
+    </indentOptions>
+  </codeStyleSettings>
+</code_scheme>

    Back

    + + + diff --git a/oldstable/code/libraries.html b/oldstable/code/libraries.html new file mode 100644 index 000000000..c69c30691 --- /dev/null +++ b/oldstable/code/libraries.html @@ -0,0 +1,41 @@ + + + + + + + + + + Libraries + + + + + + + + + diff --git a/oldstable/code/usingTheGitHubMaven.html b/oldstable/code/usingTheGitHubMaven.html new file mode 100644 index 000000000..16a29bbaf --- /dev/null +++ b/oldstable/code/usingTheGitHubMaven.html @@ -0,0 +1,78 @@ + + + + + + + + + + Using the Github Maven Package Registry + + + + + +
    Skip to main content

    Using the Github Maven Package Registry

    DSF-TeamLess than 1 minute

    Authenticating to GitHub Packages

    For more information take a look at this GitHub documentation about authentication.

    In order to install the HiGHmed DSF packages using Maven in your own projects you need a personal GitHub access token. This GitHub documentation shows you how to generate one.

    After that, add the following configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the scope read:packages.

        <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+  <activeProfiles>
+    <activeProfile>github</activeProfile>
+  </activeProfiles>
+
+  <profiles>
+    <profile>
+      <id>github</id>
+      <repositories>
+        <repository>
+          <id>github</id>
+          <name>GitHub HiGHmed Apache Maven Packages</name>
+          <url>https://maven.pkg.github.com/highmed/highmed-dsf</url>
+          <releases><enabled>true</enabled></releases>
+          <snapshots><enabled>true</enabled></snapshots>
+        </repository>
+      </repositories>
+    </profile>
+  </profiles>
+
+  <servers>
+    <server>
+      <id>github</id>
+      <username>USERNAME</username>
+      <password>TOKEN</password>
+    </server>
+  </servers>
+</settings>

    Installing a Package

    For more information take a look at this GitHub documentation about package installation.

    To install an Apache Maven package from GitHub Packages edit the element dependencies in the pom.xml file by including the package. This could look as follows to include the dsf-bpe-process-base package (replace VERSION with the package version, e.g. 0.4.0-SNAPSHOT):

    <dependencies>
+  <dependency>
+    <groupId>org.highmed.dsf</groupId>
+    <artifactId>dsf-bpe-process-base</artifactId>
+    <version>VERSION</version>
+  </dependency>
+<dependencies>
    + + + diff --git a/oldstable/generalinformation/authentication.html b/oldstable/generalinformation/authentication.html new file mode 100644 index 000000000..621036cb6 --- /dev/null +++ b/oldstable/generalinformation/authentication.html @@ -0,0 +1,41 @@ + + + + + + + + + + Authentication + + + + + +
    Skip to main content

    Authentication

    DSF-TeamLess than 1 minute

    Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.

    A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf

    Certificate Requests

    FHIR Endpoint

    • Purpose: Server certificate to authenticate the FHIR endpoint on the local network and against other organizations
    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: Web Server
      • D-Trust via TMF e.V.: Advanced SSL ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from other organizations (external FQDN)
    • Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)

    Business Process Engine Server

    • Purpose: Client certificate to authenticate against remote FHIR endpoints (when either the BPE Server or the FHIR Endpoint Server is acting as a client), server certificate to authenticate the business process engine server on the local network
    • Certificate profile:
      • DFN-PKI Global G2 via DFN e.V.: 802.1X Client
      • D-Trust via TMF e.V.: Basic Team ID
      • GÉANT TCS via DFN e.V.: Web Server
    • Common name: FQDN of the server used while accessing from the local network (local FQDN)
    + + + diff --git a/oldstable/generalinformation/index.html b/oldstable/generalinformation/index.html new file mode 100644 index 000000000..5833bd8cb --- /dev/null +++ b/oldstable/generalinformation/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + General Information + + + + + + + + + diff --git a/oldstable/generalinformation/networkSetup.html b/oldstable/generalinformation/networkSetup.html new file mode 100644 index 000000000..302642e64 --- /dev/null +++ b/oldstable/generalinformation/networkSetup.html @@ -0,0 +1,75 @@ + + + + + + + + + + Network Setup and General Architecture + + + + + +
    Skip to main content

    Network Setup and General Architecture

    DSF-TeamAbout 2 min

    The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.

    Network Setup Diagramm
    Network Setup Diagramm
    • FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.
    • FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server
    • FHIR DB Server: PostgreSQL database for the FHIR App Server.
    • BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.
    • BPE DB Server: PostgreSQL database for the BPE App Server.
    • PDP: IHE Policy Decision Point for deciding on patient consent.
    • MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).
    • MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.
    • Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.

    More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates

    Additional Reverse Proxy in external DMZ

    In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.

    Network Setup Diagramm
    Network Setup Diagramm

    nginx

    http {
+	# ...
+}
+
+stream {
+	map $ssl_preread_server_name $name {
+		fhir.example.com fhir;
+	}
+
+	upstream fhir {
+		server 192.168.0.1:443;
+	}
+
+	server {
+		listen 443;
+		proxy_pass $name;
+		ssl_preread on;
+	}
+}

    haproxy

    defaults
+	timeout connect 5s
+	timeout client 30s
+	timeout server 30s
+
+frontend ingress
+	bind :443
+	mode tcp
+
+	tcp-request inspect-delay 5s
+	tcp-request content accept if { req_ssl_hello_type 1 }
+	use_backend fhir if { req.ssl_sni fhir.example.com }
+
+backend fhir
+	mode tcp
+
+	server fhir 192.168.0.1:443
    + + + diff --git a/oldstable/index.html b/oldstable/index.html new file mode 100644 index 000000000..8226bf2cf --- /dev/null +++ b/oldstable/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Version 0.9.x + + + + + + + + + diff --git a/oldstable/introduction.html b/oldstable/introduction.html new file mode 100644 index 000000000..6e436087f --- /dev/null +++ b/oldstable/introduction.html @@ -0,0 +1,41 @@ + + + + + + + + + + Introduction + + + + + +
    Skip to main content

    Introduction

    DSF-TeamLess than 1 minute

    The Data Sharing Framework implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data. Every participating site runs a FHIR endpoint (dsf-fhir) accessible by other sites and a business process engine (dsf-bpe) in the local secured network. Authentication between sites is handled using X.509 client/server certificates. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing and feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization.

    DSF Architecture
    DSF Architecture
    + + + diff --git a/oldstable/releases/configBpe.html b/oldstable/releases/configBpe.html new file mode 100644 index 000000000..070e02be4 --- /dev/null +++ b/oldstable/releases/configBpe.html @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + +
    Skip to main content

    DSF-TeamAbout 7 min

    DSF 0.9.3 Configuration Parameters - BPE Server

    Please note: Additional parameters (not listed here) are used to configure process plugins.

    • Property: org.highmed.dsf.bpe.consent.webservice.factory.class
    • Required: No
    • Description: Factory for client implementations used to connect to a consent server in order to check permissions to access patient medical data
    • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your Consent server
    • Default: org.highmed.consent.client.stub.ConsentClientStubFactory

    ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: org.highmed.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    ORG_HIGHMED_DSF_BPE_DB_URL

    • Property: org.highmed.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: org.highmed.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: org.highmed.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    ORG_HIGHMED_DSF_BPE_DB_USER_GROUP

    • Property: org.highmed.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME

    • Property: org.highmed.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: org.highmed.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: org.highmed.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: org.highmed.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: org.highmed.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.password
    • Required: No
    • Description: Proxy password, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_URL

    • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.url
    • Required: No
    • Description: Proxy location, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy
    • Example: http://proxy.foo:8080

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_USERNAME

    • Property: org.highmed.dsf.bpe.fhir.client.local.proxy.username
    • Required: No
    • Description: Proxy username, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: org.highmed.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: org.highmed.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: org.highmed.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.password
    • Required: No
    • Description: Proxy password, set if the DSF BPE server can reach internal servers via websocket, like the getSub server, only through a proxy which requests authentication
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_URL

    • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.url
    • Required: No
    • Description: Proxy location, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy
    • Example: http://proxy.foo:8080

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_USERNAME

    • Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.username
    • Required: No
    • Description: Proxy username, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy which requests authentication

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.password
    • Required: No
    • Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_URL

    • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.url
    • Required: No
    • Description: Proxy location, set if the DSF BPE server can reach the internet only through a proxy
    • Example: http://proxy.foo:8080

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_USERNAME

    • Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.username
    • Required: No
    • Description: Proxy username, set if the the DSF BPE server can reach the internet only through a proxy which requests authentication

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: org.highmed.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES

    • Property: org.highmed.dsf.bpe.fhir.client.trust.certificates
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    ORG_HIGHMED_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: org.highmed.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: org.highmed.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: org.highmed.dsf.bpe.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: org.highmed.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: org.highmed.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: org.highmed.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    ORG_HIGHMED_DSF_BPE_MAIL_FROMADDRESS

    • Property: org.highmed.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    ORG_HIGHMED_DSF_BPE_MAIL_HOST

    • Property: org.highmed.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

    ORG_HIGHMED_DSF_BPE_MAIL_PORT

    • Property: org.highmed.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    ORG_HIGHMED_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: org.highmed.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    ORG_HIGHMED_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: org.highmed.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    ORG_HIGHMED_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: org.highmed.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: org.highmed.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: org.highmed.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSES

    • Property: org.highmed.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: org.highmed.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    ORG_HIGHMED_DSF_BPE_MAIL_TRUST_CERTIFICATES

    • Property: org.highmed.dsf.bpe.mail.trust.certificates
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    ORG_HIGHMED_DSF_BPE_MAIL_USERNAME

    • Property: org.highmed.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

    ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS

    • Property: org.highmed.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    ORG_HIGHMED_DSF_BPE_MPI_WEBSERVICE_FACTORY_CLASS

    • Property: org.highmed.dsf.bpe.mpi.webservice.factory.class
    • Required: No
    • Description: Factory for client implementations used to connect to a Master Patient Index (MPI) server in order to read patient demographic data
    • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your MPI
    • Default: org.highmed.mpi.client.stub.MasterPatientIndexClientStubFactory

    ORG_HIGHMED_DSF_BPE_OPENEHR_WEBSERVICE_FACTORY_CLASS

    • Property: org.highmed.dsf.bpe.openehr.webservice.factory.class
    • Required: No
    • Description: Factory for client implementations used to connect to an openEHR repository in order to read patient medical data
    • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your openEHR repository
    • Default: org.highmed.openehr.client.stub.OpenEhrClientStubFactory

    ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED

    • Property: org.highmed.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

    ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: org.highmed.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: org.highmed.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    ORG_HIGHMED_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: org.highmed.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    ORG_HIGHMED_DSF_BPE_PROCESS_RETIRED

    • Property: org.highmed.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available

    ORG_HIGHMED_DSF_BPE_PSEUDONYMIZATION_WEBSERVICE_FACTORY_CLASS

    • Property: org.highmed.dsf.bpe.pseudonymization.webservice.factory.class
    • Required: No
    • Description: Factory for client implementations used to connect to a pseudonymization service in order to pseudonymize patient demographic and medical data
    • Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your pseudonymization service
    • Default: org.highmed.pseudonymization.client.stub.PseudonymizationClientStubFactory
    + + + diff --git a/oldstable/releases/configFhir.html b/oldstable/releases/configFhir.html new file mode 100644 index 000000000..23de6528d --- /dev/null +++ b/oldstable/releases/configFhir.html @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + +
    Skip to main content

    DSF-TeamAbout 3 min

    DSF 0.9.3 Configuration Parameters - FHIR Server

    Please note: Additional parameters (not listed here) are used to define elements of the external FHIR bundle.

    ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: org.highmed.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: org.highmed.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: org.highmed.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE

    • Property: org.highmed.dsf.fhir.client.proxy.password
    • Required: No
    • Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE

    ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_URL

    • Property: org.highmed.dsf.fhir.client.proxy.url
    • Required: No
    • Description: Proxy location, set if the DSF FHIR server can reach the internet only through a proxy
    • Example: http://proxy.foo:8080

    ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_USERNAME

    • Property: org.highmed.dsf.fhir.client.proxy.username
    • Required: No
    • Description: Proxy username, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication

    ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: org.highmed.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: org.highmed.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES

    • Property: org.highmed.dsf.fhir.client.trust.certificates
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    ORG_HIGHMED_DSF_FHIR_CLIENT_VERBOSE

    • Property: org.highmed.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: org.highmed.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: org.highmed.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    ORG_HIGHMED_DSF_FHIR_DB_URL

    • Property: org.highmed.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP

    • Property: org.highmed.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: org.highmed.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: org.highmed.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: org.highmed.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: org.highmed.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME

    • Property: org.highmed.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL

    • Property: org.highmed.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    ORG_HIGHMED_DSF_FHIR_SERVER_CORS_ORIGINS

    • Property: org.highmed.dsf.fhir.server.cors.origins
    • Required: No
    • Description: List of allowed CORS origins, used to set the Access-Control-Allow-Origin HTTP response header, which indicates whether the response can be shared with requesting code from the given origin; comma or space separated list, YAML block scalars supported

    ORG_HIGHMED_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: org.highmed.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: org.highmed.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    ORG_HIGHMED_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: org.highmed.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS

    • Property: org.highmed.dsf.fhir.server.user.thumbprints
    • Required: Yes
    • Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server; comma or space separated list, YAML block scalars supported
    • Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes

    ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE

    • Property: org.highmed.dsf.fhir.server.user.thumbprints.permanent.delete
    • Required: Yes
    • Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server for permanent deletes; comma or space separated list, YAML block scalars supported
    • Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes
    + + + diff --git a/oldstable/releases/configFhirReverseProxy.html b/oldstable/releases/configFhirReverseProxy.html new file mode 100644 index 000000000..5541542ff --- /dev/null +++ b/oldstable/releases/configFhirReverseProxy.html @@ -0,0 +1,41 @@ + + + + + + + + + + + + + + + +
    Skip to main content

    DSF-TeamAbout 1 min

    DSF 0.9.3 Configuration Parameters - FHIR Reverse Proxy

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem
    + + + diff --git a/oldstable/releases/highmedInstall.html b/oldstable/releases/highmedInstall.html new file mode 100644 index 000000000..9a8417154 --- /dev/null +++ b/oldstable/releases/highmedInstall.html @@ -0,0 +1,68 @@ + + + + + + + + + + + + + + + +
    Skip to main content

    DSF-TeamAbout 6 min

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is only suitable for HiGHmed organizations.
    If you are not a member of HiGHmed, see NUM-CODEX Install.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install

    docker:

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io

    docker-compose (warning: 2.17.3 might not be latest):

    sudo curl -L "https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose

    Client/Server Certificates

    Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication

    • Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    Network setup / Network access

    For additional information on the network setup see Network-and-Architecture.

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (GECCO Transfer Hub)443https
    DSF FHIR (local)DSF FHIR (GECCO Transfer Hub)443https (HTTP HEAD only)
    DSF BPE (GECCO Transfer Hub)DSF FHIR (local)443https
    DSF FHIR (GECCO Transfer Hub)DSF FHIR (local)443https (HTTP HEAD only)

    On-Boarding Excel Spreadsheet

    You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download prepared DSF FHIR server config files and folder structure from

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L56:      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L136:  app_client_certificate_private_key.pem.password:
+L137:    file: ./secrets/client_certificate_private_key.pem.password

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L101:  ssl_certificate_chain_file.pem:
+L102:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME
          Set your Organizations official name, e.g. Hochschule Heilbronn
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.
        • For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters

    8. Start the DSF FHIR Server
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download prepared DSF BPE server config files and folder structure from

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log
      • /opt/bpe/psn

    4. Add certificates and keys

      • Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L41:      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L99:  app_client_certificate_private_key.pem.password:
+L100:    file: ./secrets/client_certificate_private_key.pem.password
      • Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    9. Stop the DSF BPE Server

      • Hit Ctrl-C to close log
      • Stop using: docker-compose stop

    10. Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.

      Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440

    11. Start the DSF BPE Server (with process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    12. Request Allow-List upload from HiGHmed TTP
      The Allow-List upload is needed in order to execute HiGHmed and NUM-CODEX processes.

    + + + diff --git a/oldstable/releases/index.html b/oldstable/releases/index.html new file mode 100644 index 000000000..65fb04a66 --- /dev/null +++ b/oldstable/releases/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Releases and Deployment + + + + + + + + + diff --git a/oldstable/releases/num-codexInstall.html b/oldstable/releases/num-codexInstall.html new file mode 100644 index 000000000..e8c30506f --- /dev/null +++ b/oldstable/releases/num-codexInstall.html @@ -0,0 +1,68 @@ + + + + + + + + + + + + + + + +
    Skip to main content

    DSF-TeamAbout 6 min

    This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is not suitable for HiGHmed organizations.
    If you are a member of HiGHmed, see HiGHmed Install.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install

    docker:

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io

    docker-compose (warning: 2.17.3 might not be latest):

    sudo curl -L "https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+sudo chmod +x /usr/local/bin/docker-compose

    Client/Server Certificates

    Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication

    • Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    Network setup / Network access

    For additional information on the network setup see Network-and-Architecture.

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (GECCO Transfer Hub)443https
    DSF FHIR (local)DSF FHIR (GECCO Transfer Hub)443https (HTTP HEAD only)
    DSF BPE (GECCO Transfer Hub)DSF FHIR (local)443https
    DSF FHIR (GECCO Transfer Hub)DSF FHIR (local)443https (HTTP HEAD only)

    On-Boarding Excel Spreadsheet

    You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download prepared DSF FHIR server config files and folder structure from

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L56:      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L137:  app_client_certificate_private_key.pem.password:
+L138:    file: ./secrets/client_certificate_private_key.pem.password

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L102:  ssl_certificate_chain_file.pem:
+L103:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • ORG_HIGHMED_DSF_FHIR_SERVER_FQDN: TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN
          Set your FHIR servers external FQDN, e.g. foo.bar.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME
          Set your Organizations official name, e.g. Hochschule Heilbronn
        • ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.
        • ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS
          Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B)
          This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.
        • For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters

    8. Start the DSF FHIR Server
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download prepared DSF BPE server config files and folder structure from

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/
        • client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L38:      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L92:  app_client_certificate_private_key.pem.password:
+L93:    file: ./secrets/client_certificate_private_key.pem.password
      • Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    9. Stop the DSF BPE Server

      • Hit Ctrl-C to close log
      • Stop using: docker-compose stop

    10. Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.

      Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440

    11. Start the DSF BPE Server (with process plugins)
      Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)

    + + + diff --git a/oldstable/releases/upgradeFrom7.html b/oldstable/releases/upgradeFrom7.html new file mode 100644 index 000000000..c1e799744 --- /dev/null +++ b/oldstable/releases/upgradeFrom7.html @@ -0,0 +1,130 @@ + + + + + + + + + + Upgrading from 0.7.0 to 0.9.0 + + + + + +
    Skip to main content

    Upgrading from 0.7.0 to 0.9.0

    DSF-TeamAbout 4 min

    Upgrading the DSF from 0.7.0 to 0.9.0 involves replacing a config file, modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.7.0 with 0.9.0

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.7.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.0
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.7.0
++    image: ghcr.io/highmed/fhir:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Download prepared DSF FHIR server config files and extract/replace the external FHIR bundle

      The command will update the external FHIR bundle at /opt/fhir/conf/bundle.xml

      The output of the tar command should be

      fhir/conf/bundle.xml

    4. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.7.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -29,9 +29,6 @@ services:
+       - type: bind
+         source: ./log
+         target: /opt/bpe/log
+-      - type: bind
+-        source: ./last_event
+-        target: /opt/bpe/last_event
+       - type: bind
+         source: ./cache
+         target: /opt/bpe/cache
+@@ -48,8 +45,8 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
++        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0
+
+       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
+       #TODO add process specific environment variables, see process documentation

      • HiGHmed instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.7.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -29,9 +29,6 @@ services:
+       - type: bind
+         source: ./log
+         target: /opt/bpe/log
+-      - type: bind
+-        source: ./last_event
+-        target: /opt/bpe/last_event
+       - type: bind
+         source: ./psn
+         target: /opt/bpe/psn
+@@ -51,11 +48,11 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        highmedorg_computeFeasibility/0.6.0
+-        highmedorg_computeDataSharing/0.6.0
+-        highmedorg_updateAllowList/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0
+-        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0
++        highmedorg_computeFeasibility/0.7.0
++        highmedorg_computeDataSharing/0.7.0
++        highmedorg_updateAllowList/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
++        wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0
+
+       #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions
+       #TODO add process specific environment variables, see process documentation

    3. Upgrade DSF Plugins and Process-Plugins

      • NUM-CODEX (non HiGHmed) instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

      • HiGHmed instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release
          3. Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release
          4. Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release
          5. Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release
          6. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release
          7. Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

        • Plugins in '/opt/bpe/plugin':

          1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes
          2. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes

          Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    + + + diff --git a/oldstable/releases/upgradeFrom8.html b/oldstable/releases/upgradeFrom8.html new file mode 100644 index 000000000..9ebb878df --- /dev/null +++ b/oldstable/releases/upgradeFrom8.html @@ -0,0 +1,86 @@ + + + + + + + + + + Upgrading from 0.8.0 to 0.9.0 + + + + + +
    Skip to main content

    Upgrading from 0.8.0 to 0.9.0

    DSF-TeamAbout 3 min

    Upgrading the DSF from 0.8.0 to 0.9.0 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first and then visit the Upgrade from 0.7.0 to 0.9.0 guide.
    If you are upgrading from 0.7.0 please see the Upgrade from 0.7.0 to 0.9.0 guide.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.8.0 with 0.9.0

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.8.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.0
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.8.0
++    image: ghcr.io/highmed/fhir:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.8.0 to 0.9.0, update the process exclude config and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

      • HiGHmed instance:
        Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]
+@@ -48,9 +48,9 @@ services:
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
+       ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir
+       ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: |
+-        highmedorg_computeFeasibility/0.6.0
+-        highmedorg_computeDataSharing/0.6.0
+-        highmedorg_updateAllowList/0.6.0
++        highmedorg_computeFeasibility/0.7.0
++        highmedorg_computeDataSharing/0.7.0
++        highmedorg_updateAllowList/0.7.0
+         wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0
+         wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0

    3. Upgrade DSF Plugins and Process-Plugins

      • NUM-CODEX (non HiGHmed) instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

      • HiGHmed instance:

        • Process plugins in /opt/bpe/process:

          1. Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release
          2. Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release
          3. Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release
          4. Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release
          5. Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release
          6. Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release
          7. Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release

          Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.

        • Plugins in '/opt/bpe/plugin':

          1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes
          2. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes

          Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    + + + diff --git a/oldstable/releases/upgradeFrom90.html b/oldstable/releases/upgradeFrom90.html new file mode 100644 index 000000000..93ff749b0 --- /dev/null +++ b/oldstable/releases/upgradeFrom90.html @@ -0,0 +1,75 @@ + + + + + + + + + + Upgrading from 0.9.0 to 0.9.1 + + + + + +
    Skip to main content

    Upgrading from 0.9.0 to 0.9.1

    DSF-TeamAbout 2 min

    Upgrading the DSF from 0.9.0 to 0.9.1 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.

    If you are upgrading from 0.8.0 please see the Upgrade from 0.8.0 to 0.9.0 guide.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.0 with 0.9.1

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.0
++    image: ghcr.io/highmed/fhir_proxy:0.9.1
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.0
++    image: ghcr.io/highmed/fhir:0.9.1
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file

      • NUM-CODEX (non HiGHmed) instance:
        Change the bpe container version from 0.9.0 to 0.9.1

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.0
++    image: ghcr.io/highmed/bpe:0.9.1
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

      • HiGHmed instance:
        Change the bpe container version from 0.9.0 to 0.9.1

        @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.8.0
++    image: ghcr.io/highmed/bpe:0.9.0
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade DSF Plugins and Process-Plugins
      * Plugins in '/opt/bpe/plugin':
      1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.1.zip, see DSF release notes
      1. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.1.zip, see DSF release notes

           Make sure the plugins in `/opt/bpe/plugin` are configured with `chmod 440` and `chown root:bpe`.  
+

    4. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    5. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    + + + diff --git a/oldstable/releases/upgradeFrom91.html b/oldstable/releases/upgradeFrom91.html new file mode 100644 index 000000000..3c4d938ae --- /dev/null +++ b/oldstable/releases/upgradeFrom91.html @@ -0,0 +1,66 @@ + + + + + + + + + + Upgrading from 0.9.1 + + + + + +
    Skip to main content

    Upgrading from 0.9.1

    DSF-TeamAbout 1 min

    Upgrading from 0.9.1

    Upgrading the DSF from 0.9.1 to 0.9.2 involves modifying the docker-compose.yml files and recreating the containers.

    As the upgrade from 0.9.0 to 0.9.1 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.1
++    image: ghcr.io/highmed/fhir_proxy:0.9.2
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.1
++    image: ghcr.io/highmed/fhir:0.9.2
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.1
++    image: ghcr.io/highmed/bpe:0.9.2
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    + + + diff --git a/oldstable/releases/upgradeFrom92.html b/oldstable/releases/upgradeFrom92.html new file mode 100644 index 000000000..0c4915c9a --- /dev/null +++ b/oldstable/releases/upgradeFrom92.html @@ -0,0 +1,66 @@ + + + + + + + + + + Upgrading from 0.9.2 + + + + + +
    Skip to main content

    Upgrading from 0.9.2

    DSF-TeamAbout 1 min

    Upgrading from 0.9.2

    Upgrading the DSF from 0.9.2 to 0.9.3 involves modifying the docker-compose.yml files and recreating the containers.

    As the upgrade from 0.9.0 to 0.9.1 and 0.9.1 to 0.9.2 does not require any changes except the change of the version numbers, you can directly follow the following instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.3_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/highmed/fhir_proxy:0.9.2
++    image: ghcr.io/highmed/fhir_proxy:0.9.3
+     restart: on-failure
+     ports:
+       - 127.0.0.1:80:80
+@@ -27,7 +27,7 @@ services:
+       - app
+ 
+   app:
+-    image: ghcr.io/highmed/fhir:0.9.2
++    image: ghcr.io/highmed/fhir:0.9.3
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_fhir.jar", "org.highmed.dsf.fhir.StatusClient"]

    3. Upgrade the DSF FHIR containers
      From /opt/fhir execute

      docker-compose up -d && docker-compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.3_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3

      @@ -1,7 +1,7 @@
+ version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/highmed/bpe:0.9.2
++    image: ghcr.io/highmed/bpe:0.9.3
+     restart: on-failure
+     healthcheck:
+       test: ["CMD", "java", "-cp", "dsf_bpe.jar", "org.highmed.dsf.bpe.StatusClient"]

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker-compose up -d && docker-compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 0.9.3. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.3, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 0.9.3. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.3, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
        For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.
    + + + diff --git a/oldstable/tutorial/ex11-docker-composeyml.html b/oldstable/tutorial/ex11-docker-composeyml.html new file mode 100644 index 000000000..01464f470 --- /dev/null +++ b/oldstable/tutorial/ex11-docker-composeyml.html @@ -0,0 +1,498 @@ + + + + + + + + + + Exercise 1.1 - Process Debugging + + + + + +
    Skip to main content

    Exercise 1.1 - Process Debugging

    DSF-TeamAbout 3 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    docker-compose.yml

    version: '3.8'
+services:
+  proxy:
+    image: nginx:1.23
+    restart: "no"
+    ports:
+      - 127.0.0.1:443:443
+    secrets:
+      - proxy_certificate_and_int_cas.pem
+      - proxy_certificate_private_key.pem
+      - proxy_trusted_client_cas.pem
+    volumes:
+      - type: bind
+        source: ./proxy/conf.d
+        target: /etc/nginx/conf.d
+        read_only: true
+      - type: bind
+        source: ./proxy/nginx.conf
+        target: /etc/nginx/nginx.conf
+        read_only: true
+    networks:
+      dic-fhir-frontend:
+        ipv4_address: 172.20.0.66
+      hrp-fhir-frontend:
+        ipv4_address: 172.20.0.82
+      cos-fhir-frontend:
+        ipv4_address: 172.20.0.98
+      internet:
+        aliases:
+          - cos
+          - dic
+          - hrp
+    environment:
+      TZ: Europe/Berlin
+
+  db:
+    image: postgres:13
+    restart: "no"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U liquibase_user -d postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    environment:
+      TZ: Europe/Berlin
+      POSTGRES_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      POSTGRES_USER: liquibase_user
+      POSTGRES_DB: postgres
+    networks:
+      - cos-fhir-backend
+      - dic-fhir-backend
+      - hrp-fhir-backend
+      - cos-bpe-backend
+      - dic-bpe-backend
+      - hrp-bpe-backend
+    secrets:
+      - db_liquibase.password
+    volumes:
+      - type: volume
+        source: db-data
+        target: /var/lib/postgresql/data
+      - type: bind
+        source: ./db/init-db.sh
+        target: /docker-entrypoint-initdb.d/init-db.sh
+        read_only: true
+
+  cos-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5002:5002
+    secrets:
+      - db_liquibase.password
+      - db_cos_fhir_user.password
+      - db_cos_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_cos_client_certificate.pem
+      - app_cos_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./cos/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./cos/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5002
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_cos_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/cos_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: cos_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: cos_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: cos_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: cos_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://cos/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${COS_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${COS_USER_THUMBPRINTS_PERMANENT_DELETE}
+    networks:
+      cos-fhir-frontend:
+        ipv4_address: 172.20.0.99
+      cos-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  cos-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5005:5005
+    secrets:
+      - db_liquibase.password
+      - db_cos_bpe_user.password
+      - db_cos_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_cos_client_certificate.pem
+      - app_cos_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./cos/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./cos/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./cos/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./cos/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_cos_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/cos_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: cos_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: cos_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: cos_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: cos_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://cos/fhir
+    networks:
+      cos-bpe-frontend:
+      cos-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - cos-fhir
+
+  dic-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5000:5000
+    secrets:
+      - db_liquibase.password
+      - db_dic_fhir_user.password
+      - db_dic_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_dic_client_certificate.pem
+      - app_dic_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./dic/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./dic/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5000
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: dic_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: dic_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://dic/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${DIC_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${DIC_USER_THUMBPRINTS_PERMANENT_DELETE}
+    networks:
+      dic-fhir-frontend:
+        ipv4_address: 172.20.0.67
+      dic-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  dic-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5003:5003
+    secrets:
+      - db_liquibase.password
+      - db_dic_bpe_user.password
+      - db_dic_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_dic_client_certificate.pem
+      - app_dic_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./dic/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./dic/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./dic/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./dic/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5003
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/dic_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: dic_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: dic_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic/fhir
+    networks:
+      dic-bpe-frontend:
+      dic-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - dic-fhir
+
+  hrp-fhir:
+    image: ghcr.io/highmed/fhir:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5001:5001
+    secrets:
+      - db_liquibase.password
+      - db_hrp_fhir_user.password
+      - db_hrp_fhir_user_permanent_delete.password
+      - app_client_trust_certificates.pem
+      - app_hrp_client_certificate.pem
+      - app_hrp_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./hrp/fhir/conf/bundle.xml
+        target: /opt/fhir/conf/bundle.xml
+      - type: bind
+        source: ./hrp/fhir/log
+        target: /opt/fhir/log
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5001
+      ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user.password
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user_permanent_delete.password
+      ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/hrp_fhir
+      ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: hrp_fhir_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: hrp_fhir_server_user
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: hrp_fhir_permanent_delete_users
+      ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: hrp_fhir_server_permanent_delete_user
+      ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://hrp/fhir
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${HRP_USER_THUMBPRINTS}
+      ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${HRP_USER_THUMBPRINTS_PERMANENT_DELETE}
+      ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP
+    networks:
+      hrp-fhir-frontend:
+        ipv4_address: 172.20.0.83
+      hrp-fhir-backend:
+      internet:
+    depends_on:
+      - db
+      - proxy
+  hrp-bpe:
+    image: ghcr.io/highmed/bpe:0.7.0
+    restart: "no"
+    ports:
+      - 127.0.0.1:5004:5004
+    secrets:
+      - db_liquibase.password
+      - db_hrp_bpe_user.password
+      - db_hrp_bpe_user_camunda.password
+      - app_client_trust_certificates.pem
+      - app_hrp_client_certificate.pem
+      - app_hrp_client_certificate_private_key.pem
+      - app_client_certificate_private_key.pem.password
+    volumes:
+      - type: bind
+        source: ./hrp/bpe/plugin
+        target: /opt/bpe/plugin
+        read_only: true
+      - type: bind
+        source: ./hrp/bpe/process
+        target: /opt/bpe/process
+        read_only: true
+      - type: bind
+        source: ./hrp/bpe/log
+        target: /opt/bpe/log
+      - type: bind
+        source: ./hrp/bpe/last_event
+        target: /opt/bpe/last_event
+    environment:
+      TZ: Europe/Berlin
+      EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5004
+      ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user.password
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user_camunda.password
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem
+      ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+      ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/hrp_bpe
+      ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: hrp_bpe_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: hrp_bpe_server_user
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: hrp_camunda_users
+      ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: hrp_camunda_server_user
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP
+      ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://hrp/fhir
+    networks:
+      hrp-bpe-frontend:
+      hrp-bpe-backend:
+      internet:
+    depends_on:
+      - db
+      - hrp-fhir
+
+secrets:
+  proxy_certificate_and_int_cas.pem:
+    file: ./secrets/proxy_certificate_and_int_cas.pem
+  proxy_certificate_private_key.pem:
+    file: ./secrets/proxy_certificate_private_key.pem
+  proxy_trusted_client_cas.pem:
+    file: ./secrets/proxy_trusted_client_cas.pem
+
+  db_liquibase.password:
+    file: ./secrets/db_liquibase.password
+
+  db_dic_fhir_user.password:
+    file: ./secrets/db_dic_fhir_user.password
+  db_dic_fhir_user_permanent_delete.password:
+    file: ./secrets/db_dic_fhir_user_permanent_delete.password
+  db_dic_bpe_user.password:
+    file: ./secrets/db_dic_bpe_user.password
+  db_dic_bpe_user_camunda.password:
+    file: ./secrets/db_dic_bpe_user_camunda.password
+
+  db_hrp_fhir_user.password:
+    file: ./secrets/db_hrp_fhir_user.password
+  db_hrp_fhir_user_permanent_delete.password:
+    file: ./secrets/db_hrp_fhir_user_permanent_delete.password
+  db_hrp_bpe_user.password:
+    file: ./secrets/db_hrp_bpe_user.password
+  db_hrp_bpe_user_camunda.password:
+    file: ./secrets/db_hrp_bpe_user_camunda.password
+
+  db_cos_fhir_user.password:
+    file: ./secrets/db_cos_fhir_user.password
+  db_cos_fhir_user_permanent_delete.password:
+    file: ./secrets/db_cos_fhir_user_permanent_delete.password
+  db_cos_bpe_user.password:
+    file: ./secrets/db_cos_bpe_user.password
+  db_cos_bpe_user_camunda.password:
+    file: ./secrets/db_cos_bpe_user_camunda.password
+
+  app_client_trust_certificates.pem:
+    file: ./secrets/app_client_trust_certificates.pem
+  app_client_certificate_private_key.pem.password:
+    file: ./secrets/app_client_certificate_private_key.pem.password
+
+  app_dic_client_certificate.pem:
+    file: ./secrets/app_dic_client_certificate.pem
+  app_dic_client_certificate_private_key.pem:
+    file: ./secrets/app_dic_client_certificate_private_key.pem
+
+  app_hrp_client_certificate.pem:
+    file: ./secrets/app_hrp_client_certificate.pem
+  app_hrp_client_certificate_private_key.pem:
+    file: ./secrets/app_hrp_client_certificate_private_key.pem
+
+  app_cos_client_certificate.pem:
+    file: ./secrets/app_cos_client_certificate.pem
+  app_cos_client_certificate_private_key.pem:
+    file: ./secrets/app_cos_client_certificate_private_key.pem
+
+networks:
+  internet:
+  dic-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.64/28
+  dic-fhir-backend:
+  dic-bpe-frontend:
+  dic-bpe-backend:
+  hrp-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.80/28
+  hrp-fhir-backend:
+  hrp-bpe-frontend:
+  hrp-bpe-backend:
+  cos-fhir-frontend:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.20.0.96/28
+  cos-fhir-backend:
+  cos-bpe-frontend:
+  cos-bpe-backend:
+
+
+volumes:
+  db-data:
+    name: dsf-process-tutorial-db

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise1-simpleProcess.html b/oldstable/tutorial/exercise1-simpleProcess.html new file mode 100644 index 000000000..f727ec23b --- /dev/null +++ b/oldstable/tutorial/exercise1-simpleProcess.html @@ -0,0 +1,41 @@ + + + + + + + + + + Exercise 1 - Simple Process + + + + + +
    Skip to main content

    Exercise 1 - Simple Process

    DSF-TeamAbout 5 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 1 - Simple Process

    The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process.

    With this exercise we will take a look at the general setup of the tutorial code base, modify a service class and execute the service within a simple demo process.

    Introduction

    Tutorial Code Base Structure and Docker Test Setup

    The tutorial project consists of three parts: A test-data-generator project used to generate X.509 certificates and FHIR resources during the maven build of the project. The certificates and FHIR resources are needed to start DSF instances simulating installations at three different organizations used for this tutorial. The DSF instances are configured using a docker-compose.yml file in the test-setup folder. The docker-compose test setup uses a single PostgreSQL database server, a single nginx reverse proxy as well as three separate DSF FHIR server- and 3 separate DSF BPE server instances. The tutorial-process project contains all resource (FHIR resources, BPMN process models and Java code) for the actual DSF process plugin.

    Java code for the tutorial-process project is located at src/main/java, FHIR resources and BPMN process models at src/main/resources as well as prepared JUnit tests to verify your solution at src/test/java.

    Process Plugin Main Components

    The most imported Java class used to specify the process plugin for the DSF BPE server is a class that implements the org.highmed.dsf.bpe.ProcessPluginDefinition interface from the DSF dsf-bpe-process-base module. The DSF BPE server searches for classes implementing this interface using the Java ServiceLoader mechanism. For this tutorial the TutorialProcessPluginDefinition class implements this interface. It is appropriately specified in the src/main/resources/META-INF/services/org.highmed.dsf.bpe.ProcessPluginDefinition file. The TutorialProcessPluginDefinition class is used to specify name and version of the process plugin, what BPMN processes are to be deployed and what FHIR resources and required by the BPMN processes. For the implementation of service task and message events of the processes a special Spring context is used for every process plugin. The TutorialProcessPluginDefinition class specifies what via Spring-Framework configuration class with Spring Beans are used for the process plugin specific Spring Context. For this plugin the TutorialConfig cass is used to define Spring Beans.

    The business process engine used by the DSF BPE server is based on the OpenSource Camunda Process Engine 7. In order to specify what Java code should be executed for a BPMN ServiceTask you need to specify the fully-qualified Java class name in the ServiceTask inside the BPMN model. To be executable the Java class needs to extend the org.highmed.dsf.bpe.delegate.AbstractServiceDelegate from the DSF dsf-bpe-process-base module and the class needs to be defined as as Spring Bean.

    Process Execution and FHIR Task Resources

    Business process instances are started or the execution continued via FHIR Task resources. The Task resource specifies what process to instantiate or continue, what organization is requesting this action and what organization is the target for the request. When a Task resource starts a process we call it "leading", when it continues a process it's called "current". This differentiation is important for multi-instance use cases not covered by this tutorial. Each Java class extending the abstract class org.highmed.dsf.bpe.delegate.AbstractServiceDelegate has methods to access both types of Task resources.

    Process Access Control

    FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. These resources are used by the DSF to specify what profile the Task resource needs to conform to and what BPMN message name is used to correlate the appropriate start or intermediate event within the BPMN model. The ActivityDefinition also defines what kind of organization can request the instantiation or continuation of a process instance and what kind of organization are allowed to fulfill the request.

    We will take a closer look as ActivityDefinition resources in Exercise 3 and Exercise 5.

    Exercise Tasks

    1. Add a log message to the HelloDic#doExecute method that logs the recipient organization identifier from the "leading" Task.
    2. Register the HelloDic class as a singleton bean in the TutorialConfig class.
    3. Set the HelloDic class as the service implementation of the appropriate service task within the hello-dic.bpmn process model.
    4. Modify the ActivityDefinition for the highmedorg_helloDic process to only allow local clients to instantiate the process via a helloDic message.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-1

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and to copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://dic/fhir.
    The DSF FHIR server uses a server certificate that was generated during the first maven install build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password). Add the certificate and the generated Root CA to your browser certificate store.

    Caution: If you add the generated Root CA to your browsers certificate store as a trusted Root CA, make sure you are the only one with access to the private key at .../dsf-process-tutorial/test-data-generator/cert/ca/testca_private-key.pem.

    1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://dic/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a single ActivityDefinition. Also, go to https://dic/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-dic to check if the expected Task profile was created.

    1. Start the highmedorg_helloDic process by posting an appropriate FHIR Task resource to the DSF FHIR server:

    The Task resource is used to tell the DSF BPE server via the DSF FHIR server that a specific organization wants to start (or continue) one process instance at a specified organization. The needed Task resource can be generated and posted to the DSF FHIR server by executing the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class. For the TutorialExampleStarter to work the location of the client certificate and its password need to be specified:

    • Either specify the location and password via program arguments: 1. location of the client certificate (.../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12), 2. password for the client certificate (password)
    • Or set the environment variables DSF_CLIENT_CERTIFICATE_PATH and DSF_CLIENT_CERTIFICATE_PASSWORD with the appropriate values.

    Verify that the FHIR Task resource could be created at the DSF FHIR server. The TutorialExampleStarter class should print a message HTTP 201: Created showing that the Task resource was created.

    Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should print a message showing that the process was started, print the log message you added to the HelloDic class and end with a message showing that the process finished.

    Continue with Exercise 1.1.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise11-processDebugging.html b/oldstable/tutorial/exercise11-processDebugging.html new file mode 100644 index 000000000..67bd40cad --- /dev/null +++ b/oldstable/tutorial/exercise11-processDebugging.html @@ -0,0 +1,41 @@ + + + + + + + + + + Exercise 1.1 - Process Debugging + + + + + +
    Skip to main content

    Exercise 1.1 - Process Debugging

    DSF-TeamAbout 1 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 1.1 - Process Debugging

    This exercise looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin.

    Introduction

    The DSF FHIR server and the DSF BPE server applications are written in Java and as such are execute on a headless JRE 11 within their docker containers. Command line arguments can be passed to the JVM inside the ghcr.io/highmed/fhir and ghcr.io/highmed/bpe docker images by specifying the environment variable EXTRA_JVM_ARGS. This can be used for example to configure the minimum and maximum heap of the JVM; but can also be used to specify a remote debugging port, which we will use in this exercise.

    An EXTRA_JVM_ARGS environment variable is already configure for all DSF FHIR server and DSF BPE server docker containers in the tutorial docker-compose test setup. Take a look at the docker-compose.yml file to lookup the port numbers specified for the different DSF FHIR and DSF BPE servers.

    Exercise Tasks

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir
    1. Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe
    1. Configure your Java IDE for remote debugging

    • Eclipse:
      Eclipse

    • IntelliJ:
      IntelliJ

    1. Create a debug breakpoint in the first line of the HelloDic class doExecute method.

    2. Start your previously defined remote Java debugger in your IDE.

    3. Execute the TutorialExampleStarter class to start highmed_helloDic process.

    4. User your IDE's debugger to step thru the code of the HelloDic class doExecute method.

    Continue with Exercise 2.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise2-inputParameters.html b/oldstable/tutorial/exercise2-inputParameters.html new file mode 100644 index 000000000..f2e506d37 --- /dev/null +++ b/oldstable/tutorial/exercise2-inputParameters.html @@ -0,0 +1,46 @@ + + + + + + + + + + Exercise 2 - Input Parameters + + + + + +
    Skip to main content

    Exercise 2 - Input Parameters

    DSF-TeamAbout 5 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 2 - Input Parameters

    In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. The goal of this exercise is to enhance the highmedorg_helloDic process by trying them both.

    Introduction

    DSF process plugins can be configured with input parameters using two different approaches:

    • Static configuration using environment variables during the deployment of a process plugin.
    • Dynamic configuration by sending values as part of the Task resource to start or continue a process instance.

    Environment Variables

    Environment variables are the same for all running process instances and allow static configuration of processes. They can be defined by adding a member variable having the Spring-Framework @Value annotation to the configuration class TutorialConfig. The value of the annotation uses the ${..} notation and follows the form ${some.property:defaultValue}, where each dot in the property name corresponds to an underscore in the environment variable and environment variables are always written upper-case. The property some.property therefore corresponds to the environment variable SOME_PROPERTY.

    To create an automated documentation of environment variables during the Maven build process, the DSF provided @ProcessDocumentation annotation from the package org.highmed.dsf.tools.generator can be used. The pom.xml of the tutorial-process submodule calls the DSF provided DocumentGenerator class from the same package during the prepare-package phase of the build process. The generator searches for all @ProcessDocumentation annotations and generates a Markdown documentation based on the annotation's values in the target folder.

    Task Input Parameters

    Providing input parameters to a specific process instance allows for dynamic configuration of process instances. It can be done by sending additional values as part of the Task resource that starts or continues a process instance. It should be noted that a FHIR profile must be created for each Task resource, i.e. for each message event in a process model, which inherits from the DSF Task Base Profile. This base profile defines three default input parameters:

    • message-name (mandatory 1..1): the name of the BPMN message event, same as in the BPMN model
    • business-key (optional 0..1): used to identify process instances
    • correlation-key(optional 0..1): used to identify multi-instance process instances used for messaging multiple targets

    A later exercise will examine these input parameters and their meaning in more detail.

    Since input parameters of Task resources are identified by predefined codes, they are defined via FHIR CodeSystem and ValueSet resources. The BPMN-Message CodeSystem and the BPMN-Message ValueSet are used in the DSF Task Base Profile to define the three default input parameters of Task resources.

    Version and Release-Date Placeholders

    To avoid the need to specify the version and release date for each CodeSystem, StructureDefinition (Task profile) and ValueSet resource, the placeholders #{version} and #{date} can be used. They are replaced with the values returned by the methods ProcessPluginDefinition#getVersion() and ProcessPluginDefinition#getReleaseDate() respectively during deployment of a process plugin by the DSF BPE server.

    Read Access Tag
    While writing FHIR resources on the DSF FHIR server is only allowed by the own organization (except Task), rules have to be defined for reading FHIR resources by external organizations (again except Task). The Resource.meta.tag field is used for this purpose. To allow read access for all organizations (the standard for metadata resources), the following read-access-tag value can be written into this field:

    <meta>
+   <tag>
+      <system value="http://highmed.org/fhir/CodeSystem/read-access-tag" />
+      <code value="ALL" />
+   </tag>
+</meta>

    The read access rules for Task resources are defined through the fields Task.requester and Task.restriction.recipient. Therefore, no read-access-tag is needed.

    It is also possible to restrict read access of FHIR resources to organizations with a specific role in a consortium or a specific identifier, but this is not covered in the tutorial.

    The write access rules for Task resources are defined through the ActivityDefinition resources belonging to the process. We will take a look at this in exercise 3 and exercise 5.

    Exercise Tasks

    1. Add an environment variable to enable/disable logging to the TutorialConfig class specify the default value as false.
    2. Inject the value of the environment variable in to HelloDic class, by modifying its constructor and using the new field of the TutorialConfig class.
    3. Use the value of the environment variable in the HelloDic class to decide whether the log message from exercise 1 should be printed.
    4. Adapt test-setup/docker-compose.yml by adding the new environment variable to the service dic-bpe and set the value to "true".
    5. Create a new CodeSystem with url http://highmed.org/fhir/CodeSystem/tutorial having a concept with code tutorial-input.
    6. Create a new ValueSet with url http://highmed.org/fhir/ValueSet/tutorial that includes all concepts from the CodeSystem.
    7. Add the new CodeSystem and ValueSet resources to the highmedorg_helloDic process in the TutorialProcessPluginDefinition class.
    8. Add a new input parameter of type string to the task-hello-dic.xml Task profile using the concept of the new CodeSystem as a fixed coding.
    9. Read the new input parameter in the HelloDic class from the "leading" Task and add the value to the log message from exercise 1.
    10. Adapt the starter class TutorialExampleStarter by adding the new input parameter with an arbitrary string.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-2

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the highmedorg_helloDic process by posting an appropriate FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class as in exercise 1 to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should:

    • Print a message showing that the process was started.
    • If logging is enabled - print the log message and the value of the input parameter you added to the HelloDic implementation.
    • Print a message showing that the process finished.

    Check that you can disable logging of you message by modifying the docker-compose.yml file and configuring your environment variable with the value "false" or removing the environment variable.
    Note: Changes to environment variable require recreating the docker container.

    Also check that modification to the Task input parameter specified in the TutorialExampleStarter class, have the appropriate effect on your log message.

    Continue with Exercise 3.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise3-messageEvents.html b/oldstable/tutorial/exercise3-messageEvents.html new file mode 100644 index 000000000..f6b0f9e1e --- /dev/null +++ b/oldstable/tutorial/exercise3-messageEvents.html @@ -0,0 +1,72 @@ + + + + + + + + + + Exercise 3 - Message Events + + + + + +
    Skip to main content

    Exercise 3 - Message Events

    DSF-TeamAbout 6 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 3 - Message Events

    Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization.

    To demonstrate communication between two organizations we will configure message flow between the processes highmedorg_helloDic and highmedorg_helloCos. The processes are then to be executed at the organizations Test_DIC and Test_COS respectively in the docker test setup, with the former triggering execution of the latter by automatically sending a Task from organization Test_DIC to organization Test_COS.

    Introduction

    Message Flow and FHIR Task resources

    BPMN processes are instantiated and started within the DSF by creating a matching FHIR Task resource in the DSF FHIR server. This is true for executing a process on the local DSF BPE server by manually creating a Task resource, but also works by creating and starting a process instance at a remote DSF BPE server from an executing process automatically.

    In order to exchange information between different processes, for example at two different organizations, BPMN message flow is used. Typically represented by a dashed line arrow between elements with black (send) and white (receive) envelop icons. The following BPMN collaboration diagram shows two processes. The process at "Organization 1" is sending a message to "Organization 2" which results in the instantiation and execution of new process instance at the second organization.

    Message Flow
    Message Flow

    Every time message flow is used in a BPMN process for the DSF, a corresponding FHIR Task profile needs to be specified for every interaction. This profile specifies which process should be started or continued and what the message name is when correlating the appropriate Message Start Event or Intermediate Message Catch Event. A Business Key and a Correlation Key are specified if different process instances need to be linked to a single execution, for example to be able to send a message back.

    BPMN Process Definition Key vs. FHIR Task.instantiatesUri and ActivityDefinition.url / version

    FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. They also control what kind of organization can request the instantiation or continuation of a process instance and what kind of organization is allowed to fulfill the request.

    In order to link the FHIR and BPMN worlds the BPMN process definition key needs to be specified following the pattern ^[-a-zA-Z0-9]+_[-a-zA-Z0-9]+$ for example:

    domainorg_processKey

    In addition the BPM process needs to specify a process version with the pattern ^\d+.\d+.\d+$ for example:

    1.0.0

    This results in a canonical URL used to identify the process, for example:

    http://domain.org/bpe/Process/processKey/1.0.0

    The canonical URL is used for Task.instantiatesUri and ActivityDefinition.url / version.

    ActivityDefinitions for the DSF

    FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.

    The authorization extension needs to be configured at least once and has four sub extensions:

    message-name [1..1]

    String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.

    task-profile [1..1]

    Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.

    requester [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:

    recipient [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.

    The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.

    Authorization Extension Example

    The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.

    <extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization">
+	<extension url="message-name">
+		<valueString value="some-message-name" />
+	</extension>
+	<extension url="task-profile">
+		<valueCanonical value="http://foo.org/fhir/StructureDefinition/profile|#{version}" />
+	</extension>
+	<extension url="requester">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization">
+				<valueIdentifier>
+					<system value="http://highmed.org/sid/organization-identifier" />
+					<value value="identifier.remote.org" />
+				</valueIdentifier>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="REMOTE_ORGANIZATION" />
+		</valueCoding>
+	</extension>
+	<extension url="recipient">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization">
+				<valueIdentifier>
+					<system value="http://highmed.org/sid/organization-identifier" />
+					<value value="identifier.local.org" />
+				</valueIdentifier>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="LOCAL_ORGANIZATION" />
+		</valueCoding>
+	</extension>
+</extension>

    Exercise Tasks

    1. Modify the highmedorg_helloDic process in the hello-dic.bpmn file and replace the End Event with a Message End Event. Configure input parameters instantiatesUri, profile and messageName in the BPMN model for the Message End Event. Set the message name of the Message End Event and configure it to be executed using the HelloCosMessage class.
      Use http://highmed.org/fhir/StructureDefinition/task-hello-cos|#{version} as the profile and helloCos as the message name. Figure out what the appropriate instantiatesUri value is, based on the name (process definition key) of the process to be triggered.
    2. Modify the highmedorg_helloCos process in the hello-cos.bpmn file and configure the message name of the Message Start Event with the same value as the message name of the Message End Event in the highmedorg_helloDic process.
    3. Create a new StructureDefinition with a Task profile for the helloCos message.
    4. Create a new ActivityDefinition resource for the highmedorg_helloCos process and configure the authorization extension to allow the Test_DIC organization as the requester and the Test_COS organization as the recipient.
    5. Add the highmedorg_helloCos process and its resources to the TutorialProcessPluginDefinition class.
    6. Modify HelloDic service class to set the target process variable for the Test_COS organization.
    7. Configure the HelloCosMessage class as a spring in the TutorialConfig class.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-3

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in another console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_COS organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://cos/fhir.
    The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

    1. Start the DSF BPE server for the Test_COS organization in another console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://cos/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain two ActivityDefinition resources. Also, go to https://cos/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-cos to check if the expected Task profile was created.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was send to the Test_COS organization.
    Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was then executed by the DSF BPE server of the Test_COS organization.

    Continue with exercise 4.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise4-exclusiveGateways.html b/oldstable/tutorial/exercise4-exclusiveGateways.html new file mode 100644 index 000000000..4244b556b --- /dev/null +++ b/oldstable/tutorial/exercise4-exclusiveGateways.html @@ -0,0 +1,44 @@ + + + + + + + + + + Exercise 4 - Exclusive Gateways + + + + + +
    Skip to main content

    Exercise 4 - Exclusive Gateways

    DSF-TeamAbout 2 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 4 - Exclusive Gateways

    Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented by modifying the highmedorg_helloDic process.

    Introduction

    Exclusive Gateways

    Different sequence flows during the execution of a process instance can be modeled using BPMN Exclusive Gateways. For each outgoing sequence flow of the gateway, a BPMN Condition Expression can be added to the process model, deciding whether a sequence flow should be followed. Thereby, all condition decisions must be in an XOR relationship to each other.

    Condition Expressions

    A BPMN Condition Expression uses the ${..} notation. Within the curly braces all execution variables of a process instance can be accessed, e.g. the ones that were stored in a previous Java implementation of a BPMN ServiceTask. For example, the BPMN Condition Expression ${cohortSize > 100} checks whether the value in the execution variable cohortSize is greater than 100.

    Storing / Modifying Process Variables

    Via the DelegateExecution execution parameter of the doExecute method of a class extending AbstractServiceDelegate, we can write and read process variables of the current process instance. The following code listing show how to write and read a boolean variable:

    {
+	execution.setVariable("variable-name", Variables.booleanValue(false));
+	boolean variable = (boolean) execution.getVariable("variable-name");
+}

    For more details on process variables see the Camunda documentation.

    Exercise Tasks

    1. In the HelloDic class, write an algorithm deciding based on the "leading" Task's input parameter tutorial-input, whether the highmedorg_helloCos process should be started.
    2. Add a boolean variable to the process instance execution variables storing the decision.
    3. Add an exclusive gateway to the highmedorg_helloDic process model and two outgoing sequence flows - the first starting process highmedorg_helloDic, the second stopping process highmedorg_helloDic without starting process highmedorg_helloCos.
    4. Add a condition expressions to each outgoing sequence flow based on the previously stored execution variable.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-4

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the highmedorg_helloDic process was executed successfully by the Test_DIC DSF BPE server and possibly the highmedorg_helloCos process by the Test_COS DSF BPE server, depending on whether decision of your algorithm based on the input parameter allowed to start the highmedorg_helloDic process.

    Continue with exercise 5

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/exercise5-eventBasedGateways.html b/oldstable/tutorial/exercise5-eventBasedGateways.html new file mode 100644 index 000000000..d9798d9c1 --- /dev/null +++ b/oldstable/tutorial/exercise5-eventBasedGateways.html @@ -0,0 +1,88 @@ + + + + + + + + + + Exercise 5 - Event Based Gateways and Intermediate Events + + + + + +
    Skip to main content

    Exercise 5 - Event Based Gateways and Intermediate Events

    DSF-TeamAbout 7 min

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    Exercise 5 - Event Based Gateways and Intermediate Events

    In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. With this exercise we will add a third process and complete a message loop from Test_DIC to Test_COR to Test_HRP back to Test_DIC.

    Introduction

    Managing Multiple- and Missing Messages

    If an existing and started process instance is waiting for a message from another organization, the corresponding FHIR Task may never arrive. Either because the other organization decides to never send the "message" or because some technical problem prohibits the Task resource from being posted to the DSF FHIR server. This would result in stale process instances that never finish.

    In order to solve this problem we can add an Event Based Gateway to the process waiting for a response and then either handle a Task resource with the response and finish the process in a success state or fire of an Intermediate Timer Catch Event after a defined wait period and finish the process in an error state. The following BPMN collaboration diagram shows how the process at the first organization would look like if two different message or no message could be received:

    Timer Events

    For Timer Events the duration until the timer fires is specified using the ISO 8601 Durations format. Examples can be found in the Camunda 7 documentation.

    Matching Process Instances With Business Keys

    In the example above the first organization is sending a "message" to the second and waiting for a reply. In order to correlate the return message with the waiting process instance, a unique identifier needs to be exchanged between both process instances. Within the DSF this is implemented using the process instance business-key and a corresponding Task.input parameter. For 1:1 communication relationships this is handled by the DSF BPE servers automatically, but the corresponding Task profiles need to define the business-key input parameter as mandatory.

    If multiple message are send in a 1:n relationship with a n:1 return an additional correlation-key needs to be configured in order to correlate every bidirectional communication between two DSF instances.

    ActivityDefinitions for the DSF

    FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.

    The authorization extension needs to be configured at least once and has four sub extensions:

    message-name [1..1]

    String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.

    task-profile [1..1]

    Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.

    requester [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:

    recipient [1..]

    Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.

    The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.

    Authorization Extension Example

    The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.

    <extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization">
+	<extension url="message-name">
+		<valueString value="some-message-name" />
+	</extension>
+	<extension url="task-profile">
+		<valueCanonical value="http://foo.org/fhir/StructureDefinition/profile|#{version}" />
+	</extension>
+	<extension url="requester">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role">
+				<extension url="consortium">
+					<valueIdentifier>
+						<system value="http://highmed.org/sid/organization-identifier" />
+						<value value="identifier.consortium.org" />
+					</valueIdentifier>
+				</extension>
+				<extension url="role">
+					<valueCoding>
+						<system value="http://highmed.org/fhir/CodeSystem/organization-role" />
+						<code value="SOME_ROLE" />
+					</valueCoding>
+				</extension>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="REMOTE_ROLE" />
+		</valueCoding>
+	</extension>
+	<extension url="recipient">
+		<valueCoding>
+			<extension url="http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role">
+				<extension url="consortium">
+					<valueIdentifier>
+						<system value="http://highmed.org/sid/organization-identifier" />
+						<value value="identifier.consortium.org" />
+					</valueIdentifier>
+				</extension>
+				<extension url="role">
+					<valueCoding>
+						<system value="http://highmed.org/fhir/CodeSystem/organization-role" />
+						<code value="SOME_ROLE" />
+					</valueCoding>
+				</extension>
+			</extension>
+			<system value="http://highmed.org/fhir/CodeSystem/process-authorization" />
+			<code value="LOCAL_ROLE" />
+		</valueCoding>
+	</extension>
+</extension>

    Exercise Tasks

    1. Modify the HelloCosMessage and use the value from the Task.input parameter of the helloDic Task to send it to the highmedorg_helloCos process via a Task.input parameter in the helloCos Task. Override the getAdditionalInputParameters to configure a Task.input parameter to be send.
    2. Modify the highmedorg_helloCos process to use a Message End Event to trigger the process in file hello-hrp.bpmn. Figure out the values for the instantiatesUri, profile and messageName input parameters of the Message End Event based on the AcitvityDefinition in file hello-hrp.xml.
    3. Modify the highmedorg_helloDic process:
    4. Modify the process in file hello-hrp.bpmn and set the process definition key and version. Figure out the appropriate values based on the AcitvityDefinition in file hello-hrp.xml.
    5. Add the process in file hello-hrp.bpmn to the TutorialProcessPluginDefinition and configure the FHIR resources needed for the three processes.
    6. Add the HelloCos, HelloHrpMessage , HelloHrp and GoodbyeDicMessage classes as spring beans.

    Solution Verification

    Maven Build and Automated Tests

    Execute a maven build of the dsf-process-tutorial parent module via:

    mvn clean install -Pexercise-5

    Verify that the build was successful and no test failures occurred.

    Process Execution and Manual Tests

    To verify the highmedorg_helloDic, highmedorg_helloCos and highmedorg_helloHrp processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.

    1. Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:
    docker-compose up dic-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_COS organization in a third console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-fhir

    Verify the DSF FHIR server started successfully.

    1. Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up cos-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.

    1. Start the DSF FHIR server for the Test_HRP organization in a fifth at location .../dsf-process-tutorial/test-setup:
    docker-compose up hrp-fhir

    Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://hrp/fhir.
    The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).

    1. Start the DSF BPE server for the Test_HRP organization in a sixth console at location .../dsf-process-tutorial/test-setup:
    docker-compose up hrp-bpe

    Verify the DSF BPE server started successfully and deployed the highmedorg_helloHrp process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://hrp/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a three ActivityDefinition resources. Also, go to https://hrp/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-hrp to check if the expected Task profile was created.

    1. Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.

    Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was sent to the Test_COS organization.
    Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was executed by the DSF BPE server of the Test_COS organization. The DSF BPE server of the Test_COS organization should print a message showing that a Task resource to start the highmedorg_helloHrp process was send to the Test_HRP organization.

    Based on the value of the Task.input parameter you send, the highmedorg_helloHrp process will either send a goodbyDic message to the Test_DIC organization or finish without sending a message.

    To trigger the goodbyDic message, use send-response as the http://highmed.org/fhir/CodeSystem/tutorial#tutorial-input input parameter.

    Verify that the highmedorg_helloDic process either finishes with the arrival of the goodbyDic message or after waiting for two minutes.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/index.html b/oldstable/tutorial/index.html new file mode 100644 index 000000000..cc0f8eba8 --- /dev/null +++ b/oldstable/tutorial/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF Process Plugin Tutorial + + + + + +
    Skip to main content

    DSF Process Plugin Tutorial

    DSF-TeamAbout 2 min

    Implementing BPMN Processes as DSF Process-Plugins

    This repository contains exercises to learn how to implement process plugins for the Data Sharing Framework (DSF). The tutorial is divided into several exercises that build on each other. For each exercise, a sample solution is provided in a separate branch.
    This tutorial was first executed at the GMDS / TMF 2022 conference. A recording of the opening remarks by H. Hund and R. Wettstein can be found on YouTube. The slides of the opening remarks are available as a PDF download.

    Prerequisites

    In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler and a minimum 16GB of RAM is needed. For more details see the detailed prerequisites document.

    Exercise 1 - Simple Process

    The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process. For more details see the exercise 1 description.

    Exercise 1.1 - Process Debugging

    Exercise 1.1 looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin. For more details see the exercise 1.1 description.

    Exercise 2 - Input Parameters

    In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. For more details see the exercise 2 description.

    Exercise 3 - Message Events

    Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization. For more details see the exercise 3 description.

    Exercise 4 - Exclusive Gateways

    Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented. For more details see the exercise 4 description.

    Exercise 5 - Event Based Gateways and Intermediate Events

    In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. For more details see the exercise 5 description.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/oldstable/tutorial/prerequisites.html b/oldstable/tutorial/prerequisites.html new file mode 100644 index 000000000..2130f847c --- /dev/null +++ b/oldstable/tutorial/prerequisites.html @@ -0,0 +1,57 @@ + + + + + + + + + + Prerequisites + + + + + +
    Skip to main content

    Prerequisites

    DSF-TeamAbout 2 min

    In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler a and minimum 16GB of RAM is needed.

    git

    git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.

    • An installation guide for Linux, Mac and Windows can be found here: installation guide
    • The most basic git CLI commands are described here: commands

    Java 11

    Processes for the DSF are written using the Java programming language in version 11. Various open source releases of the Java Developer Kit (JDK) 11 exist, you are free in your choice.

    Maven 3.8

    When implementing DSF processes, we use Maven 3.8 to manage the software project's build, reporting and documentation workflow.

    • An installation guide for Maven 3.8 can be found here: installation guide
    • The most important maven commands are described here: commands

    GitHub Packages

    In order to download DSF packages from the GitHub Package Registry using Maven you need a personal GitHub access token with scope read:packages. This GitHub documentation shows you how to generate one.

    After that, add the following server configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the read:packages scope.

    <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+  ...
+
+  <servers>
+    <server>
+      <id>github</id>
+      <username>USERNAME</username>
+      <password>TOKEN</password>
+    </server>
+  </servers>
+</settings>

    Docker and docker-compose

    To be able to test the implemented processes, we use a test-setup based on Docker and docker-compose. This allows us to simulate multiple organizations with different roles and run the processes across "organizational boundaries".

    Host entries for test-setup

    The following entries are required in the hosts file of your computer so that the FHIR servers of the simulated organizations can be accessed in your web browser. On Linux and Mac this file is located at /etc/hosts. On Windows you can find it at C:\Windows\System32\drivers\etc\hosts

    127.0.0.1	dic
+127.0.0.1	cos
+127.0.0.1	hrp

    Java IDE

    For the development of the processes we recommend the use of an IDE, e.g. Eclipse or IntelliJ:

    BPMN Editor

    To simplify modeling of BPMN processes, we recommend a graphical editor, e.g. the Camunda Modeler:

    Hardware

    The minimum hardware requirements to run all simulated organizations as part of the Docker test-setup is 16 GB of RAM.

    Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5

    + + + diff --git a/photos/guideline/generalInformation/highmed_dsf_network_setup.svg b/photos/guideline/generalInformation/highmed_dsf_network_setup.svg new file mode 100644 index 000000000..4fd39c049 --- /dev/null +++ b/photos/guideline/generalInformation/highmed_dsf_network_setup.svg @@ -0,0 +1,3254 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/photos/guideline/generalInformation/highmed_dsf_network_setup_ext_dmz.svg b/photos/guideline/generalInformation/highmed_dsf_network_setup_ext_dmz.svg new file mode 100644 index 000000000..be40e75e7 --- /dev/null +++ b/photos/guideline/generalInformation/highmed_dsf_network_setup_ext_dmz.svg @@ -0,0 +1,3490 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/photos/guideline/introduction/architecture-dark.svg b/photos/guideline/introduction/architecture-dark.svg new file mode 100644 index 000000000..6d02e2d47 --- /dev/null +++ b/photos/guideline/introduction/architecture-dark.svg @@ -0,0 +1,4 @@ + + + +
    FHIR Endpoint
    FHIR Endpoint
    Business Process Engine
    Business Process Engi...
    DMZ Network
    DMZ Network
    Internal Network
    Internal Network
    Firewall
    Firewall    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/guideline/introduction/dsf_architecture.svg b/photos/guideline/introduction/dsf_architecture.svg new file mode 100644 index 000000000..8cec37a42 --- /dev/null +++ b/photos/guideline/introduction/dsf_architecture.svg @@ -0,0 +1,3 @@ + + +
    FHIR Endpoint
    FHIR Endpoint
    Business Process Engine
    Business Process Engi...
    DMZ Network
    DMZ Network
    Internal Network
    Internal Network
    Firewall
    Firewall    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/guideline/tutorial/eclipse.png b/photos/guideline/tutorial/eclipse.png new file mode 100644 index 000000000..6be09fc29 Binary files /dev/null and b/photos/guideline/tutorial/eclipse.png differ diff --git a/photos/guideline/tutorial/ex3.png b/photos/guideline/tutorial/ex3.png new file mode 100644 index 000000000..6edcb2cfa Binary files /dev/null and b/photos/guideline/tutorial/ex3.png differ diff --git a/photos/guideline/tutorial/ex5.png b/photos/guideline/tutorial/ex5.png new file mode 100644 index 000000000..efc78928f Binary files /dev/null and b/photos/guideline/tutorial/ex5.png differ diff --git a/photos/guideline/tutorial/intelliJ.png b/photos/guideline/tutorial/intelliJ.png new file mode 100644 index 000000000..27c813b85 Binary files /dev/null and b/photos/guideline/tutorial/intelliJ.png differ diff --git a/photos/home/logo-small.svg b/photos/home/logo-small.svg new file mode 100644 index 000000000..fd1015a48 --- /dev/null +++ b/photos/home/logo-small.svg @@ -0,0 +1,39 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/photos/home/logo.svg b/photos/home/logo.svg new file mode 100644 index 000000000..fa093d64f --- /dev/null +++ b/photos/home/logo.svg @@ -0,0 +1,89 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/photos/info/allowList/allowList-architecture.png b/photos/info/allowList/allowList-architecture.png new file mode 100644 index 000000000..d1bf28984 Binary files /dev/null and b/photos/info/allowList/allowList-architecture.png differ diff --git a/photos/info/allowList/org-resource.png b/photos/info/allowList/org-resource.png new file mode 100644 index 000000000..0b9640049 Binary files /dev/null and b/photos/info/allowList/org-resource.png differ diff --git a/photos/info/architecture/architecture-dark.svg b/photos/info/architecture/architecture-dark.svg new file mode 100644 index 000000000..ee844249d --- /dev/null +++ b/photos/info/architecture/architecture-dark.svg @@ -0,0 +1,4 @@ + + + +
    https
    https
    https
    https
    wss
    wss
    wss
    wss
    https
    https
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    wss
    wss
    https
    https
    https
    https
    https
    https
    BPE
    BPE
    https (HEAD)
    https (HEAD)
    FHIR
    FHIR
    https
    https
    https
    https
    wss
    wss
    https
    https
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    Local Systems
    Local Sy...
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/architecture.svg b/photos/info/architecture/architecture.svg new file mode 100644 index 000000000..f7149857e --- /dev/null +++ b/photos/info/architecture/architecture.svg @@ -0,0 +1,4 @@ + + + +
    https
    https
    https
    https
    wss
    wss
    wss
    wss
    https
    https
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    wss
    wss
    https
    https
    https
    https
    https
    https
    BPE
    BPE
    https (HEAD)
    https (HEAD)
    FHIR
    FHIR
    https
    https
    https
    https
    wss
    wss
    https
    https
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    Local Systems
    Local Sy...
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/architecture1.png b/photos/info/architecture/architecture1.png new file mode 100644 index 000000000..c15499c4e Binary files /dev/null and b/photos/info/architecture/architecture1.png differ diff --git a/photos/info/architecture/bpe-dark.svg b/photos/info/architecture/bpe-dark.svg new file mode 100644 index 000000000..804b4bdd5 --- /dev/null +++ b/photos/info/architecture/bpe-dark.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/bpe-light.svg b/photos/info/architecture/bpe-light.svg new file mode 100644 index 000000000..40cba11e8 --- /dev/null +++ b/photos/info/architecture/bpe-light.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/fhir-server-dark.svg b/photos/info/architecture/fhir-server-dark.svg new file mode 100644 index 000000000..dd28565aa --- /dev/null +++ b/photos/info/architecture/fhir-server-dark.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/fhir-server.svg b/photos/info/architecture/fhir-server.svg new file mode 100644 index 000000000..4d0aeb83d --- /dev/null +++ b/photos/info/architecture/fhir-server.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/architecture/mesh.png b/photos/info/architecture/mesh.png new file mode 100644 index 000000000..96e5eeeec Binary files /dev/null and b/photos/info/architecture/mesh.png differ diff --git a/photos/info/architecture/star.png b/photos/info/architecture/star.png new file mode 100644 index 000000000..123c3218b Binary files /dev/null and b/photos/info/architecture/star.png differ diff --git a/photos/info/basics/bpmn1.png b/photos/info/basics/bpmn1.png new file mode 100644 index 000000000..a72b38b75 Binary files /dev/null and b/photos/info/basics/bpmn1.png differ diff --git a/photos/info/basics/bpmn2.png b/photos/info/basics/bpmn2.png new file mode 100644 index 000000000..50afecfe5 Binary files /dev/null and b/photos/info/basics/bpmn2.png differ diff --git a/photos/info/basics/interoperability.png b/photos/info/basics/interoperability.png new file mode 100644 index 000000000..4643733d6 Binary files /dev/null and b/photos/info/basics/interoperability.png differ diff --git a/photos/info/introduction/dic-structure.png b/photos/info/introduction/dic-structure.png new file mode 100644 index 000000000..eb4c6a8cb Binary files /dev/null and b/photos/info/introduction/dic-structure.png differ diff --git a/photos/info/introduction/dsf-concept.png b/photos/info/introduction/dsf-concept.png new file mode 100644 index 000000000..01f14cebc Binary files /dev/null and b/photos/info/introduction/dsf-concept.png differ diff --git a/photos/info/introduction/dsf-structure1.png b/photos/info/introduction/dsf-structure1.png new file mode 100644 index 000000000..8dbfda7e5 Binary files /dev/null and b/photos/info/introduction/dsf-structure1.png differ diff --git a/photos/info/plugins/bpmn-communicate.png b/photos/info/plugins/bpmn-communicate.png new file mode 100644 index 000000000..96d225b1c Binary files /dev/null and b/photos/info/plugins/bpmn-communicate.png differ diff --git a/photos/info/plugins/bpmn-event-based-gateway.png b/photos/info/plugins/bpmn-event-based-gateway.png new file mode 100644 index 000000000..d54e0f423 Binary files /dev/null and b/photos/info/plugins/bpmn-event-based-gateway.png differ diff --git a/photos/info/plugins/bpmn-example.png b/photos/info/plugins/bpmn-example.png new file mode 100644 index 000000000..fb98431ae Binary files /dev/null and b/photos/info/plugins/bpmn-example.png differ diff --git a/photos/info/plugins/bpmn-intermediate.png b/photos/info/plugins/bpmn-intermediate.png new file mode 100644 index 000000000..b8cf0a8ae Binary files /dev/null and b/photos/info/plugins/bpmn-intermediate.png differ diff --git a/photos/info/plugins/plugin.png b/photos/info/plugins/plugin.png new file mode 100644 index 000000000..6db966e35 Binary files /dev/null and b/photos/info/plugins/plugin.png differ diff --git a/photos/info/security/certificates-dark.svg b/photos/info/security/certificates-dark.svg new file mode 100644 index 000000000..1e4f49f3c --- /dev/null +++ b/photos/info/security/certificates-dark.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...
    wss
    wss
    https
    https
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...
    FHIR
    FHIR
    BPE
    BPE    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/security/certificates-light.svg b/photos/info/security/certificates-light.svg new file mode 100644 index 000000000..9ad1cb495 --- /dev/null +++ b/photos/info/security/certificates-light.svg @@ -0,0 +1,4 @@ + + + +
    wss
    wss
    https
    https
    BPE
    BPE
    FHIR
    FHIR
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...
    wss
    wss
    https
    https
    Local Systems
    Local Sy...
    DMZ
    DMZ
    Intranet
    Intra...
    FHIR
    FHIR
    BPE
    BPE    Text is not SVG - cannot display     \ No newline at end of file diff --git a/photos/info/security/certificates.png b/photos/info/security/certificates.png new file mode 100644 index 000000000..03d0507b3 Binary files /dev/null and b/photos/info/security/certificates.png differ diff --git a/photos/info/use-cases/ping-pong.png b/photos/info/use-cases/ping-pong.png new file mode 100644 index 000000000..167d4b3a5 Binary files /dev/null and b/photos/info/use-cases/ping-pong.png differ diff --git a/photos/learnmore/contact/email.png b/photos/learnmore/contact/email.png new file mode 100644 index 000000000..b7b3d6e2c Binary files /dev/null and b/photos/learnmore/contact/email.png differ diff --git a/photos/learnmore/contact/map.png b/photos/learnmore/contact/map.png new file mode 100644 index 000000000..3c60ed5ad Binary files /dev/null and b/photos/learnmore/contact/map.png differ diff --git a/photos/learnmore/contributors/fegeler.jpg b/photos/learnmore/contributors/fegeler.jpg new file mode 100644 index 000000000..12de5c6a1 Binary files /dev/null and b/photos/learnmore/contributors/fegeler.jpg differ diff --git a/photos/learnmore/contributors/hund.jpg b/photos/learnmore/contributors/hund.jpg new file mode 100644 index 000000000..77374d60c Binary files /dev/null and b/photos/learnmore/contributors/hund.jpg differ diff --git a/photos/learnmore/contributors/kiel.jpg b/photos/learnmore/contributors/kiel.jpg new file mode 100644 index 000000000..66dcb1a43 Binary files /dev/null and b/photos/learnmore/contributors/kiel.jpg differ diff --git a/photos/learnmore/contributors/kurscheidt.jpg b/photos/learnmore/contributors/kurscheidt.jpg new file mode 100644 index 000000000..b53042cf6 Binary files /dev/null and b/photos/learnmore/contributors/kurscheidt.jpg differ diff --git a/photos/learnmore/contributors/moedinger.jpg b/photos/learnmore/contributors/moedinger.jpg new file mode 100644 index 000000000..ed274abaf Binary files /dev/null and b/photos/learnmore/contributors/moedinger.jpg differ diff --git a/photos/learnmore/contributors/schweizer.png b/photos/learnmore/contributors/schweizer.png new file mode 100644 index 000000000..f30f39949 Binary files /dev/null and b/photos/learnmore/contributors/schweizer.png differ diff --git a/photos/learnmore/contributors/wettstein.jpg b/photos/learnmore/contributors/wettstein.jpg new file mode 100644 index 000000000..0e52c3ef2 Binary files /dev/null and b/photos/learnmore/contributors/wettstein.jpg differ diff --git a/photos/learnmore/contributors/zilske.jpg b/photos/learnmore/contributors/zilske.jpg new file mode 100644 index 000000000..92e628d28 Binary files /dev/null and b/photos/learnmore/contributors/zilske.jpg differ diff --git a/photos/learnmore/funding/bmbf-mii.png b/photos/learnmore/funding/bmbf-mii.png new file mode 100644 index 000000000..e4d34792c Binary files /dev/null and b/photos/learnmore/funding/bmbf-mii.png differ diff --git a/photos/learnmore/funding/bmbf.png b/photos/learnmore/funding/bmbf.png new file mode 100644 index 000000000..ff3b4021d Binary files /dev/null and b/photos/learnmore/funding/bmbf.png differ diff --git a/photos/learnmore/funding/hd.jpg b/photos/learnmore/funding/hd.jpg new file mode 100644 index 000000000..97b881663 Binary files /dev/null and b/photos/learnmore/funding/hd.jpg differ diff --git a/photos/learnmore/funding/highmed.jpg b/photos/learnmore/funding/highmed.jpg new file mode 100644 index 000000000..5d0536ad8 Binary files /dev/null and b/photos/learnmore/funding/highmed.jpg differ diff --git a/photos/learnmore/funding/leipzig.png b/photos/learnmore/funding/leipzig.png new file mode 100644 index 000000000..72fdd9f52 Binary files /dev/null and b/photos/learnmore/funding/leipzig.png differ diff --git a/photos/learnmore/funding/mii.png b/photos/learnmore/funding/mii.png new file mode 100644 index 000000000..a2b4346ed Binary files /dev/null and b/photos/learnmore/funding/mii.png differ diff --git a/photos/learnmore/partners/hhn-logo.png b/photos/learnmore/partners/hhn-logo.png new file mode 100644 index 000000000..2bc6ac9c8 Binary files /dev/null and b/photos/learnmore/partners/hhn-logo.png differ diff --git a/photos/learnmore/partners/imi.png b/photos/learnmore/partners/imi.png new file mode 100644 index 000000000..3160e8640 Binary files /dev/null and b/photos/learnmore/partners/imi.png differ diff --git a/photos/learnmore/partners/life.png b/photos/learnmore/partners/life.png new file mode 100644 index 000000000..c6ead91a8 Binary files /dev/null and b/photos/learnmore/partners/life.png differ diff --git a/photos/learnmore/partners/logo-gecko.png b/photos/learnmore/partners/logo-gecko.png new file mode 100644 index 000000000..75909ca1c Binary files /dev/null and b/photos/learnmore/partners/logo-gecko.png differ diff --git a/photos/learnmore/projects/ap1.png b/photos/learnmore/projects/ap1.png new file mode 100644 index 000000000..1c595476e Binary files /dev/null and b/photos/learnmore/projects/ap1.png differ diff --git a/photos/learnmore/projects/num.png b/photos/learnmore/projects/num.png new file mode 100644 index 000000000..9d404c7b5 Binary files /dev/null and b/photos/learnmore/projects/num.png differ diff --git a/photos/tutorials/dsf-architecture.svg b/photos/tutorials/dsf-architecture.svg new file mode 100644 index 000000000..f56973def --- /dev/null +++ b/photos/tutorials/dsf-architecture.svg @@ -0,0 +1,690 @@ + +image/svg+xmlhttpshttpswsswsshttpshttpsBPEFHIRwsshttpshttpshttpsBPEhttps (HEAD)FHIRhttpshttpswsshttpshttpsBPEFHIRLocalSystemsLocalSystemsLocalSystemsDMZIntranet diff --git a/search-pro.worker.js b/search-pro.worker.js new file mode 100644 index 000000000..12543d53e --- /dev/null +++ b/search-pro.worker.js @@ -0,0 +1,2 @@ +const{entries:V}=Object,{fromEntries:et}=Object,st="ENTRIES",L="KEYS",T="VALUES",_="";class D{set;_type;_path;constructor(t,s){const n=t._tree,o=Array.from(n.keys());this.set=t,this._type=s,this._path=o.length>0?[{node:n,keys:o}]:[]}next(){const t=this.dive();return this.backtrack(),t}dive(){if(this._path.length===0)return{done:!0,value:void 0};const{node:t,keys:s}=E(this._path);if(E(s)===_)return{done:!1,value:this.result()};const n=t.get(E(s));return this._path.push({node:n,keys:Array.from(n.keys())}),this.dive()}backtrack(){if(this._path.length===0)return;const t=E(this._path).keys;t.pop(),!(t.length>0)&&(this._path.pop(),this.backtrack())}key(){return this.set._prefix+this._path.map(({keys:t})=>E(t)).filter(t=>t!==_).join("")}value(){return E(this._path).node.get(_)}result(){switch(this._type){case T:return this.value();case L:return this.key();default:return[this.key(),this.value()]}}[Symbol.iterator](){return this}}const E=e=>e[e.length-1],nt=(e,t,s)=>{const n=new Map;if(t===void 0)return n;const o=t.length+1,u=o+s,i=new Uint8Array(u*o).fill(s+1);for(let r=0;r{const d=u*i;t:for(const c of e.keys())if(c===_){const a=o[d-1];a<=s&&n.set(r,[e.get(c),a])}else{let a=u;for(let h=0;hs)continue t}R(e.get(c),t,s,n,o,a,i,r+c)}};class C{_tree;_prefix;_size=void 0;constructor(t=new Map,s=""){this._tree=t,this._prefix=s}atPrefix(t){if(!t.startsWith(this._prefix))throw new Error("Mismatched prefix");const[s,n]=x(this._tree,t.slice(this._prefix.length));if(s===void 0){const[o,u]=O(n);for(const i of o.keys())if(i!==_&&i.startsWith(u)){const r=new Map;return r.set(i.slice(u.length),o.get(i)),new C(r,t)}}return new C(s,t)}clear(){this._size=void 0,this._tree.clear()}delete(t){return this._size=void 0,ot(this._tree,t)}entries(){return new D(this,st)}forEach(t){for(const[s,n]of this)t(s,n,this)}fuzzyGet(t,s){return nt(this._tree,t,s)}get(t){const s=k(this._tree,t);return s!==void 0?s.get(_):void 0}has(t){const s=k(this._tree,t);return s!==void 0&&s.has(_)}keys(){return new D(this,L)}set(t,s){if(typeof t!="string")throw new Error("key must be a string");return this._size=void 0,I(this._tree,t).set(_,s),this}get size(){if(this._size)return this._size;this._size=0;const t=this.entries();for(;!t.next().done;)this._size+=1;return this._size}update(t,s){if(typeof t!="string")throw new Error("key must be a string");this._size=void 0;const n=I(this._tree,t);return n.set(_,s(n.get(_))),this}fetch(t,s){if(typeof t!="string")throw new Error("key must be a string");this._size=void 0;const n=I(this._tree,t);let o=n.get(_);return o===void 0&&n.set(_,o=s()),o}values(){return new D(this,T)}[Symbol.iterator](){return this.entries()}static from(t){const s=new C;for(const[n,o]of t)s.set(n,o);return s}static fromObject(t){return C.from(Object.entries(t))}}const x=(e,t,s=[])=>{if(t.length===0||e==null)return[e,s];for(const n of e.keys())if(n!==_&&t.startsWith(n))return s.push([e,n]),x(e.get(n),t.slice(n.length),s);return s.push([e,t]),x(void 0,"",s)},k=(e,t)=>{if(t.length===0||e==null)return e;for(const s of e.keys())if(s!==_&&t.startsWith(s))return k(e.get(s),t.slice(s.length))},I=(e,t)=>{const s=t.length;t:for(let n=0;e&&n{const[s,n]=x(e,t);if(s!==void 0){if(s.delete(_),s.size===0)W(n);else if(s.size===1){const[o,u]=s.entries().next().value;q(n,o,u)}}},W=e=>{if(e.length===0)return;const[t,s]=O(e);if(t.delete(s),t.size===0)W(e.slice(0,-1));else if(t.size===1){const[n,o]=t.entries().next().value;n!==_&&q(e.slice(0,-1),n,o)}},q=(e,t,s)=>{if(e.length===0)return;const[n,o]=O(e);n.set(o+t,s),n.delete(o)},O=e=>e[e.length-1],ut=(e,t)=>{const s=e._idToShortId.get(t);if(s!=null)return e._storedFields.get(s)},it=/[\n\r -#%-*,-/:;?@[-\]_{}\u00A0\u00A1\u00A7\u00AB\u00B6\u00B7\u00BB\u00BF\u037E\u0387\u055A-\u055F\u0589\u058A\u05BE\u05C0\u05C3\u05C6\u05F3\u05F4\u0609\u060A\u060C\u060D\u061B\u061E\u061F\u066A-\u066D\u06D4\u0700-\u070D\u07F7-\u07F9\u0830-\u083E\u085E\u0964\u0965\u0970\u09FD\u0A76\u0AF0\u0C77\u0C84\u0DF4\u0E4F\u0E5A\u0E5B\u0F04-\u0F12\u0F14\u0F3A-\u0F3D\u0F85\u0FD0-\u0FD4\u0FD9\u0FDA\u104A-\u104F\u10FB\u1360-\u1368\u1400\u166E\u1680\u169B\u169C\u16EB-\u16ED\u1735\u1736\u17D4-\u17D6\u17D8-\u17DA\u1800-\u180A\u1944\u1945\u1A1E\u1A1F\u1AA0-\u1AA6\u1AA8-\u1AAD\u1B5A-\u1B60\u1BFC-\u1BFF\u1C3B-\u1C3F\u1C7E\u1C7F\u1CC0-\u1CC7\u1CD3\u2000-\u200A\u2010-\u2029\u202F-\u2043\u2045-\u2051\u2053-\u205F\u207D\u207E\u208D\u208E\u2308-\u230B\u2329\u232A\u2768-\u2775\u27C5\u27C6\u27E6-\u27EF\u2983-\u2998\u29D8-\u29DB\u29FC\u29FD\u2CF9-\u2CFC\u2CFE\u2CFF\u2D70\u2E00-\u2E2E\u2E30-\u2E4F\u3000-\u3003\u3008-\u3011\u3014-\u301F\u3030\u303D\u30A0\u30FB\uA4FE\uA4FF\uA60D-\uA60F\uA673\uA67E\uA6F2-\uA6F7\uA874-\uA877\uA8CE\uA8CF\uA8F8-\uA8FA\uA8FC\uA92E\uA92F\uA95F\uA9C1-\uA9CD\uA9DE\uA9DF\uAA5C-\uAA5F\uAADE\uAADF\uAAF0\uAAF1\uABEB\uFD3E\uFD3F\uFE10-\uFE19\uFE30-\uFE52\uFE54-\uFE61\uFE63\uFE68\uFE6A\uFE6B\uFF01-\uFF03\uFF05-\uFF0A\uFF0C-\uFF0F\uFF1A\uFF1B\uFF1F\uFF20\uFF3B-\uFF3D\uFF3F\uFF5B\uFF5D\uFF5F-\uFF65]+/u,M="or",$="and",rt="and_not",ct=(e,t)=>{e.includes(t)||e.push(t)},N=(e,t)=>{for(const s of t)e.includes(s)||e.push(s)},P=({score:e},{score:t})=>t-e,lt=()=>new Map,b=e=>{const t=new Map;for(const s of Object.keys(e))t.set(parseInt(s,10),e[s]);return t},G=(e,t)=>Object.prototype.hasOwnProperty.call(e,t)?e[t]:void 0,ht={[M]:(e,t)=>{for(const s of t.keys()){const n=e.get(s);if(n==null)e.set(s,t.get(s));else{const{score:o,terms:u,match:i}=t.get(s);n.score=n.score+o,n.match=Object.assign(n.match,i),N(n.terms,u)}}return e},[$]:(e,t)=>{const s=new Map;for(const n of t.keys()){const o=e.get(n);if(o==null)continue;const{score:u,terms:i,match:r}=t.get(n);N(o.terms,i),s.set(n,{score:o.score+u,terms:o.terms,match:Object.assign(o.match,r)})}return s},[rt]:(e,t)=>{for(const s of t.keys())e.delete(s);return e}},dt=(e,t,s,n,o,u)=>{const{k:i,b:r,d}=u;return Math.log(1+(s-t+.5)/(t+.5))*(d+e*(i+1)/(e+i*(1-r+r*n/o)))},at=e=>(t,s,n)=>{const o=typeof e.fuzzy=="function"?e.fuzzy(t,s,n):e.fuzzy||!1,u=typeof e.prefix=="function"?e.prefix(t,s,n):e.prefix===!0;return{term:t,fuzzy:o,prefix:u}},H=(e,t,s,n)=>{for(const o of Object.keys(e._fieldIds))if(e._fieldIds[o]===s){e._options.logger("warn",`SlimSearch: document with ID ${e._documentIds.get(t)} has changed before removal: term "${n}" was not present in field "${o}". Removing a document after it has changed can corrupt the index!`,"version_conflict");return}},ft=(e,t,s,n)=>{if(!e._index.has(n)){H(e,s,t,n);return}const o=e._index.fetch(n,lt),u=o.get(t);u==null||u.get(s)==null?H(e,s,t,n):u.get(s)<=1?u.size<=1?o.delete(t):u.delete(s):u.set(s,u.get(s)-1),e._index.get(n).size===0&&e._index.delete(n)},gt={k:1.2,b:.7,d:.5},mt={idField:"id",extractField:(e,t)=>e[t],tokenize:e=>e.split(it),processTerm:e=>e.toLowerCase(),fields:void 0,searchOptions:void 0,storeFields:[],logger:(e,t)=>{typeof console?.[e]=="function"&&console[e](t)},autoVacuum:!0},J={combineWith:M,prefix:!1,fuzzy:!1,maxFuzzy:6,boost:{},weights:{fuzzy:.45,prefix:.375},bm25:gt},pt={combineWith:$,prefix:(e,t,s)=>t===s.length-1},Ft={batchSize:1e3,batchWait:10},U={minDirtFactor:.1,minDirtCount:20},_t={...Ft,...U},K=Symbol("*"),yt=(e,t)=>{const s=new Map,n={...e._options.searchOptions,...t};for(const[o,u]of e._documentIds){const i=n.boostDocument?n.boostDocument(u,"",e._storedFields.get(o)):1;s.set(o,{score:i,terms:[],match:{}})}return s},X=(e,t=M)=>{if(e.length===0)return new Map;const s=t.toLowerCase(),n=ht[s];if(!n)throw new Error(`Invalid combination operator: ${t}`);return e.reduce(n)||new Map},S=(e,t,s,n,o,u,i,r,d=new Map)=>{if(o==null)return d;for(const c of Object.keys(u)){const a=u[c],h=e._fieldIds[c],g=o.get(h);if(g==null)continue;let m=g.size;const p=e._avgFieldLength[h];for(const l of g.keys()){if(!e._documentIds.has(l)){ft(e,h,l,s),m-=1;continue}const f=i?i(e._documentIds.get(l),s,e._storedFields.get(l)):1;if(!f)continue;const y=g.get(l),F=e._fieldLength.get(l)[h],v=dt(y,m,e._documentCount,F,p,r),z=n*a*f*v,A=d.get(l);if(A){A.score+=z,ct(A.terms,t);const w=G(A.match,s);w?w.push(c):A.match[s]=[c]}else d.set(l,{score:z,terms:[t],match:{[s]:[c]}})}}return d},At=(e,t,s)=>{const n={...e._options.searchOptions,...s},o=(n.fields||e._options.fields).reduce((l,f)=>({...l,[f]:G(n.boost,f)||1}),{}),{boostDocument:u,weights:i,maxFuzzy:r,bm25:d}=n,{fuzzy:c,prefix:a}={...J.weights,...i},h=e._index.get(t.term),g=S(e,t.term,t.term,1,h,o,u,d);let m,p;if(t.prefix&&(m=e._index.atPrefix(t.term)),t.fuzzy){const l=t.fuzzy===!0?.2:t.fuzzy,f=l<1?Math.min(r,Math.round(t.term.length*l)):l;f&&(p=e._index.fuzzyGet(t.term,f))}if(m)for(const[l,f]of m){const y=l.length-t.term.length;if(!y)continue;p?.delete(l);const F=a*l.length/(l.length+.3*y);S(e,t.term,l,F,f,o,u,d,g)}if(p)for(const l of p.keys()){const[f,y]=p.get(l);if(!y)continue;const F=c*l.length/(l.length+y);S(e,t.term,l,F,f,o,u,d,g)}return g},Y=(e,t,s={})=>{if(t===K)return yt(e,s);if(typeof t!="string"){const a={...s,...t,queries:void 0},h=t.queries.map(g=>Y(e,g,a));return X(h,a.combineWith)}const{tokenize:n,processTerm:o,searchOptions:u}=e._options,i={tokenize:n,processTerm:o,...u,...s},{tokenize:r,processTerm:d}=i,c=r(t).flatMap(a=>d(a)).filter(a=>!!a).map(at(i)).map(a=>At(e,a,i));return X(c,i.combineWith)},Q=(e,t,s={})=>{const n=Y(e,t,s),o=[];for(const[u,{score:i,terms:r,match:d}]of n){const c=r.length||1,a={id:e._documentIds.get(u),score:i*c,terms:Object.keys(d),queryTerms:r,match:d};Object.assign(a,e._storedFields.get(u)),(s.filter==null||s.filter(a))&&o.push(a)}return t===K&&s.boostDocument==null&&e._options.searchOptions.boostDocument==null||o.sort(P),o},Ct=(e,t,s={})=>{s={...e._options.autoSuggestOptions,...s};const n=new Map;for(const{score:u,terms:i}of Q(e,t,s)){const r=i.join(" "),d=n.get(r);d!=null?(d.score+=u,d.count+=1):n.set(r,{score:u,terms:i,count:1})}const o=[];for(const[u,{score:i,terms:r,count:d}]of n)o.push({suggestion:u,terms:r,score:i/d});return o.sort(P),o};class Et{_options;_index;_documentCount;_documentIds;_idToShortId;_fieldIds;_fieldLength;_avgFieldLength;_nextId;_storedFields;_dirtCount;_currentVacuum;_enqueuedVacuum;_enqueuedVacuumConditions;constructor(t){if(t?.fields==null)throw new Error('SlimSearch: option "fields" must be provided');const s=t.autoVacuum==null||t.autoVacuum===!0?_t:t.autoVacuum;this._options={...mt,...t,autoVacuum:s,searchOptions:{...J,...t.searchOptions||{}},autoSuggestOptions:{...pt,...t.autoSuggestOptions||{}}},this._index=new C,this._documentCount=0,this._documentIds=new Map,this._idToShortId=new Map,this._fieldIds={},this._fieldLength=new Map,this._avgFieldLength=[],this._nextId=0,this._storedFields=new Map,this._dirtCount=0,this._currentVacuum=null,this._enqueuedVacuum=null,this._enqueuedVacuumConditions=U,this.addFields(this._options.fields)}get isVacuuming(){return this._currentVacuum!=null}get dirtCount(){return this._dirtCount}get dirtFactor(){return this._dirtCount/(1+this._documentCount+this._dirtCount)}get documentCount(){return this._documentCount}get termCount(){return this._index.size}toJSON(){const t=[];for(const[s,n]of this._index){const o={};for(const[u,i]of n)o[u]=Object.fromEntries(i);t.push([s,o])}return{documentCount:this._documentCount,nextId:this._nextId,documentIds:Object.fromEntries(this._documentIds),fieldIds:this._fieldIds,fieldLength:Object.fromEntries(this._fieldLength),averageFieldLength:this._avgFieldLength,storedFields:Object.fromEntries(this._storedFields),dirtCount:this._dirtCount,index:t,serializationVersion:2}}addFields(t){for(let s=0;s{if(c!==1&&c!==2)throw new Error("SlimSearch: cannot deserialize an index created with an incompatible version");const h=new Et(a);h._documentCount=t,h._nextId=s,h._documentIds=b(n),h._idToShortId=new Map,h._fieldIds=o,h._fieldLength=b(u),h._avgFieldLength=i,h._storedFields=b(r),h._dirtCount=d||0,h._index=new C;for(const[g,m]of h._documentIds)h._idToShortId.set(m,g);for(const[g,m]of e){const p=new Map;for(const l of Object.keys(m)){let f=m[l];c===1&&(f=f.ds),p.set(parseInt(l,10),b(f))}h._index.set(g,p)}return h},B=(e,t)=>{const s=e.toLowerCase(),n=t.toLowerCase(),o=[];let u=0,i=0;const r=(c,a=!1)=>{let h="";i===0?h=c.length>20?`… ${c.slice(-20)}`:c:a?h=c.length+i>100?`${c.slice(0,100-i)}… `:c:h=c.length>20?`${c.slice(0,20)} … ${c.slice(-20)}`:c,h&&o.push(h),i+=h.length,a||(o.push(["mark",t]),i+=t.length,i>=100&&o.push(" …"))};let d=s.indexOf(n,u);if(d===-1)return null;for(;d>=0;){const c=d+n.length;if(r(e.slice(u,d)),u=c,i>100)break;d=s.indexOf(n,u)}return i<100&&r(e.slice(u),!0),o},wt=(e,t)=>t.contents.reduce((s,[,n])=>s+n,0)-e.contents.reduce((s,[,n])=>s+n,0),xt=(e,t)=>Math.max(...t.contents.map(([,s])=>s))-Math.max(...e.contents.map(([,s])=>s)),Z=(e,t,s={})=>{const n={};return Q(t,e,{boost:{h:2,t:1,c:4},prefix:!0,...s}).forEach(o=>{const{id:u,terms:i,score:r}=o,d=u.includes("@"),c=u.includes("#"),[a,h]=u.split(/[#@]/),g=Number(a),m=i.sort((l,f)=>l.length-f.length).filter((l,f)=>i.slice(f+1).every(y=>!y.includes(l))),{contents:p}=n[g]??={title:"",contents:[]};if(d)p.push([{type:"customField",id:g,index:h,display:m.map(l=>o.c.map(f=>B(f,l))).flat().filter(l=>l!==null)},r]);else{const l=m.map(f=>B(o.h,f)).filter(f=>f!==null);if(l.length&&p.push([{type:c?"heading":"title",id:g,...c&&{anchor:h},display:l},r]),"t"in o)for(const f of o.t){const y=m.map(F=>B(f,F)).filter(F=>F!==null);y.length&&p.push([{type:"text",id:g,...c&&{anchor:h},display:y},r])}}}),V(n).sort(([,o],[,u])=>"max"==="total"?wt(o,u):xt(o,u)).map(([o,{title:u,contents:i}])=>{if(!u){const r=ut(t,o);r&&(u=r.h)}return{title:u,contents:i.map(([r])=>r)}})},tt=(e,t,s={})=>{const n=Ct(t,e,{fuzzy:.2,maxFuzzy:3,...s}).map(({suggestion:o})=>o);return e.includes(" ")?n:n.filter(o=>!o.includes(" "))},bt=et(V(JSON.parse("{\"/\":{\"documentCount\":3425,\"nextId\":3425,\"documentIds\":{\"0\":\"0\",\"1\":\"0#rolf-hansen-memorial-award-2023-goes-to-hauke-hund\",\"2\":\"0#feel-free-to-contact-us-via-dsf-gecko-hs-heilbronn-de-and-we-will-take-care-of-your-request-as-soon-as-possible\",\"3\":\"1\",\"4\":\"1#overview\",\"5\":\"2\",\"6\":\"2#overview-of-dsf\",\"7\":\"2#key-features-and-benefits\",\"8\":\"2#distributed-data-sharing-processes\",\"9\":\"2#flexibility-with-data-standards\",\"10\":\"2#security-and-access-control\",\"11\":\"2#deployment-in-clinical-environments\",\"12\":\"2#getting-started-with-the-dsf\",\"13\":\"3\",\"14\":\"4\",\"15\":\"4#vorbereitung\",\"16\":\"4#netzwerkfreigaben\",\"17\":\"4#fhir-store\",\"18\":\"4#installationshinweise\",\"19\":\"4#dsf\",\"20\":\"4#prozessplugins\",\"21\":\"4#weitere-anwendungen\",\"22\":\"4#data-sharing-demodaten\",\"23\":\"5\",\"24\":\"5#overview\",\"25\":\"6\",\"26\":\"6#publications\",\"27\":\"6#recorded-talks\",\"28\":\"6#gmds-conference-2022\",\"29\":\"6#gmds-conference-2020\",\"30\":\"7\",\"31\":\"7#overview-v-0-9-x\",\"32\":\"8\",\"33\":\"9\",\"34\":\"9#security-vulnerability-disclosure-policy\",\"35\":\"9#our-commitment-to-security\",\"36\":\"9#responsible-disclosure\",\"37\":\"9#how-to-report-a-vulnerability\",\"38\":\"9#our-promise\",\"39\":\"9#legal-protection\",\"40\":\"9#questions\",\"41\":\"10\",\"42\":\"12\",\"43\":\"12#new-features\",\"44\":\"15\",\"45\":\"15#new-features\",\"46\":\"18\",\"47\":\"18#new-features\",\"48\":\"21\",\"49\":\"21#new-features\",\"50\":\"24\",\"51\":\"24#new-features\",\"52\":\"27\",\"53\":\"27#new-features\",\"54\":\"30\",\"55\":\"30#new-features\",\"56\":\"33\",\"57\":\"33#new-features\",\"58\":\"36\",\"59\":\"36#new-features\",\"60\":\"39\",\"61\":\"39#new-features\",\"62\":\"42\",\"63\":\"42#new-features\",\"64\":\"45\",\"65\":\"45#new-features\",\"66\":\"48\",\"67\":\"48#new-features\",\"68\":\"50\",\"69\":\"50#overview\",\"70\":\"51\",\"71\":\"51#e-mail\",\"72\":\"51#community\",\"73\":\"51#stay-up-to-date\",\"74\":\"51#contribute-code\",\"75\":\"51#share-your-experience-get-support\",\"76\":\"52\",\"77\":\"52#heilbronn-university-of-applied-sciences-gecko-institute\",\"78\":\"52#university-of-heidelberg-institute-of-medical-informatics\",\"79\":\"52#university-of-leipzig-life-institute\",\"80\":\"53\",\"81\":\"53#dsf-medical-informatics-structure-data-sharing-framework-community-2023-2026\",\"82\":\"53#development-of-the-dsf-in-the-highmed-consortium-contribution-heilbronn-university-and-heidelberg-university-2018-2022\",\"83\":\"54\",\"84\":\"55\",\"85\":\"55#goal\",\"86\":\"55#allow-list-managment\",\"87\":\"55#feel-free-to-contact-us-via-e-mail-dsf-gecko-hs-heilbronn-de-and-we-will-take-care-of-your-request-as-soon-as-possible\",\"88\":\"56\",\"89\":\"56#dsf-fhir-server\",\"90\":\"56#business-process-engine-bpe\",\"91\":\"56#flexible-deployment\",\"92\":\"56#network-setup-additional-reverse-proxy-in-external-dmz\",\"93\":\"57\",\"94\":\"57#interoperability\",\"95\":\"57#hl7-fhir\",\"96\":\"57#bpmn\",\"97\":\"57#why-are-we-using-fhir-and-bpmn\",\"98\":\"58\",\"99\":\"59\",\"100\":\"59#additional-reverse-proxy-in-external-dmz\",\"101\":\"60\",\"102\":\"60#overview\",\"103\":\"60#bpmn-example\",\"104\":\"60#ping-pong-process\",\"105\":\"60#autostart-ping-process\",\"106\":\"60#ping-process\",\"107\":\"60#pong-process\",\"108\":\"61\",\"109\":\"61#basics-security\",\"110\":\"61#authentication\",\"111\":\"61#certificate-requests\",\"112\":\"61#fhir-endpoint\",\"113\":\"61#business-process-engine-server\",\"114\":\"62\",\"115\":\"63\",\"116\":\"63#abstract\",\"117\":\"63#topic\",\"118\":\"63#target-group\",\"119\":\"63#what-you-need\",\"120\":\"63#what-you-will-learn\",\"121\":\"64\",\"122\":\"65\",\"123\":\"66\",\"124\":\"66#overview\",\"125\":\"67\",\"126\":\"67#overview\",\"127\":\"67#the-feasibility-process\",\"128\":\"67#technical-information\",\"129\":\"68\",\"130\":\"68#the-data-transfer-process\",\"131\":\"69\",\"132\":\"70\",\"133\":\"70#build-project\",\"134\":\"70#manual-integration-testing-without-docker\",\"135\":\"70#manual-integration-testing-local-with-docker\",\"136\":\"70#troubleshooting\",\"137\":\"70#manual-integration-testing-vms-for-docker-registry-3-medics-ttp\",\"138\":\"70#starting-the-processes\",\"139\":\"71\",\"140\":\"72\",\"141\":\"72#release-a-new-final-version\",\"142\":\"72#release-a-new-candidate-version\",\"143\":\"73\",\"144\":\"74\",\"145\":\"74#database\",\"146\":\"74#json-xml-adapter\",\"147\":\"74#dao\",\"148\":\"74#resolve-resource-references-if-needed\",\"149\":\"74#authorization\",\"150\":\"74#webservice\",\"151\":\"74#test\",\"152\":\"75\",\"153\":\"76\",\"154\":\"77\",\"155\":\"78\",\"156\":\"78#code-style\",\"157\":\"78#git-workflow\",\"158\":\"78#branch-naming\",\"159\":\"79\",\"160\":\"80\",\"161\":\"82\",\"162\":\"82#authenticating-to-github-packages\",\"163\":\"82#installing-a-package\",\"164\":\"83\",\"165\":\"84\",\"166\":\"84#certificate-requests\",\"167\":\"84#fhir-endpoint\",\"168\":\"84#business-process-engine-server\",\"169\":\"85\",\"170\":\"85#additional-reverse-proxy-in-external-dmz\",\"171\":\"86\",\"172\":\"87\",\"173\":\"87#dsf-0-9-3-configuration-parameters-bpe-server\",\"174\":\"87#org-highmed-dsf-bpe-consent-webservice-factory-class\",\"175\":\"87#org-highmed-dsf-bpe-db-liquibase-password-or-org-highmed-dsf-bpe-db-liquibase-password-file\",\"176\":\"87#org-highmed-dsf-bpe-db-liquibase-username\",\"177\":\"87#org-highmed-dsf-bpe-db-url\",\"178\":\"87#org-highmed-dsf-bpe-db-user-camunda-group\",\"179\":\"87#org-highmed-dsf-bpe-db-user-camunda-password-or-org-highmed-dsf-bpe-db-user-camunda-password-file\",\"180\":\"87#org-highmed-dsf-bpe-db-user-camunda-username\",\"181\":\"87#org-highmed-dsf-bpe-db-user-group\",\"182\":\"87#org-highmed-dsf-bpe-db-user-password-or-org-highmed-dsf-bpe-db-user-password-file\",\"183\":\"87#org-highmed-dsf-bpe-db-user-username\",\"184\":\"87#org-highmed-dsf-bpe-debug-log-message-onactivityend\",\"185\":\"87#org-highmed-dsf-bpe-debug-log-message-onactivitystart\",\"186\":\"87#org-highmed-dsf-bpe-debug-log-message-variables\",\"187\":\"87#org-highmed-dsf-bpe-fhir-client-certificate\",\"188\":\"87#org-highmed-dsf-bpe-fhir-client-certificate-private-key\",\"189\":\"87#org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-or-org-highmed-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"190\":\"87#org-highmed-dsf-bpe-fhir-client-local-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-proxy-password-file\",\"191\":\"87#org-highmed-dsf-bpe-fhir-client-local-proxy-url\",\"192\":\"87#org-highmed-dsf-bpe-fhir-client-local-proxy-username\",\"193\":\"87#org-highmed-dsf-bpe-fhir-client-local-timeout-connect\",\"194\":\"87#org-highmed-dsf-bpe-fhir-client-local-timeout-read\",\"195\":\"87#org-highmed-dsf-bpe-fhir-client-local-verbose\",\"196\":\"87#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-or-org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-password-file\",\"197\":\"87#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-url\",\"198\":\"87#org-highmed-dsf-bpe-fhir-client-local-websocket-proxy-username\",\"199\":\"87#org-highmed-dsf-bpe-fhir-client-remote-proxy-password-or-org-highmed-dsf-bpe-fhir-client-remote-proxy-password-file\",\"200\":\"87#org-highmed-dsf-bpe-fhir-client-remote-proxy-url\",\"201\":\"87#org-highmed-dsf-bpe-fhir-client-remote-proxy-username\",\"202\":\"87#org-highmed-dsf-bpe-fhir-client-remote-timeout-connect\",\"203\":\"87#org-highmed-dsf-bpe-fhir-client-remote-timeout-read\",\"204\":\"87#org-highmed-dsf-bpe-fhir-client-remote-verbose\",\"205\":\"87#org-highmed-dsf-bpe-fhir-client-trust-certificates\",\"206\":\"87#org-highmed-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"207\":\"87#org-highmed-dsf-bpe-fhir-server-base-url\",\"208\":\"87#org-highmed-dsf-bpe-fhir-server-organization-identifier-value\",\"209\":\"87#org-highmed-dsf-bpe-fhir-task-subscription-retry-max\",\"210\":\"87#org-highmed-dsf-bpe-fhir-task-subscription-retry-sleep\",\"211\":\"87#org-highmed-dsf-bpe-fhir-task-subscription-search-parameter\",\"212\":\"87#org-highmed-dsf-bpe-mail-client-certificate\",\"213\":\"87#org-highmed-dsf-bpe-mail-client-certificate-private-key\",\"214\":\"87#org-highmed-dsf-bpe-mail-client-certificate-private-key-password-or-org-highmed-dsf-bpe-mail-client-certificate-private-key-password-file\",\"215\":\"87#org-highmed-dsf-bpe-mail-fromaddress\",\"216\":\"87#org-highmed-dsf-bpe-mail-host\",\"217\":\"87#org-highmed-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"218\":\"87#org-highmed-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"219\":\"87#org-highmed-dsf-bpe-mail-password-or-org-highmed-dsf-bpe-mail-password-file\",\"220\":\"87#org-highmed-dsf-bpe-mail-port\",\"221\":\"87#org-highmed-dsf-bpe-mail-replytoaddresses\",\"222\":\"87#org-highmed-dsf-bpe-mail-sendmailonerrorlogevent\",\"223\":\"87#org-highmed-dsf-bpe-mail-sendtestmailonstartup\",\"224\":\"87#org-highmed-dsf-bpe-mail-smime-p12keystore\",\"225\":\"87#org-highmed-dsf-bpe-mail-smime-p12keystore-password-or-org-highmed-dsf-bpe-mail-smime-p12keystore-password-file\",\"226\":\"87#org-highmed-dsf-bpe-mail-toaddresses\",\"227\":\"87#org-highmed-dsf-bpe-mail-toaddressescc\",\"228\":\"87#org-highmed-dsf-bpe-mail-trust-certificates\",\"229\":\"87#org-highmed-dsf-bpe-mail-username\",\"230\":\"87#org-highmed-dsf-bpe-mail-usesmtps\",\"231\":\"87#org-highmed-dsf-bpe-mpi-webservice-factory-class\",\"232\":\"87#org-highmed-dsf-bpe-openehr-webservice-factory-class\",\"233\":\"87#org-highmed-dsf-bpe-process-excluded\",\"234\":\"87#org-highmed-dsf-bpe-process-fhir-server-retry-max\",\"235\":\"87#org-highmed-dsf-bpe-process-fhir-server-retry-sleep\",\"236\":\"87#org-highmed-dsf-bpe-process-plugin-directroy\",\"237\":\"87#org-highmed-dsf-bpe-process-retired\",\"238\":\"87#org-highmed-dsf-bpe-pseudonymization-webservice-factory-class\",\"239\":\"88\",\"240\":\"88#dsf-0-9-3-configuration-parameters-fhir-server\",\"241\":\"88#org-highmed-dsf-fhir-client-certificate\",\"242\":\"88#org-highmed-dsf-fhir-client-certificate-private-key\",\"243\":\"88#org-highmed-dsf-fhir-client-certificate-private-key-password-or-org-highmed-dsf-fhir-client-certificate-private-key-password-file\",\"244\":\"88#org-highmed-dsf-fhir-client-proxy-password-or-org-highmed-dsf-fhir-client-proxy-password-file\",\"245\":\"88#org-highmed-dsf-fhir-client-proxy-url\",\"246\":\"88#org-highmed-dsf-fhir-client-proxy-username\",\"247\":\"88#org-highmed-dsf-fhir-client-timeout-connect\",\"248\":\"88#org-highmed-dsf-fhir-client-timeout-read\",\"249\":\"88#org-highmed-dsf-fhir-client-trust-certificates\",\"250\":\"88#org-highmed-dsf-fhir-client-verbose\",\"251\":\"88#org-highmed-dsf-fhir-db-liquibase-password-or-org-highmed-dsf-fhir-db-liquibase-password-file\",\"252\":\"88#org-highmed-dsf-fhir-db-liquibase-username\",\"253\":\"88#org-highmed-dsf-fhir-db-url\",\"254\":\"88#org-highmed-dsf-fhir-db-user-group\",\"255\":\"88#org-highmed-dsf-fhir-db-user-password-or-org-highmed-dsf-fhir-db-user-password-file\",\"256\":\"88#org-highmed-dsf-fhir-db-user-permanent-delete-group\",\"257\":\"88#org-highmed-dsf-fhir-db-user-permanent-delete-password-or-org-highmed-dsf-fhir-db-user-permanent-delete-password-file\",\"258\":\"88#org-highmed-dsf-fhir-db-user-permanent-delete-username\",\"259\":\"88#org-highmed-dsf-fhir-db-user-username\",\"260\":\"88#org-highmed-dsf-fhir-server-base-url\",\"261\":\"88#org-highmed-dsf-fhir-server-cors-origins\",\"262\":\"88#org-highmed-dsf-fhir-server-init-bundle\",\"263\":\"88#org-highmed-dsf-fhir-server-organization-identifier-value\",\"264\":\"88#org-highmed-dsf-fhir-server-page-count\",\"265\":\"88#org-highmed-dsf-fhir-server-user-thumbprints\",\"266\":\"88#org-highmed-dsf-fhir-server-user-thumbprints-permanent-delete\",\"267\":\"89\",\"268\":\"89#dsf-0-9-3-configuration-parameters-fhir-reverse-proxy\",\"269\":\"89#app-server-ip\",\"270\":\"89#https-server-name-port\",\"271\":\"89#proxy-pass-connection-timeout-http\",\"272\":\"89#proxy-pass-connection-timeout-ws\",\"273\":\"89#proxy-pass-timeout-http\",\"274\":\"89#proxy-pass-timeout-ws\",\"275\":\"89#ssl-ca-certificate-file\",\"276\":\"89#ssl-ca-dn-request-file\",\"277\":\"89#ssl-certificate-chain-file\",\"278\":\"89#ssl-certificate-file\",\"279\":\"89#ssl-certificate-key-file\",\"280\":\"90\",\"281\":\"90#prerequisites\",\"282\":\"90#virtual-machines\",\"283\":\"90#docker-docker-compose\",\"284\":\"90#client-server-certificates\",\"285\":\"90#network-setup-network-access\",\"286\":\"90#on-boarding-excel-spreadsheet\",\"287\":\"90#setup\",\"288\":\"90#prepare-certificates\",\"289\":\"90#dsf-fhir-server\",\"290\":\"90#dsf-bpe-server\",\"291\":\"91\",\"292\":\"91#prerequisites\",\"293\":\"91#virtual-machines\",\"294\":\"91#docker-docker-compose\",\"295\":\"91#client-server-certificates\",\"296\":\"91#network-setup-network-access\",\"297\":\"91#on-boarding-excel-spreadsheet\",\"298\":\"91#setup\",\"299\":\"91#prepare-certificates\",\"300\":\"91#dsf-fhir-server\",\"301\":\"91#dsf-bpe-server\",\"302\":\"92\",\"303\":\"92#modify-dsf-fhir-server-setup\",\"304\":\"92#modify-dsf-bpe-server-setup\",\"305\":\"93\",\"306\":\"93#modify-dsf-fhir-server-setup\",\"307\":\"93#modify-dsf-bpe-server-setup\",\"308\":\"94\",\"309\":\"94#modify-dsf-fhir-server-setup\",\"310\":\"94#modify-dsf-bpe-server-setup\",\"311\":\"95\",\"312\":\"95#modify-dsf-fhir-server-setup\",\"313\":\"95#modify-dsf-bpe-server-setup\",\"314\":\"96\",\"315\":\"96#modify-dsf-fhir-server-setup\",\"316\":\"96#modify-dsf-bpe-server-setup\",\"317\":\"97\",\"318\":\"97#implementing-bpmn-processes-as-dsf-process-plugins\",\"319\":\"97#prerequisites\",\"320\":\"97#exercise-1-simple-process\",\"321\":\"97#exercise-1-1-process-debugging\",\"322\":\"97#exercise-2-input-parameters\",\"323\":\"97#exercise-3-message-events\",\"324\":\"97#exercise-4-exclusive-gateways\",\"325\":\"97#exercise-5-event-based-gateways-and-intermediate-events\",\"326\":\"98\",\"327\":\"98#docker-compose-yml\",\"328\":\"99\",\"329\":\"99#exercise-1-simple-process\",\"330\":\"99#introduction\",\"331\":\"99#tutorial-code-base-structure-and-docker-test-setup\",\"332\":\"99#process-plugin-main-components\",\"333\":\"99#process-execution-and-fhir-task-resources\",\"334\":\"99#process-access-control\",\"335\":\"99#exercise-tasks\",\"336\":\"99#solution-verification\",\"337\":\"99#maven-build-and-automated-tests\",\"338\":\"99#process-execution-and-manual-tests\",\"339\":\"100\",\"340\":\"100#exercise-1-1-process-debugging\",\"341\":\"100#introduction\",\"342\":\"100#exercise-tasks\",\"343\":\"101\",\"344\":\"101#exercise-2-input-parameters\",\"345\":\"101#introduction\",\"346\":\"101#environment-variables\",\"347\":\"101#task-input-parameters\",\"348\":\"101#version-and-release-date-placeholders\",\"349\":\"101#exercise-tasks\",\"350\":\"101#solution-verification\",\"351\":\"101#maven-build-and-automated-tests\",\"352\":\"101#process-execution-and-manual-tests\",\"353\":\"102\",\"354\":\"102#exercise-3-message-events\",\"355\":\"102#introduction\",\"356\":\"102#message-flow-and-fhir-task-resources\",\"357\":\"102#bpmn-process-definition-key-vs-fhir-task-instantiatesuri-and-activitydefinition-url-version\",\"358\":\"102#activitydefinitions-for-the-dsf\",\"359\":\"102#message-name-1-1\",\"360\":\"102#task-profile-1-1\",\"361\":\"102#requester-1\",\"362\":\"102#recipient-1\",\"363\":\"102#authorization-extension-example\",\"364\":\"102#exercise-tasks\",\"365\":\"102#solution-verification\",\"366\":\"102#maven-build-and-automated-tests\",\"367\":\"102#process-execution-and-manual-tests\",\"368\":\"103\",\"369\":\"103#exercise-4-exclusive-gateways\",\"370\":\"103#introduction\",\"371\":\"103#exclusive-gateways\",\"372\":\"103#condition-expressions\",\"373\":\"103#storing-modifying-process-variables\",\"374\":\"103#exercise-tasks\",\"375\":\"103#solution-verification\",\"376\":\"103#maven-build-and-automated-tests\",\"377\":\"103#process-execution-and-manual-tests\",\"378\":\"104\",\"379\":\"104#exercise-5-event-based-gateways-and-intermediate-events\",\"380\":\"104#introduction\",\"381\":\"104#managing-multiple-and-missing-messages\",\"382\":\"104#timer-events\",\"383\":\"104#matching-process-instances-with-business-keys\",\"384\":\"104#activitydefinitions-for-the-dsf\",\"385\":\"104#message-name-1-1\",\"386\":\"104#task-profile-1-1\",\"387\":\"104#requester-1\",\"388\":\"104#recipient-1\",\"389\":\"104#authorization-extension-example\",\"390\":\"104#exercise-tasks\",\"391\":\"104#solution-verification\",\"392\":\"104#maven-build-and-automated-tests\",\"393\":\"104#process-execution-and-manual-tests\",\"394\":\"105\",\"395\":\"105#git\",\"396\":\"105#java-11\",\"397\":\"105#maven-3-8\",\"398\":\"105#github-packages\",\"399\":\"105#docker-and-docker-compose\",\"400\":\"105#host-entries-for-test-setup\",\"401\":\"105#java-ide\",\"402\":\"105#bpmn-editor\",\"403\":\"105#hardware\",\"404\":\"106\",\"405\":\"106#benefits-of-contributing\",\"406\":\"106#general\",\"407\":\"106#code-style\",\"408\":\"106#branching-strategy\",\"409\":\"106#branch-naming\",\"410\":\"106#setting-up-the-project\",\"411\":\"106#java\",\"412\":\"106#docker\",\"413\":\"106#maven\",\"414\":\"106#workflow\",\"415\":\"106#pull-request-process\",\"416\":\"106#data-security-in-dsf-development\",\"417\":\"107\",\"418\":\"108\",\"419\":\"108#ways-you-can-contribute\",\"420\":\"109\",\"421\":\"109#overview\",\"422\":\"110\",\"423\":\"111\",\"424\":\"112\",\"425\":\"112#overview\",\"426\":\"113\",\"427\":\"113#overview\",\"428\":\"113#prerequisites\",\"429\":\"113#start-here\",\"430\":\"114\",\"431\":\"114#overview\",\"432\":\"114#prerequisites\",\"433\":\"114#deployment\",\"434\":\"115\",\"435\":\"115#prerequisites\",\"436\":\"115#virtual-machines\",\"437\":\"115#docker-docker-compose\",\"438\":\"115#client-server-certificates\",\"439\":\"115#network-setup-network-access\",\"440\":\"115#setup\",\"441\":\"115#prepare-certificates\",\"442\":\"115#dsf-fhir-server\",\"443\":\"115#dsf-bpe-server\",\"444\":\"115#logs\",\"445\":\"115#on-boarding\",\"446\":\"116\",\"447\":\"116#example-environment-variables\",\"448\":\"116#docker-secrets\",\"449\":\"116#example-docker-compose\",\"450\":\"117\",\"451\":\"117#extending-or-replacing-trusted-certificate-authorities\",\"452\":\"117#fhir-reverse-proxy\",\"453\":\"117#fhir-server\",\"454\":\"117#bpe-reverse-proxy\",\"455\":\"117#bpe-server\",\"456\":\"117#list-of-default-trusted-certificate-authorities\",\"457\":\"117#cas-trusted-by-common-web-browsers-and-operating-systems\",\"458\":\"117#other-cas\",\"459\":\"118\",\"460\":\"119\",\"461\":\"119#modify-dsf-fhir-server-setup\",\"462\":\"119#modify-dsf-bpe-server-setup\",\"463\":\"120\",\"464\":\"120#overview\",\"465\":\"121\",\"466\":\"122\",\"467\":\"123\",\"468\":\"123#overview\",\"469\":\"124\",\"470\":\"124#overview\",\"471\":\"124#prerequisites\",\"472\":\"124#start-here\",\"473\":\"125\",\"474\":\"125#prerequisites\",\"475\":\"125#virtual-machines\",\"476\":\"125#docker-docker-compose\",\"477\":\"125#client-server-certificates\",\"478\":\"125#network-setup-network-access\",\"479\":\"125#setup\",\"480\":\"125#prepare-certificates\",\"481\":\"125#dsf-fhir-server\",\"482\":\"125#dsf-bpe-server\",\"483\":\"125#logs\",\"484\":\"125#on-boarding\",\"485\":\"126\",\"486\":\"127\",\"487\":\"127#overview\",\"488\":\"128\",\"489\":\"129\",\"490\":\"130\",\"491\":\"130#overview\",\"492\":\"131\",\"493\":\"131#overview\",\"494\":\"131#prerequisites\",\"495\":\"131#start-here\",\"496\":\"132\",\"497\":\"132#prerequisites\",\"498\":\"132#virtual-machines\",\"499\":\"132#docker-docker-compose\",\"500\":\"132#client-server-certificates\",\"501\":\"132#network-setup-network-access\",\"502\":\"132#setup\",\"503\":\"132#prepare-certificates\",\"504\":\"132#dsf-fhir-server\",\"505\":\"132#dsf-bpe-server\",\"506\":\"132#logs\",\"507\":\"132#on-boarding\",\"508\":\"133\",\"509\":\"134\",\"510\":\"134#modify-dsf-fhir-server-setup\",\"511\":\"134#modify-dsf-bpe-server-setup\",\"512\":\"135\",\"513\":\"135#overview\",\"514\":\"136\",\"515\":\"137\",\"516\":\"138\",\"517\":\"138#overview\",\"518\":\"139\",\"519\":\"139#overview\",\"520\":\"139#prerequisites\",\"521\":\"139#start-here\",\"522\":\"140\",\"523\":\"140#prerequisites\",\"524\":\"140#virtual-machines\",\"525\":\"140#docker-docker-compose\",\"526\":\"140#client-server-certificates\",\"527\":\"140#network-setup-network-access\",\"528\":\"140#setup\",\"529\":\"140#prepare-certificates\",\"530\":\"140#dsf-fhir-server\",\"531\":\"140#dsf-bpe-server\",\"532\":\"140#logs\",\"533\":\"140#on-boarding\",\"534\":\"141\",\"535\":\"142\",\"536\":\"142#modify-dsf-fhir-server-setup\",\"537\":\"142#modify-dsf-bpe-server-setup\",\"538\":\"143\",\"539\":\"143#overview\",\"540\":\"144\",\"541\":\"145\",\"542\":\"146\",\"543\":\"146#overview\",\"544\":\"147\",\"545\":\"147#overview\",\"546\":\"147#prerequisites\",\"547\":\"147#start-here\",\"548\":\"148\",\"549\":\"148#common-processes\",\"550\":\"148#mii-processes\",\"551\":\"148#num-processes\",\"552\":\"149\",\"553\":\"149#prerequisites\",\"554\":\"149#virtual-machines\",\"555\":\"149#docker-docker-compose\",\"556\":\"149#client-server-certificates\",\"557\":\"149#network-setup-network-access\",\"558\":\"149#setup\",\"559\":\"149#prepare-certificates\",\"560\":\"149#dsf-fhir-server\",\"561\":\"149#dsf-bpe-server\",\"562\":\"149#logs\",\"563\":\"149#on-boarding\",\"564\":\"150\",\"565\":\"151\",\"566\":\"151#modify-dsf-fhir-server-setup\",\"567\":\"151#modify-dsf-bpe-server-setup\",\"568\":\"152\",\"569\":\"152#overview\",\"570\":\"153\",\"571\":\"154\",\"572\":\"155\",\"573\":\"155#overview\",\"574\":\"156\",\"575\":\"156#overview\",\"576\":\"156#prerequisites\",\"577\":\"156#start-here\",\"578\":\"157\",\"579\":\"157#common-processes\",\"580\":\"157#mii-processes\",\"581\":\"157#num-processes\",\"582\":\"158\",\"583\":\"158#prerequisites\",\"584\":\"158#virtual-machines\",\"585\":\"158#docker-docker-compose\",\"586\":\"158#client-server-certificates\",\"587\":\"158#network-setup-network-access\",\"588\":\"158#setup\",\"589\":\"158#prepare-certificates\",\"590\":\"158#dsf-fhir-server\",\"591\":\"158#dsf-bpe-server\",\"592\":\"158#logs\",\"593\":\"158#on-boarding\",\"594\":\"159\",\"595\":\"160\",\"596\":\"160#modify-dsf-fhir-server-setup\",\"597\":\"160#modify-dsf-bpe-server-setup\",\"598\":\"161\",\"599\":\"161#overview\",\"600\":\"162\",\"601\":\"163\",\"602\":\"164\",\"603\":\"164#overview\",\"604\":\"165\",\"605\":\"165#overview\",\"606\":\"165#prerequisites\",\"607\":\"165#start-here\",\"608\":\"166\",\"609\":\"166#common-processes\",\"610\":\"166#mii-processes\",\"611\":\"166#num-processes\",\"612\":\"167\",\"613\":\"167#prerequisites\",\"614\":\"167#virtual-machines\",\"615\":\"167#docker-docker-compose\",\"616\":\"167#client-server-certificates\",\"617\":\"167#network-setup-network-access\",\"618\":\"167#setup\",\"619\":\"167#prepare-certificates\",\"620\":\"167#dsf-fhir-server\",\"621\":\"167#dsf-bpe-server\",\"622\":\"167#logs\",\"623\":\"167#on-boarding\",\"624\":\"168\",\"625\":\"169\",\"626\":\"169#modify-dsf-fhir-server-setup\",\"627\":\"169#modify-dsf-bpe-server-setup\",\"628\":\"170\",\"629\":\"170#benefits-of-contributing\",\"630\":\"170#general\",\"631\":\"170#code-style\",\"632\":\"170#branching-strategy\",\"633\":\"170#branch-naming\",\"634\":\"170#setting-up-the-project\",\"635\":\"170#java\",\"636\":\"170#docker\",\"637\":\"170#maven\",\"638\":\"170#workflow\",\"639\":\"170#pull-request-process\",\"640\":\"170#data-security-in-dsf-development\",\"641\":\"171\",\"642\":\"172\",\"643\":\"172#ways-you-can-contribute\",\"644\":\"173\",\"645\":\"173#overview\",\"646\":\"174\",\"647\":\"175\",\"648\":\"176\",\"649\":\"176#overview\",\"650\":\"177\",\"651\":\"177#overview\",\"652\":\"177#prerequisites\",\"653\":\"177#start-here\",\"654\":\"178\",\"655\":\"178#common-processes\",\"656\":\"178#mii-processes\",\"657\":\"178#num-processes\",\"658\":\"179\",\"659\":\"179#prerequisites\",\"660\":\"179#virtual-machines\",\"661\":\"179#docker-docker-compose\",\"662\":\"179#client-server-certificates\",\"663\":\"179#network-setup-network-access\",\"664\":\"179#setup\",\"665\":\"179#prepare-certificates\",\"666\":\"179#dsf-fhir-server\",\"667\":\"179#dsf-bpe-server\",\"668\":\"179#logs\",\"669\":\"179#on-boarding\",\"670\":\"180\",\"671\":\"181\",\"672\":\"181#modify-dsf-fhir-server-setup\",\"673\":\"181#modify-dsf-bpe-server-setup\",\"674\":\"182\",\"675\":\"182#benefits-of-contributing\",\"676\":\"182#general\",\"677\":\"182#code-style\",\"678\":\"182#branching-strategy\",\"679\":\"182#branch-naming\",\"680\":\"182#setting-up-the-project\",\"681\":\"182#java\",\"682\":\"182#docker\",\"683\":\"182#maven\",\"684\":\"182#workflow\",\"685\":\"182#pull-request-process\",\"686\":\"182#data-security-in-dsf-development\",\"687\":\"183\",\"688\":\"184\",\"689\":\"184#ways-you-can-contribute\",\"690\":\"185\",\"691\":\"185#overview\",\"692\":\"186\",\"693\":\"187\",\"694\":\"188\",\"695\":\"188#overview\",\"696\":\"189\",\"697\":\"189#overview\",\"698\":\"189#prerequisites\",\"699\":\"189#start-here\",\"700\":\"190\",\"701\":\"190#common-processes\",\"702\":\"190#mii-processes\",\"703\":\"190#num-processes\",\"704\":\"191\",\"705\":\"191#prerequisites\",\"706\":\"191#virtual-machines\",\"707\":\"191#docker-docker-compose\",\"708\":\"191#client-server-certificates\",\"709\":\"191#network-setup-network-access\",\"710\":\"191#setup\",\"711\":\"191#prepare-certificates\",\"712\":\"191#dsf-fhir-server\",\"713\":\"191#dsf-bpe-server\",\"714\":\"191#logs\",\"715\":\"191#on-boarding\",\"716\":\"192\",\"717\":\"193\",\"718\":\"193#modify-dsf-fhir-server-setup\",\"719\":\"193#modify-dsf-bpe-server-setup\",\"720\":\"194\",\"721\":\"194#benefits-of-contributing\",\"722\":\"194#general\",\"723\":\"194#code-style\",\"724\":\"194#branching-strategy\",\"725\":\"194#branch-naming\",\"726\":\"194#setting-up-the-project\",\"727\":\"194#java\",\"728\":\"194#docker\",\"729\":\"194#maven\",\"730\":\"194#workflow\",\"731\":\"194#pull-request-process\",\"732\":\"194#data-security-in-dsf-development\",\"733\":\"195\",\"734\":\"196\",\"735\":\"196#ways-you-can-contribute\",\"736\":\"197\",\"737\":\"197#overview\",\"738\":\"198\",\"739\":\"199\",\"740\":\"200\",\"741\":\"200#overview\",\"742\":\"201\",\"743\":\"201#overview\",\"744\":\"201#prerequisites\",\"745\":\"201#start-here\",\"746\":\"202\",\"747\":\"202#common-processes\",\"748\":\"202#mii-processes\",\"749\":\"202#num-processes\",\"750\":\"203\",\"751\":\"203#prerequisites\",\"752\":\"203#virtual-machines\",\"753\":\"203#docker-docker-compose\",\"754\":\"203#client-server-certificates\",\"755\":\"203#network-setup-network-access\",\"756\":\"203#setup\",\"757\":\"203#prepare-certificates\",\"758\":\"203#dsf-fhir-server\",\"759\":\"203#dsf-bpe-server\",\"760\":\"203#logs\",\"761\":\"203#on-boarding\",\"762\":\"204\",\"763\":\"205\",\"764\":\"205#modify-dsf-fhir-server-setup\",\"765\":\"205#modify-dsf-bpe-server-setup\",\"766\":\"206\",\"767\":\"206#benefits-of-contributing\",\"768\":\"206#general\",\"769\":\"206#code-style\",\"770\":\"206#branching-strategy\",\"771\":\"206#branch-naming\",\"772\":\"206#setting-up-the-project\",\"773\":\"206#java\",\"774\":\"206#docker\",\"775\":\"206#maven\",\"776\":\"206#workflow\",\"777\":\"206#pull-request-process\",\"778\":\"206#data-security-in-dsf-development\",\"779\":\"207\",\"780\":\"208\",\"781\":\"208#ways-you-can-contribute\",\"782\":\"209\",\"783\":\"209#overview\",\"784\":\"210\",\"785\":\"211\",\"786\":\"212\",\"787\":\"212#overview\",\"788\":\"213\",\"789\":\"213#overview\",\"790\":\"213#prerequisites\",\"791\":\"213#start-here\",\"792\":\"214\",\"793\":\"214#overview\",\"794\":\"214#prerequisites\",\"795\":\"214#deployment\",\"796\":\"215\",\"797\":\"215#prerequisites\",\"798\":\"215#virtual-machines\",\"799\":\"215#docker-docker-compose\",\"800\":\"215#client-server-certificates\",\"801\":\"215#network-setup-network-access\",\"802\":\"215#setup\",\"803\":\"215#prepare-certificates\",\"804\":\"215#dsf-fhir-server\",\"805\":\"215#dsf-bpe-server\",\"806\":\"215#logs\",\"807\":\"215#on-boarding\",\"808\":\"216\",\"809\":\"217\",\"810\":\"217#modify-dsf-fhir-server-setup\",\"811\":\"217#modify-dsf-bpe-server-setup\",\"812\":\"218\",\"813\":\"218#benefits-of-contributing\",\"814\":\"218#general\",\"815\":\"218#code-style\",\"816\":\"218#branching-strategy\",\"817\":\"218#branch-naming\",\"818\":\"218#setting-up-the-project\",\"819\":\"218#java\",\"820\":\"218#docker\",\"821\":\"218#maven\",\"822\":\"218#workflow\",\"823\":\"218#pull-request-process\",\"824\":\"218#data-security-in-dsf-development\",\"825\":\"219\",\"826\":\"220\",\"827\":\"220#ways-you-can-contribute\",\"828\":\"221\",\"829\":\"221#overview\",\"830\":\"222\",\"831\":\"223\",\"832\":\"224\",\"833\":\"224#overview\",\"834\":\"225\",\"835\":\"225#overview\",\"836\":\"225#prerequisites\",\"837\":\"225#start-here\",\"838\":\"226\",\"839\":\"226#overview\",\"840\":\"226#prerequisites\",\"841\":\"226#deployment\",\"842\":\"227\",\"843\":\"227#prerequisites\",\"844\":\"227#virtual-machines\",\"845\":\"227#docker-docker-compose\",\"846\":\"227#client-server-certificates\",\"847\":\"227#network-setup-network-access\",\"848\":\"227#setup\",\"849\":\"227#prepare-certificates\",\"850\":\"227#dsf-fhir-server\",\"851\":\"227#dsf-bpe-server\",\"852\":\"227#logs\",\"853\":\"227#on-boarding\",\"854\":\"228\",\"855\":\"229\",\"856\":\"229#modify-dsf-fhir-server-setup\",\"857\":\"229#modify-dsf-bpe-server-setup\",\"858\":\"230\",\"859\":\"230#benefits-of-contributing\",\"860\":\"230#general\",\"861\":\"230#code-style\",\"862\":\"230#branching-strategy\",\"863\":\"230#branch-naming\",\"864\":\"230#setting-up-the-project\",\"865\":\"230#java\",\"866\":\"230#docker\",\"867\":\"230#maven\",\"868\":\"230#workflow\",\"869\":\"230#pull-request-process\",\"870\":\"230#data-security-in-dsf-development\",\"871\":\"231\",\"872\":\"232\",\"873\":\"232#ways-you-can-contribute\",\"874\":\"233\",\"875\":\"233#overview\",\"876\":\"234\",\"877\":\"235\",\"878\":\"236\",\"879\":\"236#overview\",\"880\":\"237\",\"881\":\"237#overview\",\"882\":\"237#prerequisites\",\"883\":\"237#start-here\",\"884\":\"238\",\"885\":\"238#overview\",\"886\":\"238#prerequisites\",\"887\":\"238#deployment\",\"888\":\"239\",\"889\":\"239#prerequisites\",\"890\":\"239#virtual-machines\",\"891\":\"239#docker-docker-compose\",\"892\":\"239#client-server-certificates\",\"893\":\"239#network-setup-network-access\",\"894\":\"239#setup\",\"895\":\"239#prepare-certificates\",\"896\":\"239#dsf-fhir-server\",\"897\":\"239#dsf-bpe-server\",\"898\":\"239#logs\",\"899\":\"239#on-boarding\",\"900\":\"240\",\"901\":\"240#example-environment-variables\",\"902\":\"240#docker-secrets\",\"903\":\"240#example-docker-compose\",\"904\":\"241\",\"905\":\"241#extending-or-replacing-trusted-certificate-authorities\",\"906\":\"241#fhir-reverse-proxy\",\"907\":\"241#fhir-server\",\"908\":\"241#bpe-reverse-proxy\",\"909\":\"241#bpe-server\",\"910\":\"241#list-of-default-trusted-certificate-authorities\",\"911\":\"241#cas-trusted-by-common-web-browsers-and-operating-systems\",\"912\":\"241#other-cas\",\"913\":\"242\",\"914\":\"243\",\"915\":\"243#modify-dsf-fhir-server-setup\",\"916\":\"243#modify-dsf-bpe-server-setup\",\"917\":\"244\",\"918\":\"244#overview\",\"919\":\"245\",\"920\":\"245#overview\",\"921\":\"245#matching-users\",\"922\":\"245#thumbprint\",\"923\":\"245#email\",\"924\":\"245#token-role-and-token-group\",\"925\":\"245#dsf-and-practitioner-roles\",\"926\":\"245#dsf-role\",\"927\":\"245#practitioner-role\",\"928\":\"245#examples\",\"929\":\"246\",\"930\":\"246#dev-dsf-bpe-db-liquibase-forceunlock\",\"931\":\"246#dev-dsf-bpe-db-liquibase-lockwaittime\",\"932\":\"246#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"933\":\"246#dev-dsf-bpe-db-liquibase-username\",\"934\":\"246#dev-dsf-bpe-db-url\",\"935\":\"246#dev-dsf-bpe-db-user-camunda-group\",\"936\":\"246#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"937\":\"246#dev-dsf-bpe-db-user-camunda-username\",\"938\":\"246#dev-dsf-bpe-db-user-group\",\"939\":\"246#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"940\":\"246#dev-dsf-bpe-db-user-username\",\"941\":\"246#dev-dsf-bpe-debug-log-message-currentuser\",\"942\":\"246#dev-dsf-bpe-debug-log-message-dbstatement\",\"943\":\"246#dev-dsf-bpe-debug-log-message-onactivityend\",\"944\":\"246#dev-dsf-bpe-debug-log-message-onactivitystart\",\"945\":\"246#dev-dsf-bpe-debug-log-message-variables\",\"946\":\"246#dev-dsf-bpe-debug-log-message-variableslocal\",\"947\":\"246#dev-dsf-bpe-debug-log-message-webservicerequest\",\"948\":\"246#dev-dsf-bpe-fhir-client-certificate\",\"949\":\"246#dev-dsf-bpe-fhir-client-certificate-private-key\",\"950\":\"246#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"951\":\"246#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"952\":\"246#dev-dsf-bpe-fhir-client-local-timeout-read\",\"953\":\"246#dev-dsf-bpe-fhir-client-local-verbose\",\"954\":\"246#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"955\":\"246#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"956\":\"246#dev-dsf-bpe-fhir-client-remote-verbose\",\"957\":\"246#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"958\":\"246#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"959\":\"246#dev-dsf-bpe-fhir-server-base-url\",\"960\":\"246#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"961\":\"246#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"962\":\"246#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"963\":\"246#dev-dsf-bpe-mail-client-certificate\",\"964\":\"246#dev-dsf-bpe-mail-client-certificate-private-key\",\"965\":\"246#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"966\":\"246#dev-dsf-bpe-mail-fromaddress\",\"967\":\"246#dev-dsf-bpe-mail-host\",\"968\":\"246#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"969\":\"246#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"970\":\"246#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"971\":\"246#dev-dsf-bpe-mail-port\",\"972\":\"246#dev-dsf-bpe-mail-replytoaddresses\",\"973\":\"246#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"974\":\"246#dev-dsf-bpe-mail-sendtestmailonstartup\",\"975\":\"246#dev-dsf-bpe-mail-smime-p12keystore\",\"976\":\"246#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"977\":\"246#dev-dsf-bpe-mail-toaddresses\",\"978\":\"246#dev-dsf-bpe-mail-toaddressescc\",\"979\":\"246#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"980\":\"246#dev-dsf-bpe-mail-username\",\"981\":\"246#dev-dsf-bpe-mail-usesmtps\",\"982\":\"246#dev-dsf-bpe-process-engine-corepoolsize\",\"983\":\"246#dev-dsf-bpe-process-engine-maxpoolsize\",\"984\":\"246#dev-dsf-bpe-process-engine-queuesize\",\"985\":\"246#dev-dsf-bpe-process-excluded\",\"986\":\"246#dev-dsf-bpe-process-fhir-server-retry-max\",\"987\":\"246#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"988\":\"246#dev-dsf-bpe-process-plugin-directroy\",\"989\":\"246#dev-dsf-bpe-process-retired\",\"990\":\"246#dev-dsf-bpe-process-threads\",\"991\":\"246#dev-dsf-bpe-server-base-url\",\"992\":\"246#dev-dsf-bpe-server-roleconfig\",\"993\":\"246#dev-dsf-bpe-server-static-resource-cache\",\"994\":\"246#dev-dsf-bpe-server-ui-theme\",\"995\":\"246#dev-dsf-proxy-noproxy\",\"996\":\"246#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"997\":\"246#dev-dsf-proxy-url\",\"998\":\"246#dev-dsf-proxy-username\",\"999\":\"246#dev-dsf-server-api-host\",\"1000\":\"246#dev-dsf-server-api-port\",\"1001\":\"246#dev-dsf-server-auth-client-certificate-header\",\"1002\":\"246#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1003\":\"246#dev-dsf-server-auth-oidc-back-channel-logout\",\"1004\":\"246#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1005\":\"246#dev-dsf-server-auth-oidc-bearer-token\",\"1006\":\"246#dev-dsf-server-auth-oidc-client-id\",\"1007\":\"246#dev-dsf-server-auth-oidc-client-secret\",\"1008\":\"246#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1009\":\"246#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1010\":\"246#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1011\":\"246#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1012\":\"246#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1013\":\"246#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1014\":\"246#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1015\":\"246#dev-dsf-server-auth-trust-client-certificate-cas\",\"1016\":\"246#dev-dsf-server-certificate\",\"1017\":\"246#dev-dsf-server-certificate-chain\",\"1018\":\"246#dev-dsf-server-certificate-key\",\"1019\":\"246#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1020\":\"246#dev-dsf-server-context-path\",\"1021\":\"246#dev-dsf-server-status-host\",\"1022\":\"246#dev-dsf-server-status-port\",\"1023\":\"247\",\"1024\":\"247#overview\",\"1025\":\"247#authorization-code-flow\",\"1026\":\"247#additional-odic-configuration-parameter\",\"1027\":\"247#example\",\"1028\":\"248\",\"1029\":\"248#overview\",\"1030\":\"249\",\"1031\":\"249#app-server-ip\",\"1032\":\"249#https-server-name-port\",\"1033\":\"249#proxy-pass-connection-timeout-http\",\"1034\":\"249#proxy-pass-connection-timeout-ws\",\"1035\":\"249#proxy-pass-timeout-http\",\"1036\":\"249#proxy-pass-timeout-ws\",\"1037\":\"249#server-context-path\",\"1038\":\"249#ssl-ca-certificate-file\",\"1039\":\"249#ssl-ca-dn-request-file\",\"1040\":\"249#ssl-certificate-chain-file\",\"1041\":\"249#ssl-certificate-file\",\"1042\":\"249#ssl-certificate-key-file\",\"1043\":\"249#ssl-expected-client-s-dn-c-values\",\"1044\":\"249#ssl-expected-client-i-dn-cn-values\",\"1045\":\"249#ssl-verify-client\",\"1046\":\"250\",\"1047\":\"250#overview\",\"1048\":\"251\",\"1049\":\"251#overview\",\"1050\":\"251#matching-users\",\"1051\":\"251#thumbprint\",\"1052\":\"251#email\",\"1053\":\"251#token-role-and-token-group\",\"1054\":\"251#dsf-and-practitioner-roles\",\"1055\":\"251#dsf-role\",\"1056\":\"251#practitioner-role\",\"1057\":\"251#examples\",\"1058\":\"252\",\"1059\":\"252#dev-dsf-fhir-client-certificate\",\"1060\":\"252#dev-dsf-fhir-client-certificate-private-key\",\"1061\":\"252#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1062\":\"252#dev-dsf-fhir-client-timeout-connect\",\"1063\":\"252#dev-dsf-fhir-client-timeout-read\",\"1064\":\"252#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1065\":\"252#dev-dsf-fhir-client-verbose\",\"1066\":\"252#dev-dsf-fhir-db-liquibase-forceunlock\",\"1067\":\"252#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1068\":\"252#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1069\":\"252#dev-dsf-fhir-db-liquibase-username\",\"1070\":\"252#dev-dsf-fhir-db-url\",\"1071\":\"252#dev-dsf-fhir-db-user-group\",\"1072\":\"252#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1073\":\"252#dev-dsf-fhir-db-user-permanent-delete-group\",\"1074\":\"252#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1075\":\"252#dev-dsf-fhir-db-user-permanent-delete-username\",\"1076\":\"252#dev-dsf-fhir-db-user-username\",\"1077\":\"252#dev-dsf-fhir-debug-log-message-currentuser\",\"1078\":\"252#dev-dsf-fhir-debug-log-message-dbstatement\",\"1079\":\"252#dev-dsf-fhir-debug-log-message-webservicerequest\",\"1080\":\"252#dev-dsf-fhir-server-base-url\",\"1081\":\"252#dev-dsf-fhir-server-init-bundle\",\"1082\":\"252#dev-dsf-fhir-server-organization-identifier-value\",\"1083\":\"252#dev-dsf-fhir-server-organization-thumbprint\",\"1084\":\"252#dev-dsf-fhir-server-page-count\",\"1085\":\"252#dev-dsf-fhir-server-roleconfig\",\"1086\":\"252#dev-dsf-fhir-server-static-resource-cache\",\"1087\":\"252#dev-dsf-fhir-server-ui-theme\",\"1088\":\"252#dev-dsf-proxy-noproxy\",\"1089\":\"252#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1090\":\"252#dev-dsf-proxy-url\",\"1091\":\"252#dev-dsf-proxy-username\",\"1092\":\"252#dev-dsf-server-api-host\",\"1093\":\"252#dev-dsf-server-api-port\",\"1094\":\"252#dev-dsf-server-auth-client-certificate-header\",\"1095\":\"252#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1096\":\"252#dev-dsf-server-auth-oidc-back-channel-logout\",\"1097\":\"252#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1098\":\"252#dev-dsf-server-auth-oidc-bearer-token\",\"1099\":\"252#dev-dsf-server-auth-oidc-client-id\",\"1100\":\"252#dev-dsf-server-auth-oidc-client-secret\",\"1101\":\"252#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1102\":\"252#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1103\":\"252#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1104\":\"252#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1105\":\"252#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1106\":\"252#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1107\":\"252#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1108\":\"252#dev-dsf-server-auth-trust-client-certificate-cas\",\"1109\":\"252#dev-dsf-server-certificate\",\"1110\":\"252#dev-dsf-server-certificate-chain\",\"1111\":\"252#dev-dsf-server-certificate-key\",\"1112\":\"252#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1113\":\"252#dev-dsf-server-context-path\",\"1114\":\"252#dev-dsf-server-status-host\",\"1115\":\"252#dev-dsf-server-status-port\",\"1116\":\"253\",\"1117\":\"253#overview\",\"1118\":\"253#authorization-code-flow\",\"1119\":\"253#bearer-token-authentication\",\"1120\":\"253#additional-odic-configuration-parameter\",\"1121\":\"253#example\",\"1122\":\"254\",\"1123\":\"254#overview\",\"1124\":\"255\",\"1125\":\"255#app-server-ip\",\"1126\":\"255#https-server-name-port\",\"1127\":\"255#proxy-pass-connection-timeout-http\",\"1128\":\"255#proxy-pass-connection-timeout-ws\",\"1129\":\"255#proxy-pass-timeout-http\",\"1130\":\"255#proxy-pass-timeout-ws\",\"1131\":\"255#server-context-path\",\"1132\":\"255#ssl-ca-certificate-file\",\"1133\":\"255#ssl-ca-dn-request-file\",\"1134\":\"255#ssl-certificate-chain-file\",\"1135\":\"255#ssl-certificate-file\",\"1136\":\"255#ssl-certificate-key-file\",\"1137\":\"255#ssl-expected-client-s-dn-c-values\",\"1138\":\"255#ssl-expected-client-i-dn-cn-values\",\"1139\":\"255#ssl-verify-client\",\"1140\":\"256\",\"1141\":\"256#overview\",\"1142\":\"257\",\"1143\":\"257#dev-dsf-bpe-db-liquibase-forceunlock\",\"1144\":\"257#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1145\":\"257#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"1146\":\"257#dev-dsf-bpe-db-liquibase-username\",\"1147\":\"257#dev-dsf-bpe-db-url\",\"1148\":\"257#dev-dsf-bpe-db-user-camunda-group\",\"1149\":\"257#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"1150\":\"257#dev-dsf-bpe-db-user-camunda-username\",\"1151\":\"257#dev-dsf-bpe-db-user-group\",\"1152\":\"257#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"1153\":\"257#dev-dsf-bpe-db-user-username\",\"1154\":\"257#dev-dsf-bpe-debug-log-message-onactivityend\",\"1155\":\"257#dev-dsf-bpe-debug-log-message-onactivitystart\",\"1156\":\"257#dev-dsf-bpe-debug-log-message-variables\",\"1157\":\"257#dev-dsf-bpe-fhir-client-certificate\",\"1158\":\"257#dev-dsf-bpe-fhir-client-certificate-private-key\",\"1159\":\"257#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"1160\":\"257#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"1161\":\"257#dev-dsf-bpe-fhir-client-local-timeout-read\",\"1162\":\"257#dev-dsf-bpe-fhir-client-local-verbose\",\"1163\":\"257#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"1164\":\"257#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"1165\":\"257#dev-dsf-bpe-fhir-client-remote-verbose\",\"1166\":\"257#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"1167\":\"257#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"1168\":\"257#dev-dsf-bpe-fhir-server-base-url\",\"1169\":\"257#dev-dsf-bpe-fhir-server-organization-identifier-value\",\"1170\":\"257#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"1171\":\"257#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"1172\":\"257#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"1173\":\"257#dev-dsf-bpe-mail-client-certificate\",\"1174\":\"257#dev-dsf-bpe-mail-client-certificate-private-key\",\"1175\":\"257#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"1176\":\"257#dev-dsf-bpe-mail-fromaddress\",\"1177\":\"257#dev-dsf-bpe-mail-host\",\"1178\":\"257#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"1179\":\"257#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"1180\":\"257#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"1181\":\"257#dev-dsf-bpe-mail-port\",\"1182\":\"257#dev-dsf-bpe-mail-replytoaddresses\",\"1183\":\"257#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"1184\":\"257#dev-dsf-bpe-mail-sendtestmailonstartup\",\"1185\":\"257#dev-dsf-bpe-mail-smime-p12keystore\",\"1186\":\"257#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"1187\":\"257#dev-dsf-bpe-mail-toaddresses\",\"1188\":\"257#dev-dsf-bpe-mail-toaddressescc\",\"1189\":\"257#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"1190\":\"257#dev-dsf-bpe-mail-username\",\"1191\":\"257#dev-dsf-bpe-mail-usesmtps\",\"1192\":\"257#dev-dsf-bpe-process-excluded\",\"1193\":\"257#dev-dsf-bpe-process-fhir-server-retry-max\",\"1194\":\"257#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"1195\":\"257#dev-dsf-bpe-process-plugin-directroy\",\"1196\":\"257#dev-dsf-bpe-process-retired\",\"1197\":\"257#dev-dsf-proxy-noproxy\",\"1198\":\"257#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1199\":\"257#dev-dsf-proxy-url\",\"1200\":\"257#dev-dsf-proxy-username\",\"1201\":\"258\",\"1202\":\"258#dev-dsf-server-api-host\",\"1203\":\"258#dev-dsf-server-api-port\",\"1204\":\"258#dev-dsf-server-auth-client-certificate-header\",\"1205\":\"258#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1206\":\"258#dev-dsf-server-auth-oidc-back-channel-logout\",\"1207\":\"258#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1208\":\"258#dev-dsf-server-auth-oidc-bearer-token\",\"1209\":\"258#dev-dsf-server-auth-oidc-client-id\",\"1210\":\"258#dev-dsf-server-auth-oidc-client-secret\",\"1211\":\"258#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1212\":\"258#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1213\":\"258#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1214\":\"258#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1215\":\"258#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1216\":\"258#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1217\":\"258#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1218\":\"258#dev-dsf-server-auth-trust-client-certificate-cas\",\"1219\":\"258#dev-dsf-server-certificate\",\"1220\":\"258#dev-dsf-server-certificate-chain\",\"1221\":\"258#dev-dsf-server-certificate-key\",\"1222\":\"258#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1223\":\"258#dev-dsf-server-context-path\",\"1224\":\"258#dev-dsf-server-status-host\",\"1225\":\"258#dev-dsf-server-status-port\",\"1226\":\"259\",\"1227\":\"259#dev-dsf-fhir-client-certificate\",\"1228\":\"259#dev-dsf-fhir-client-certificate-private-key\",\"1229\":\"259#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1230\":\"259#dev-dsf-fhir-client-timeout-connect\",\"1231\":\"259#dev-dsf-fhir-client-timeout-read\",\"1232\":\"259#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1233\":\"259#dev-dsf-fhir-client-verbose\",\"1234\":\"259#dev-dsf-fhir-db-liquibase-forceunlock\",\"1235\":\"259#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1236\":\"259#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1237\":\"259#dev-dsf-fhir-db-liquibase-username\",\"1238\":\"259#dev-dsf-fhir-db-url\",\"1239\":\"259#dev-dsf-fhir-db-user-group\",\"1240\":\"259#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1241\":\"259#dev-dsf-fhir-db-user-permanent-delete-group\",\"1242\":\"259#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1243\":\"259#dev-dsf-fhir-db-user-permanent-delete-username\",\"1244\":\"259#dev-dsf-fhir-db-user-username\",\"1245\":\"259#dev-dsf-fhir-server-base-url\",\"1246\":\"259#dev-dsf-fhir-server-init-bundle\",\"1247\":\"259#dev-dsf-fhir-server-organization-identifier-value\",\"1248\":\"259#dev-dsf-fhir-server-page-count\",\"1249\":\"259#dev-dsf-fhir-server-roleconfig\",\"1250\":\"259#dev-dsf-fhir-server-static-resource-cache\",\"1251\":\"259#dev-dsf-proxy-noproxy\",\"1252\":\"259#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1253\":\"259#dev-dsf-proxy-url\",\"1254\":\"259#dev-dsf-proxy-username\",\"1255\":\"260\",\"1256\":\"260#app-server-ip\",\"1257\":\"260#https-server-name-port\",\"1258\":\"260#proxy-pass-connection-timeout-http\",\"1259\":\"260#proxy-pass-connection-timeout-ws\",\"1260\":\"260#proxy-pass-timeout-http\",\"1261\":\"260#proxy-pass-timeout-ws\",\"1262\":\"260#ssl-ca-certificate-file\",\"1263\":\"260#ssl-ca-dn-request-file\",\"1264\":\"260#ssl-certificate-chain-file\",\"1265\":\"260#ssl-certificate-file\",\"1266\":\"260#ssl-certificate-key-file\",\"1267\":\"261\",\"1268\":\"261#overview\",\"1269\":\"262\",\"1270\":\"262#dev-dsf-server-api-host\",\"1271\":\"262#dev-dsf-server-api-port\",\"1272\":\"262#dev-dsf-server-auth-client-certificate-header\",\"1273\":\"262#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1274\":\"262#dev-dsf-server-auth-oidc-back-channel-logout\",\"1275\":\"262#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1276\":\"262#dev-dsf-server-auth-oidc-bearer-token\",\"1277\":\"262#dev-dsf-server-auth-oidc-client-id\",\"1278\":\"262#dev-dsf-server-auth-oidc-client-secret\",\"1279\":\"262#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1280\":\"262#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1281\":\"262#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1282\":\"262#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1283\":\"262#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1284\":\"262#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1285\":\"262#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1286\":\"262#dev-dsf-server-auth-trust-client-certificate-cas\",\"1287\":\"262#dev-dsf-server-certificate\",\"1288\":\"262#dev-dsf-server-certificate-chain\",\"1289\":\"262#dev-dsf-server-certificate-key\",\"1290\":\"262#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1291\":\"262#dev-dsf-server-context-path\",\"1292\":\"262#dev-dsf-server-status-host\",\"1293\":\"262#dev-dsf-server-status-port\",\"1294\":\"262#dev-dsf-bpe-db-liquibase-forceunlock\",\"1295\":\"262#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1296\":\"262#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"1297\":\"262#dev-dsf-bpe-db-liquibase-username\",\"1298\":\"262#dev-dsf-bpe-db-url\",\"1299\":\"262#dev-dsf-bpe-db-user-camunda-group\",\"1300\":\"262#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"1301\":\"262#dev-dsf-bpe-db-user-camunda-username\",\"1302\":\"262#dev-dsf-bpe-db-user-group\",\"1303\":\"262#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"1304\":\"262#dev-dsf-bpe-db-user-username\",\"1305\":\"262#dev-dsf-bpe-debug-log-message-onactivityend\",\"1306\":\"262#dev-dsf-bpe-debug-log-message-onactivitystart\",\"1307\":\"262#dev-dsf-bpe-debug-log-message-variables\",\"1308\":\"262#dev-dsf-bpe-fhir-client-certificate\",\"1309\":\"262#dev-dsf-bpe-fhir-client-certificate-private-key\",\"1310\":\"262#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"1311\":\"262#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"1312\":\"262#dev-dsf-bpe-fhir-client-local-timeout-read\",\"1313\":\"262#dev-dsf-bpe-fhir-client-local-verbose\",\"1314\":\"262#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"1315\":\"262#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"1316\":\"262#dev-dsf-bpe-fhir-client-remote-verbose\",\"1317\":\"262#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"1318\":\"262#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"1319\":\"262#dev-dsf-bpe-fhir-server-base-url\",\"1320\":\"262#dev-dsf-bpe-fhir-server-organization-identifier-value\",\"1321\":\"262#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"1322\":\"262#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"1323\":\"262#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"1324\":\"262#dev-dsf-bpe-mail-client-certificate\",\"1325\":\"262#dev-dsf-bpe-mail-client-certificate-private-key\",\"1326\":\"262#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"1327\":\"262#dev-dsf-bpe-mail-fromaddress\",\"1328\":\"262#dev-dsf-bpe-mail-host\",\"1329\":\"262#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"1330\":\"262#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"1331\":\"262#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"1332\":\"262#dev-dsf-bpe-mail-port\",\"1333\":\"262#dev-dsf-bpe-mail-replytoaddresses\",\"1334\":\"262#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"1335\":\"262#dev-dsf-bpe-mail-sendtestmailonstartup\",\"1336\":\"262#dev-dsf-bpe-mail-smime-p12keystore\",\"1337\":\"262#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"1338\":\"262#dev-dsf-bpe-mail-toaddresses\",\"1339\":\"262#dev-dsf-bpe-mail-toaddressescc\",\"1340\":\"262#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"1341\":\"262#dev-dsf-bpe-mail-username\",\"1342\":\"262#dev-dsf-bpe-mail-usesmtps\",\"1343\":\"262#dev-dsf-bpe-process-excluded\",\"1344\":\"262#dev-dsf-bpe-process-fhir-server-retry-max\",\"1345\":\"262#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"1346\":\"262#dev-dsf-bpe-process-plugin-directroy\",\"1347\":\"262#dev-dsf-bpe-process-retired\",\"1348\":\"262#dev-dsf-proxy-noproxy\",\"1349\":\"262#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1350\":\"262#dev-dsf-proxy-url\",\"1351\":\"262#dev-dsf-proxy-username\",\"1352\":\"263\",\"1353\":\"263#overview\",\"1354\":\"264\",\"1355\":\"264#overview\",\"1356\":\"264#matching-users\",\"1357\":\"264#thumbprint\",\"1358\":\"264#email\",\"1359\":\"264#token-role-and-token-group\",\"1360\":\"264#dsf-and-practitioner-roles\",\"1361\":\"264#dsf-role\",\"1362\":\"264#practitioner-role\",\"1363\":\"264#examples\",\"1364\":\"265\",\"1365\":\"265#dev-dsf-fhir-client-certificate\",\"1366\":\"265#dev-dsf-fhir-client-certificate-private-key\",\"1367\":\"265#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1368\":\"265#dev-dsf-fhir-client-timeout-connect\",\"1369\":\"265#dev-dsf-fhir-client-timeout-read\",\"1370\":\"265#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1371\":\"265#dev-dsf-fhir-client-verbose\",\"1372\":\"265#dev-dsf-fhir-db-liquibase-forceunlock\",\"1373\":\"265#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1374\":\"265#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1375\":\"265#dev-dsf-fhir-db-liquibase-username\",\"1376\":\"265#dev-dsf-fhir-db-url\",\"1377\":\"265#dev-dsf-fhir-db-user-group\",\"1378\":\"265#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1379\":\"265#dev-dsf-fhir-db-user-permanent-delete-group\",\"1380\":\"265#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1381\":\"265#dev-dsf-fhir-db-user-permanent-delete-username\",\"1382\":\"265#dev-dsf-fhir-db-user-username\",\"1383\":\"265#dev-dsf-fhir-server-base-url\",\"1384\":\"265#dev-dsf-fhir-server-init-bundle\",\"1385\":\"265#dev-dsf-fhir-server-organization-identifier-value\",\"1386\":\"265#dev-dsf-fhir-server-organization-thumbprint\",\"1387\":\"265#dev-dsf-fhir-server-page-count\",\"1388\":\"265#dev-dsf-fhir-server-roleconfig\",\"1389\":\"265#dev-dsf-fhir-server-static-resource-cache\",\"1390\":\"265#dev-dsf-proxy-noproxy\",\"1391\":\"265#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1392\":\"265#dev-dsf-proxy-url\",\"1393\":\"265#dev-dsf-proxy-username\",\"1394\":\"265#dev-dsf-server-api-host\",\"1395\":\"265#dev-dsf-server-api-port\",\"1396\":\"265#dev-dsf-server-auth-client-certificate-header\",\"1397\":\"265#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1398\":\"265#dev-dsf-server-auth-oidc-back-channel-logout\",\"1399\":\"265#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1400\":\"265#dev-dsf-server-auth-oidc-bearer-token\",\"1401\":\"265#dev-dsf-server-auth-oidc-client-id\",\"1402\":\"265#dev-dsf-server-auth-oidc-client-secret\",\"1403\":\"265#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1404\":\"265#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1405\":\"265#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1406\":\"265#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1407\":\"265#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1408\":\"265#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1409\":\"265#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1410\":\"265#dev-dsf-server-auth-trust-client-certificate-cas\",\"1411\":\"265#dev-dsf-server-certificate\",\"1412\":\"265#dev-dsf-server-certificate-chain\",\"1413\":\"265#dev-dsf-server-certificate-key\",\"1414\":\"265#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1415\":\"265#dev-dsf-server-context-path\",\"1416\":\"265#dev-dsf-server-status-host\",\"1417\":\"265#dev-dsf-server-status-port\",\"1418\":\"266\",\"1419\":\"266#overview\",\"1420\":\"266#authorization-code-flow\",\"1421\":\"266#bearer-token-authentication\",\"1422\":\"266#additional-odic-configuration-parameter\",\"1423\":\"266#example\",\"1424\":\"267\",\"1425\":\"267#overview\",\"1426\":\"268\",\"1427\":\"268#app-server-ip\",\"1428\":\"268#https-server-name-port\",\"1429\":\"268#proxy-pass-connection-timeout-http\",\"1430\":\"268#proxy-pass-connection-timeout-ws\",\"1431\":\"268#proxy-pass-timeout-http\",\"1432\":\"268#proxy-pass-timeout-ws\",\"1433\":\"268#ssl-ca-certificate-file\",\"1434\":\"268#ssl-ca-dn-request-file\",\"1435\":\"268#ssl-certificate-chain-file\",\"1436\":\"268#ssl-certificate-file\",\"1437\":\"268#ssl-certificate-key-file\",\"1438\":\"268#ssl-verify-client\",\"1439\":\"269\",\"1440\":\"269#overview\",\"1441\":\"270\",\"1442\":\"270#dev-dsf-server-api-host\",\"1443\":\"270#dev-dsf-server-api-port\",\"1444\":\"270#dev-dsf-server-auth-client-certificate-header\",\"1445\":\"270#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1446\":\"270#dev-dsf-server-auth-oidc-back-channel-logout\",\"1447\":\"270#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1448\":\"270#dev-dsf-server-auth-oidc-bearer-token\",\"1449\":\"270#dev-dsf-server-auth-oidc-client-id\",\"1450\":\"270#dev-dsf-server-auth-oidc-client-secret\",\"1451\":\"270#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1452\":\"270#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1453\":\"270#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1454\":\"270#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1455\":\"270#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1456\":\"270#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1457\":\"270#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1458\":\"270#dev-dsf-server-auth-trust-client-certificate-cas\",\"1459\":\"270#dev-dsf-server-certificate\",\"1460\":\"270#dev-dsf-server-certificate-chain\",\"1461\":\"270#dev-dsf-server-certificate-key\",\"1462\":\"270#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1463\":\"270#dev-dsf-server-context-path\",\"1464\":\"270#dev-dsf-server-status-host\",\"1465\":\"270#dev-dsf-server-status-port\",\"1466\":\"270#dev-dsf-bpe-db-liquibase-forceunlock\",\"1467\":\"270#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1468\":\"270#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"1469\":\"270#dev-dsf-bpe-db-liquibase-username\",\"1470\":\"270#dev-dsf-bpe-db-url\",\"1471\":\"270#dev-dsf-bpe-db-user-camunda-group\",\"1472\":\"270#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"1473\":\"270#dev-dsf-bpe-db-user-camunda-username\",\"1474\":\"270#dev-dsf-bpe-db-user-group\",\"1475\":\"270#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"1476\":\"270#dev-dsf-bpe-db-user-username\",\"1477\":\"270#dev-dsf-bpe-debug-log-message-onactivityend\",\"1478\":\"270#dev-dsf-bpe-debug-log-message-onactivitystart\",\"1479\":\"270#dev-dsf-bpe-debug-log-message-variables\",\"1480\":\"270#dev-dsf-bpe-debug-log-message-variableslocal\",\"1481\":\"270#dev-dsf-bpe-fhir-client-certificate\",\"1482\":\"270#dev-dsf-bpe-fhir-client-certificate-private-key\",\"1483\":\"270#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"1484\":\"270#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"1485\":\"270#dev-dsf-bpe-fhir-client-local-timeout-read\",\"1486\":\"270#dev-dsf-bpe-fhir-client-local-verbose\",\"1487\":\"270#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"1488\":\"270#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"1489\":\"270#dev-dsf-bpe-fhir-client-remote-verbose\",\"1490\":\"270#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"1491\":\"270#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"1492\":\"270#dev-dsf-bpe-fhir-server-base-url\",\"1493\":\"270#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"1494\":\"270#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"1495\":\"270#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"1496\":\"270#dev-dsf-bpe-mail-client-certificate\",\"1497\":\"270#dev-dsf-bpe-mail-client-certificate-private-key\",\"1498\":\"270#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"1499\":\"270#dev-dsf-bpe-mail-fromaddress\",\"1500\":\"270#dev-dsf-bpe-mail-host\",\"1501\":\"270#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"1502\":\"270#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"1503\":\"270#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"1504\":\"270#dev-dsf-bpe-mail-port\",\"1505\":\"270#dev-dsf-bpe-mail-replytoaddresses\",\"1506\":\"270#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"1507\":\"270#dev-dsf-bpe-mail-sendtestmailonstartup\",\"1508\":\"270#dev-dsf-bpe-mail-smime-p12keystore\",\"1509\":\"270#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"1510\":\"270#dev-dsf-bpe-mail-toaddresses\",\"1511\":\"270#dev-dsf-bpe-mail-toaddressescc\",\"1512\":\"270#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"1513\":\"270#dev-dsf-bpe-mail-username\",\"1514\":\"270#dev-dsf-bpe-mail-usesmtps\",\"1515\":\"270#dev-dsf-bpe-process-engine-corepoolsize\",\"1516\":\"270#dev-dsf-bpe-process-engine-maxpoolsize\",\"1517\":\"270#dev-dsf-bpe-process-engine-queuesize\",\"1518\":\"270#dev-dsf-bpe-process-excluded\",\"1519\":\"270#dev-dsf-bpe-process-fhir-server-retry-max\",\"1520\":\"270#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"1521\":\"270#dev-dsf-bpe-process-plugin-directroy\",\"1522\":\"270#dev-dsf-bpe-process-retired\",\"1523\":\"270#dev-dsf-bpe-process-threads\",\"1524\":\"270#dev-dsf-proxy-noproxy\",\"1525\":\"270#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1526\":\"270#dev-dsf-proxy-url\",\"1527\":\"270#dev-dsf-proxy-username\",\"1528\":\"271\",\"1529\":\"271#overview\",\"1530\":\"272\",\"1531\":\"272#overview\",\"1532\":\"272#matching-users\",\"1533\":\"272#thumbprint\",\"1534\":\"272#email\",\"1535\":\"272#token-role-and-token-group\",\"1536\":\"272#dsf-and-practitioner-roles\",\"1537\":\"272#dsf-role\",\"1538\":\"272#practitioner-role\",\"1539\":\"272#examples\",\"1540\":\"273\",\"1541\":\"273#dev-dsf-fhir-client-certificate\",\"1542\":\"273#dev-dsf-fhir-client-certificate-private-key\",\"1543\":\"273#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1544\":\"273#dev-dsf-fhir-client-timeout-connect\",\"1545\":\"273#dev-dsf-fhir-client-timeout-read\",\"1546\":\"273#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1547\":\"273#dev-dsf-fhir-client-verbose\",\"1548\":\"273#dev-dsf-fhir-db-liquibase-forceunlock\",\"1549\":\"273#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1550\":\"273#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1551\":\"273#dev-dsf-fhir-db-liquibase-username\",\"1552\":\"273#dev-dsf-fhir-db-url\",\"1553\":\"273#dev-dsf-fhir-db-user-group\",\"1554\":\"273#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1555\":\"273#dev-dsf-fhir-db-user-permanent-delete-group\",\"1556\":\"273#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1557\":\"273#dev-dsf-fhir-db-user-permanent-delete-username\",\"1558\":\"273#dev-dsf-fhir-db-user-username\",\"1559\":\"273#dev-dsf-fhir-server-base-url\",\"1560\":\"273#dev-dsf-fhir-server-init-bundle\",\"1561\":\"273#dev-dsf-fhir-server-organization-identifier-value\",\"1562\":\"273#dev-dsf-fhir-server-organization-thumbprint\",\"1563\":\"273#dev-dsf-fhir-server-page-count\",\"1564\":\"273#dev-dsf-fhir-server-roleconfig\",\"1565\":\"273#dev-dsf-fhir-server-static-resource-cache\",\"1566\":\"273#dev-dsf-proxy-noproxy\",\"1567\":\"273#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1568\":\"273#dev-dsf-proxy-url\",\"1569\":\"273#dev-dsf-proxy-username\",\"1570\":\"273#dev-dsf-server-api-host\",\"1571\":\"273#dev-dsf-server-api-port\",\"1572\":\"273#dev-dsf-server-auth-client-certificate-header\",\"1573\":\"273#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1574\":\"273#dev-dsf-server-auth-oidc-back-channel-logout\",\"1575\":\"273#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1576\":\"273#dev-dsf-server-auth-oidc-bearer-token\",\"1577\":\"273#dev-dsf-server-auth-oidc-client-id\",\"1578\":\"273#dev-dsf-server-auth-oidc-client-secret\",\"1579\":\"273#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1580\":\"273#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1581\":\"273#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1582\":\"273#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1583\":\"273#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1584\":\"273#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1585\":\"273#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1586\":\"273#dev-dsf-server-auth-trust-client-certificate-cas\",\"1587\":\"273#dev-dsf-server-certificate\",\"1588\":\"273#dev-dsf-server-certificate-chain\",\"1589\":\"273#dev-dsf-server-certificate-key\",\"1590\":\"273#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1591\":\"273#dev-dsf-server-context-path\",\"1592\":\"273#dev-dsf-server-status-host\",\"1593\":\"273#dev-dsf-server-status-port\",\"1594\":\"274\",\"1595\":\"274#overview\",\"1596\":\"274#authorization-code-flow\",\"1597\":\"274#bearer-token-authentication\",\"1598\":\"274#additional-odic-configuration-parameter\",\"1599\":\"274#example\",\"1600\":\"275\",\"1601\":\"275#overview\",\"1602\":\"276\",\"1603\":\"276#app-server-ip\",\"1604\":\"276#https-server-name-port\",\"1605\":\"276#proxy-pass-connection-timeout-http\",\"1606\":\"276#proxy-pass-connection-timeout-ws\",\"1607\":\"276#proxy-pass-timeout-http\",\"1608\":\"276#proxy-pass-timeout-ws\",\"1609\":\"276#server-context-path\",\"1610\":\"276#ssl-ca-certificate-file\",\"1611\":\"276#ssl-ca-dn-request-file\",\"1612\":\"276#ssl-certificate-chain-file\",\"1613\":\"276#ssl-certificate-file\",\"1614\":\"276#ssl-certificate-key-file\",\"1615\":\"276#ssl-verify-client\",\"1616\":\"277\",\"1617\":\"277#overview\",\"1618\":\"278\",\"1619\":\"278#dev-dsf-server-api-host\",\"1620\":\"278#dev-dsf-server-api-port\",\"1621\":\"278#dev-dsf-server-auth-client-certificate-header\",\"1622\":\"278#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1623\":\"278#dev-dsf-server-auth-oidc-back-channel-logout\",\"1624\":\"278#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1625\":\"278#dev-dsf-server-auth-oidc-bearer-token\",\"1626\":\"278#dev-dsf-server-auth-oidc-client-id\",\"1627\":\"278#dev-dsf-server-auth-oidc-client-secret\",\"1628\":\"278#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1629\":\"278#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1630\":\"278#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1631\":\"278#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1632\":\"278#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1633\":\"278#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1634\":\"278#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1635\":\"278#dev-dsf-server-auth-trust-client-certificate-cas\",\"1636\":\"278#dev-dsf-server-certificate\",\"1637\":\"278#dev-dsf-server-certificate-chain\",\"1638\":\"278#dev-dsf-server-certificate-key\",\"1639\":\"278#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1640\":\"278#dev-dsf-server-context-path\",\"1641\":\"278#dev-dsf-server-status-host\",\"1642\":\"278#dev-dsf-server-status-port\",\"1643\":\"278#dev-dsf-bpe-db-liquibase-forceunlock\",\"1644\":\"278#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1645\":\"278#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"1646\":\"278#dev-dsf-bpe-db-liquibase-username\",\"1647\":\"278#dev-dsf-bpe-db-url\",\"1648\":\"278#dev-dsf-bpe-db-user-camunda-group\",\"1649\":\"278#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"1650\":\"278#dev-dsf-bpe-db-user-camunda-username\",\"1651\":\"278#dev-dsf-bpe-db-user-group\",\"1652\":\"278#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"1653\":\"278#dev-dsf-bpe-db-user-username\",\"1654\":\"278#dev-dsf-bpe-debug-log-message-onactivityend\",\"1655\":\"278#dev-dsf-bpe-debug-log-message-onactivitystart\",\"1656\":\"278#dev-dsf-bpe-debug-log-message-variables\",\"1657\":\"278#dev-dsf-bpe-debug-log-message-variableslocal\",\"1658\":\"278#dev-dsf-bpe-fhir-client-certificate\",\"1659\":\"278#dev-dsf-bpe-fhir-client-certificate-private-key\",\"1660\":\"278#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"1661\":\"278#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"1662\":\"278#dev-dsf-bpe-fhir-client-local-timeout-read\",\"1663\":\"278#dev-dsf-bpe-fhir-client-local-verbose\",\"1664\":\"278#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"1665\":\"278#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"1666\":\"278#dev-dsf-bpe-fhir-client-remote-verbose\",\"1667\":\"278#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"1668\":\"278#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"1669\":\"278#dev-dsf-bpe-fhir-server-base-url\",\"1670\":\"278#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"1671\":\"278#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"1672\":\"278#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"1673\":\"278#dev-dsf-bpe-mail-client-certificate\",\"1674\":\"278#dev-dsf-bpe-mail-client-certificate-private-key\",\"1675\":\"278#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"1676\":\"278#dev-dsf-bpe-mail-fromaddress\",\"1677\":\"278#dev-dsf-bpe-mail-host\",\"1678\":\"278#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"1679\":\"278#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"1680\":\"278#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"1681\":\"278#dev-dsf-bpe-mail-port\",\"1682\":\"278#dev-dsf-bpe-mail-replytoaddresses\",\"1683\":\"278#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"1684\":\"278#dev-dsf-bpe-mail-sendtestmailonstartup\",\"1685\":\"278#dev-dsf-bpe-mail-smime-p12keystore\",\"1686\":\"278#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"1687\":\"278#dev-dsf-bpe-mail-toaddresses\",\"1688\":\"278#dev-dsf-bpe-mail-toaddressescc\",\"1689\":\"278#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"1690\":\"278#dev-dsf-bpe-mail-username\",\"1691\":\"278#dev-dsf-bpe-mail-usesmtps\",\"1692\":\"278#dev-dsf-bpe-process-engine-corepoolsize\",\"1693\":\"278#dev-dsf-bpe-process-engine-maxpoolsize\",\"1694\":\"278#dev-dsf-bpe-process-engine-queuesize\",\"1695\":\"278#dev-dsf-bpe-process-excluded\",\"1696\":\"278#dev-dsf-bpe-process-fhir-server-retry-max\",\"1697\":\"278#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"1698\":\"278#dev-dsf-bpe-process-plugin-directroy\",\"1699\":\"278#dev-dsf-bpe-process-retired\",\"1700\":\"278#dev-dsf-bpe-process-threads\",\"1701\":\"278#dev-dsf-proxy-noproxy\",\"1702\":\"278#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1703\":\"278#dev-dsf-proxy-url\",\"1704\":\"278#dev-dsf-proxy-username\",\"1705\":\"279\",\"1706\":\"279#overview\",\"1707\":\"280\",\"1708\":\"280#overview\",\"1709\":\"280#matching-users\",\"1710\":\"280#thumbprint\",\"1711\":\"280#email\",\"1712\":\"280#token-role-and-token-group\",\"1713\":\"280#dsf-and-practitioner-roles\",\"1714\":\"280#dsf-role\",\"1715\":\"280#practitioner-role\",\"1716\":\"280#examples\",\"1717\":\"281\",\"1718\":\"281#dev-dsf-fhir-client-certificate\",\"1719\":\"281#dev-dsf-fhir-client-certificate-private-key\",\"1720\":\"281#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1721\":\"281#dev-dsf-fhir-client-timeout-connect\",\"1722\":\"281#dev-dsf-fhir-client-timeout-read\",\"1723\":\"281#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1724\":\"281#dev-dsf-fhir-client-verbose\",\"1725\":\"281#dev-dsf-fhir-db-liquibase-forceunlock\",\"1726\":\"281#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1727\":\"281#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1728\":\"281#dev-dsf-fhir-db-liquibase-username\",\"1729\":\"281#dev-dsf-fhir-db-url\",\"1730\":\"281#dev-dsf-fhir-db-user-group\",\"1731\":\"281#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1732\":\"281#dev-dsf-fhir-db-user-permanent-delete-group\",\"1733\":\"281#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1734\":\"281#dev-dsf-fhir-db-user-permanent-delete-username\",\"1735\":\"281#dev-dsf-fhir-db-user-username\",\"1736\":\"281#dev-dsf-fhir-server-base-url\",\"1737\":\"281#dev-dsf-fhir-server-init-bundle\",\"1738\":\"281#dev-dsf-fhir-server-organization-identifier-value\",\"1739\":\"281#dev-dsf-fhir-server-organization-thumbprint\",\"1740\":\"281#dev-dsf-fhir-server-page-count\",\"1741\":\"281#dev-dsf-fhir-server-roleconfig\",\"1742\":\"281#dev-dsf-fhir-server-static-resource-cache\",\"1743\":\"281#dev-dsf-proxy-noproxy\",\"1744\":\"281#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1745\":\"281#dev-dsf-proxy-url\",\"1746\":\"281#dev-dsf-proxy-username\",\"1747\":\"281#dev-dsf-server-api-host\",\"1748\":\"281#dev-dsf-server-api-port\",\"1749\":\"281#dev-dsf-server-auth-client-certificate-header\",\"1750\":\"281#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1751\":\"281#dev-dsf-server-auth-oidc-back-channel-logout\",\"1752\":\"281#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1753\":\"281#dev-dsf-server-auth-oidc-bearer-token\",\"1754\":\"281#dev-dsf-server-auth-oidc-client-id\",\"1755\":\"281#dev-dsf-server-auth-oidc-client-secret\",\"1756\":\"281#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1757\":\"281#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1758\":\"281#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1759\":\"281#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1760\":\"281#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1761\":\"281#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1762\":\"281#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1763\":\"281#dev-dsf-server-auth-trust-client-certificate-cas\",\"1764\":\"281#dev-dsf-server-certificate\",\"1765\":\"281#dev-dsf-server-certificate-chain\",\"1766\":\"281#dev-dsf-server-certificate-key\",\"1767\":\"281#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1768\":\"281#dev-dsf-server-context-path\",\"1769\":\"281#dev-dsf-server-status-host\",\"1770\":\"281#dev-dsf-server-status-port\",\"1771\":\"282\",\"1772\":\"282#overview\",\"1773\":\"282#authorization-code-flow\",\"1774\":\"282#bearer-token-authentication\",\"1775\":\"282#additional-odic-configuration-parameter\",\"1776\":\"282#example\",\"1777\":\"283\",\"1778\":\"283#overview\",\"1779\":\"284\",\"1780\":\"284#app-server-ip\",\"1781\":\"284#https-server-name-port\",\"1782\":\"284#proxy-pass-connection-timeout-http\",\"1783\":\"284#proxy-pass-connection-timeout-ws\",\"1784\":\"284#proxy-pass-timeout-http\",\"1785\":\"284#proxy-pass-timeout-ws\",\"1786\":\"284#server-context-path\",\"1787\":\"284#ssl-ca-certificate-file\",\"1788\":\"284#ssl-ca-dn-request-file\",\"1789\":\"284#ssl-certificate-chain-file\",\"1790\":\"284#ssl-certificate-file\",\"1791\":\"284#ssl-certificate-key-file\",\"1792\":\"284#ssl-verify-client\",\"1793\":\"285\",\"1794\":\"285#overview\",\"1795\":\"286\",\"1796\":\"286#dev-dsf-server-api-host\",\"1797\":\"286#dev-dsf-server-api-port\",\"1798\":\"286#dev-dsf-server-auth-client-certificate-header\",\"1799\":\"286#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1800\":\"286#dev-dsf-server-auth-oidc-back-channel-logout\",\"1801\":\"286#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1802\":\"286#dev-dsf-server-auth-oidc-bearer-token\",\"1803\":\"286#dev-dsf-server-auth-oidc-client-id\",\"1804\":\"286#dev-dsf-server-auth-oidc-client-secret\",\"1805\":\"286#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1806\":\"286#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1807\":\"286#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1808\":\"286#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1809\":\"286#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1810\":\"286#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1811\":\"286#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1812\":\"286#dev-dsf-server-auth-trust-client-certificate-cas\",\"1813\":\"286#dev-dsf-server-certificate\",\"1814\":\"286#dev-dsf-server-certificate-chain\",\"1815\":\"286#dev-dsf-server-certificate-key\",\"1816\":\"286#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1817\":\"286#dev-dsf-server-context-path\",\"1818\":\"286#dev-dsf-server-status-host\",\"1819\":\"286#dev-dsf-server-status-port\",\"1820\":\"286#dev-dsf-bpe-db-liquibase-forceunlock\",\"1821\":\"286#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1822\":\"286#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"1823\":\"286#dev-dsf-bpe-db-liquibase-username\",\"1824\":\"286#dev-dsf-bpe-db-url\",\"1825\":\"286#dev-dsf-bpe-db-user-camunda-group\",\"1826\":\"286#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"1827\":\"286#dev-dsf-bpe-db-user-camunda-username\",\"1828\":\"286#dev-dsf-bpe-db-user-group\",\"1829\":\"286#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"1830\":\"286#dev-dsf-bpe-db-user-username\",\"1831\":\"286#dev-dsf-bpe-debug-log-message-onactivityend\",\"1832\":\"286#dev-dsf-bpe-debug-log-message-onactivitystart\",\"1833\":\"286#dev-dsf-bpe-debug-log-message-variables\",\"1834\":\"286#dev-dsf-bpe-debug-log-message-variableslocal\",\"1835\":\"286#dev-dsf-bpe-fhir-client-certificate\",\"1836\":\"286#dev-dsf-bpe-fhir-client-certificate-private-key\",\"1837\":\"286#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"1838\":\"286#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"1839\":\"286#dev-dsf-bpe-fhir-client-local-timeout-read\",\"1840\":\"286#dev-dsf-bpe-fhir-client-local-verbose\",\"1841\":\"286#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"1842\":\"286#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"1843\":\"286#dev-dsf-bpe-fhir-client-remote-verbose\",\"1844\":\"286#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"1845\":\"286#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"1846\":\"286#dev-dsf-bpe-fhir-server-base-url\",\"1847\":\"286#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"1848\":\"286#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"1849\":\"286#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"1850\":\"286#dev-dsf-bpe-mail-client-certificate\",\"1851\":\"286#dev-dsf-bpe-mail-client-certificate-private-key\",\"1852\":\"286#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"1853\":\"286#dev-dsf-bpe-mail-fromaddress\",\"1854\":\"286#dev-dsf-bpe-mail-host\",\"1855\":\"286#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"1856\":\"286#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"1857\":\"286#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"1858\":\"286#dev-dsf-bpe-mail-port\",\"1859\":\"286#dev-dsf-bpe-mail-replytoaddresses\",\"1860\":\"286#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"1861\":\"286#dev-dsf-bpe-mail-sendtestmailonstartup\",\"1862\":\"286#dev-dsf-bpe-mail-smime-p12keystore\",\"1863\":\"286#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"1864\":\"286#dev-dsf-bpe-mail-toaddresses\",\"1865\":\"286#dev-dsf-bpe-mail-toaddressescc\",\"1866\":\"286#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"1867\":\"286#dev-dsf-bpe-mail-username\",\"1868\":\"286#dev-dsf-bpe-mail-usesmtps\",\"1869\":\"286#dev-dsf-bpe-process-engine-corepoolsize\",\"1870\":\"286#dev-dsf-bpe-process-engine-maxpoolsize\",\"1871\":\"286#dev-dsf-bpe-process-engine-queuesize\",\"1872\":\"286#dev-dsf-bpe-process-excluded\",\"1873\":\"286#dev-dsf-bpe-process-fhir-server-retry-max\",\"1874\":\"286#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"1875\":\"286#dev-dsf-bpe-process-plugin-directroy\",\"1876\":\"286#dev-dsf-bpe-process-retired\",\"1877\":\"286#dev-dsf-bpe-process-threads\",\"1878\":\"286#dev-dsf-proxy-noproxy\",\"1879\":\"286#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1880\":\"286#dev-dsf-proxy-url\",\"1881\":\"286#dev-dsf-proxy-username\",\"1882\":\"287\",\"1883\":\"287#overview\",\"1884\":\"288\",\"1885\":\"288#overview\",\"1886\":\"288#matching-users\",\"1887\":\"288#thumbprint\",\"1888\":\"288#email\",\"1889\":\"288#token-role-and-token-group\",\"1890\":\"288#dsf-and-practitioner-roles\",\"1891\":\"288#dsf-role\",\"1892\":\"288#practitioner-role\",\"1893\":\"288#examples\",\"1894\":\"289\",\"1895\":\"289#dev-dsf-fhir-client-certificate\",\"1896\":\"289#dev-dsf-fhir-client-certificate-private-key\",\"1897\":\"289#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"1898\":\"289#dev-dsf-fhir-client-timeout-connect\",\"1899\":\"289#dev-dsf-fhir-client-timeout-read\",\"1900\":\"289#dev-dsf-fhir-client-trust-server-certificate-cas\",\"1901\":\"289#dev-dsf-fhir-client-verbose\",\"1902\":\"289#dev-dsf-fhir-db-liquibase-forceunlock\",\"1903\":\"289#dev-dsf-fhir-db-liquibase-lockwaittime\",\"1904\":\"289#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"1905\":\"289#dev-dsf-fhir-db-liquibase-username\",\"1906\":\"289#dev-dsf-fhir-db-url\",\"1907\":\"289#dev-dsf-fhir-db-user-group\",\"1908\":\"289#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"1909\":\"289#dev-dsf-fhir-db-user-permanent-delete-group\",\"1910\":\"289#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"1911\":\"289#dev-dsf-fhir-db-user-permanent-delete-username\",\"1912\":\"289#dev-dsf-fhir-db-user-username\",\"1913\":\"289#dev-dsf-fhir-server-base-url\",\"1914\":\"289#dev-dsf-fhir-server-init-bundle\",\"1915\":\"289#dev-dsf-fhir-server-organization-identifier-value\",\"1916\":\"289#dev-dsf-fhir-server-organization-thumbprint\",\"1917\":\"289#dev-dsf-fhir-server-page-count\",\"1918\":\"289#dev-dsf-fhir-server-roleconfig\",\"1919\":\"289#dev-dsf-fhir-server-static-resource-cache\",\"1920\":\"289#dev-dsf-proxy-noproxy\",\"1921\":\"289#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"1922\":\"289#dev-dsf-proxy-url\",\"1923\":\"289#dev-dsf-proxy-username\",\"1924\":\"289#dev-dsf-server-api-host\",\"1925\":\"289#dev-dsf-server-api-port\",\"1926\":\"289#dev-dsf-server-auth-client-certificate-header\",\"1927\":\"289#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1928\":\"289#dev-dsf-server-auth-oidc-back-channel-logout\",\"1929\":\"289#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1930\":\"289#dev-dsf-server-auth-oidc-bearer-token\",\"1931\":\"289#dev-dsf-server-auth-oidc-client-id\",\"1932\":\"289#dev-dsf-server-auth-oidc-client-secret\",\"1933\":\"289#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1934\":\"289#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1935\":\"289#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1936\":\"289#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1937\":\"289#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1938\":\"289#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1939\":\"289#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1940\":\"289#dev-dsf-server-auth-trust-client-certificate-cas\",\"1941\":\"289#dev-dsf-server-certificate\",\"1942\":\"289#dev-dsf-server-certificate-chain\",\"1943\":\"289#dev-dsf-server-certificate-key\",\"1944\":\"289#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1945\":\"289#dev-dsf-server-context-path\",\"1946\":\"289#dev-dsf-server-status-host\",\"1947\":\"289#dev-dsf-server-status-port\",\"1948\":\"290\",\"1949\":\"290#overview\",\"1950\":\"290#authorization-code-flow\",\"1951\":\"290#bearer-token-authentication\",\"1952\":\"290#additional-odic-configuration-parameter\",\"1953\":\"290#example\",\"1954\":\"291\",\"1955\":\"291#overview\",\"1956\":\"292\",\"1957\":\"292#app-server-ip\",\"1958\":\"292#https-server-name-port\",\"1959\":\"292#proxy-pass-connection-timeout-http\",\"1960\":\"292#proxy-pass-connection-timeout-ws\",\"1961\":\"292#proxy-pass-timeout-http\",\"1962\":\"292#proxy-pass-timeout-ws\",\"1963\":\"292#server-context-path\",\"1964\":\"292#ssl-ca-certificate-file\",\"1965\":\"292#ssl-ca-dn-request-file\",\"1966\":\"292#ssl-certificate-chain-file\",\"1967\":\"292#ssl-certificate-file\",\"1968\":\"292#ssl-certificate-key-file\",\"1969\":\"292#ssl-verify-client\",\"1970\":\"293\",\"1971\":\"293#overview\",\"1972\":\"294\",\"1973\":\"294#dev-dsf-server-api-host\",\"1974\":\"294#dev-dsf-server-api-port\",\"1975\":\"294#dev-dsf-server-auth-client-certificate-header\",\"1976\":\"294#dev-dsf-server-auth-oidc-authorization-code-flow\",\"1977\":\"294#dev-dsf-server-auth-oidc-back-channel-logout\",\"1978\":\"294#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"1979\":\"294#dev-dsf-server-auth-oidc-bearer-token\",\"1980\":\"294#dev-dsf-server-auth-oidc-client-id\",\"1981\":\"294#dev-dsf-server-auth-oidc-client-secret\",\"1982\":\"294#dev-dsf-server-auth-oidc-provider-client-certificate\",\"1983\":\"294#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"1984\":\"294#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"1985\":\"294#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"1986\":\"294#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"1987\":\"294#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"1988\":\"294#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"1989\":\"294#dev-dsf-server-auth-trust-client-certificate-cas\",\"1990\":\"294#dev-dsf-server-certificate\",\"1991\":\"294#dev-dsf-server-certificate-chain\",\"1992\":\"294#dev-dsf-server-certificate-key\",\"1993\":\"294#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"1994\":\"294#dev-dsf-server-context-path\",\"1995\":\"294#dev-dsf-server-status-host\",\"1996\":\"294#dev-dsf-server-status-port\",\"1997\":\"294#dev-dsf-bpe-db-liquibase-forceunlock\",\"1998\":\"294#dev-dsf-bpe-db-liquibase-lockwaittime\",\"1999\":\"294#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"2000\":\"294#dev-dsf-bpe-db-liquibase-username\",\"2001\":\"294#dev-dsf-bpe-db-url\",\"2002\":\"294#dev-dsf-bpe-db-user-camunda-group\",\"2003\":\"294#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"2004\":\"294#dev-dsf-bpe-db-user-camunda-username\",\"2005\":\"294#dev-dsf-bpe-db-user-group\",\"2006\":\"294#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"2007\":\"294#dev-dsf-bpe-db-user-username\",\"2008\":\"294#dev-dsf-bpe-debug-log-message-onactivityend\",\"2009\":\"294#dev-dsf-bpe-debug-log-message-onactivitystart\",\"2010\":\"294#dev-dsf-bpe-debug-log-message-variables\",\"2011\":\"294#dev-dsf-bpe-debug-log-message-variableslocal\",\"2012\":\"294#dev-dsf-bpe-fhir-client-certificate\",\"2013\":\"294#dev-dsf-bpe-fhir-client-certificate-private-key\",\"2014\":\"294#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"2015\":\"294#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"2016\":\"294#dev-dsf-bpe-fhir-client-local-timeout-read\",\"2017\":\"294#dev-dsf-bpe-fhir-client-local-verbose\",\"2018\":\"294#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"2019\":\"294#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"2020\":\"294#dev-dsf-bpe-fhir-client-remote-verbose\",\"2021\":\"294#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"2022\":\"294#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"2023\":\"294#dev-dsf-bpe-fhir-server-base-url\",\"2024\":\"294#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"2025\":\"294#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"2026\":\"294#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"2027\":\"294#dev-dsf-bpe-mail-client-certificate\",\"2028\":\"294#dev-dsf-bpe-mail-client-certificate-private-key\",\"2029\":\"294#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"2030\":\"294#dev-dsf-bpe-mail-fromaddress\",\"2031\":\"294#dev-dsf-bpe-mail-host\",\"2032\":\"294#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"2033\":\"294#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"2034\":\"294#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"2035\":\"294#dev-dsf-bpe-mail-port\",\"2036\":\"294#dev-dsf-bpe-mail-replytoaddresses\",\"2037\":\"294#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"2038\":\"294#dev-dsf-bpe-mail-sendtestmailonstartup\",\"2039\":\"294#dev-dsf-bpe-mail-smime-p12keystore\",\"2040\":\"294#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"2041\":\"294#dev-dsf-bpe-mail-toaddresses\",\"2042\":\"294#dev-dsf-bpe-mail-toaddressescc\",\"2043\":\"294#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"2044\":\"294#dev-dsf-bpe-mail-username\",\"2045\":\"294#dev-dsf-bpe-mail-usesmtps\",\"2046\":\"294#dev-dsf-bpe-process-engine-corepoolsize\",\"2047\":\"294#dev-dsf-bpe-process-engine-maxpoolsize\",\"2048\":\"294#dev-dsf-bpe-process-engine-queuesize\",\"2049\":\"294#dev-dsf-bpe-process-excluded\",\"2050\":\"294#dev-dsf-bpe-process-fhir-server-retry-max\",\"2051\":\"294#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"2052\":\"294#dev-dsf-bpe-process-plugin-directroy\",\"2053\":\"294#dev-dsf-bpe-process-retired\",\"2054\":\"294#dev-dsf-bpe-process-threads\",\"2055\":\"294#dev-dsf-proxy-noproxy\",\"2056\":\"294#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2057\":\"294#dev-dsf-proxy-url\",\"2058\":\"294#dev-dsf-proxy-username\",\"2059\":\"295\",\"2060\":\"295#overview\",\"2061\":\"296\",\"2062\":\"296#overview\",\"2063\":\"296#matching-users\",\"2064\":\"296#thumbprint\",\"2065\":\"296#email\",\"2066\":\"296#token-role-and-token-group\",\"2067\":\"296#dsf-and-practitioner-roles\",\"2068\":\"296#dsf-role\",\"2069\":\"296#practitioner-role\",\"2070\":\"296#examples\",\"2071\":\"297\",\"2072\":\"297#dev-dsf-fhir-client-certificate\",\"2073\":\"297#dev-dsf-fhir-client-certificate-private-key\",\"2074\":\"297#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"2075\":\"297#dev-dsf-fhir-client-timeout-connect\",\"2076\":\"297#dev-dsf-fhir-client-timeout-read\",\"2077\":\"297#dev-dsf-fhir-client-trust-server-certificate-cas\",\"2078\":\"297#dev-dsf-fhir-client-verbose\",\"2079\":\"297#dev-dsf-fhir-db-liquibase-forceunlock\",\"2080\":\"297#dev-dsf-fhir-db-liquibase-lockwaittime\",\"2081\":\"297#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"2082\":\"297#dev-dsf-fhir-db-liquibase-username\",\"2083\":\"297#dev-dsf-fhir-db-url\",\"2084\":\"297#dev-dsf-fhir-db-user-group\",\"2085\":\"297#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"2086\":\"297#dev-dsf-fhir-db-user-permanent-delete-group\",\"2087\":\"297#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"2088\":\"297#dev-dsf-fhir-db-user-permanent-delete-username\",\"2089\":\"297#dev-dsf-fhir-db-user-username\",\"2090\":\"297#dev-dsf-fhir-server-base-url\",\"2091\":\"297#dev-dsf-fhir-server-init-bundle\",\"2092\":\"297#dev-dsf-fhir-server-organization-identifier-value\",\"2093\":\"297#dev-dsf-fhir-server-organization-thumbprint\",\"2094\":\"297#dev-dsf-fhir-server-page-count\",\"2095\":\"297#dev-dsf-fhir-server-roleconfig\",\"2096\":\"297#dev-dsf-fhir-server-static-resource-cache\",\"2097\":\"297#dev-dsf-proxy-noproxy\",\"2098\":\"297#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2099\":\"297#dev-dsf-proxy-url\",\"2100\":\"297#dev-dsf-proxy-username\",\"2101\":\"297#dev-dsf-server-api-host\",\"2102\":\"297#dev-dsf-server-api-port\",\"2103\":\"297#dev-dsf-server-auth-client-certificate-header\",\"2104\":\"297#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2105\":\"297#dev-dsf-server-auth-oidc-back-channel-logout\",\"2106\":\"297#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2107\":\"297#dev-dsf-server-auth-oidc-bearer-token\",\"2108\":\"297#dev-dsf-server-auth-oidc-client-id\",\"2109\":\"297#dev-dsf-server-auth-oidc-client-secret\",\"2110\":\"297#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2111\":\"297#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2112\":\"297#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2113\":\"297#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2114\":\"297#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2115\":\"297#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2116\":\"297#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2117\":\"297#dev-dsf-server-auth-trust-client-certificate-cas\",\"2118\":\"297#dev-dsf-server-certificate\",\"2119\":\"297#dev-dsf-server-certificate-chain\",\"2120\":\"297#dev-dsf-server-certificate-key\",\"2121\":\"297#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2122\":\"297#dev-dsf-server-context-path\",\"2123\":\"297#dev-dsf-server-status-host\",\"2124\":\"297#dev-dsf-server-status-port\",\"2125\":\"298\",\"2126\":\"298#overview\",\"2127\":\"298#authorization-code-flow\",\"2128\":\"298#bearer-token-authentication\",\"2129\":\"298#additional-odic-configuration-parameter\",\"2130\":\"298#example\",\"2131\":\"299\",\"2132\":\"299#overview\",\"2133\":\"300\",\"2134\":\"300#app-server-ip\",\"2135\":\"300#https-server-name-port\",\"2136\":\"300#proxy-pass-connection-timeout-http\",\"2137\":\"300#proxy-pass-connection-timeout-ws\",\"2138\":\"300#proxy-pass-timeout-http\",\"2139\":\"300#proxy-pass-timeout-ws\",\"2140\":\"300#server-context-path\",\"2141\":\"300#ssl-ca-certificate-file\",\"2142\":\"300#ssl-ca-dn-request-file\",\"2143\":\"300#ssl-certificate-chain-file\",\"2144\":\"300#ssl-certificate-file\",\"2145\":\"300#ssl-certificate-key-file\",\"2146\":\"300#ssl-verify-client\",\"2147\":\"301\",\"2148\":\"301#overview\",\"2149\":\"302\",\"2150\":\"302#dev-dsf-server-api-host\",\"2151\":\"302#dev-dsf-server-api-port\",\"2152\":\"302#dev-dsf-server-auth-client-certificate-header\",\"2153\":\"302#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2154\":\"302#dev-dsf-server-auth-oidc-back-channel-logout\",\"2155\":\"302#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2156\":\"302#dev-dsf-server-auth-oidc-bearer-token\",\"2157\":\"302#dev-dsf-server-auth-oidc-client-id\",\"2158\":\"302#dev-dsf-server-auth-oidc-client-secret\",\"2159\":\"302#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2160\":\"302#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2161\":\"302#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2162\":\"302#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2163\":\"302#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2164\":\"302#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2165\":\"302#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2166\":\"302#dev-dsf-server-auth-trust-client-certificate-cas\",\"2167\":\"302#dev-dsf-server-certificate\",\"2168\":\"302#dev-dsf-server-certificate-chain\",\"2169\":\"302#dev-dsf-server-certificate-key\",\"2170\":\"302#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2171\":\"302#dev-dsf-server-context-path\",\"2172\":\"302#dev-dsf-server-status-host\",\"2173\":\"302#dev-dsf-server-status-port\",\"2174\":\"302#dev-dsf-bpe-db-liquibase-forceunlock\",\"2175\":\"302#dev-dsf-bpe-db-liquibase-lockwaittime\",\"2176\":\"302#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"2177\":\"302#dev-dsf-bpe-db-liquibase-username\",\"2178\":\"302#dev-dsf-bpe-db-url\",\"2179\":\"302#dev-dsf-bpe-db-user-camunda-group\",\"2180\":\"302#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"2181\":\"302#dev-dsf-bpe-db-user-camunda-username\",\"2182\":\"302#dev-dsf-bpe-db-user-group\",\"2183\":\"302#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"2184\":\"302#dev-dsf-bpe-db-user-username\",\"2185\":\"302#dev-dsf-bpe-debug-log-message-onactivityend\",\"2186\":\"302#dev-dsf-bpe-debug-log-message-onactivitystart\",\"2187\":\"302#dev-dsf-bpe-debug-log-message-variables\",\"2188\":\"302#dev-dsf-bpe-debug-log-message-variableslocal\",\"2189\":\"302#dev-dsf-bpe-fhir-client-certificate\",\"2190\":\"302#dev-dsf-bpe-fhir-client-certificate-private-key\",\"2191\":\"302#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"2192\":\"302#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"2193\":\"302#dev-dsf-bpe-fhir-client-local-timeout-read\",\"2194\":\"302#dev-dsf-bpe-fhir-client-local-verbose\",\"2195\":\"302#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"2196\":\"302#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"2197\":\"302#dev-dsf-bpe-fhir-client-remote-verbose\",\"2198\":\"302#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"2199\":\"302#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"2200\":\"302#dev-dsf-bpe-fhir-server-base-url\",\"2201\":\"302#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"2202\":\"302#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"2203\":\"302#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"2204\":\"302#dev-dsf-bpe-mail-client-certificate\",\"2205\":\"302#dev-dsf-bpe-mail-client-certificate-private-key\",\"2206\":\"302#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"2207\":\"302#dev-dsf-bpe-mail-fromaddress\",\"2208\":\"302#dev-dsf-bpe-mail-host\",\"2209\":\"302#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"2210\":\"302#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"2211\":\"302#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"2212\":\"302#dev-dsf-bpe-mail-port\",\"2213\":\"302#dev-dsf-bpe-mail-replytoaddresses\",\"2214\":\"302#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"2215\":\"302#dev-dsf-bpe-mail-sendtestmailonstartup\",\"2216\":\"302#dev-dsf-bpe-mail-smime-p12keystore\",\"2217\":\"302#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"2218\":\"302#dev-dsf-bpe-mail-toaddresses\",\"2219\":\"302#dev-dsf-bpe-mail-toaddressescc\",\"2220\":\"302#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"2221\":\"302#dev-dsf-bpe-mail-username\",\"2222\":\"302#dev-dsf-bpe-mail-usesmtps\",\"2223\":\"302#dev-dsf-bpe-process-engine-corepoolsize\",\"2224\":\"302#dev-dsf-bpe-process-engine-maxpoolsize\",\"2225\":\"302#dev-dsf-bpe-process-engine-queuesize\",\"2226\":\"302#dev-dsf-bpe-process-excluded\",\"2227\":\"302#dev-dsf-bpe-process-fhir-server-retry-max\",\"2228\":\"302#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"2229\":\"302#dev-dsf-bpe-process-plugin-directroy\",\"2230\":\"302#dev-dsf-bpe-process-retired\",\"2231\":\"302#dev-dsf-bpe-process-threads\",\"2232\":\"302#dev-dsf-proxy-noproxy\",\"2233\":\"302#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2234\":\"302#dev-dsf-proxy-url\",\"2235\":\"302#dev-dsf-proxy-username\",\"2236\":\"303\",\"2237\":\"303#overview\",\"2238\":\"304\",\"2239\":\"304#overview\",\"2240\":\"304#matching-users\",\"2241\":\"304#thumbprint\",\"2242\":\"304#email\",\"2243\":\"304#token-role-and-token-group\",\"2244\":\"304#dsf-and-practitioner-roles\",\"2245\":\"304#dsf-role\",\"2246\":\"304#practitioner-role\",\"2247\":\"304#examples\",\"2248\":\"305\",\"2249\":\"305#dev-dsf-fhir-client-certificate\",\"2250\":\"305#dev-dsf-fhir-client-certificate-private-key\",\"2251\":\"305#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"2252\":\"305#dev-dsf-fhir-client-timeout-connect\",\"2253\":\"305#dev-dsf-fhir-client-timeout-read\",\"2254\":\"305#dev-dsf-fhir-client-trust-server-certificate-cas\",\"2255\":\"305#dev-dsf-fhir-client-verbose\",\"2256\":\"305#dev-dsf-fhir-db-liquibase-forceunlock\",\"2257\":\"305#dev-dsf-fhir-db-liquibase-lockwaittime\",\"2258\":\"305#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"2259\":\"305#dev-dsf-fhir-db-liquibase-username\",\"2260\":\"305#dev-dsf-fhir-db-url\",\"2261\":\"305#dev-dsf-fhir-db-user-group\",\"2262\":\"305#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"2263\":\"305#dev-dsf-fhir-db-user-permanent-delete-group\",\"2264\":\"305#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"2265\":\"305#dev-dsf-fhir-db-user-permanent-delete-username\",\"2266\":\"305#dev-dsf-fhir-db-user-username\",\"2267\":\"305#dev-dsf-fhir-server-base-url\",\"2268\":\"305#dev-dsf-fhir-server-init-bundle\",\"2269\":\"305#dev-dsf-fhir-server-organization-identifier-value\",\"2270\":\"305#dev-dsf-fhir-server-organization-thumbprint\",\"2271\":\"305#dev-dsf-fhir-server-page-count\",\"2272\":\"305#dev-dsf-fhir-server-roleconfig\",\"2273\":\"305#dev-dsf-fhir-server-static-resource-cache\",\"2274\":\"305#dev-dsf-proxy-noproxy\",\"2275\":\"305#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2276\":\"305#dev-dsf-proxy-url\",\"2277\":\"305#dev-dsf-proxy-username\",\"2278\":\"305#dev-dsf-server-api-host\",\"2279\":\"305#dev-dsf-server-api-port\",\"2280\":\"305#dev-dsf-server-auth-client-certificate-header\",\"2281\":\"305#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2282\":\"305#dev-dsf-server-auth-oidc-back-channel-logout\",\"2283\":\"305#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2284\":\"305#dev-dsf-server-auth-oidc-bearer-token\",\"2285\":\"305#dev-dsf-server-auth-oidc-client-id\",\"2286\":\"305#dev-dsf-server-auth-oidc-client-secret\",\"2287\":\"305#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2288\":\"305#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2289\":\"305#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2290\":\"305#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2291\":\"305#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2292\":\"305#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2293\":\"305#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2294\":\"305#dev-dsf-server-auth-trust-client-certificate-cas\",\"2295\":\"305#dev-dsf-server-certificate\",\"2296\":\"305#dev-dsf-server-certificate-chain\",\"2297\":\"305#dev-dsf-server-certificate-key\",\"2298\":\"305#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2299\":\"305#dev-dsf-server-context-path\",\"2300\":\"305#dev-dsf-server-status-host\",\"2301\":\"305#dev-dsf-server-status-port\",\"2302\":\"306\",\"2303\":\"306#overview\",\"2304\":\"306#authorization-code-flow\",\"2305\":\"306#bearer-token-authentication\",\"2306\":\"306#additional-odic-configuration-parameter\",\"2307\":\"306#example\",\"2308\":\"307\",\"2309\":\"307#overview\",\"2310\":\"308\",\"2311\":\"308#app-server-ip\",\"2312\":\"308#https-server-name-port\",\"2313\":\"308#proxy-pass-connection-timeout-http\",\"2314\":\"308#proxy-pass-connection-timeout-ws\",\"2315\":\"308#proxy-pass-timeout-http\",\"2316\":\"308#proxy-pass-timeout-ws\",\"2317\":\"308#server-context-path\",\"2318\":\"308#ssl-ca-certificate-file\",\"2319\":\"308#ssl-ca-dn-request-file\",\"2320\":\"308#ssl-certificate-chain-file\",\"2321\":\"308#ssl-certificate-file\",\"2322\":\"308#ssl-certificate-key-file\",\"2323\":\"308#ssl-verify-client\",\"2324\":\"309\",\"2325\":\"309#overview\",\"2326\":\"310\",\"2327\":\"310#overview\",\"2328\":\"310#matching-users\",\"2329\":\"310#thumbprint\",\"2330\":\"310#email\",\"2331\":\"310#token-role-and-token-group\",\"2332\":\"310#dsf-and-practitioner-roles\",\"2333\":\"310#dsf-role\",\"2334\":\"310#practitioner-role\",\"2335\":\"310#examples\",\"2336\":\"311\",\"2337\":\"311#dev-dsf-server-api-host\",\"2338\":\"311#dev-dsf-server-api-port\",\"2339\":\"311#dev-dsf-server-auth-client-certificate-header\",\"2340\":\"311#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2341\":\"311#dev-dsf-server-auth-oidc-back-channel-logout\",\"2342\":\"311#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2343\":\"311#dev-dsf-server-auth-oidc-bearer-token\",\"2344\":\"311#dev-dsf-server-auth-oidc-client-id\",\"2345\":\"311#dev-dsf-server-auth-oidc-client-secret\",\"2346\":\"311#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2347\":\"311#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2348\":\"311#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2349\":\"311#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2350\":\"311#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2351\":\"311#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2352\":\"311#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2353\":\"311#dev-dsf-server-auth-trust-client-certificate-cas\",\"2354\":\"311#dev-dsf-server-certificate\",\"2355\":\"311#dev-dsf-server-certificate-chain\",\"2356\":\"311#dev-dsf-server-certificate-key\",\"2357\":\"311#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2358\":\"311#dev-dsf-server-context-path\",\"2359\":\"311#dev-dsf-server-status-host\",\"2360\":\"311#dev-dsf-server-status-port\",\"2361\":\"311#dev-dsf-bpe-db-liquibase-forceunlock\",\"2362\":\"311#dev-dsf-bpe-db-liquibase-lockwaittime\",\"2363\":\"311#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"2364\":\"311#dev-dsf-bpe-db-liquibase-username\",\"2365\":\"311#dev-dsf-bpe-db-url\",\"2366\":\"311#dev-dsf-bpe-db-user-camunda-group\",\"2367\":\"311#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"2368\":\"311#dev-dsf-bpe-db-user-camunda-username\",\"2369\":\"311#dev-dsf-bpe-db-user-group\",\"2370\":\"311#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"2371\":\"311#dev-dsf-bpe-db-user-username\",\"2372\":\"311#dev-dsf-bpe-debug-log-message-currentuser\",\"2373\":\"311#dev-dsf-bpe-debug-log-message-dbstatement\",\"2374\":\"311#dev-dsf-bpe-debug-log-message-onactivityend\",\"2375\":\"311#dev-dsf-bpe-debug-log-message-onactivitystart\",\"2376\":\"311#dev-dsf-bpe-debug-log-message-variables\",\"2377\":\"311#dev-dsf-bpe-debug-log-message-variableslocal\",\"2378\":\"311#dev-dsf-bpe-debug-log-message-webservicerequest\",\"2379\":\"311#dev-dsf-bpe-fhir-client-certificate\",\"2380\":\"311#dev-dsf-bpe-fhir-client-certificate-private-key\",\"2381\":\"311#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"2382\":\"311#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"2383\":\"311#dev-dsf-bpe-fhir-client-local-timeout-read\",\"2384\":\"311#dev-dsf-bpe-fhir-client-local-verbose\",\"2385\":\"311#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"2386\":\"311#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"2387\":\"311#dev-dsf-bpe-fhir-client-remote-verbose\",\"2388\":\"311#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"2389\":\"311#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"2390\":\"311#dev-dsf-bpe-fhir-server-base-url\",\"2391\":\"311#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"2392\":\"311#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"2393\":\"311#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"2394\":\"311#dev-dsf-bpe-mail-client-certificate\",\"2395\":\"311#dev-dsf-bpe-mail-client-certificate-private-key\",\"2396\":\"311#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"2397\":\"311#dev-dsf-bpe-mail-fromaddress\",\"2398\":\"311#dev-dsf-bpe-mail-host\",\"2399\":\"311#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"2400\":\"311#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"2401\":\"311#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"2402\":\"311#dev-dsf-bpe-mail-port\",\"2403\":\"311#dev-dsf-bpe-mail-replytoaddresses\",\"2404\":\"311#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"2405\":\"311#dev-dsf-bpe-mail-sendtestmailonstartup\",\"2406\":\"311#dev-dsf-bpe-mail-smime-p12keystore\",\"2407\":\"311#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"2408\":\"311#dev-dsf-bpe-mail-toaddresses\",\"2409\":\"311#dev-dsf-bpe-mail-toaddressescc\",\"2410\":\"311#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"2411\":\"311#dev-dsf-bpe-mail-username\",\"2412\":\"311#dev-dsf-bpe-mail-usesmtps\",\"2413\":\"311#dev-dsf-bpe-process-engine-corepoolsize\",\"2414\":\"311#dev-dsf-bpe-process-engine-maxpoolsize\",\"2415\":\"311#dev-dsf-bpe-process-engine-queuesize\",\"2416\":\"311#dev-dsf-bpe-process-excluded\",\"2417\":\"311#dev-dsf-bpe-process-fhir-server-retry-max\",\"2418\":\"311#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"2419\":\"311#dev-dsf-bpe-process-plugin-directroy\",\"2420\":\"311#dev-dsf-bpe-process-retired\",\"2421\":\"311#dev-dsf-bpe-process-threads\",\"2422\":\"311#dev-dsf-bpe-server-base-url\",\"2423\":\"311#dev-dsf-bpe-server-roleconfig\",\"2424\":\"311#dev-dsf-bpe-server-static-resource-cache\",\"2425\":\"311#dev-dsf-bpe-server-ui-theme\",\"2426\":\"311#dev-dsf-proxy-noproxy\",\"2427\":\"311#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2428\":\"311#dev-dsf-proxy-url\",\"2429\":\"311#dev-dsf-proxy-username\",\"2430\":\"312\",\"2431\":\"312#overview\",\"2432\":\"312#authorization-code-flow\",\"2433\":\"312#additional-odic-configuration-parameter\",\"2434\":\"312#example\",\"2435\":\"313\",\"2436\":\"313#overview\",\"2437\":\"314\",\"2438\":\"314#app-server-ip\",\"2439\":\"314#https-server-name-port\",\"2440\":\"314#proxy-pass-connection-timeout-http\",\"2441\":\"314#proxy-pass-connection-timeout-ws\",\"2442\":\"314#proxy-pass-timeout-http\",\"2443\":\"314#proxy-pass-timeout-ws\",\"2444\":\"314#server-context-path\",\"2445\":\"314#ssl-ca-certificate-file\",\"2446\":\"314#ssl-ca-dn-request-file\",\"2447\":\"314#ssl-certificate-chain-file\",\"2448\":\"314#ssl-certificate-file\",\"2449\":\"314#ssl-certificate-key-file\",\"2450\":\"314#ssl-verify-client\",\"2451\":\"315\",\"2452\":\"315#overview\",\"2453\":\"316\",\"2454\":\"316#overview\",\"2455\":\"316#matching-users\",\"2456\":\"316#thumbprint\",\"2457\":\"316#email\",\"2458\":\"316#token-role-and-token-group\",\"2459\":\"316#dsf-and-practitioner-roles\",\"2460\":\"316#dsf-role\",\"2461\":\"316#practitioner-role\",\"2462\":\"316#examples\",\"2463\":\"317\",\"2464\":\"317#dev-dsf-fhir-client-certificate\",\"2465\":\"317#dev-dsf-fhir-client-certificate-private-key\",\"2466\":\"317#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"2467\":\"317#dev-dsf-fhir-client-timeout-connect\",\"2468\":\"317#dev-dsf-fhir-client-timeout-read\",\"2469\":\"317#dev-dsf-fhir-client-trust-server-certificate-cas\",\"2470\":\"317#dev-dsf-fhir-client-verbose\",\"2471\":\"317#dev-dsf-fhir-db-liquibase-forceunlock\",\"2472\":\"317#dev-dsf-fhir-db-liquibase-lockwaittime\",\"2473\":\"317#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"2474\":\"317#dev-dsf-fhir-db-liquibase-username\",\"2475\":\"317#dev-dsf-fhir-db-url\",\"2476\":\"317#dev-dsf-fhir-db-user-group\",\"2477\":\"317#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"2478\":\"317#dev-dsf-fhir-db-user-permanent-delete-group\",\"2479\":\"317#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"2480\":\"317#dev-dsf-fhir-db-user-permanent-delete-username\",\"2481\":\"317#dev-dsf-fhir-db-user-username\",\"2482\":\"317#dev-dsf-fhir-debug-log-message-currentuser\",\"2483\":\"317#dev-dsf-fhir-debug-log-message-dbstatement\",\"2484\":\"317#dev-dsf-fhir-debug-log-message-webservicerequest\",\"2485\":\"317#dev-dsf-fhir-server-base-url\",\"2486\":\"317#dev-dsf-fhir-server-init-bundle\",\"2487\":\"317#dev-dsf-fhir-server-organization-identifier-value\",\"2488\":\"317#dev-dsf-fhir-server-organization-thumbprint\",\"2489\":\"317#dev-dsf-fhir-server-page-count\",\"2490\":\"317#dev-dsf-fhir-server-roleconfig\",\"2491\":\"317#dev-dsf-fhir-server-static-resource-cache\",\"2492\":\"317#dev-dsf-fhir-server-ui-theme\",\"2493\":\"317#dev-dsf-proxy-noproxy\",\"2494\":\"317#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2495\":\"317#dev-dsf-proxy-url\",\"2496\":\"317#dev-dsf-proxy-username\",\"2497\":\"317#dev-dsf-server-api-host\",\"2498\":\"317#dev-dsf-server-api-port\",\"2499\":\"317#dev-dsf-server-auth-client-certificate-header\",\"2500\":\"317#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2501\":\"317#dev-dsf-server-auth-oidc-back-channel-logout\",\"2502\":\"317#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2503\":\"317#dev-dsf-server-auth-oidc-bearer-token\",\"2504\":\"317#dev-dsf-server-auth-oidc-client-id\",\"2505\":\"317#dev-dsf-server-auth-oidc-client-secret\",\"2506\":\"317#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2507\":\"317#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2508\":\"317#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2509\":\"317#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2510\":\"317#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2511\":\"317#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2512\":\"317#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2513\":\"317#dev-dsf-server-auth-trust-client-certificate-cas\",\"2514\":\"317#dev-dsf-server-certificate\",\"2515\":\"317#dev-dsf-server-certificate-chain\",\"2516\":\"317#dev-dsf-server-certificate-key\",\"2517\":\"317#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2518\":\"317#dev-dsf-server-context-path\",\"2519\":\"317#dev-dsf-server-status-host\",\"2520\":\"317#dev-dsf-server-status-port\",\"2521\":\"318\",\"2522\":\"318#overview\",\"2523\":\"318#authorization-code-flow\",\"2524\":\"318#bearer-token-authentication\",\"2525\":\"318#additional-odic-configuration-parameter\",\"2526\":\"318#example\",\"2527\":\"319\",\"2528\":\"319#overview\",\"2529\":\"320\",\"2530\":\"320#app-server-ip\",\"2531\":\"320#https-server-name-port\",\"2532\":\"320#proxy-pass-connection-timeout-http\",\"2533\":\"320#proxy-pass-connection-timeout-ws\",\"2534\":\"320#proxy-pass-timeout-http\",\"2535\":\"320#proxy-pass-timeout-ws\",\"2536\":\"320#server-context-path\",\"2537\":\"320#ssl-ca-certificate-file\",\"2538\":\"320#ssl-ca-dn-request-file\",\"2539\":\"320#ssl-certificate-chain-file\",\"2540\":\"320#ssl-certificate-file\",\"2541\":\"320#ssl-certificate-key-file\",\"2542\":\"320#ssl-verify-client\",\"2543\":\"321\",\"2544\":\"321#overview\",\"2545\":\"322\",\"2546\":\"322#overview\",\"2547\":\"322#matching-users\",\"2548\":\"322#thumbprint\",\"2549\":\"322#email\",\"2550\":\"322#token-role-and-token-group\",\"2551\":\"322#dsf-and-practitioner-roles\",\"2552\":\"322#dsf-role\",\"2553\":\"322#practitioner-role\",\"2554\":\"322#examples\",\"2555\":\"323\",\"2556\":\"323#dev-dsf-server-api-host\",\"2557\":\"323#dev-dsf-server-api-port\",\"2558\":\"323#dev-dsf-server-auth-client-certificate-header\",\"2559\":\"323#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2560\":\"323#dev-dsf-server-auth-oidc-back-channel-logout\",\"2561\":\"323#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2562\":\"323#dev-dsf-server-auth-oidc-bearer-token\",\"2563\":\"323#dev-dsf-server-auth-oidc-client-id\",\"2564\":\"323#dev-dsf-server-auth-oidc-client-secret\",\"2565\":\"323#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2566\":\"323#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2567\":\"323#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2568\":\"323#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2569\":\"323#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2570\":\"323#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2571\":\"323#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2572\":\"323#dev-dsf-server-auth-trust-client-certificate-cas\",\"2573\":\"323#dev-dsf-server-certificate\",\"2574\":\"323#dev-dsf-server-certificate-chain\",\"2575\":\"323#dev-dsf-server-certificate-key\",\"2576\":\"323#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2577\":\"323#dev-dsf-server-context-path\",\"2578\":\"323#dev-dsf-server-status-host\",\"2579\":\"323#dev-dsf-server-status-port\",\"2580\":\"323#dev-dsf-bpe-db-liquibase-forceunlock\",\"2581\":\"323#dev-dsf-bpe-db-liquibase-lockwaittime\",\"2582\":\"323#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"2583\":\"323#dev-dsf-bpe-db-liquibase-username\",\"2584\":\"323#dev-dsf-bpe-db-url\",\"2585\":\"323#dev-dsf-bpe-db-user-camunda-group\",\"2586\":\"323#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"2587\":\"323#dev-dsf-bpe-db-user-camunda-username\",\"2588\":\"323#dev-dsf-bpe-db-user-group\",\"2589\":\"323#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"2590\":\"323#dev-dsf-bpe-db-user-username\",\"2591\":\"323#dev-dsf-bpe-debug-log-message-currentuser\",\"2592\":\"323#dev-dsf-bpe-debug-log-message-dbstatement\",\"2593\":\"323#dev-dsf-bpe-debug-log-message-onactivityend\",\"2594\":\"323#dev-dsf-bpe-debug-log-message-onactivitystart\",\"2595\":\"323#dev-dsf-bpe-debug-log-message-variables\",\"2596\":\"323#dev-dsf-bpe-debug-log-message-variableslocal\",\"2597\":\"323#dev-dsf-bpe-debug-log-message-webservicerequest\",\"2598\":\"323#dev-dsf-bpe-fhir-client-certificate\",\"2599\":\"323#dev-dsf-bpe-fhir-client-certificate-private-key\",\"2600\":\"323#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"2601\":\"323#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"2602\":\"323#dev-dsf-bpe-fhir-client-local-timeout-read\",\"2603\":\"323#dev-dsf-bpe-fhir-client-local-verbose\",\"2604\":\"323#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"2605\":\"323#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"2606\":\"323#dev-dsf-bpe-fhir-client-remote-verbose\",\"2607\":\"323#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"2608\":\"323#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"2609\":\"323#dev-dsf-bpe-fhir-server-base-url\",\"2610\":\"323#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"2611\":\"323#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"2612\":\"323#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"2613\":\"323#dev-dsf-bpe-mail-client-certificate\",\"2614\":\"323#dev-dsf-bpe-mail-client-certificate-private-key\",\"2615\":\"323#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"2616\":\"323#dev-dsf-bpe-mail-fromaddress\",\"2617\":\"323#dev-dsf-bpe-mail-host\",\"2618\":\"323#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"2619\":\"323#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"2620\":\"323#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"2621\":\"323#dev-dsf-bpe-mail-port\",\"2622\":\"323#dev-dsf-bpe-mail-replytoaddresses\",\"2623\":\"323#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"2624\":\"323#dev-dsf-bpe-mail-sendtestmailonstartup\",\"2625\":\"323#dev-dsf-bpe-mail-smime-p12keystore\",\"2626\":\"323#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"2627\":\"323#dev-dsf-bpe-mail-toaddresses\",\"2628\":\"323#dev-dsf-bpe-mail-toaddressescc\",\"2629\":\"323#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"2630\":\"323#dev-dsf-bpe-mail-username\",\"2631\":\"323#dev-dsf-bpe-mail-usesmtps\",\"2632\":\"323#dev-dsf-bpe-process-engine-corepoolsize\",\"2633\":\"323#dev-dsf-bpe-process-engine-maxpoolsize\",\"2634\":\"323#dev-dsf-bpe-process-engine-queuesize\",\"2635\":\"323#dev-dsf-bpe-process-excluded\",\"2636\":\"323#dev-dsf-bpe-process-fhir-server-retry-max\",\"2637\":\"323#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"2638\":\"323#dev-dsf-bpe-process-plugin-directroy\",\"2639\":\"323#dev-dsf-bpe-process-retired\",\"2640\":\"323#dev-dsf-bpe-process-threads\",\"2641\":\"323#dev-dsf-bpe-server-base-url\",\"2642\":\"323#dev-dsf-bpe-server-roleconfig\",\"2643\":\"323#dev-dsf-bpe-server-static-resource-cache\",\"2644\":\"323#dev-dsf-bpe-server-ui-theme\",\"2645\":\"323#dev-dsf-proxy-noproxy\",\"2646\":\"323#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2647\":\"323#dev-dsf-proxy-url\",\"2648\":\"323#dev-dsf-proxy-username\",\"2649\":\"324\",\"2650\":\"324#overview\",\"2651\":\"324#authorization-code-flow\",\"2652\":\"324#additional-odic-configuration-parameter\",\"2653\":\"324#example\",\"2654\":\"325\",\"2655\":\"325#overview\",\"2656\":\"326\",\"2657\":\"326#app-server-ip\",\"2658\":\"326#https-server-name-port\",\"2659\":\"326#proxy-pass-connection-timeout-http\",\"2660\":\"326#proxy-pass-connection-timeout-ws\",\"2661\":\"326#proxy-pass-timeout-http\",\"2662\":\"326#proxy-pass-timeout-ws\",\"2663\":\"326#server-context-path\",\"2664\":\"326#ssl-ca-certificate-file\",\"2665\":\"326#ssl-ca-dn-request-file\",\"2666\":\"326#ssl-certificate-chain-file\",\"2667\":\"326#ssl-certificate-file\",\"2668\":\"326#ssl-certificate-key-file\",\"2669\":\"326#ssl-verify-client\",\"2670\":\"327\",\"2671\":\"327#overview\",\"2672\":\"328\",\"2673\":\"328#overview\",\"2674\":\"328#matching-users\",\"2675\":\"328#thumbprint\",\"2676\":\"328#email\",\"2677\":\"328#token-role-and-token-group\",\"2678\":\"328#dsf-and-practitioner-roles\",\"2679\":\"328#dsf-role\",\"2680\":\"328#practitioner-role\",\"2681\":\"328#examples\",\"2682\":\"329\",\"2683\":\"329#dev-dsf-fhir-client-certificate\",\"2684\":\"329#dev-dsf-fhir-client-certificate-private-key\",\"2685\":\"329#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"2686\":\"329#dev-dsf-fhir-client-timeout-connect\",\"2687\":\"329#dev-dsf-fhir-client-timeout-read\",\"2688\":\"329#dev-dsf-fhir-client-trust-server-certificate-cas\",\"2689\":\"329#dev-dsf-fhir-client-verbose\",\"2690\":\"329#dev-dsf-fhir-db-liquibase-forceunlock\",\"2691\":\"329#dev-dsf-fhir-db-liquibase-lockwaittime\",\"2692\":\"329#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"2693\":\"329#dev-dsf-fhir-db-liquibase-username\",\"2694\":\"329#dev-dsf-fhir-db-url\",\"2695\":\"329#dev-dsf-fhir-db-user-group\",\"2696\":\"329#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"2697\":\"329#dev-dsf-fhir-db-user-permanent-delete-group\",\"2698\":\"329#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"2699\":\"329#dev-dsf-fhir-db-user-permanent-delete-username\",\"2700\":\"329#dev-dsf-fhir-db-user-username\",\"2701\":\"329#dev-dsf-fhir-debug-log-message-currentuser\",\"2702\":\"329#dev-dsf-fhir-debug-log-message-dbstatement\",\"2703\":\"329#dev-dsf-fhir-debug-log-message-webservicerequest\",\"2704\":\"329#dev-dsf-fhir-server-base-url\",\"2705\":\"329#dev-dsf-fhir-server-init-bundle\",\"2706\":\"329#dev-dsf-fhir-server-organization-identifier-value\",\"2707\":\"329#dev-dsf-fhir-server-organization-thumbprint\",\"2708\":\"329#dev-dsf-fhir-server-page-count\",\"2709\":\"329#dev-dsf-fhir-server-roleconfig\",\"2710\":\"329#dev-dsf-fhir-server-static-resource-cache\",\"2711\":\"329#dev-dsf-fhir-server-ui-theme\",\"2712\":\"329#dev-dsf-proxy-noproxy\",\"2713\":\"329#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2714\":\"329#dev-dsf-proxy-url\",\"2715\":\"329#dev-dsf-proxy-username\",\"2716\":\"329#dev-dsf-server-api-host\",\"2717\":\"329#dev-dsf-server-api-port\",\"2718\":\"329#dev-dsf-server-auth-client-certificate-header\",\"2719\":\"329#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2720\":\"329#dev-dsf-server-auth-oidc-back-channel-logout\",\"2721\":\"329#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2722\":\"329#dev-dsf-server-auth-oidc-bearer-token\",\"2723\":\"329#dev-dsf-server-auth-oidc-client-id\",\"2724\":\"329#dev-dsf-server-auth-oidc-client-secret\",\"2725\":\"329#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2726\":\"329#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2727\":\"329#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2728\":\"329#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2729\":\"329#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2730\":\"329#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2731\":\"329#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2732\":\"329#dev-dsf-server-auth-trust-client-certificate-cas\",\"2733\":\"329#dev-dsf-server-certificate\",\"2734\":\"329#dev-dsf-server-certificate-chain\",\"2735\":\"329#dev-dsf-server-certificate-key\",\"2736\":\"329#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2737\":\"329#dev-dsf-server-context-path\",\"2738\":\"329#dev-dsf-server-status-host\",\"2739\":\"329#dev-dsf-server-status-port\",\"2740\":\"330\",\"2741\":\"330#overview\",\"2742\":\"330#authorization-code-flow\",\"2743\":\"330#bearer-token-authentication\",\"2744\":\"330#additional-odic-configuration-parameter\",\"2745\":\"330#example\",\"2746\":\"331\",\"2747\":\"331#overview\",\"2748\":\"332\",\"2749\":\"332#app-server-ip\",\"2750\":\"332#https-server-name-port\",\"2751\":\"332#proxy-pass-connection-timeout-http\",\"2752\":\"332#proxy-pass-connection-timeout-ws\",\"2753\":\"332#proxy-pass-timeout-http\",\"2754\":\"332#proxy-pass-timeout-ws\",\"2755\":\"332#server-context-path\",\"2756\":\"332#ssl-ca-certificate-file\",\"2757\":\"332#ssl-ca-dn-request-file\",\"2758\":\"332#ssl-certificate-chain-file\",\"2759\":\"332#ssl-certificate-file\",\"2760\":\"332#ssl-certificate-key-file\",\"2761\":\"332#ssl-verify-client\",\"2762\":\"333\",\"2763\":\"333#overview\",\"2764\":\"334\",\"2765\":\"334#overview\",\"2766\":\"334#matching-users\",\"2767\":\"334#thumbprint\",\"2768\":\"334#email\",\"2769\":\"334#token-role-and-token-group\",\"2770\":\"334#dsf-and-practitioner-roles\",\"2771\":\"334#dsf-role\",\"2772\":\"334#practitioner-role\",\"2773\":\"334#examples\",\"2774\":\"335\",\"2775\":\"335#dev-dsf-server-api-host\",\"2776\":\"335#dev-dsf-server-api-port\",\"2777\":\"335#dev-dsf-server-auth-client-certificate-header\",\"2778\":\"335#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2779\":\"335#dev-dsf-server-auth-oidc-back-channel-logout\",\"2780\":\"335#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2781\":\"335#dev-dsf-server-auth-oidc-bearer-token\",\"2782\":\"335#dev-dsf-server-auth-oidc-client-id\",\"2783\":\"335#dev-dsf-server-auth-oidc-client-secret\",\"2784\":\"335#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2785\":\"335#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2786\":\"335#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2787\":\"335#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2788\":\"335#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2789\":\"335#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2790\":\"335#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2791\":\"335#dev-dsf-server-auth-trust-client-certificate-cas\",\"2792\":\"335#dev-dsf-server-certificate\",\"2793\":\"335#dev-dsf-server-certificate-chain\",\"2794\":\"335#dev-dsf-server-certificate-key\",\"2795\":\"335#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2796\":\"335#dev-dsf-server-context-path\",\"2797\":\"335#dev-dsf-server-status-host\",\"2798\":\"335#dev-dsf-server-status-port\",\"2799\":\"335#dev-dsf-bpe-db-liquibase-forceunlock\",\"2800\":\"335#dev-dsf-bpe-db-liquibase-lockwaittime\",\"2801\":\"335#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"2802\":\"335#dev-dsf-bpe-db-liquibase-username\",\"2803\":\"335#dev-dsf-bpe-db-url\",\"2804\":\"335#dev-dsf-bpe-db-user-camunda-group\",\"2805\":\"335#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"2806\":\"335#dev-dsf-bpe-db-user-camunda-username\",\"2807\":\"335#dev-dsf-bpe-db-user-group\",\"2808\":\"335#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"2809\":\"335#dev-dsf-bpe-db-user-username\",\"2810\":\"335#dev-dsf-bpe-debug-log-message-currentuser\",\"2811\":\"335#dev-dsf-bpe-debug-log-message-dbstatement\",\"2812\":\"335#dev-dsf-bpe-debug-log-message-onactivityend\",\"2813\":\"335#dev-dsf-bpe-debug-log-message-onactivitystart\",\"2814\":\"335#dev-dsf-bpe-debug-log-message-variables\",\"2815\":\"335#dev-dsf-bpe-debug-log-message-variableslocal\",\"2816\":\"335#dev-dsf-bpe-debug-log-message-webservicerequest\",\"2817\":\"335#dev-dsf-bpe-fhir-client-certificate\",\"2818\":\"335#dev-dsf-bpe-fhir-client-certificate-private-key\",\"2819\":\"335#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"2820\":\"335#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"2821\":\"335#dev-dsf-bpe-fhir-client-local-timeout-read\",\"2822\":\"335#dev-dsf-bpe-fhir-client-local-verbose\",\"2823\":\"335#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"2824\":\"335#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"2825\":\"335#dev-dsf-bpe-fhir-client-remote-verbose\",\"2826\":\"335#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"2827\":\"335#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"2828\":\"335#dev-dsf-bpe-fhir-server-base-url\",\"2829\":\"335#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"2830\":\"335#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"2831\":\"335#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"2832\":\"335#dev-dsf-bpe-mail-client-certificate\",\"2833\":\"335#dev-dsf-bpe-mail-client-certificate-private-key\",\"2834\":\"335#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"2835\":\"335#dev-dsf-bpe-mail-fromaddress\",\"2836\":\"335#dev-dsf-bpe-mail-host\",\"2837\":\"335#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"2838\":\"335#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"2839\":\"335#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"2840\":\"335#dev-dsf-bpe-mail-port\",\"2841\":\"335#dev-dsf-bpe-mail-replytoaddresses\",\"2842\":\"335#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"2843\":\"335#dev-dsf-bpe-mail-sendtestmailonstartup\",\"2844\":\"335#dev-dsf-bpe-mail-smime-p12keystore\",\"2845\":\"335#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"2846\":\"335#dev-dsf-bpe-mail-toaddresses\",\"2847\":\"335#dev-dsf-bpe-mail-toaddressescc\",\"2848\":\"335#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"2849\":\"335#dev-dsf-bpe-mail-username\",\"2850\":\"335#dev-dsf-bpe-mail-usesmtps\",\"2851\":\"335#dev-dsf-bpe-process-engine-corepoolsize\",\"2852\":\"335#dev-dsf-bpe-process-engine-maxpoolsize\",\"2853\":\"335#dev-dsf-bpe-process-engine-queuesize\",\"2854\":\"335#dev-dsf-bpe-process-excluded\",\"2855\":\"335#dev-dsf-bpe-process-fhir-server-retry-max\",\"2856\":\"335#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"2857\":\"335#dev-dsf-bpe-process-plugin-directroy\",\"2858\":\"335#dev-dsf-bpe-process-retired\",\"2859\":\"335#dev-dsf-bpe-process-threads\",\"2860\":\"335#dev-dsf-bpe-server-base-url\",\"2861\":\"335#dev-dsf-bpe-server-roleconfig\",\"2862\":\"335#dev-dsf-bpe-server-static-resource-cache\",\"2863\":\"335#dev-dsf-bpe-server-ui-theme\",\"2864\":\"335#dev-dsf-proxy-noproxy\",\"2865\":\"335#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2866\":\"335#dev-dsf-proxy-url\",\"2867\":\"335#dev-dsf-proxy-username\",\"2868\":\"336\",\"2869\":\"336#overview\",\"2870\":\"336#authorization-code-flow\",\"2871\":\"336#additional-odic-configuration-parameter\",\"2872\":\"336#example\",\"2873\":\"337\",\"2874\":\"337#overview\",\"2875\":\"338\",\"2876\":\"338#app-server-ip\",\"2877\":\"338#https-server-name-port\",\"2878\":\"338#proxy-pass-connection-timeout-http\",\"2879\":\"338#proxy-pass-connection-timeout-ws\",\"2880\":\"338#proxy-pass-timeout-http\",\"2881\":\"338#proxy-pass-timeout-ws\",\"2882\":\"338#server-context-path\",\"2883\":\"338#ssl-ca-certificate-file\",\"2884\":\"338#ssl-ca-dn-request-file\",\"2885\":\"338#ssl-certificate-chain-file\",\"2886\":\"338#ssl-certificate-file\",\"2887\":\"338#ssl-certificate-key-file\",\"2888\":\"338#ssl-verify-client\",\"2889\":\"339\",\"2890\":\"339#overview\",\"2891\":\"340\",\"2892\":\"340#overview\",\"2893\":\"340#matching-users\",\"2894\":\"340#thumbprint\",\"2895\":\"340#email\",\"2896\":\"340#token-role-and-token-group\",\"2897\":\"340#dsf-and-practitioner-roles\",\"2898\":\"340#dsf-role\",\"2899\":\"340#practitioner-role\",\"2900\":\"340#examples\",\"2901\":\"341\",\"2902\":\"341#dev-dsf-fhir-client-certificate\",\"2903\":\"341#dev-dsf-fhir-client-certificate-private-key\",\"2904\":\"341#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"2905\":\"341#dev-dsf-fhir-client-timeout-connect\",\"2906\":\"341#dev-dsf-fhir-client-timeout-read\",\"2907\":\"341#dev-dsf-fhir-client-trust-server-certificate-cas\",\"2908\":\"341#dev-dsf-fhir-client-verbose\",\"2909\":\"341#dev-dsf-fhir-db-liquibase-forceunlock\",\"2910\":\"341#dev-dsf-fhir-db-liquibase-lockwaittime\",\"2911\":\"341#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"2912\":\"341#dev-dsf-fhir-db-liquibase-username\",\"2913\":\"341#dev-dsf-fhir-db-url\",\"2914\":\"341#dev-dsf-fhir-db-user-group\",\"2915\":\"341#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"2916\":\"341#dev-dsf-fhir-db-user-permanent-delete-group\",\"2917\":\"341#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"2918\":\"341#dev-dsf-fhir-db-user-permanent-delete-username\",\"2919\":\"341#dev-dsf-fhir-db-user-username\",\"2920\":\"341#dev-dsf-fhir-debug-log-message-currentuser\",\"2921\":\"341#dev-dsf-fhir-debug-log-message-dbstatement\",\"2922\":\"341#dev-dsf-fhir-debug-log-message-webservicerequest\",\"2923\":\"341#dev-dsf-fhir-server-base-url\",\"2924\":\"341#dev-dsf-fhir-server-init-bundle\",\"2925\":\"341#dev-dsf-fhir-server-organization-identifier-value\",\"2926\":\"341#dev-dsf-fhir-server-organization-thumbprint\",\"2927\":\"341#dev-dsf-fhir-server-page-count\",\"2928\":\"341#dev-dsf-fhir-server-roleconfig\",\"2929\":\"341#dev-dsf-fhir-server-static-resource-cache\",\"2930\":\"341#dev-dsf-fhir-server-ui-theme\",\"2931\":\"341#dev-dsf-proxy-noproxy\",\"2932\":\"341#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"2933\":\"341#dev-dsf-proxy-url\",\"2934\":\"341#dev-dsf-proxy-username\",\"2935\":\"341#dev-dsf-server-api-host\",\"2936\":\"341#dev-dsf-server-api-port\",\"2937\":\"341#dev-dsf-server-auth-client-certificate-header\",\"2938\":\"341#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2939\":\"341#dev-dsf-server-auth-oidc-back-channel-logout\",\"2940\":\"341#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"2941\":\"341#dev-dsf-server-auth-oidc-bearer-token\",\"2942\":\"341#dev-dsf-server-auth-oidc-client-id\",\"2943\":\"341#dev-dsf-server-auth-oidc-client-secret\",\"2944\":\"341#dev-dsf-server-auth-oidc-provider-client-certificate\",\"2945\":\"341#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"2946\":\"341#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"2947\":\"341#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"2948\":\"341#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"2949\":\"341#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"2950\":\"341#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"2951\":\"341#dev-dsf-server-auth-trust-client-certificate-cas\",\"2952\":\"341#dev-dsf-server-certificate\",\"2953\":\"341#dev-dsf-server-certificate-chain\",\"2954\":\"341#dev-dsf-server-certificate-key\",\"2955\":\"341#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"2956\":\"341#dev-dsf-server-context-path\",\"2957\":\"341#dev-dsf-server-status-host\",\"2958\":\"341#dev-dsf-server-status-port\",\"2959\":\"342\",\"2960\":\"342#overview\",\"2961\":\"342#authorization-code-flow\",\"2962\":\"342#bearer-token-authentication\",\"2963\":\"342#additional-odic-configuration-parameter\",\"2964\":\"342#example\",\"2965\":\"343\",\"2966\":\"343#overview\",\"2967\":\"344\",\"2968\":\"344#app-server-ip\",\"2969\":\"344#https-server-name-port\",\"2970\":\"344#proxy-pass-connection-timeout-http\",\"2971\":\"344#proxy-pass-connection-timeout-ws\",\"2972\":\"344#proxy-pass-timeout-http\",\"2973\":\"344#proxy-pass-timeout-ws\",\"2974\":\"344#server-context-path\",\"2975\":\"344#ssl-ca-certificate-file\",\"2976\":\"344#ssl-ca-dn-request-file\",\"2977\":\"344#ssl-certificate-chain-file\",\"2978\":\"344#ssl-certificate-file\",\"2979\":\"344#ssl-certificate-key-file\",\"2980\":\"344#ssl-verify-client\",\"2981\":\"345\",\"2982\":\"345#overview\",\"2983\":\"346\",\"2984\":\"346#overview\",\"2985\":\"346#matching-users\",\"2986\":\"346#thumbprint\",\"2987\":\"346#email\",\"2988\":\"346#token-role-and-token-group\",\"2989\":\"346#dsf-and-practitioner-roles\",\"2990\":\"346#dsf-role\",\"2991\":\"346#practitioner-role\",\"2992\":\"346#examples\",\"2993\":\"347\",\"2994\":\"347#dev-dsf-server-api-host\",\"2995\":\"347#dev-dsf-server-api-port\",\"2996\":\"347#dev-dsf-server-auth-client-certificate-header\",\"2997\":\"347#dev-dsf-server-auth-oidc-authorization-code-flow\",\"2998\":\"347#dev-dsf-server-auth-oidc-back-channel-logout\",\"2999\":\"347#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"3000\":\"347#dev-dsf-server-auth-oidc-bearer-token\",\"3001\":\"347#dev-dsf-server-auth-oidc-client-id\",\"3002\":\"347#dev-dsf-server-auth-oidc-client-secret\",\"3003\":\"347#dev-dsf-server-auth-oidc-provider-client-certificate\",\"3004\":\"347#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"3005\":\"347#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"3006\":\"347#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"3007\":\"347#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"3008\":\"347#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"3009\":\"347#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"3010\":\"347#dev-dsf-server-auth-trust-client-certificate-cas\",\"3011\":\"347#dev-dsf-server-certificate\",\"3012\":\"347#dev-dsf-server-certificate-chain\",\"3013\":\"347#dev-dsf-server-certificate-key\",\"3014\":\"347#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"3015\":\"347#dev-dsf-server-context-path\",\"3016\":\"347#dev-dsf-server-status-host\",\"3017\":\"347#dev-dsf-server-status-port\",\"3018\":\"347#dev-dsf-bpe-db-liquibase-forceunlock\",\"3019\":\"347#dev-dsf-bpe-db-liquibase-lockwaittime\",\"3020\":\"347#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"3021\":\"347#dev-dsf-bpe-db-liquibase-username\",\"3022\":\"347#dev-dsf-bpe-db-url\",\"3023\":\"347#dev-dsf-bpe-db-user-camunda-group\",\"3024\":\"347#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"3025\":\"347#dev-dsf-bpe-db-user-camunda-username\",\"3026\":\"347#dev-dsf-bpe-db-user-group\",\"3027\":\"347#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"3028\":\"347#dev-dsf-bpe-db-user-username\",\"3029\":\"347#dev-dsf-bpe-debug-log-message-currentuser\",\"3030\":\"347#dev-dsf-bpe-debug-log-message-dbstatement\",\"3031\":\"347#dev-dsf-bpe-debug-log-message-onactivityend\",\"3032\":\"347#dev-dsf-bpe-debug-log-message-onactivitystart\",\"3033\":\"347#dev-dsf-bpe-debug-log-message-variables\",\"3034\":\"347#dev-dsf-bpe-debug-log-message-variableslocal\",\"3035\":\"347#dev-dsf-bpe-debug-log-message-webservicerequest\",\"3036\":\"347#dev-dsf-bpe-fhir-client-certificate\",\"3037\":\"347#dev-dsf-bpe-fhir-client-certificate-private-key\",\"3038\":\"347#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"3039\":\"347#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"3040\":\"347#dev-dsf-bpe-fhir-client-local-timeout-read\",\"3041\":\"347#dev-dsf-bpe-fhir-client-local-verbose\",\"3042\":\"347#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"3043\":\"347#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"3044\":\"347#dev-dsf-bpe-fhir-client-remote-verbose\",\"3045\":\"347#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"3046\":\"347#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"3047\":\"347#dev-dsf-bpe-fhir-server-base-url\",\"3048\":\"347#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"3049\":\"347#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"3050\":\"347#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"3051\":\"347#dev-dsf-bpe-mail-client-certificate\",\"3052\":\"347#dev-dsf-bpe-mail-client-certificate-private-key\",\"3053\":\"347#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"3054\":\"347#dev-dsf-bpe-mail-fromaddress\",\"3055\":\"347#dev-dsf-bpe-mail-host\",\"3056\":\"347#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"3057\":\"347#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"3058\":\"347#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"3059\":\"347#dev-dsf-bpe-mail-port\",\"3060\":\"347#dev-dsf-bpe-mail-replytoaddresses\",\"3061\":\"347#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"3062\":\"347#dev-dsf-bpe-mail-sendtestmailonstartup\",\"3063\":\"347#dev-dsf-bpe-mail-smime-p12keystore\",\"3064\":\"347#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"3065\":\"347#dev-dsf-bpe-mail-toaddresses\",\"3066\":\"347#dev-dsf-bpe-mail-toaddressescc\",\"3067\":\"347#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"3068\":\"347#dev-dsf-bpe-mail-username\",\"3069\":\"347#dev-dsf-bpe-mail-usesmtps\",\"3070\":\"347#dev-dsf-bpe-process-engine-corepoolsize\",\"3071\":\"347#dev-dsf-bpe-process-engine-maxpoolsize\",\"3072\":\"347#dev-dsf-bpe-process-engine-queuesize\",\"3073\":\"347#dev-dsf-bpe-process-excluded\",\"3074\":\"347#dev-dsf-bpe-process-fhir-server-retry-max\",\"3075\":\"347#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"3076\":\"347#dev-dsf-bpe-process-plugin-directroy\",\"3077\":\"347#dev-dsf-bpe-process-retired\",\"3078\":\"347#dev-dsf-bpe-process-threads\",\"3079\":\"347#dev-dsf-bpe-server-base-url\",\"3080\":\"347#dev-dsf-bpe-server-roleconfig\",\"3081\":\"347#dev-dsf-bpe-server-static-resource-cache\",\"3082\":\"347#dev-dsf-bpe-server-ui-theme\",\"3083\":\"347#dev-dsf-proxy-noproxy\",\"3084\":\"347#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"3085\":\"347#dev-dsf-proxy-url\",\"3086\":\"347#dev-dsf-proxy-username\",\"3087\":\"348\",\"3088\":\"348#overview\",\"3089\":\"348#authorization-code-flow\",\"3090\":\"348#additional-odic-configuration-parameter\",\"3091\":\"348#example\",\"3092\":\"349\",\"3093\":\"349#overview\",\"3094\":\"350\",\"3095\":\"350#app-server-ip\",\"3096\":\"350#https-server-name-port\",\"3097\":\"350#proxy-pass-connection-timeout-http\",\"3098\":\"350#proxy-pass-connection-timeout-ws\",\"3099\":\"350#proxy-pass-timeout-http\",\"3100\":\"350#proxy-pass-timeout-ws\",\"3101\":\"350#server-context-path\",\"3102\":\"350#ssl-ca-certificate-file\",\"3103\":\"350#ssl-ca-dn-request-file\",\"3104\":\"350#ssl-certificate-chain-file\",\"3105\":\"350#ssl-certificate-file\",\"3106\":\"350#ssl-certificate-key-file\",\"3107\":\"350#ssl-verify-client\",\"3108\":\"351\",\"3109\":\"351#overview\",\"3110\":\"352\",\"3111\":\"352#overview\",\"3112\":\"352#matching-users\",\"3113\":\"352#thumbprint\",\"3114\":\"352#email\",\"3115\":\"352#token-role-and-token-group\",\"3116\":\"352#dsf-and-practitioner-roles\",\"3117\":\"352#dsf-role\",\"3118\":\"352#practitioner-role\",\"3119\":\"352#examples\",\"3120\":\"353\",\"3121\":\"353#dev-dsf-fhir-client-certificate\",\"3122\":\"353#dev-dsf-fhir-client-certificate-private-key\",\"3123\":\"353#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"3124\":\"353#dev-dsf-fhir-client-timeout-connect\",\"3125\":\"353#dev-dsf-fhir-client-timeout-read\",\"3126\":\"353#dev-dsf-fhir-client-trust-server-certificate-cas\",\"3127\":\"353#dev-dsf-fhir-client-verbose\",\"3128\":\"353#dev-dsf-fhir-db-liquibase-forceunlock\",\"3129\":\"353#dev-dsf-fhir-db-liquibase-lockwaittime\",\"3130\":\"353#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"3131\":\"353#dev-dsf-fhir-db-liquibase-username\",\"3132\":\"353#dev-dsf-fhir-db-url\",\"3133\":\"353#dev-dsf-fhir-db-user-group\",\"3134\":\"353#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"3135\":\"353#dev-dsf-fhir-db-user-permanent-delete-group\",\"3136\":\"353#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"3137\":\"353#dev-dsf-fhir-db-user-permanent-delete-username\",\"3138\":\"353#dev-dsf-fhir-db-user-username\",\"3139\":\"353#dev-dsf-fhir-debug-log-message-currentuser\",\"3140\":\"353#dev-dsf-fhir-debug-log-message-dbstatement\",\"3141\":\"353#dev-dsf-fhir-debug-log-message-webservicerequest\",\"3142\":\"353#dev-dsf-fhir-server-base-url\",\"3143\":\"353#dev-dsf-fhir-server-init-bundle\",\"3144\":\"353#dev-dsf-fhir-server-organization-identifier-value\",\"3145\":\"353#dev-dsf-fhir-server-organization-thumbprint\",\"3146\":\"353#dev-dsf-fhir-server-page-count\",\"3147\":\"353#dev-dsf-fhir-server-roleconfig\",\"3148\":\"353#dev-dsf-fhir-server-static-resource-cache\",\"3149\":\"353#dev-dsf-fhir-server-ui-theme\",\"3150\":\"353#dev-dsf-proxy-noproxy\",\"3151\":\"353#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"3152\":\"353#dev-dsf-proxy-url\",\"3153\":\"353#dev-dsf-proxy-username\",\"3154\":\"353#dev-dsf-server-api-host\",\"3155\":\"353#dev-dsf-server-api-port\",\"3156\":\"353#dev-dsf-server-auth-client-certificate-header\",\"3157\":\"353#dev-dsf-server-auth-oidc-authorization-code-flow\",\"3158\":\"353#dev-dsf-server-auth-oidc-back-channel-logout\",\"3159\":\"353#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"3160\":\"353#dev-dsf-server-auth-oidc-bearer-token\",\"3161\":\"353#dev-dsf-server-auth-oidc-client-id\",\"3162\":\"353#dev-dsf-server-auth-oidc-client-secret\",\"3163\":\"353#dev-dsf-server-auth-oidc-provider-client-certificate\",\"3164\":\"353#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"3165\":\"353#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"3166\":\"353#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"3167\":\"353#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"3168\":\"353#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"3169\":\"353#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"3170\":\"353#dev-dsf-server-auth-trust-client-certificate-cas\",\"3171\":\"353#dev-dsf-server-certificate\",\"3172\":\"353#dev-dsf-server-certificate-chain\",\"3173\":\"353#dev-dsf-server-certificate-key\",\"3174\":\"353#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"3175\":\"353#dev-dsf-server-context-path\",\"3176\":\"353#dev-dsf-server-status-host\",\"3177\":\"353#dev-dsf-server-status-port\",\"3178\":\"354\",\"3179\":\"354#overview\",\"3180\":\"354#authorization-code-flow\",\"3181\":\"354#bearer-token-authentication\",\"3182\":\"354#additional-odic-configuration-parameter\",\"3183\":\"354#example\",\"3184\":\"355\",\"3185\":\"355#overview\",\"3186\":\"356\",\"3187\":\"356#app-server-ip\",\"3188\":\"356#https-server-name-port\",\"3189\":\"356#proxy-pass-connection-timeout-http\",\"3190\":\"356#proxy-pass-connection-timeout-ws\",\"3191\":\"356#proxy-pass-timeout-http\",\"3192\":\"356#proxy-pass-timeout-ws\",\"3193\":\"356#server-context-path\",\"3194\":\"356#ssl-ca-certificate-file\",\"3195\":\"356#ssl-ca-dn-request-file\",\"3196\":\"356#ssl-certificate-chain-file\",\"3197\":\"356#ssl-certificate-file\",\"3198\":\"356#ssl-certificate-key-file\",\"3199\":\"356#ssl-verify-client\",\"3200\":\"357\",\"3201\":\"357#overview\",\"3202\":\"358\",\"3203\":\"358#overview\",\"3204\":\"358#matching-users\",\"3205\":\"358#thumbprint\",\"3206\":\"358#email\",\"3207\":\"358#token-role-and-token-group\",\"3208\":\"358#dsf-and-practitioner-roles\",\"3209\":\"358#dsf-role\",\"3210\":\"358#practitioner-role\",\"3211\":\"358#examples\",\"3212\":\"359\",\"3213\":\"359#dev-dsf-bpe-db-liquibase-forceunlock\",\"3214\":\"359#dev-dsf-bpe-db-liquibase-lockwaittime\",\"3215\":\"359#dev-dsf-bpe-db-liquibase-password-or-dev-dsf-bpe-db-liquibase-password-file\",\"3216\":\"359#dev-dsf-bpe-db-liquibase-username\",\"3217\":\"359#dev-dsf-bpe-db-url\",\"3218\":\"359#dev-dsf-bpe-db-user-camunda-group\",\"3219\":\"359#dev-dsf-bpe-db-user-camunda-password-or-dev-dsf-bpe-db-user-camunda-password-file\",\"3220\":\"359#dev-dsf-bpe-db-user-camunda-username\",\"3221\":\"359#dev-dsf-bpe-db-user-group\",\"3222\":\"359#dev-dsf-bpe-db-user-password-or-dev-dsf-bpe-db-user-password-file\",\"3223\":\"359#dev-dsf-bpe-db-user-username\",\"3224\":\"359#dev-dsf-bpe-debug-log-message-currentuser\",\"3225\":\"359#dev-dsf-bpe-debug-log-message-dbstatement\",\"3226\":\"359#dev-dsf-bpe-debug-log-message-onactivityend\",\"3227\":\"359#dev-dsf-bpe-debug-log-message-onactivitystart\",\"3228\":\"359#dev-dsf-bpe-debug-log-message-variables\",\"3229\":\"359#dev-dsf-bpe-debug-log-message-variableslocal\",\"3230\":\"359#dev-dsf-bpe-debug-log-message-webservicerequest\",\"3231\":\"359#dev-dsf-bpe-fhir-client-certificate\",\"3232\":\"359#dev-dsf-bpe-fhir-client-certificate-private-key\",\"3233\":\"359#dev-dsf-bpe-fhir-client-certificate-private-key-password-or-dev-dsf-bpe-fhir-client-certificate-private-key-password-file\",\"3234\":\"359#dev-dsf-bpe-fhir-client-local-timeout-connect\",\"3235\":\"359#dev-dsf-bpe-fhir-client-local-timeout-read\",\"3236\":\"359#dev-dsf-bpe-fhir-client-local-verbose\",\"3237\":\"359#dev-dsf-bpe-fhir-client-remote-timeout-connect\",\"3238\":\"359#dev-dsf-bpe-fhir-client-remote-timeout-read\",\"3239\":\"359#dev-dsf-bpe-fhir-client-remote-verbose\",\"3240\":\"359#dev-dsf-bpe-fhir-client-trust-server-certificate-cas\",\"3241\":\"359#dev-dsf-bpe-fhir-questionnaire-response-subscription-search-parameter\",\"3242\":\"359#dev-dsf-bpe-fhir-server-base-url\",\"3243\":\"359#dev-dsf-bpe-fhir-task-subscription-retry-max\",\"3244\":\"359#dev-dsf-bpe-fhir-task-subscription-retry-sleep\",\"3245\":\"359#dev-dsf-bpe-fhir-task-subscription-search-parameter\",\"3246\":\"359#dev-dsf-bpe-mail-client-certificate\",\"3247\":\"359#dev-dsf-bpe-mail-client-certificate-private-key\",\"3248\":\"359#dev-dsf-bpe-mail-client-certificate-private-key-password-or-dev-dsf-bpe-mail-client-certificate-private-key-password-file\",\"3249\":\"359#dev-dsf-bpe-mail-fromaddress\",\"3250\":\"359#dev-dsf-bpe-mail-host\",\"3251\":\"359#dev-dsf-bpe-mail-mailonerrorlogeventbuffersize\",\"3252\":\"359#dev-dsf-bpe-mail-mailonerrorlogeventdebugloglocation\",\"3253\":\"359#dev-dsf-bpe-mail-password-or-dev-dsf-bpe-mail-password-file\",\"3254\":\"359#dev-dsf-bpe-mail-port\",\"3255\":\"359#dev-dsf-bpe-mail-replytoaddresses\",\"3256\":\"359#dev-dsf-bpe-mail-sendmailonerrorlogevent\",\"3257\":\"359#dev-dsf-bpe-mail-sendtestmailonstartup\",\"3258\":\"359#dev-dsf-bpe-mail-smime-p12keystore\",\"3259\":\"359#dev-dsf-bpe-mail-smime-p12keystore-password-or-dev-dsf-bpe-mail-smime-p12keystore-password-file\",\"3260\":\"359#dev-dsf-bpe-mail-toaddresses\",\"3261\":\"359#dev-dsf-bpe-mail-toaddressescc\",\"3262\":\"359#dev-dsf-bpe-mail-trust-server-certificate-cas\",\"3263\":\"359#dev-dsf-bpe-mail-username\",\"3264\":\"359#dev-dsf-bpe-mail-usesmtps\",\"3265\":\"359#dev-dsf-bpe-process-engine-corepoolsize\",\"3266\":\"359#dev-dsf-bpe-process-engine-maxpoolsize\",\"3267\":\"359#dev-dsf-bpe-process-engine-queuesize\",\"3268\":\"359#dev-dsf-bpe-process-excluded\",\"3269\":\"359#dev-dsf-bpe-process-fhir-server-retry-max\",\"3270\":\"359#dev-dsf-bpe-process-fhir-server-retry-sleep\",\"3271\":\"359#dev-dsf-bpe-process-plugin-directroy\",\"3272\":\"359#dev-dsf-bpe-process-retired\",\"3273\":\"359#dev-dsf-bpe-process-threads\",\"3274\":\"359#dev-dsf-bpe-server-base-url\",\"3275\":\"359#dev-dsf-bpe-server-roleconfig\",\"3276\":\"359#dev-dsf-bpe-server-static-resource-cache\",\"3277\":\"359#dev-dsf-bpe-server-ui-theme\",\"3278\":\"359#dev-dsf-proxy-noproxy\",\"3279\":\"359#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"3280\":\"359#dev-dsf-proxy-url\",\"3281\":\"359#dev-dsf-proxy-username\",\"3282\":\"359#dev-dsf-server-api-host\",\"3283\":\"359#dev-dsf-server-api-port\",\"3284\":\"359#dev-dsf-server-auth-client-certificate-header\",\"3285\":\"359#dev-dsf-server-auth-oidc-authorization-code-flow\",\"3286\":\"359#dev-dsf-server-auth-oidc-back-channel-logout\",\"3287\":\"359#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"3288\":\"359#dev-dsf-server-auth-oidc-bearer-token\",\"3289\":\"359#dev-dsf-server-auth-oidc-client-id\",\"3290\":\"359#dev-dsf-server-auth-oidc-client-secret\",\"3291\":\"359#dev-dsf-server-auth-oidc-provider-client-certificate\",\"3292\":\"359#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"3293\":\"359#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"3294\":\"359#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"3295\":\"359#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"3296\":\"359#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"3297\":\"359#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"3298\":\"359#dev-dsf-server-auth-trust-client-certificate-cas\",\"3299\":\"359#dev-dsf-server-certificate\",\"3300\":\"359#dev-dsf-server-certificate-chain\",\"3301\":\"359#dev-dsf-server-certificate-key\",\"3302\":\"359#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"3303\":\"359#dev-dsf-server-context-path\",\"3304\":\"359#dev-dsf-server-status-host\",\"3305\":\"359#dev-dsf-server-status-port\",\"3306\":\"360\",\"3307\":\"360#overview\",\"3308\":\"360#authorization-code-flow\",\"3309\":\"360#additional-odic-configuration-parameter\",\"3310\":\"360#example\",\"3311\":\"361\",\"3312\":\"361#overview\",\"3313\":\"362\",\"3314\":\"362#app-server-ip\",\"3315\":\"362#https-server-name-port\",\"3316\":\"362#proxy-pass-connection-timeout-http\",\"3317\":\"362#proxy-pass-connection-timeout-ws\",\"3318\":\"362#proxy-pass-timeout-http\",\"3319\":\"362#proxy-pass-timeout-ws\",\"3320\":\"362#server-context-path\",\"3321\":\"362#ssl-ca-certificate-file\",\"3322\":\"362#ssl-ca-dn-request-file\",\"3323\":\"362#ssl-certificate-chain-file\",\"3324\":\"362#ssl-certificate-file\",\"3325\":\"362#ssl-certificate-key-file\",\"3326\":\"362#ssl-expected-client-s-dn-c-values\",\"3327\":\"362#ssl-expected-client-i-dn-cn-values\",\"3328\":\"362#ssl-verify-client\",\"3329\":\"363\",\"3330\":\"363#overview\",\"3331\":\"364\",\"3332\":\"364#overview\",\"3333\":\"364#matching-users\",\"3334\":\"364#thumbprint\",\"3335\":\"364#email\",\"3336\":\"364#token-role-and-token-group\",\"3337\":\"364#dsf-and-practitioner-roles\",\"3338\":\"364#dsf-role\",\"3339\":\"364#practitioner-role\",\"3340\":\"364#examples\",\"3341\":\"365\",\"3342\":\"365#dev-dsf-fhir-client-certificate\",\"3343\":\"365#dev-dsf-fhir-client-certificate-private-key\",\"3344\":\"365#dev-dsf-fhir-client-certificate-private-key-password-or-dev-dsf-fhir-client-certificate-private-key-password-file\",\"3345\":\"365#dev-dsf-fhir-client-timeout-connect\",\"3346\":\"365#dev-dsf-fhir-client-timeout-read\",\"3347\":\"365#dev-dsf-fhir-client-trust-server-certificate-cas\",\"3348\":\"365#dev-dsf-fhir-client-verbose\",\"3349\":\"365#dev-dsf-fhir-db-liquibase-forceunlock\",\"3350\":\"365#dev-dsf-fhir-db-liquibase-lockwaittime\",\"3351\":\"365#dev-dsf-fhir-db-liquibase-password-or-dev-dsf-fhir-db-liquibase-password-file\",\"3352\":\"365#dev-dsf-fhir-db-liquibase-username\",\"3353\":\"365#dev-dsf-fhir-db-url\",\"3354\":\"365#dev-dsf-fhir-db-user-group\",\"3355\":\"365#dev-dsf-fhir-db-user-password-or-dev-dsf-fhir-db-user-password-file\",\"3356\":\"365#dev-dsf-fhir-db-user-permanent-delete-group\",\"3357\":\"365#dev-dsf-fhir-db-user-permanent-delete-password-or-dev-dsf-fhir-db-user-permanent-delete-password-file\",\"3358\":\"365#dev-dsf-fhir-db-user-permanent-delete-username\",\"3359\":\"365#dev-dsf-fhir-db-user-username\",\"3360\":\"365#dev-dsf-fhir-debug-log-message-currentuser\",\"3361\":\"365#dev-dsf-fhir-debug-log-message-dbstatement\",\"3362\":\"365#dev-dsf-fhir-debug-log-message-webservicerequest\",\"3363\":\"365#dev-dsf-fhir-server-base-url\",\"3364\":\"365#dev-dsf-fhir-server-init-bundle\",\"3365\":\"365#dev-dsf-fhir-server-organization-identifier-value\",\"3366\":\"365#dev-dsf-fhir-server-organization-thumbprint\",\"3367\":\"365#dev-dsf-fhir-server-page-count\",\"3368\":\"365#dev-dsf-fhir-server-roleconfig\",\"3369\":\"365#dev-dsf-fhir-server-static-resource-cache\",\"3370\":\"365#dev-dsf-fhir-server-ui-theme\",\"3371\":\"365#dev-dsf-proxy-noproxy\",\"3372\":\"365#dev-dsf-proxy-password-or-dev-dsf-proxy-password-file\",\"3373\":\"365#dev-dsf-proxy-url\",\"3374\":\"365#dev-dsf-proxy-username\",\"3375\":\"365#dev-dsf-server-api-host\",\"3376\":\"365#dev-dsf-server-api-port\",\"3377\":\"365#dev-dsf-server-auth-client-certificate-header\",\"3378\":\"365#dev-dsf-server-auth-oidc-authorization-code-flow\",\"3379\":\"365#dev-dsf-server-auth-oidc-back-channel-logout\",\"3380\":\"365#dev-dsf-server-auth-oidc-back-channel-logout-path\",\"3381\":\"365#dev-dsf-server-auth-oidc-bearer-token\",\"3382\":\"365#dev-dsf-server-auth-oidc-client-id\",\"3383\":\"365#dev-dsf-server-auth-oidc-client-secret\",\"3384\":\"365#dev-dsf-server-auth-oidc-provider-client-certificate\",\"3385\":\"365#dev-dsf-server-auth-oidc-provider-client-certificate-private-key\",\"3386\":\"365#dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-or-dev-dsf-server-auth-oidc-provider-client-certificate-private-key-password-file\",\"3387\":\"365#dev-dsf-server-auth-oidc-provider-client-connecttimeout\",\"3388\":\"365#dev-dsf-server-auth-oidc-provider-client-idletimeout\",\"3389\":\"365#dev-dsf-server-auth-oidc-provider-client-trust-server-certificate-cas\",\"3390\":\"365#dev-dsf-server-auth-oidc-provider-realm-base-url\",\"3391\":\"365#dev-dsf-server-auth-trust-client-certificate-cas\",\"3392\":\"365#dev-dsf-server-certificate\",\"3393\":\"365#dev-dsf-server-certificate-chain\",\"3394\":\"365#dev-dsf-server-certificate-key\",\"3395\":\"365#dev-dsf-server-certificate-key-password-or-dev-dsf-server-certificate-key-password-file\",\"3396\":\"365#dev-dsf-server-context-path\",\"3397\":\"365#dev-dsf-server-status-host\",\"3398\":\"365#dev-dsf-server-status-port\",\"3399\":\"366\",\"3400\":\"366#overview\",\"3401\":\"366#authorization-code-flow\",\"3402\":\"366#bearer-token-authentication\",\"3403\":\"366#additional-odic-configuration-parameter\",\"3404\":\"366#example\",\"3405\":\"367\",\"3406\":\"367#overview\",\"3407\":\"368\",\"3408\":\"368#app-server-ip\",\"3409\":\"368#https-server-name-port\",\"3410\":\"368#proxy-pass-connection-timeout-http\",\"3411\":\"368#proxy-pass-connection-timeout-ws\",\"3412\":\"368#proxy-pass-timeout-http\",\"3413\":\"368#proxy-pass-timeout-ws\",\"3414\":\"368#server-context-path\",\"3415\":\"368#ssl-ca-certificate-file\",\"3416\":\"368#ssl-ca-dn-request-file\",\"3417\":\"368#ssl-certificate-chain-file\",\"3418\":\"368#ssl-certificate-file\",\"3419\":\"368#ssl-certificate-key-file\",\"3420\":\"368#ssl-expected-client-s-dn-c-values\",\"3421\":\"368#ssl-expected-client-i-dn-cn-values\",\"3422\":\"368#ssl-verify-client\",\"3423\":\"369\",\"3424\":\"370\"},\"fieldIds\":{\"h\":0,\"t\":1,\"c\":2},\"fieldLength\":{\"0\":[3,106],\"1\":[1,69],\"2\":[12],\"3\":[1],\"4\":[1,7],\"5\":[4,72],\"6\":[3,58],\"7\":[4],\"8\":[4,35],\"9\":[4,37],\"10\":[4,30],\"11\":[4,24],\"12\":[5,72],\"13\":[6,32],\"14\":[1,130],\"15\":[1,32],\"16\":[1,87],\"17\":[2,70],\"18\":[1,14],\"19\":[1,3],\"20\":[1,26],\"21\":[2,8],\"22\":[3,26],\"23\":[1],\"24\":[1,10],\"25\":[3],\"26\":[1,144],\"27\":[2],\"28\":[3,20],\"29\":[3,25],\"30\":[4,23],\"31\":[6,12],\"32\":[1,83],\"33\":[1,76],\"34\":[4],\"35\":[4,36],\"36\":[2,35],\"37\":[5,105],\"38\":[2,63],\"39\":[2,30],\"40\":[2,42],\"41\":[1,39],\"42\":[4,49],\"43\":[2,45],\"44\":[3,47],\"45\":[2,39],\"46\":[3,47],\"47\":[2,45],\"48\":[4,48],\"49\":[2,45],\"50\":[4,48],\"51\":[2,45],\"52\":[3,48],\"53\":[2,45],\"54\":[4,49],\"55\":[2,45],\"56\":[4,50],\"57\":[2,45],\"58\":[4,49],\"59\":[2,45],\"60\":[3,48],\"61\":[2,45],\"62\":[4,49],\"63\":[2,45],\"64\":[4,50],\"65\":[2,45],\"66\":[4,49],\"67\":[2,45],\"68\":[2],\"69\":[1,7],\"70\":[2],\"71\":[1,25],\"72\":[2,15],\"73\":[4,20],\"74\":[2,31],\"75\":[5,26],\"76\":[1,11],\"77\":[8,43],\"78\":[7,36],\"79\":[6,22],\"80\":[2],\"81\":[11,110],\"82\":[15,68],\"83\":[1,31],\"84\":[2],\"85\":[1,84],\"86\":[3,17],\"87\":[12],\"88\":[1,91],\"89\":[4,55],\"90\":[5,93],\"91\":[2,78],\"92\":[8,10],\"93\":[3,42],\"94\":[1,106],\"95\":[3,96],\"96\":[1,62],\"97\":[8,147],\"98\":[1,169],\"99\":[5,180],\"100\":[6,47],\"101\":[2],\"102\":[1,82],\"103\":[2,48],\"104\":[3,37],\"105\":[3,32],\"106\":[2,41],\"107\":[2,33],\"108\":[3],\"109\":[2,97],\"110\":[1,76],\"111\":[3],\"112\":[2,58],\"113\":[4,59],\"114\":[3,5],\"115\":[3],\"116\":[1,113],\"117\":[1,167],\"118\":[2,32],\"119\":[3,15],\"120\":[4,62],\"121\":[1,12],\"122\":[2,5],\"123\":[2],\"124\":[1,4],\"125\":[1],\"126\":[1,71],\"127\":[3,101],\"128\":[2,56],\"129\":[3,63],\"130\":[4,55],\"131\":[3,9],\"132\":[3],\"133\":[2,9],\"134\":[6,120],\"135\":[7,108],\"136\":[1,41],\"137\":[11,28],\"138\":[3,66],\"139\":[3,55],\"140\":[4],\"141\":[5,78],\"142\":[5,65],\"143\":[1,24],\"144\":[3,14],\"145\":[1,45],\"146\":[3,33],\"147\":[1,71],\"148\":[5,18],\"149\":[1,36],\"150\":[1,45],\"151\":[1,21],\"152\":[3,109],\"153\":[3,100],\"154\":[7,87],\"155\":[2],\"156\":[2,39],\"157\":[2,48],\"158\":[3,12],\"159\":[4,236],\"160\":[4,108],\"161\":[6],\"162\":[4,118],\"163\":[3,62],\"164\":[2,6],\"165\":[1,68],\"166\":[2],\"167\":[2,56],\"168\":[4,57],\"169\":[5,180],\"170\":[6,90],\"171\":[3,18],\"172\":[1],\"173\":[8,14],\"174\":[8,46],\"175\":[9,39],\"176\":[7,25],\"177\":[6,44],\"178\":[8,27],\"179\":[10,40],\"180\":[8,36],\"181\":[7,24],\"182\":[9,36],\"183\":[7,22],\"184\":[8,36],\"185\":[8,36],\"186\":[8,52],\"187\":[7,35],\"188\":[9,47],\"189\":[12,43],\"190\":[11,47],\"191\":[9,34],\"192\":[9,32],\"193\":[9,36],\"194\":[9,37],\"195\":[8,29],\"196\":[12,51],\"197\":[10,36],\"198\":[10,34],\"199\":[11,45],\"200\":[9,31],\"201\":[9,29],\"202\":[9,35],\"203\":[9,36],\"204\":[8,28],\"205\":[8,43],\"206\":[10,33],\"207\":[8,27],\"208\":[9,33],\"209\":[9,33],\"210\":[9,29],\"211\":[9,32],\"212\":[7,44],\"213\":[9,55],\"214\":[12,44],\"215\":[6,16],\"216\":[6,16],\"217\":[6,35],\"218\":[6,41],\"219\":[8,38],\"220\":[6,16],\"221\":[6,26],\"222\":[6,29],\"223\":[6,31],\"224\":[7,37],\"225\":[10,41],\"226\":[6,29],\"227\":[6,27],\"228\":[7,49],\"229\":[6,29],\"230\":[6,21],\"231\":[8,47],\"232\":[8,45],\"233\":[6,47],\"234\":[9,34],\"235\":[9,30],\"236\":[7,43],\"237\":[6,43],\"238\":[8,45],\"239\":[1],\"240\":[8,18],\"241\":[6,33],\"242\":[8,45],\"243\":[11,41],\"244\":[9,41],\"245\":[7,29],\"246\":[7,27],\"247\":[7,36],\"248\":[7,35],\"249\":[7,40],\"250\":[6,27],\"251\":[9,39],\"252\":[7,25],\"253\":[6,44],\"254\":[7,24],\"255\":[9,36],\"256\":[9,28],\"257\":[11,42],\"258\":[9,36],\"259\":[7,22],\"260\":[7,25],\"261\":[7,47],\"262\":[7,48],\"263\":[8,32],\"264\":[7,24],\"265\":[7,50],\"266\":[9,53],\"267\":[1],\"268\":[9],\"269\":[3,23],\"270\":[4,18],\"271\":[5,22],\"272\":[5,22],\"273\":[4,20],\"274\":[4,20],\"275\":[4,36],\"276\":[5,51],\"277\":[4,53],\"278\":[3,25],\"279\":[4,28],\"280\":[1,31],\"281\":[1],\"282\":[2,11],\"283\":[2,78],\"284\":[3,42],\"285\":[3,69],\"286\":[4,42],\"287\":[1],\"288\":[2,31],\"289\":[3,279],\"290\":[3,306],\"291\":[1,28],\"292\":[1],\"293\":[2,11],\"294\":[2,78],\"295\":[3,42],\"296\":[3,69],\"297\":[4,42],\"298\":[1],\"299\":[2,31],\"300\":[3,281],\"301\":[3,288],\"302\":[6,34],\"303\":[5,112],\"304\":[5,222],\"305\":[6,34],\"306\":[5,72],\"307\":[5,202],\"308\":[6,30],\"309\":[5,72],\"310\":[5,163],\"311\":[5,37],\"312\":[5,74],\"313\":[5,116],\"314\":[5,38],\"315\":[5,74],\"316\":[5,116],\"317\":[4],\"318\":[7,66],\"319\":[1,50],\"320\":[4,31],\"321\":[4,26],\"322\":[4,32],\"323\":[4,32],\"324\":[4,34],\"325\":[8,38],\"326\":[4,8],\"327\":[3,182],\"328\":[4,8],\"329\":[4,41],\"330\":[1],\"331\":[8,81],\"332\":[4,113],\"333\":[6,70],\"334\":[3,62],\"335\":[2,48],\"336\":[2],\"337\":[5,27],\"338\":[5,194],\"339\":[4,8],\"340\":[4,20],\"341\":[1,85],\"342\":[2,69],\"343\":[4,8],\"344\":[4,38],\"345\":[1,37],\"346\":[2,96],\"347\":[3,97],\"348\":[5,129],\"349\":[2,92],\"350\":[2],\"351\":[5,27],\"352\":[5,131],\"353\":[4,8],\"354\":[4,60],\"355\":[1],\"356\":[6,117],\"357\":[12,79],\"358\":[4,48],\"359\":[4,28],\"360\":[4,20],\"361\":[3,52],\"362\":[3,65],\"363\":[3,64],\"364\":[2,89],\"365\":[2],\"366\":[5,27],\"367\":[5,146],\"368\":[4,8],\"369\":[4,32],\"370\":[1],\"371\":[2,42],\"372\":[2,46],\"373\":[4,45],\"374\":[2,54],\"375\":[2],\"376\":[5,27],\"377\":[5,107],\"378\":[8,8],\"379\":[8,39],\"380\":[1],\"381\":[5,92],\"382\":[2,24],\"383\":[6,71],\"384\":[4,48],\"385\":[4,28],\"386\":[4,20],\"387\":[3,52],\"388\":[3,65],\"389\":[3,65],\"390\":[2,98],\"391\":[2],\"392\":[5,27],\"393\":[5,174],\"394\":[1,43],\"395\":[1,41],\"396\":[2,27],\"397\":[3,35],\"398\":[2,82],\"399\":[4,46],\"400\":[5,45],\"401\":[2,23],\"402\":[2,24],\"403\":[1,28],\"404\":[2,35],\"405\":[4,39],\"406\":[1],\"407\":[2,55],\"408\":[2,41],\"409\":[2,15],\"410\":[4,15],\"411\":[1,17],\"412\":[1,16],\"413\":[1,46],\"414\":[1,54],\"415\":[3,118],\"416\":[5,66],\"417\":[2,134],\"418\":[1,44],\"419\":[1,210],\"420\":[3],\"421\":[1,11],\"422\":[5,48],\"423\":[6,40],\"424\":[4],\"425\":[1,23],\"426\":[3,14],\"427\":[1,71],\"428\":[1,53],\"429\":[2,81],\"430\":[2,19],\"431\":[1,67],\"432\":[1,17],\"433\":[1,57],\"434\":[5,58],\"435\":[1],\"436\":[2,11],\"437\":[2,75],\"438\":[3,59],\"439\":[3,74],\"440\":[1],\"441\":[2,39],\"442\":[3,243],\"443\":[3,220],\"444\":[1,84],\"445\":[2,40],\"446\":[3,50],\"447\":[3,40],\"448\":[2,24],\"449\":[3,31],\"450\":[3,37],\"451\":[6,36],\"452\":[3,86],\"453\":[2,72],\"454\":[3,86],\"455\":[2,81],\"456\":[6,24],\"457\":[9,175],\"458\":[2,36],\"459\":[6,142],\"460\":[6,91],\"461\":[5,111],\"462\":[5,136],\"463\":[3],\"464\":[1,11],\"465\":[5,41],\"466\":[6,40],\"467\":[4],\"468\":[1,13],\"469\":[3,28],\"470\":[1,87],\"471\":[1,46],\"472\":[2,63],\"473\":[4,72],\"474\":[1],\"475\":[2,11],\"476\":[2,75],\"477\":[3,59],\"478\":[3,74],\"479\":[1],\"480\":[2,31],\"481\":[3,266],\"482\":[3,229],\"483\":[1,92],\"484\":[2,40],\"485\":[6,69],\"486\":[3],\"487\":[1,11],\"488\":[5,41],\"489\":[6,40],\"490\":[4],\"491\":[1,22],\"492\":[3,28],\"493\":[1,87],\"494\":[1,47],\"495\":[2,63],\"496\":[4,72],\"497\":[1],\"498\":[2,11],\"499\":[2,75],\"500\":[3,59],\"501\":[3,74],\"502\":[1],\"503\":[2,31],\"504\":[3,257],\"505\":[3,231],\"506\":[1,92],\"507\":[2,40],\"508\":[6,69],\"509\":[5,28],\"510\":[5,57],\"511\":[5,96],\"512\":[3],\"513\":[1,11],\"514\":[5,41],\"515\":[6,40],\"516\":[4],\"517\":[1,23],\"518\":[3,28],\"519\":[1,87],\"520\":[1,47],\"521\":[2,63],\"522\":[5,72],\"523\":[1],\"524\":[2,11],\"525\":[2,75],\"526\":[3,59],\"527\":[3,74],\"528\":[1],\"529\":[2,31],\"530\":[3,259],\"531\":[3,232],\"532\":[1,92],\"533\":[2,40],\"534\":[6,69],\"535\":[5,29],\"536\":[5,121],\"537\":[5,142],\"538\":[3],\"539\":[1,11],\"540\":[5,41],\"541\":[6,40],\"542\":[4],\"543\":[1,23],\"544\":[3,30],\"545\":[1,77],\"546\":[1,52],\"547\":[2,80],\"548\":[2,11],\"549\":[2,15],\"550\":[2,14],\"551\":[2,10],\"552\":[5,58],\"553\":[1],\"554\":[2,11],\"555\":[2,75],\"556\":[3,59],\"557\":[3,74],\"558\":[1],\"559\":[2,31],\"560\":[3,259],\"561\":[3,232],\"562\":[1,92],\"563\":[2,40],\"564\":[6,142],\"565\":[6,38],\"566\":[5,58],\"567\":[5,97],\"568\":[3],\"569\":[1,11],\"570\":[5,41],\"571\":[6,40],\"572\":[4],\"573\":[1,23],\"574\":[3,30],\"575\":[1,71],\"576\":[1,53],\"577\":[2,81],\"578\":[2,11],\"579\":[2,15],\"580\":[2,14],\"581\":[2,10],\"582\":[4,58],\"583\":[1],\"584\":[2,11],\"585\":[2,75],\"586\":[3,59],\"587\":[3,74],\"588\":[1],\"589\":[2,31],\"590\":[3,258],\"591\":[3,219],\"592\":[1,92],\"593\":[2,40],\"594\":[6,142],\"595\":[6,28],\"596\":[5,57],\"597\":[5,96],\"598\":[3],\"599\":[1,11],\"600\":[5,41],\"601\":[6,40],\"602\":[4],\"603\":[1,23],\"604\":[3,30],\"605\":[1,71],\"606\":[1,53],\"607\":[2,81],\"608\":[2,11],\"609\":[2,15],\"610\":[2,19],\"611\":[2,10],\"612\":[5,58],\"613\":[1],\"614\":[2,11],\"615\":[2,75],\"616\":[3,59],\"617\":[3,74],\"618\":[1],\"619\":[2,31],\"620\":[3,259],\"621\":[3,220],\"622\":[1,92],\"623\":[2,40],\"624\":[6,142],\"625\":[5,28],\"626\":[5,57],\"627\":[5,96],\"628\":[2,35],\"629\":[4,39],\"630\":[1],\"631\":[2,55],\"632\":[2,41],\"633\":[2,15],\"634\":[4,15],\"635\":[1,17],\"636\":[1,16],\"637\":[1,46],\"638\":[1,54],\"639\":[3,118],\"640\":[5,66],\"641\":[2,134],\"642\":[1,44],\"643\":[1,210],\"644\":[3],\"645\":[1,11],\"646\":[5,48],\"647\":[6,40],\"648\":[4],\"649\":[1,23],\"650\":[3,30],\"651\":[1,71],\"652\":[1,53],\"653\":[2,81],\"654\":[2,11],\"655\":[2,15],\"656\":[2,18],\"657\":[2,10],\"658\":[5,58],\"659\":[1],\"660\":[2,11],\"661\":[2,75],\"662\":[3,59],\"663\":[3,74],\"664\":[1],\"665\":[2,31],\"666\":[3,259],\"667\":[3,220],\"668\":[1,92],\"669\":[2,40],\"670\":[6,142],\"671\":[6,29],\"672\":[5,59],\"673\":[5,98],\"674\":[2,35],\"675\":[4,39],\"676\":[1],\"677\":[2,55],\"678\":[2,41],\"679\":[2,15],\"680\":[4,15],\"681\":[1,17],\"682\":[1,16],\"683\":[1,46],\"684\":[1,54],\"685\":[3,118],\"686\":[5,66],\"687\":[2,134],\"688\":[1,44],\"689\":[1,210],\"690\":[3],\"691\":[1,11],\"692\":[5,48],\"693\":[6,40],\"694\":[4],\"695\":[1,23],\"696\":[3,30],\"697\":[1,71],\"698\":[1,53],\"699\":[2,81],\"700\":[2,11],\"701\":[2,15],\"702\":[2,18],\"703\":[2,10],\"704\":[5,58],\"705\":[1],\"706\":[2,11],\"707\":[2,75],\"708\":[3,59],\"709\":[3,74],\"710\":[1],\"711\":[2,31],\"712\":[3,259],\"713\":[3,220],\"714\":[1,92],\"715\":[2,40],\"716\":[6,142],\"717\":[6,29],\"718\":[5,59],\"719\":[5,98],\"720\":[2,35],\"721\":[4,39],\"722\":[1],\"723\":[2,55],\"724\":[2,41],\"725\":[2,15],\"726\":[4,15],\"727\":[1,17],\"728\":[1,16],\"729\":[1,46],\"730\":[1,54],\"731\":[3,118],\"732\":[5,66],\"733\":[2,134],\"734\":[1,44],\"735\":[1,210],\"736\":[3],\"737\":[1,11],\"738\":[5,48],\"739\":[6,40],\"740\":[4],\"741\":[1,23],\"742\":[3,30],\"743\":[1,71],\"744\":[1,53],\"745\":[2,81],\"746\":[2,11],\"747\":[2,15],\"748\":[2,20],\"749\":[2,10],\"750\":[4,58],\"751\":[1],\"752\":[2,11],\"753\":[2,75],\"754\":[3,59],\"755\":[3,74],\"756\":[1],\"757\":[2,31],\"758\":[3,258],\"759\":[3,219],\"760\":[1,84],\"761\":[2,40],\"762\":[6,142],\"763\":[6,28],\"764\":[5,58],\"765\":[5,97],\"766\":[2,35],\"767\":[4,39],\"768\":[1],\"769\":[2,55],\"770\":[2,41],\"771\":[2,15],\"772\":[4,15],\"773\":[1,17],\"774\":[1,16],\"775\":[1,46],\"776\":[1,54],\"777\":[3,118],\"778\":[5,66],\"779\":[2,134],\"780\":[1,44],\"781\":[1,210],\"782\":[3],\"783\":[1,11],\"784\":[5,48],\"785\":[6,40],\"786\":[4],\"787\":[1,24],\"788\":[3,30],\"789\":[1,71],\"790\":[1,53],\"791\":[2,81],\"792\":[2,19],\"793\":[1,66],\"794\":[1,17],\"795\":[1,57],\"796\":[5,58],\"797\":[1],\"798\":[2,11],\"799\":[2,75],\"800\":[3,59],\"801\":[3,74],\"802\":[1],\"803\":[2,31],\"804\":[3,259],\"805\":[3,220],\"806\":[1,84],\"807\":[2,40],\"808\":[6,142],\"809\":[5,28],\"810\":[5,58],\"811\":[5,97],\"812\":[2,35],\"813\":[4,39],\"814\":[1],\"815\":[2,55],\"816\":[2,41],\"817\":[2,15],\"818\":[4,15],\"819\":[1,17],\"820\":[1,16],\"821\":[1,46],\"822\":[1,54],\"823\":[3,118],\"824\":[5,66],\"825\":[2,134],\"826\":[1,44],\"827\":[1,210],\"828\":[3],\"829\":[1,11],\"830\":[5,48],\"831\":[6,40],\"832\":[4],\"833\":[1,23],\"834\":[3,14],\"835\":[1,71],\"836\":[1,53],\"837\":[2,81],\"838\":[2,19],\"839\":[1,66],\"840\":[1,17],\"841\":[1,57],\"842\":[5,58],\"843\":[1],\"844\":[2,11],\"845\":[2,75],\"846\":[3,59],\"847\":[3,74],\"848\":[1],\"849\":[2,31],\"850\":[3,259],\"851\":[3,220],\"852\":[1,84],\"853\":[2,40],\"854\":[6,142],\"855\":[6,20],\"856\":[5,60],\"857\":[5,99],\"858\":[2,35],\"859\":[4,39],\"860\":[1],\"861\":[2,55],\"862\":[2,41],\"863\":[2,15],\"864\":[4,15],\"865\":[1,17],\"866\":[1,16],\"867\":[1,46],\"868\":[1,54],\"869\":[3,118],\"870\":[5,66],\"871\":[2,134],\"872\":[1,44],\"873\":[1,210],\"874\":[3],\"875\":[1,11],\"876\":[5,48],\"877\":[6,40],\"878\":[4],\"879\":[1,23],\"880\":[3,14],\"881\":[1,71],\"882\":[1,53],\"883\":[2,81],\"884\":[2,19],\"885\":[1,67],\"886\":[1,17],\"887\":[1,57],\"888\":[5,58],\"889\":[1],\"890\":[2,11],\"891\":[2,75],\"892\":[3,59],\"893\":[3,74],\"894\":[1],\"895\":[2,39],\"896\":[3,243],\"897\":[3,220],\"898\":[1,84],\"899\":[2,40],\"900\":[3,50],\"901\":[3,40],\"902\":[2,24],\"903\":[3,31],\"904\":[3,37],\"905\":[6,36],\"906\":[3,86],\"907\":[2,72],\"908\":[3,86],\"909\":[2,81],\"910\":[6,24],\"911\":[9,175],\"912\":[2,36],\"913\":[6,142],\"914\":[6,91],\"915\":[5,111],\"916\":[5,136],\"917\":[2],\"918\":[1,6],\"919\":[2],\"920\":[1,126],\"921\":[2,25],\"922\":[1,28],\"923\":[1,51],\"924\":[4,22],\"925\":[4,11],\"926\":[2,19],\"927\":[2,11],\"928\":[1,60],\"929\":[2],\"930\":[6,31],\"931\":[6,20],\"932\":[8,37],\"933\":[6,23],\"934\":[5,42],\"935\":[7,25],\"936\":[9,38],\"937\":[7,33],\"938\":[6,22],\"939\":[8,34],\"940\":[6,20],\"941\":[7,39],\"942\":[7,38],\"943\":[7,35],\"944\":[7,35],\"945\":[7,50],\"946\":[7,52],\"947\":[7,38],\"948\":[6,34],\"949\":[8,45],\"950\":[11,41],\"951\":[8,35],\"952\":[8,36],\"953\":[7,28],\"954\":[8,34],\"955\":[8,35],\"956\":[7,27],\"957\":[9,47],\"958\":[9,32],\"959\":[7,26],\"960\":[8,32],\"961\":[8,28],\"962\":[8,31],\"963\":[6,42],\"964\":[8,53],\"965\":[11,42],\"966\":[5,15],\"967\":[5,15],\"968\":[5,34],\"969\":[5,40],\"970\":[7,36],\"971\":[5,15],\"972\":[5,25],\"973\":[5,28],\"974\":[5,30],\"975\":[6,36],\"976\":[9,39],\"977\":[5,28],\"978\":[5,26],\"979\":[8,51],\"980\":[5,27],\"981\":[5,20],\"982\":[6,18],\"983\":[6,28],\"984\":[6,28],\"985\":[5,53],\"986\":[8,33],\"987\":[8,29],\"988\":[6,42],\"989\":[5,46],\"990\":[5,31],\"991\":[6,26],\"992\":[5,19],\"993\":[7,23],\"994\":[6,27],\"995\":[4,42],\"996\":[6,27],\"997\":[4,29],\"998\":[4,14],\"999\":[5,19],\"1000\":[5,16],\"1001\":[7,21],\"1002\":[8,35],\"1003\":[8,39],\"1004\":[9,22],\"1005\":[7,31],\"1006\":[7,26],\"1007\":[7,26],\"1008\":[8,31],\"1009\":[10,48],\"1010\":[13,44],\"1011\":[8,19],\"1012\":[8,19],\"1013\":[10,43],\"1014\":[9,23],\"1015\":[8,47],\"1016\":[4,21],\"1017\":[5,22],\"1018\":[5,23],\"1019\":[8,24],\"1020\":[5,22],\"1021\":[5,15],\"1022\":[5,16],\"1023\":[2],\"1024\":[1,64],\"1025\":[3,57],\"1026\":[4,50],\"1027\":[1,50],\"1028\":[3],\"1029\":[1,2],\"1030\":[2],\"1031\":[3,23],\"1032\":[4,17],\"1033\":[5,22],\"1034\":[5,22],\"1035\":[4,20],\"1036\":[4,20],\"1037\":[3,26],\"1038\":[4,35],\"1039\":[5,49],\"1040\":[4,53],\"1041\":[3,43],\"1042\":[4,28],\"1043\":[7,43],\"1044\":[7,77],\"1045\":[3,21],\"1046\":[2],\"1047\":[1,6],\"1048\":[2],\"1049\":[1,138],\"1050\":[2,25],\"1051\":[1,28],\"1052\":[1,51],\"1053\":[4,22],\"1054\":[4,11],\"1055\":[2,29],\"1056\":[2,80],\"1057\":[1,73],\"1058\":[2],\"1059\":[5,32],\"1060\":[7,43],\"1061\":[10,39],\"1062\":[6,35],\"1063\":[6,34],\"1064\":[8,44],\"1065\":[5,26],\"1066\":[6,31],\"1067\":[6,20],\"1068\":[8,37],\"1069\":[6,23],\"1070\":[5,42],\"1071\":[6,22],\"1072\":[8,34],\"1073\":[8,26],\"1074\":[10,40],\"1075\":[8,33],\"1076\":[6,20],\"1077\":[7,39],\"1078\":[7,38],\"1079\":[7,38],\"1080\":[6,24],\"1081\":[6,47],\"1082\":[7,31],\"1083\":[6,28],\"1084\":[6,23],\"1085\":[5,19],\"1086\":[7,23],\"1087\":[6,27],\"1088\":[4,42],\"1089\":[6,27],\"1090\":[4,29],\"1091\":[4,14],\"1092\":[5,19],\"1093\":[5,16],\"1094\":[7,21],\"1095\":[8,35],\"1096\":[8,39],\"1097\":[9,22],\"1098\":[7,31],\"1099\":[7,26],\"1100\":[7,26],\"1101\":[8,31],\"1102\":[10,48],\"1103\":[13,44],\"1104\":[8,19],\"1105\":[8,19],\"1106\":[10,43],\"1107\":[9,23],\"1108\":[8,47],\"1109\":[4,21],\"1110\":[5,22],\"1111\":[5,23],\"1112\":[8,24],\"1113\":[5,22],\"1114\":[5,15],\"1115\":[5,16],\"1116\":[2],\"1117\":[1,72],\"1118\":[3,57],\"1119\":[3,25],\"1120\":[4,50],\"1121\":[1,50],\"1122\":[3],\"1123\":[1,2],\"1124\":[2],\"1125\":[3,23],\"1126\":[4,18],\"1127\":[5,22],\"1128\":[5,22],\"1129\":[4,20],\"1130\":[4,20],\"1131\":[3,26],\"1132\":[4,35],\"1133\":[5,49],\"1134\":[4,53],\"1135\":[3,43],\"1136\":[4,28],\"1137\":[7,43],\"1138\":[7,77],\"1139\":[3,21],\"1140\":[2],\"1141\":[1,7],\"1142\":[3,10],\"1143\":[6,31],\"1144\":[6,20],\"1145\":[8,37],\"1146\":[6,24],\"1147\":[5,43],\"1148\":[7,26],\"1149\":[9,38],\"1150\":[7,34],\"1151\":[6,23],\"1152\":[8,34],\"1153\":[6,21],\"1154\":[7,35],\"1155\":[7,35],\"1156\":[7,51],\"1157\":[6,34],\"1158\":[8,45],\"1159\":[11,41],\"1160\":[8,35],\"1161\":[8,36],\"1162\":[7,28],\"1163\":[8,34],\"1164\":[8,35],\"1165\":[7,27],\"1166\":[9,44],\"1167\":[9,32],\"1168\":[7,26],\"1169\":[8,32],\"1170\":[8,32],\"1171\":[8,28],\"1172\":[8,31],\"1173\":[6,42],\"1174\":[8,53],\"1175\":[11,42],\"1176\":[5,15],\"1177\":[5,15],\"1178\":[5,34],\"1179\":[5,40],\"1180\":[7,36],\"1181\":[5,15],\"1182\":[5,25],\"1183\":[5,28],\"1184\":[5,30],\"1185\":[6,36],\"1186\":[9,39],\"1187\":[5,28],\"1188\":[5,26],\"1189\":[8,48],\"1190\":[5,27],\"1191\":[5,20],\"1192\":[5,46],\"1193\":[8,33],\"1194\":[8,29],\"1195\":[6,42],\"1196\":[5,42],\"1197\":[4,42],\"1198\":[6,27],\"1199\":[4,29],\"1200\":[4,14],\"1201\":[2],\"1202\":[5,19],\"1203\":[5,16],\"1204\":[7,21],\"1205\":[8,35],\"1206\":[8,39],\"1207\":[9,22],\"1208\":[7,31],\"1209\":[7,26],\"1210\":[7,26],\"1211\":[8,31],\"1212\":[10,48],\"1213\":[13,44],\"1214\":[8,19],\"1215\":[8,19],\"1216\":[10,40],\"1217\":[9,23],\"1218\":[8,42],\"1219\":[4,21],\"1220\":[5,22],\"1221\":[5,23],\"1222\":[8,24],\"1223\":[5,22],\"1224\":[5,15],\"1225\":[5,16],\"1226\":[3,10],\"1227\":[5,32],\"1228\":[7,43],\"1229\":[10,39],\"1230\":[6,35],\"1231\":[6,34],\"1232\":[8,41],\"1233\":[5,26],\"1234\":[6,31],\"1235\":[6,20],\"1236\":[8,37],\"1237\":[6,24],\"1238\":[5,43],\"1239\":[6,23],\"1240\":[8,34],\"1241\":[8,27],\"1242\":[10,40],\"1243\":[8,34],\"1244\":[6,21],\"1245\":[6,24],\"1246\":[6,47],\"1247\":[7,31],\"1248\":[6,23],\"1249\":[5,12],\"1250\":[7,23],\"1251\":[4,42],\"1252\":[6,27],\"1253\":[4,29],\"1254\":[4,14],\"1255\":[4],\"1256\":[3,23],\"1257\":[4,18],\"1258\":[5,22],\"1259\":[5,22],\"1260\":[4,20],\"1261\":[4,20],\"1262\":[4,36],\"1263\":[5,51],\"1264\":[4,53],\"1265\":[3,25],\"1266\":[4,28],\"1267\":[2],\"1268\":[1,2],\"1269\":[2],\"1270\":[5,19],\"1271\":[5,16],\"1272\":[7,21],\"1273\":[8,35],\"1274\":[8,39],\"1275\":[9,22],\"1276\":[7,31],\"1277\":[7,26],\"1278\":[7,26],\"1279\":[8,31],\"1280\":[10,48],\"1281\":[13,44],\"1282\":[8,19],\"1283\":[8,19],\"1284\":[10,40],\"1285\":[9,23],\"1286\":[8,42],\"1287\":[4,21],\"1288\":[5,22],\"1289\":[5,23],\"1290\":[8,24],\"1291\":[5,22],\"1292\":[5,15],\"1293\":[5,16],\"1294\":[6,31],\"1295\":[6,20],\"1296\":[8,37],\"1297\":[6,24],\"1298\":[5,43],\"1299\":[7,26],\"1300\":[9,38],\"1301\":[7,34],\"1302\":[6,23],\"1303\":[8,34],\"1304\":[6,21],\"1305\":[7,35],\"1306\":[7,35],\"1307\":[7,51],\"1308\":[6,34],\"1309\":[8,45],\"1310\":[11,41],\"1311\":[8,35],\"1312\":[8,36],\"1313\":[7,28],\"1314\":[8,34],\"1315\":[8,35],\"1316\":[7,27],\"1317\":[9,44],\"1318\":[9,32],\"1319\":[7,26],\"1320\":[8,32],\"1321\":[8,32],\"1322\":[8,28],\"1323\":[8,31],\"1324\":[6,42],\"1325\":[8,53],\"1326\":[11,42],\"1327\":[5,15],\"1328\":[5,15],\"1329\":[5,34],\"1330\":[5,40],\"1331\":[7,36],\"1332\":[5,15],\"1333\":[5,25],\"1334\":[5,28],\"1335\":[5,30],\"1336\":[6,36],\"1337\":[9,39],\"1338\":[5,28],\"1339\":[5,26],\"1340\":[8,48],\"1341\":[5,27],\"1342\":[5,20],\"1343\":[5,46],\"1344\":[8,33],\"1345\":[8,29],\"1346\":[6,42],\"1347\":[5,42],\"1348\":[4,42],\"1349\":[6,27],\"1350\":[4,29],\"1351\":[4,14],\"1352\":[2],\"1353\":[1,6],\"1354\":[2],\"1355\":[1,133],\"1356\":[2,25],\"1357\":[1,28],\"1358\":[1,51],\"1359\":[4,22],\"1360\":[4,11],\"1361\":[2,29],\"1362\":[2,80],\"1363\":[1,73],\"1364\":[2],\"1365\":[5,32],\"1366\":[7,43],\"1367\":[10,39],\"1368\":[6,35],\"1369\":[6,34],\"1370\":[8,41],\"1371\":[5,26],\"1372\":[6,31],\"1373\":[6,20],\"1374\":[8,37],\"1375\":[6,24],\"1376\":[5,43],\"1377\":[6,23],\"1378\":[8,34],\"1379\":[8,27],\"1380\":[10,40],\"1381\":[8,34],\"1382\":[6,21],\"1383\":[6,24],\"1384\":[6,47],\"1385\":[7,31],\"1386\":[6,28],\"1387\":[6,23],\"1388\":[5,37],\"1389\":[7,23],\"1390\":[4,42],\"1391\":[6,27],\"1392\":[4,29],\"1393\":[4,14],\"1394\":[5,19],\"1395\":[5,16],\"1396\":[7,21],\"1397\":[8,35],\"1398\":[8,39],\"1399\":[9,22],\"1400\":[7,31],\"1401\":[7,26],\"1402\":[7,26],\"1403\":[8,31],\"1404\":[10,48],\"1405\":[13,44],\"1406\":[8,19],\"1407\":[8,19],\"1408\":[10,40],\"1409\":[9,23],\"1410\":[8,42],\"1411\":[4,21],\"1412\":[5,22],\"1413\":[5,23],\"1414\":[8,24],\"1415\":[5,22],\"1416\":[5,15],\"1417\":[5,16],\"1418\":[2],\"1419\":[1,71],\"1420\":[3,57],\"1421\":[3,25],\"1422\":[4,50],\"1423\":[1,49],\"1424\":[3],\"1425\":[1,2],\"1426\":[2],\"1427\":[3,23],\"1428\":[4,18],\"1429\":[5,22],\"1430\":[5,22],\"1431\":[4,20],\"1432\":[4,20],\"1433\":[4,36],\"1434\":[5,51],\"1435\":[4,53],\"1436\":[3,25],\"1437\":[4,28],\"1438\":[3,21],\"1439\":[2],\"1440\":[1,2],\"1441\":[2],\"1442\":[5,19],\"1443\":[5,16],\"1444\":[7,21],\"1445\":[8,35],\"1446\":[8,39],\"1447\":[9,22],\"1448\":[7,31],\"1449\":[7,26],\"1450\":[7,26],\"1451\":[8,31],\"1452\":[10,48],\"1453\":[13,44],\"1454\":[8,19],\"1455\":[8,19],\"1456\":[10,40],\"1457\":[9,23],\"1458\":[8,42],\"1459\":[4,21],\"1460\":[5,22],\"1461\":[5,23],\"1462\":[8,24],\"1463\":[5,22],\"1464\":[5,15],\"1465\":[5,16],\"1466\":[6,31],\"1467\":[6,20],\"1468\":[8,37],\"1469\":[6,24],\"1470\":[5,43],\"1471\":[7,26],\"1472\":[9,38],\"1473\":[7,34],\"1474\":[6,23],\"1475\":[8,34],\"1476\":[6,21],\"1477\":[7,35],\"1478\":[7,35],\"1479\":[7,50],\"1480\":[7,52],\"1481\":[6,34],\"1482\":[8,45],\"1483\":[11,41],\"1484\":[8,35],\"1485\":[8,36],\"1486\":[7,28],\"1487\":[8,34],\"1488\":[8,35],\"1489\":[7,27],\"1490\":[9,44],\"1491\":[9,32],\"1492\":[7,26],\"1493\":[8,32],\"1494\":[8,28],\"1495\":[8,31],\"1496\":[6,42],\"1497\":[8,53],\"1498\":[11,42],\"1499\":[5,15],\"1500\":[5,15],\"1501\":[5,34],\"1502\":[5,40],\"1503\":[7,36],\"1504\":[5,15],\"1505\":[5,25],\"1506\":[5,28],\"1507\":[5,30],\"1508\":[6,36],\"1509\":[9,39],\"1510\":[5,28],\"1511\":[5,26],\"1512\":[8,48],\"1513\":[5,27],\"1514\":[5,20],\"1515\":[6,18],\"1516\":[6,28],\"1517\":[6,28],\"1518\":[5,53],\"1519\":[8,33],\"1520\":[8,29],\"1521\":[6,42],\"1522\":[5,46],\"1523\":[5,31],\"1524\":[4,42],\"1525\":[6,27],\"1526\":[4,29],\"1527\":[4,14],\"1528\":[2],\"1529\":[1,6],\"1530\":[2],\"1531\":[1,133],\"1532\":[2,25],\"1533\":[1,28],\"1534\":[1,51],\"1535\":[4,22],\"1536\":[4,11],\"1537\":[2,29],\"1538\":[2,80],\"1539\":[1,73],\"1540\":[2],\"1541\":[5,32],\"1542\":[7,43],\"1543\":[10,39],\"1544\":[6,35],\"1545\":[6,34],\"1546\":[8,41],\"1547\":[5,26],\"1548\":[6,31],\"1549\":[6,20],\"1550\":[8,37],\"1551\":[6,24],\"1552\":[5,43],\"1553\":[6,23],\"1554\":[8,34],\"1555\":[8,27],\"1556\":[10,40],\"1557\":[8,34],\"1558\":[6,21],\"1559\":[6,24],\"1560\":[6,47],\"1561\":[7,31],\"1562\":[6,28],\"1563\":[6,23],\"1564\":[5,20],\"1565\":[7,23],\"1566\":[4,42],\"1567\":[6,27],\"1568\":[4,29],\"1569\":[4,14],\"1570\":[5,19],\"1571\":[5,16],\"1572\":[7,21],\"1573\":[8,35],\"1574\":[8,39],\"1575\":[9,22],\"1576\":[7,31],\"1577\":[7,26],\"1578\":[7,26],\"1579\":[8,31],\"1580\":[10,48],\"1581\":[13,44],\"1582\":[8,19],\"1583\":[8,19],\"1584\":[10,40],\"1585\":[9,23],\"1586\":[8,42],\"1587\":[4,21],\"1588\":[5,22],\"1589\":[5,23],\"1590\":[8,24],\"1591\":[5,22],\"1592\":[5,15],\"1593\":[5,16],\"1594\":[2],\"1595\":[1,71],\"1596\":[3,57],\"1597\":[3,25],\"1598\":[4,50],\"1599\":[1,50],\"1600\":[3],\"1601\":[1,2],\"1602\":[2],\"1603\":[3,23],\"1604\":[4,18],\"1605\":[5,22],\"1606\":[5,22],\"1607\":[4,20],\"1608\":[4,20],\"1609\":[3,26],\"1610\":[4,36],\"1611\":[5,51],\"1612\":[4,53],\"1613\":[3,25],\"1614\":[4,28],\"1615\":[3,21],\"1616\":[2],\"1617\":[1,2],\"1618\":[2],\"1619\":[5,19],\"1620\":[5,16],\"1621\":[7,21],\"1622\":[8,35],\"1623\":[8,39],\"1624\":[9,22],\"1625\":[7,31],\"1626\":[7,26],\"1627\":[7,26],\"1628\":[8,31],\"1629\":[10,48],\"1630\":[13,44],\"1631\":[8,19],\"1632\":[8,19],\"1633\":[10,40],\"1634\":[9,23],\"1635\":[8,42],\"1636\":[4,21],\"1637\":[5,22],\"1638\":[5,23],\"1639\":[8,24],\"1640\":[5,22],\"1641\":[5,15],\"1642\":[5,16],\"1643\":[6,31],\"1644\":[6,20],\"1645\":[8,37],\"1646\":[6,24],\"1647\":[5,43],\"1648\":[7,26],\"1649\":[9,38],\"1650\":[7,34],\"1651\":[6,23],\"1652\":[8,34],\"1653\":[6,21],\"1654\":[7,35],\"1655\":[7,35],\"1656\":[7,50],\"1657\":[7,52],\"1658\":[6,34],\"1659\":[8,45],\"1660\":[11,41],\"1661\":[8,35],\"1662\":[8,36],\"1663\":[7,28],\"1664\":[8,34],\"1665\":[8,35],\"1666\":[7,27],\"1667\":[9,44],\"1668\":[9,32],\"1669\":[7,26],\"1670\":[8,32],\"1671\":[8,28],\"1672\":[8,31],\"1673\":[6,42],\"1674\":[8,53],\"1675\":[11,42],\"1676\":[5,15],\"1677\":[5,15],\"1678\":[5,34],\"1679\":[5,40],\"1680\":[7,36],\"1681\":[5,15],\"1682\":[5,25],\"1683\":[5,28],\"1684\":[5,30],\"1685\":[6,36],\"1686\":[9,39],\"1687\":[5,28],\"1688\":[5,26],\"1689\":[8,48],\"1690\":[5,27],\"1691\":[5,20],\"1692\":[6,18],\"1693\":[6,28],\"1694\":[6,28],\"1695\":[5,53],\"1696\":[8,33],\"1697\":[8,29],\"1698\":[6,42],\"1699\":[5,46],\"1700\":[5,31],\"1701\":[4,42],\"1702\":[6,27],\"1703\":[4,29],\"1704\":[4,14],\"1705\":[2],\"1706\":[1,6],\"1707\":[2],\"1708\":[1,133],\"1709\":[2,25],\"1710\":[1,28],\"1711\":[1,51],\"1712\":[4,22],\"1713\":[4,11],\"1714\":[2,29],\"1715\":[2,80],\"1716\":[1,73],\"1717\":[2],\"1718\":[5,32],\"1719\":[7,43],\"1720\":[10,39],\"1721\":[6,35],\"1722\":[6,34],\"1723\":[8,41],\"1724\":[5,26],\"1725\":[6,31],\"1726\":[6,20],\"1727\":[8,37],\"1728\":[6,24],\"1729\":[5,43],\"1730\":[6,23],\"1731\":[8,34],\"1732\":[8,27],\"1733\":[10,40],\"1734\":[8,34],\"1735\":[6,21],\"1736\":[6,24],\"1737\":[6,47],\"1738\":[7,31],\"1739\":[6,28],\"1740\":[6,23],\"1741\":[5,20],\"1742\":[7,23],\"1743\":[4,42],\"1744\":[6,27],\"1745\":[4,29],\"1746\":[4,14],\"1747\":[5,19],\"1748\":[5,16],\"1749\":[7,21],\"1750\":[8,35],\"1751\":[8,39],\"1752\":[9,22],\"1753\":[7,31],\"1754\":[7,26],\"1755\":[7,26],\"1756\":[8,31],\"1757\":[10,48],\"1758\":[13,44],\"1759\":[8,19],\"1760\":[8,19],\"1761\":[10,40],\"1762\":[9,23],\"1763\":[8,42],\"1764\":[4,21],\"1765\":[5,22],\"1766\":[5,23],\"1767\":[8,24],\"1768\":[5,22],\"1769\":[5,15],\"1770\":[5,16],\"1771\":[2],\"1772\":[1,71],\"1773\":[3,57],\"1774\":[3,25],\"1775\":[4,50],\"1776\":[1,50],\"1777\":[3],\"1778\":[1,2],\"1779\":[2],\"1780\":[3,23],\"1781\":[4,18],\"1782\":[5,22],\"1783\":[5,22],\"1784\":[4,20],\"1785\":[4,20],\"1786\":[3,26],\"1787\":[4,36],\"1788\":[5,51],\"1789\":[4,53],\"1790\":[3,25],\"1791\":[4,28],\"1792\":[3,21],\"1793\":[2],\"1794\":[1,2],\"1795\":[2],\"1796\":[5,19],\"1797\":[5,16],\"1798\":[7,21],\"1799\":[8,35],\"1800\":[8,39],\"1801\":[9,22],\"1802\":[7,31],\"1803\":[7,26],\"1804\":[7,26],\"1805\":[8,31],\"1806\":[10,48],\"1807\":[13,44],\"1808\":[8,19],\"1809\":[8,19],\"1810\":[10,40],\"1811\":[9,23],\"1812\":[8,42],\"1813\":[4,21],\"1814\":[5,22],\"1815\":[5,23],\"1816\":[8,24],\"1817\":[5,22],\"1818\":[5,15],\"1819\":[5,16],\"1820\":[6,31],\"1821\":[6,20],\"1822\":[8,37],\"1823\":[6,24],\"1824\":[5,43],\"1825\":[7,26],\"1826\":[9,38],\"1827\":[7,34],\"1828\":[6,23],\"1829\":[8,34],\"1830\":[6,21],\"1831\":[7,35],\"1832\":[7,35],\"1833\":[7,50],\"1834\":[7,52],\"1835\":[6,34],\"1836\":[8,45],\"1837\":[11,41],\"1838\":[8,35],\"1839\":[8,36],\"1840\":[7,28],\"1841\":[8,34],\"1842\":[8,35],\"1843\":[7,27],\"1844\":[9,44],\"1845\":[9,32],\"1846\":[7,26],\"1847\":[8,32],\"1848\":[8,28],\"1849\":[8,31],\"1850\":[6,42],\"1851\":[8,53],\"1852\":[11,42],\"1853\":[5,15],\"1854\":[5,15],\"1855\":[5,34],\"1856\":[5,40],\"1857\":[7,36],\"1858\":[5,15],\"1859\":[5,25],\"1860\":[5,28],\"1861\":[5,30],\"1862\":[6,36],\"1863\":[9,39],\"1864\":[5,28],\"1865\":[5,26],\"1866\":[8,48],\"1867\":[5,27],\"1868\":[5,20],\"1869\":[6,18],\"1870\":[6,28],\"1871\":[6,28],\"1872\":[5,53],\"1873\":[8,33],\"1874\":[8,29],\"1875\":[6,42],\"1876\":[5,46],\"1877\":[5,31],\"1878\":[4,42],\"1879\":[6,27],\"1880\":[4,29],\"1881\":[4,14],\"1882\":[2],\"1883\":[1,6],\"1884\":[2],\"1885\":[1,133],\"1886\":[2,25],\"1887\":[1,28],\"1888\":[1,51],\"1889\":[4,22],\"1890\":[4,11],\"1891\":[2,29],\"1892\":[2,80],\"1893\":[1,73],\"1894\":[2],\"1895\":[5,32],\"1896\":[7,43],\"1897\":[10,39],\"1898\":[6,35],\"1899\":[6,34],\"1900\":[8,41],\"1901\":[5,26],\"1902\":[6,31],\"1903\":[6,20],\"1904\":[8,37],\"1905\":[6,24],\"1906\":[5,43],\"1907\":[6,23],\"1908\":[8,34],\"1909\":[8,27],\"1910\":[10,40],\"1911\":[8,34],\"1912\":[6,21],\"1913\":[6,24],\"1914\":[6,47],\"1915\":[7,31],\"1916\":[6,28],\"1917\":[6,23],\"1918\":[5,20],\"1919\":[7,23],\"1920\":[4,42],\"1921\":[6,27],\"1922\":[4,29],\"1923\":[4,14],\"1924\":[5,19],\"1925\":[5,16],\"1926\":[7,21],\"1927\":[8,35],\"1928\":[8,39],\"1929\":[9,22],\"1930\":[7,31],\"1931\":[7,26],\"1932\":[7,26],\"1933\":[8,31],\"1934\":[10,48],\"1935\":[13,44],\"1936\":[8,19],\"1937\":[8,19],\"1938\":[10,40],\"1939\":[9,23],\"1940\":[8,42],\"1941\":[4,21],\"1942\":[5,22],\"1943\":[5,23],\"1944\":[8,24],\"1945\":[5,22],\"1946\":[5,15],\"1947\":[5,16],\"1948\":[2],\"1949\":[1,71],\"1950\":[3,57],\"1951\":[3,25],\"1952\":[4,50],\"1953\":[1,49],\"1954\":[3],\"1955\":[1,2],\"1956\":[2],\"1957\":[3,23],\"1958\":[4,18],\"1959\":[5,22],\"1960\":[5,22],\"1961\":[4,20],\"1962\":[4,20],\"1963\":[3,26],\"1964\":[4,36],\"1965\":[5,51],\"1966\":[4,53],\"1967\":[3,25],\"1968\":[4,28],\"1969\":[3,21],\"1970\":[2],\"1971\":[1,2],\"1972\":[2],\"1973\":[5,19],\"1974\":[5,16],\"1975\":[7,21],\"1976\":[8,35],\"1977\":[8,39],\"1978\":[9,22],\"1979\":[7,31],\"1980\":[7,26],\"1981\":[7,26],\"1982\":[8,31],\"1983\":[10,48],\"1984\":[13,44],\"1985\":[8,19],\"1986\":[8,19],\"1987\":[10,40],\"1988\":[9,23],\"1989\":[8,42],\"1990\":[4,21],\"1991\":[5,22],\"1992\":[5,23],\"1993\":[8,24],\"1994\":[5,22],\"1995\":[5,15],\"1996\":[5,16],\"1997\":[6,31],\"1998\":[6,20],\"1999\":[8,37],\"2000\":[6,24],\"2001\":[5,43],\"2002\":[7,26],\"2003\":[9,38],\"2004\":[7,34],\"2005\":[6,23],\"2006\":[8,34],\"2007\":[6,21],\"2008\":[7,35],\"2009\":[7,35],\"2010\":[7,50],\"2011\":[7,52],\"2012\":[6,34],\"2013\":[8,45],\"2014\":[11,41],\"2015\":[8,35],\"2016\":[8,36],\"2017\":[7,28],\"2018\":[8,34],\"2019\":[8,35],\"2020\":[7,27],\"2021\":[9,44],\"2022\":[9,32],\"2023\":[7,26],\"2024\":[8,32],\"2025\":[8,28],\"2026\":[8,31],\"2027\":[6,42],\"2028\":[8,53],\"2029\":[11,42],\"2030\":[5,15],\"2031\":[5,15],\"2032\":[5,34],\"2033\":[5,40],\"2034\":[7,36],\"2035\":[5,15],\"2036\":[5,25],\"2037\":[5,28],\"2038\":[5,30],\"2039\":[6,36],\"2040\":[9,39],\"2041\":[5,28],\"2042\":[5,26],\"2043\":[8,48],\"2044\":[5,27],\"2045\":[5,20],\"2046\":[6,18],\"2047\":[6,28],\"2048\":[6,28],\"2049\":[5,53],\"2050\":[8,33],\"2051\":[8,29],\"2052\":[6,42],\"2053\":[5,46],\"2054\":[5,31],\"2055\":[4,42],\"2056\":[6,27],\"2057\":[4,29],\"2058\":[4,14],\"2059\":[2],\"2060\":[1,6],\"2061\":[2],\"2062\":[1,133],\"2063\":[2,25],\"2064\":[1,28],\"2065\":[1,51],\"2066\":[4,22],\"2067\":[4,11],\"2068\":[2,29],\"2069\":[2,80],\"2070\":[1,73],\"2071\":[2],\"2072\":[5,32],\"2073\":[7,43],\"2074\":[10,39],\"2075\":[6,35],\"2076\":[6,34],\"2077\":[8,41],\"2078\":[5,26],\"2079\":[6,31],\"2080\":[6,20],\"2081\":[8,37],\"2082\":[6,24],\"2083\":[5,43],\"2084\":[6,23],\"2085\":[8,34],\"2086\":[8,27],\"2087\":[10,40],\"2088\":[8,34],\"2089\":[6,21],\"2090\":[6,24],\"2091\":[6,47],\"2092\":[7,31],\"2093\":[6,28],\"2094\":[6,23],\"2095\":[5,20],\"2096\":[7,23],\"2097\":[4,42],\"2098\":[6,27],\"2099\":[4,29],\"2100\":[4,14],\"2101\":[5,19],\"2102\":[5,16],\"2103\":[7,21],\"2104\":[8,35],\"2105\":[8,39],\"2106\":[9,22],\"2107\":[7,31],\"2108\":[7,26],\"2109\":[7,26],\"2110\":[8,31],\"2111\":[10,48],\"2112\":[13,44],\"2113\":[8,19],\"2114\":[8,19],\"2115\":[10,40],\"2116\":[9,23],\"2117\":[8,42],\"2118\":[4,21],\"2119\":[5,22],\"2120\":[5,23],\"2121\":[8,24],\"2122\":[5,22],\"2123\":[5,15],\"2124\":[5,16],\"2125\":[2],\"2126\":[1,71],\"2127\":[3,57],\"2128\":[3,25],\"2129\":[4,50],\"2130\":[1,50],\"2131\":[3],\"2132\":[1,2],\"2133\":[2],\"2134\":[3,23],\"2135\":[4,18],\"2136\":[5,22],\"2137\":[5,22],\"2138\":[4,20],\"2139\":[4,20],\"2140\":[3,26],\"2141\":[4,36],\"2142\":[5,51],\"2143\":[4,53],\"2144\":[3,25],\"2145\":[4,28],\"2146\":[3,21],\"2147\":[2],\"2148\":[1,2],\"2149\":[2],\"2150\":[5,19],\"2151\":[5,16],\"2152\":[7,21],\"2153\":[8,35],\"2154\":[8,39],\"2155\":[9,22],\"2156\":[7,31],\"2157\":[7,26],\"2158\":[7,26],\"2159\":[8,31],\"2160\":[10,48],\"2161\":[13,44],\"2162\":[8,19],\"2163\":[8,19],\"2164\":[10,40],\"2165\":[9,23],\"2166\":[8,42],\"2167\":[4,21],\"2168\":[5,22],\"2169\":[5,23],\"2170\":[8,24],\"2171\":[5,22],\"2172\":[5,15],\"2173\":[5,16],\"2174\":[6,31],\"2175\":[6,20],\"2176\":[8,37],\"2177\":[6,24],\"2178\":[5,43],\"2179\":[7,26],\"2180\":[9,38],\"2181\":[7,34],\"2182\":[6,23],\"2183\":[8,34],\"2184\":[6,21],\"2185\":[7,35],\"2186\":[7,35],\"2187\":[7,50],\"2188\":[7,52],\"2189\":[6,34],\"2190\":[8,45],\"2191\":[11,41],\"2192\":[8,35],\"2193\":[8,36],\"2194\":[7,28],\"2195\":[8,34],\"2196\":[8,35],\"2197\":[7,27],\"2198\":[9,44],\"2199\":[9,32],\"2200\":[7,26],\"2201\":[8,32],\"2202\":[8,28],\"2203\":[8,31],\"2204\":[6,42],\"2205\":[8,53],\"2206\":[11,42],\"2207\":[5,15],\"2208\":[5,15],\"2209\":[5,34],\"2210\":[5,40],\"2211\":[7,36],\"2212\":[5,15],\"2213\":[5,25],\"2214\":[5,28],\"2215\":[5,30],\"2216\":[6,36],\"2217\":[9,39],\"2218\":[5,28],\"2219\":[5,26],\"2220\":[8,48],\"2221\":[5,27],\"2222\":[5,20],\"2223\":[6,18],\"2224\":[6,28],\"2225\":[6,28],\"2226\":[5,53],\"2227\":[8,33],\"2228\":[8,29],\"2229\":[6,42],\"2230\":[5,46],\"2231\":[5,31],\"2232\":[4,42],\"2233\":[6,27],\"2234\":[4,29],\"2235\":[4,14],\"2236\":[2],\"2237\":[1,6],\"2238\":[2],\"2239\":[1,133],\"2240\":[2,25],\"2241\":[1,28],\"2242\":[1,51],\"2243\":[4,22],\"2244\":[4,11],\"2245\":[2,29],\"2246\":[2,80],\"2247\":[1,73],\"2248\":[2],\"2249\":[5,32],\"2250\":[7,43],\"2251\":[10,39],\"2252\":[6,35],\"2253\":[6,34],\"2254\":[8,41],\"2255\":[5,26],\"2256\":[6,31],\"2257\":[6,20],\"2258\":[8,37],\"2259\":[6,24],\"2260\":[5,43],\"2261\":[6,23],\"2262\":[8,34],\"2263\":[8,27],\"2264\":[10,40],\"2265\":[8,34],\"2266\":[6,21],\"2267\":[6,24],\"2268\":[6,47],\"2269\":[7,31],\"2270\":[6,28],\"2271\":[6,23],\"2272\":[5,20],\"2273\":[7,23],\"2274\":[4,42],\"2275\":[6,27],\"2276\":[4,29],\"2277\":[4,14],\"2278\":[5,19],\"2279\":[5,16],\"2280\":[7,21],\"2281\":[8,35],\"2282\":[8,39],\"2283\":[9,22],\"2284\":[7,31],\"2285\":[7,26],\"2286\":[7,26],\"2287\":[8,31],\"2288\":[10,48],\"2289\":[13,44],\"2290\":[8,19],\"2291\":[8,19],\"2292\":[10,40],\"2293\":[9,23],\"2294\":[8,42],\"2295\":[4,21],\"2296\":[5,22],\"2297\":[5,23],\"2298\":[8,24],\"2299\":[5,22],\"2300\":[5,15],\"2301\":[5,16],\"2302\":[2],\"2303\":[1,71],\"2304\":[3,57],\"2305\":[3,25],\"2306\":[4,50],\"2307\":[1,50],\"2308\":[3],\"2309\":[1,2],\"2310\":[2],\"2311\":[3,23],\"2312\":[4,18],\"2313\":[5,22],\"2314\":[5,22],\"2315\":[4,20],\"2316\":[4,20],\"2317\":[3,26],\"2318\":[4,36],\"2319\":[5,51],\"2320\":[4,53],\"2321\":[3,25],\"2322\":[4,28],\"2323\":[3,21],\"2324\":[2],\"2325\":[1,6],\"2326\":[2],\"2327\":[1,126],\"2328\":[2,25],\"2329\":[1,28],\"2330\":[1,51],\"2331\":[4,22],\"2332\":[4,11],\"2333\":[2,19],\"2334\":[2,11],\"2335\":[1,60],\"2336\":[2],\"2337\":[5,19],\"2338\":[5,16],\"2339\":[7,21],\"2340\":[8,35],\"2341\":[8,39],\"2342\":[9,22],\"2343\":[7,31],\"2344\":[7,26],\"2345\":[7,26],\"2346\":[8,31],\"2347\":[10,48],\"2348\":[13,44],\"2349\":[8,19],\"2350\":[8,19],\"2351\":[10,40],\"2352\":[9,23],\"2353\":[8,42],\"2354\":[4,21],\"2355\":[5,22],\"2356\":[5,23],\"2357\":[8,24],\"2358\":[5,22],\"2359\":[5,15],\"2360\":[5,16],\"2361\":[6,31],\"2362\":[6,20],\"2363\":[8,37],\"2364\":[6,24],\"2365\":[5,42],\"2366\":[7,26],\"2367\":[9,38],\"2368\":[7,33],\"2369\":[6,23],\"2370\":[8,34],\"2371\":[6,20],\"2372\":[7,39],\"2373\":[7,38],\"2374\":[7,35],\"2375\":[7,35],\"2376\":[7,50],\"2377\":[7,52],\"2378\":[7,38],\"2379\":[6,34],\"2380\":[8,45],\"2381\":[11,41],\"2382\":[8,35],\"2383\":[8,36],\"2384\":[7,28],\"2385\":[8,34],\"2386\":[8,35],\"2387\":[7,27],\"2388\":[9,44],\"2389\":[9,32],\"2390\":[7,26],\"2391\":[8,32],\"2392\":[8,28],\"2393\":[8,31],\"2394\":[6,42],\"2395\":[8,53],\"2396\":[11,42],\"2397\":[5,15],\"2398\":[5,15],\"2399\":[5,34],\"2400\":[5,40],\"2401\":[7,36],\"2402\":[5,15],\"2403\":[5,25],\"2404\":[5,28],\"2405\":[5,30],\"2406\":[6,36],\"2407\":[9,39],\"2408\":[5,28],\"2409\":[5,26],\"2410\":[8,48],\"2411\":[5,27],\"2412\":[5,20],\"2413\":[6,18],\"2414\":[6,28],\"2415\":[6,28],\"2416\":[5,53],\"2417\":[8,33],\"2418\":[8,29],\"2419\":[6,42],\"2420\":[5,46],\"2421\":[5,31],\"2422\":[6,26],\"2423\":[5,20],\"2424\":[7,23],\"2425\":[6,27],\"2426\":[4,42],\"2427\":[6,27],\"2428\":[4,29],\"2429\":[4,14],\"2430\":[2],\"2431\":[1,64],\"2432\":[3,57],\"2433\":[4,50],\"2434\":[1,50],\"2435\":[3],\"2436\":[1,2],\"2437\":[2],\"2438\":[3,23],\"2439\":[4,18],\"2440\":[5,22],\"2441\":[5,22],\"2442\":[4,20],\"2443\":[4,20],\"2444\":[3,26],\"2445\":[4,36],\"2446\":[5,51],\"2447\":[4,53],\"2448\":[3,25],\"2449\":[4,28],\"2450\":[3,21],\"2451\":[2],\"2452\":[1,6],\"2453\":[2],\"2454\":[1,138],\"2455\":[2,25],\"2456\":[1,28],\"2457\":[1,51],\"2458\":[4,22],\"2459\":[4,11],\"2460\":[2,29],\"2461\":[2,80],\"2462\":[1,73],\"2463\":[2],\"2464\":[5,32],\"2465\":[7,43],\"2466\":[10,39],\"2467\":[6,35],\"2468\":[6,34],\"2469\":[8,41],\"2470\":[5,26],\"2471\":[6,31],\"2472\":[6,20],\"2473\":[8,37],\"2474\":[6,24],\"2475\":[5,42],\"2476\":[6,23],\"2477\":[8,34],\"2478\":[8,27],\"2479\":[10,40],\"2480\":[8,33],\"2481\":[6,20],\"2482\":[7,39],\"2483\":[7,38],\"2484\":[7,38],\"2485\":[6,24],\"2486\":[6,47],\"2487\":[7,31],\"2488\":[6,28],\"2489\":[6,23],\"2490\":[5,20],\"2491\":[7,23],\"2492\":[6,27],\"2493\":[4,42],\"2494\":[6,27],\"2495\":[4,29],\"2496\":[4,14],\"2497\":[5,19],\"2498\":[5,16],\"2499\":[7,21],\"2500\":[8,35],\"2501\":[8,39],\"2502\":[9,22],\"2503\":[7,31],\"2504\":[7,26],\"2505\":[7,26],\"2506\":[8,31],\"2507\":[10,48],\"2508\":[13,44],\"2509\":[8,19],\"2510\":[8,19],\"2511\":[10,40],\"2512\":[9,23],\"2513\":[8,42],\"2514\":[4,21],\"2515\":[5,22],\"2516\":[5,23],\"2517\":[8,24],\"2518\":[5,22],\"2519\":[5,15],\"2520\":[5,16],\"2521\":[2],\"2522\":[1,72],\"2523\":[3,57],\"2524\":[3,25],\"2525\":[4,50],\"2526\":[1,50],\"2527\":[3],\"2528\":[1,2],\"2529\":[2],\"2530\":[3,23],\"2531\":[4,18],\"2532\":[5,22],\"2533\":[5,22],\"2534\":[4,20],\"2535\":[4,20],\"2536\":[3,26],\"2537\":[4,36],\"2538\":[5,51],\"2539\":[4,53],\"2540\":[3,25],\"2541\":[4,28],\"2542\":[3,21],\"2543\":[2],\"2544\":[1,6],\"2545\":[2],\"2546\":[1,126],\"2547\":[2,25],\"2548\":[1,28],\"2549\":[1,51],\"2550\":[4,22],\"2551\":[4,11],\"2552\":[2,19],\"2553\":[2,11],\"2554\":[1,60],\"2555\":[2],\"2556\":[5,19],\"2557\":[5,16],\"2558\":[7,21],\"2559\":[8,35],\"2560\":[8,39],\"2561\":[9,22],\"2562\":[7,31],\"2563\":[7,26],\"2564\":[7,26],\"2565\":[8,31],\"2566\":[10,48],\"2567\":[13,44],\"2568\":[8,19],\"2569\":[8,19],\"2570\":[10,40],\"2571\":[9,23],\"2572\":[8,42],\"2573\":[4,21],\"2574\":[5,22],\"2575\":[5,23],\"2576\":[8,24],\"2577\":[5,22],\"2578\":[5,15],\"2579\":[5,16],\"2580\":[6,31],\"2581\":[6,20],\"2582\":[8,37],\"2583\":[6,24],\"2584\":[5,42],\"2585\":[7,26],\"2586\":[9,38],\"2587\":[7,33],\"2588\":[6,23],\"2589\":[8,34],\"2590\":[6,20],\"2591\":[7,39],\"2592\":[7,38],\"2593\":[7,35],\"2594\":[7,35],\"2595\":[7,50],\"2596\":[7,52],\"2597\":[7,38],\"2598\":[6,34],\"2599\":[8,45],\"2600\":[11,41],\"2601\":[8,35],\"2602\":[8,36],\"2603\":[7,28],\"2604\":[8,34],\"2605\":[8,35],\"2606\":[7,27],\"2607\":[9,44],\"2608\":[9,32],\"2609\":[7,26],\"2610\":[8,32],\"2611\":[8,28],\"2612\":[8,31],\"2613\":[6,42],\"2614\":[8,53],\"2615\":[11,42],\"2616\":[5,15],\"2617\":[5,15],\"2618\":[5,34],\"2619\":[5,40],\"2620\":[7,36],\"2621\":[5,15],\"2622\":[5,25],\"2623\":[5,28],\"2624\":[5,30],\"2625\":[6,36],\"2626\":[9,39],\"2627\":[5,28],\"2628\":[5,26],\"2629\":[8,48],\"2630\":[5,27],\"2631\":[5,20],\"2632\":[6,18],\"2633\":[6,28],\"2634\":[6,28],\"2635\":[5,53],\"2636\":[8,33],\"2637\":[8,29],\"2638\":[6,42],\"2639\":[5,46],\"2640\":[5,31],\"2641\":[6,26],\"2642\":[5,20],\"2643\":[7,23],\"2644\":[6,27],\"2645\":[4,42],\"2646\":[6,27],\"2647\":[4,29],\"2648\":[4,14],\"2649\":[2],\"2650\":[1,64],\"2651\":[3,57],\"2652\":[4,50],\"2653\":[1,49],\"2654\":[3],\"2655\":[1,2],\"2656\":[2],\"2657\":[3,23],\"2658\":[4,18],\"2659\":[5,22],\"2660\":[5,22],\"2661\":[4,20],\"2662\":[4,20],\"2663\":[3,26],\"2664\":[4,36],\"2665\":[5,51],\"2666\":[4,53],\"2667\":[3,25],\"2668\":[4,28],\"2669\":[3,21],\"2670\":[2],\"2671\":[1,6],\"2672\":[2],\"2673\":[1,138],\"2674\":[2,25],\"2675\":[1,28],\"2676\":[1,51],\"2677\":[4,22],\"2678\":[4,11],\"2679\":[2,29],\"2680\":[2,80],\"2681\":[1,73],\"2682\":[2],\"2683\":[5,32],\"2684\":[7,43],\"2685\":[10,39],\"2686\":[6,35],\"2687\":[6,34],\"2688\":[8,41],\"2689\":[5,26],\"2690\":[6,31],\"2691\":[6,20],\"2692\":[8,37],\"2693\":[6,24],\"2694\":[5,42],\"2695\":[6,23],\"2696\":[8,34],\"2697\":[8,27],\"2698\":[10,40],\"2699\":[8,33],\"2700\":[6,20],\"2701\":[7,39],\"2702\":[7,38],\"2703\":[7,38],\"2704\":[6,24],\"2705\":[6,47],\"2706\":[7,31],\"2707\":[6,28],\"2708\":[6,23],\"2709\":[5,20],\"2710\":[7,23],\"2711\":[6,27],\"2712\":[4,42],\"2713\":[6,27],\"2714\":[4,29],\"2715\":[4,14],\"2716\":[5,19],\"2717\":[5,16],\"2718\":[7,21],\"2719\":[8,35],\"2720\":[8,39],\"2721\":[9,22],\"2722\":[7,31],\"2723\":[7,26],\"2724\":[7,26],\"2725\":[8,31],\"2726\":[10,48],\"2727\":[13,44],\"2728\":[8,19],\"2729\":[8,19],\"2730\":[10,40],\"2731\":[9,23],\"2732\":[8,42],\"2733\":[4,21],\"2734\":[5,22],\"2735\":[5,23],\"2736\":[8,24],\"2737\":[5,22],\"2738\":[5,15],\"2739\":[5,16],\"2740\":[2],\"2741\":[1,72],\"2742\":[3,57],\"2743\":[3,25],\"2744\":[4,50],\"2745\":[1,49],\"2746\":[3],\"2747\":[1,2],\"2748\":[2],\"2749\":[3,23],\"2750\":[4,18],\"2751\":[5,22],\"2752\":[5,22],\"2753\":[4,20],\"2754\":[4,20],\"2755\":[3,26],\"2756\":[4,36],\"2757\":[5,51],\"2758\":[4,53],\"2759\":[3,25],\"2760\":[4,28],\"2761\":[3,21],\"2762\":[2],\"2763\":[1,6],\"2764\":[2],\"2765\":[1,126],\"2766\":[2,25],\"2767\":[1,28],\"2768\":[1,51],\"2769\":[4,22],\"2770\":[4,11],\"2771\":[2,19],\"2772\":[2,11],\"2773\":[1,60],\"2774\":[2],\"2775\":[5,19],\"2776\":[5,16],\"2777\":[7,21],\"2778\":[8,35],\"2779\":[8,39],\"2780\":[9,22],\"2781\":[7,31],\"2782\":[7,26],\"2783\":[7,26],\"2784\":[8,31],\"2785\":[10,48],\"2786\":[13,44],\"2787\":[8,19],\"2788\":[8,19],\"2789\":[10,40],\"2790\":[9,23],\"2791\":[8,42],\"2792\":[4,21],\"2793\":[5,22],\"2794\":[5,23],\"2795\":[8,24],\"2796\":[5,22],\"2797\":[5,15],\"2798\":[5,16],\"2799\":[6,31],\"2800\":[6,20],\"2801\":[8,37],\"2802\":[6,24],\"2803\":[5,42],\"2804\":[7,26],\"2805\":[9,38],\"2806\":[7,33],\"2807\":[6,23],\"2808\":[8,34],\"2809\":[6,20],\"2810\":[7,39],\"2811\":[7,38],\"2812\":[7,35],\"2813\":[7,35],\"2814\":[7,50],\"2815\":[7,52],\"2816\":[7,38],\"2817\":[6,34],\"2818\":[8,45],\"2819\":[11,41],\"2820\":[8,35],\"2821\":[8,36],\"2822\":[7,28],\"2823\":[8,34],\"2824\":[8,35],\"2825\":[7,27],\"2826\":[9,44],\"2827\":[9,32],\"2828\":[7,26],\"2829\":[8,32],\"2830\":[8,28],\"2831\":[8,31],\"2832\":[6,42],\"2833\":[8,53],\"2834\":[11,42],\"2835\":[5,15],\"2836\":[5,15],\"2837\":[5,34],\"2838\":[5,40],\"2839\":[7,36],\"2840\":[5,15],\"2841\":[5,25],\"2842\":[5,28],\"2843\":[5,30],\"2844\":[6,36],\"2845\":[9,39],\"2846\":[5,28],\"2847\":[5,26],\"2848\":[8,48],\"2849\":[5,27],\"2850\":[5,20],\"2851\":[6,18],\"2852\":[6,28],\"2853\":[6,28],\"2854\":[5,53],\"2855\":[8,33],\"2856\":[8,29],\"2857\":[6,42],\"2858\":[5,46],\"2859\":[5,31],\"2860\":[6,26],\"2861\":[5,20],\"2862\":[7,23],\"2863\":[6,27],\"2864\":[4,42],\"2865\":[6,27],\"2866\":[4,29],\"2867\":[4,14],\"2868\":[2],\"2869\":[1,64],\"2870\":[3,57],\"2871\":[4,50],\"2872\":[1,50],\"2873\":[3],\"2874\":[1,2],\"2875\":[2],\"2876\":[3,23],\"2877\":[4,18],\"2878\":[5,22],\"2879\":[5,22],\"2880\":[4,20],\"2881\":[4,20],\"2882\":[3,26],\"2883\":[4,36],\"2884\":[5,51],\"2885\":[4,53],\"2886\":[3,25],\"2887\":[4,28],\"2888\":[3,21],\"2889\":[2],\"2890\":[1,6],\"2891\":[2],\"2892\":[1,138],\"2893\":[2,25],\"2894\":[1,28],\"2895\":[1,51],\"2896\":[4,22],\"2897\":[4,11],\"2898\":[2,29],\"2899\":[2,80],\"2900\":[1,73],\"2901\":[2],\"2902\":[5,32],\"2903\":[7,43],\"2904\":[10,39],\"2905\":[6,35],\"2906\":[6,34],\"2907\":[8,41],\"2908\":[5,26],\"2909\":[6,31],\"2910\":[6,20],\"2911\":[8,37],\"2912\":[6,24],\"2913\":[5,42],\"2914\":[6,23],\"2915\":[8,34],\"2916\":[8,27],\"2917\":[10,40],\"2918\":[8,33],\"2919\":[6,20],\"2920\":[7,39],\"2921\":[7,38],\"2922\":[7,38],\"2923\":[6,24],\"2924\":[6,47],\"2925\":[7,31],\"2926\":[6,28],\"2927\":[6,23],\"2928\":[5,20],\"2929\":[7,23],\"2930\":[6,27],\"2931\":[4,42],\"2932\":[6,27],\"2933\":[4,29],\"2934\":[4,14],\"2935\":[5,19],\"2936\":[5,16],\"2937\":[7,21],\"2938\":[8,35],\"2939\":[8,39],\"2940\":[9,22],\"2941\":[7,31],\"2942\":[7,26],\"2943\":[7,26],\"2944\":[8,31],\"2945\":[10,48],\"2946\":[13,44],\"2947\":[8,19],\"2948\":[8,19],\"2949\":[10,40],\"2950\":[9,23],\"2951\":[8,42],\"2952\":[4,21],\"2953\":[5,22],\"2954\":[5,23],\"2955\":[8,24],\"2956\":[5,22],\"2957\":[5,15],\"2958\":[5,16],\"2959\":[2],\"2960\":[1,72],\"2961\":[3,57],\"2962\":[3,25],\"2963\":[4,50],\"2964\":[1,50],\"2965\":[3],\"2966\":[1,2],\"2967\":[2],\"2968\":[3,23],\"2969\":[4,18],\"2970\":[5,22],\"2971\":[5,22],\"2972\":[4,20],\"2973\":[4,20],\"2974\":[3,26],\"2975\":[4,36],\"2976\":[5,51],\"2977\":[4,53],\"2978\":[3,25],\"2979\":[4,28],\"2980\":[3,21],\"2981\":[2],\"2982\":[1,6],\"2983\":[2],\"2984\":[1,126],\"2985\":[2,25],\"2986\":[1,28],\"2987\":[1,51],\"2988\":[4,22],\"2989\":[4,11],\"2990\":[2,19],\"2991\":[2,11],\"2992\":[1,60],\"2993\":[2],\"2994\":[5,19],\"2995\":[5,16],\"2996\":[7,21],\"2997\":[8,35],\"2998\":[8,39],\"2999\":[9,22],\"3000\":[7,31],\"3001\":[7,26],\"3002\":[7,26],\"3003\":[8,31],\"3004\":[10,48],\"3005\":[13,44],\"3006\":[8,19],\"3007\":[8,19],\"3008\":[10,40],\"3009\":[9,23],\"3010\":[8,42],\"3011\":[4,21],\"3012\":[5,22],\"3013\":[5,23],\"3014\":[8,24],\"3015\":[5,22],\"3016\":[5,15],\"3017\":[5,16],\"3018\":[6,31],\"3019\":[6,20],\"3020\":[8,37],\"3021\":[6,24],\"3022\":[5,42],\"3023\":[7,26],\"3024\":[9,38],\"3025\":[7,33],\"3026\":[6,23],\"3027\":[8,34],\"3028\":[6,20],\"3029\":[7,39],\"3030\":[7,38],\"3031\":[7,35],\"3032\":[7,35],\"3033\":[7,50],\"3034\":[7,52],\"3035\":[7,38],\"3036\":[6,34],\"3037\":[8,45],\"3038\":[11,41],\"3039\":[8,35],\"3040\":[8,36],\"3041\":[7,28],\"3042\":[8,34],\"3043\":[8,35],\"3044\":[7,27],\"3045\":[9,44],\"3046\":[9,32],\"3047\":[7,26],\"3048\":[8,32],\"3049\":[8,28],\"3050\":[8,31],\"3051\":[6,42],\"3052\":[8,53],\"3053\":[11,42],\"3054\":[5,15],\"3055\":[5,15],\"3056\":[5,34],\"3057\":[5,40],\"3058\":[7,36],\"3059\":[5,15],\"3060\":[5,25],\"3061\":[5,28],\"3062\":[5,30],\"3063\":[6,36],\"3064\":[9,39],\"3065\":[5,28],\"3066\":[5,26],\"3067\":[8,48],\"3068\":[5,27],\"3069\":[5,20],\"3070\":[6,18],\"3071\":[6,28],\"3072\":[6,28],\"3073\":[5,53],\"3074\":[8,33],\"3075\":[8,29],\"3076\":[6,42],\"3077\":[5,46],\"3078\":[5,31],\"3079\":[6,26],\"3080\":[5,20],\"3081\":[7,23],\"3082\":[6,27],\"3083\":[4,42],\"3084\":[6,27],\"3085\":[4,29],\"3086\":[4,14],\"3087\":[2],\"3088\":[1,64],\"3089\":[3,57],\"3090\":[4,50],\"3091\":[1,50],\"3092\":[3],\"3093\":[1,2],\"3094\":[2],\"3095\":[3,23],\"3096\":[4,18],\"3097\":[5,22],\"3098\":[5,22],\"3099\":[4,20],\"3100\":[4,20],\"3101\":[3,26],\"3102\":[4,36],\"3103\":[5,51],\"3104\":[4,53],\"3105\":[3,25],\"3106\":[4,28],\"3107\":[3,21],\"3108\":[2],\"3109\":[1,6],\"3110\":[2],\"3111\":[1,138],\"3112\":[2,25],\"3113\":[1,28],\"3114\":[1,51],\"3115\":[4,22],\"3116\":[4,11],\"3117\":[2,29],\"3118\":[2,80],\"3119\":[1,73],\"3120\":[2],\"3121\":[5,32],\"3122\":[7,43],\"3123\":[10,39],\"3124\":[6,35],\"3125\":[6,34],\"3126\":[8,41],\"3127\":[5,26],\"3128\":[6,31],\"3129\":[6,20],\"3130\":[8,37],\"3131\":[6,24],\"3132\":[5,42],\"3133\":[6,23],\"3134\":[8,34],\"3135\":[8,27],\"3136\":[10,40],\"3137\":[8,33],\"3138\":[6,20],\"3139\":[7,39],\"3140\":[7,38],\"3141\":[7,38],\"3142\":[6,24],\"3143\":[6,47],\"3144\":[7,31],\"3145\":[6,28],\"3146\":[6,23],\"3147\":[5,20],\"3148\":[7,23],\"3149\":[6,27],\"3150\":[4,42],\"3151\":[6,27],\"3152\":[4,29],\"3153\":[4,14],\"3154\":[5,19],\"3155\":[5,16],\"3156\":[7,21],\"3157\":[8,35],\"3158\":[8,39],\"3159\":[9,22],\"3160\":[7,31],\"3161\":[7,26],\"3162\":[7,26],\"3163\":[8,31],\"3164\":[10,48],\"3165\":[13,44],\"3166\":[8,19],\"3167\":[8,19],\"3168\":[10,40],\"3169\":[9,23],\"3170\":[8,42],\"3171\":[4,21],\"3172\":[5,22],\"3173\":[5,23],\"3174\":[8,24],\"3175\":[5,22],\"3176\":[5,15],\"3177\":[5,16],\"3178\":[2],\"3179\":[1,72],\"3180\":[3,57],\"3181\":[3,25],\"3182\":[4,50],\"3183\":[1,50],\"3184\":[3],\"3185\":[1,2],\"3186\":[2],\"3187\":[3,23],\"3188\":[4,18],\"3189\":[5,22],\"3190\":[5,22],\"3191\":[4,20],\"3192\":[4,20],\"3193\":[3,26],\"3194\":[4,36],\"3195\":[5,51],\"3196\":[4,53],\"3197\":[3,25],\"3198\":[4,28],\"3199\":[3,21],\"3200\":[2],\"3201\":[1,6],\"3202\":[2],\"3203\":[1,126],\"3204\":[2,25],\"3205\":[1,28],\"3206\":[1,51],\"3207\":[4,22],\"3208\":[4,11],\"3209\":[2,19],\"3210\":[2,11],\"3211\":[1,60],\"3212\":[2],\"3213\":[6,31],\"3214\":[6,20],\"3215\":[8,37],\"3216\":[6,23],\"3217\":[5,42],\"3218\":[7,25],\"3219\":[9,38],\"3220\":[7,33],\"3221\":[6,22],\"3222\":[8,34],\"3223\":[6,20],\"3224\":[7,39],\"3225\":[7,38],\"3226\":[7,35],\"3227\":[7,35],\"3228\":[7,50],\"3229\":[7,52],\"3230\":[7,38],\"3231\":[6,34],\"3232\":[8,45],\"3233\":[11,41],\"3234\":[8,35],\"3235\":[8,36],\"3236\":[7,28],\"3237\":[8,34],\"3238\":[8,35],\"3239\":[7,27],\"3240\":[9,47],\"3241\":[9,32],\"3242\":[7,26],\"3243\":[8,32],\"3244\":[8,28],\"3245\":[8,31],\"3246\":[6,42],\"3247\":[8,53],\"3248\":[11,42],\"3249\":[5,15],\"3250\":[5,15],\"3251\":[5,34],\"3252\":[5,40],\"3253\":[7,36],\"3254\":[5,15],\"3255\":[5,25],\"3256\":[5,28],\"3257\":[5,30],\"3258\":[6,36],\"3259\":[9,39],\"3260\":[5,28],\"3261\":[5,26],\"3262\":[8,51],\"3263\":[5,27],\"3264\":[5,20],\"3265\":[6,18],\"3266\":[6,28],\"3267\":[6,28],\"3268\":[5,53],\"3269\":[8,33],\"3270\":[8,29],\"3271\":[6,42],\"3272\":[5,46],\"3273\":[5,31],\"3274\":[6,26],\"3275\":[5,19],\"3276\":[7,23],\"3277\":[6,27],\"3278\":[4,42],\"3279\":[6,27],\"3280\":[4,29],\"3281\":[4,14],\"3282\":[5,19],\"3283\":[5,16],\"3284\":[7,21],\"3285\":[8,35],\"3286\":[8,39],\"3287\":[9,22],\"3288\":[7,31],\"3289\":[7,26],\"3290\":[7,26],\"3291\":[8,31],\"3292\":[10,48],\"3293\":[13,44],\"3294\":[8,19],\"3295\":[8,19],\"3296\":[10,43],\"3297\":[9,23],\"3298\":[8,47],\"3299\":[4,21],\"3300\":[5,22],\"3301\":[5,23],\"3302\":[8,24],\"3303\":[5,22],\"3304\":[5,15],\"3305\":[5,16],\"3306\":[2],\"3307\":[1,64],\"3308\":[3,57],\"3309\":[4,50],\"3310\":[1,50],\"3311\":[3],\"3312\":[1,2],\"3313\":[2],\"3314\":[3,23],\"3315\":[4,17],\"3316\":[5,22],\"3317\":[5,22],\"3318\":[4,20],\"3319\":[4,20],\"3320\":[3,26],\"3321\":[4,35],\"3322\":[5,49],\"3323\":[4,53],\"3324\":[3,43],\"3325\":[4,28],\"3326\":[7,43],\"3327\":[7,77],\"3328\":[3,21],\"3329\":[2],\"3330\":[1,6],\"3331\":[2],\"3332\":[1,138],\"3333\":[2,25],\"3334\":[1,28],\"3335\":[1,51],\"3336\":[4,22],\"3337\":[4,11],\"3338\":[2,29],\"3339\":[2,80],\"3340\":[1,73],\"3341\":[2],\"3342\":[5,32],\"3343\":[7,43],\"3344\":[10,39],\"3345\":[6,35],\"3346\":[6,34],\"3347\":[8,44],\"3348\":[5,26],\"3349\":[6,31],\"3350\":[6,20],\"3351\":[8,37],\"3352\":[6,23],\"3353\":[5,42],\"3354\":[6,22],\"3355\":[8,34],\"3356\":[8,26],\"3357\":[10,40],\"3358\":[8,33],\"3359\":[6,20],\"3360\":[7,39],\"3361\":[7,38],\"3362\":[7,38],\"3363\":[6,24],\"3364\":[6,47],\"3365\":[7,31],\"3366\":[6,28],\"3367\":[6,23],\"3368\":[5,19],\"3369\":[7,23],\"3370\":[6,27],\"3371\":[4,42],\"3372\":[6,27],\"3373\":[4,29],\"3374\":[4,14],\"3375\":[5,19],\"3376\":[5,16],\"3377\":[7,21],\"3378\":[8,35],\"3379\":[8,39],\"3380\":[9,22],\"3381\":[7,31],\"3382\":[7,26],\"3383\":[7,26],\"3384\":[8,31],\"3385\":[10,48],\"3386\":[13,44],\"3387\":[8,19],\"3388\":[8,19],\"3389\":[10,43],\"3390\":[9,23],\"3391\":[8,47],\"3392\":[4,21],\"3393\":[5,22],\"3394\":[5,23],\"3395\":[8,24],\"3396\":[5,22],\"3397\":[5,15],\"3398\":[5,16],\"3399\":[2],\"3400\":[1,72],\"3401\":[3,57],\"3402\":[3,25],\"3403\":[4,50],\"3404\":[1,50],\"3405\":[3],\"3406\":[1,2],\"3407\":[2],\"3408\":[3,23],\"3409\":[4,18],\"3410\":[5,22],\"3411\":[5,22],\"3412\":[4,20],\"3413\":[4,20],\"3414\":[3,26],\"3415\":[4,35],\"3416\":[5,49],\"3417\":[4,53],\"3418\":[3,43],\"3419\":[4,28],\"3420\":[7,43],\"3421\":[7,77],\"3422\":[3,21],\"3423\":[1,3],\"3424\":[1]},\"averageFieldLength\":[5.100729927007295,39.550838240070235],\"storedFields\":{\"0\":{\"h\":\"Data Sharing Framework\",\"t\":[\"The Data Sharing Framework (DSF) is a concept for a secure middleware to distribute data sharing processes based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed organizations. Every participating site runs a FHIR endpoint accessible by other sites and a business process engine in the local secured network. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing or feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organizational boundaries. The secure communication infrastructure is funded by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.\",\"DSF concept\"]},\"1\":{\"h\":\"\",\"t\":[\"We are very pleased to have won the Rolf Hansen Memorial Award at EFMI MIE 2023 in Gothenburg. The Rolf Hansen Memorial Award is presented annually by the European Federation for Medical Informatics (EFMI) for an outstanding paper as well as for an excellent presentation. It is named after Rolf Hansen (1931-1993), a well-known Norwegian medical informatician and former president of EFMI. Hauke Hund presented his Paper: No Transfer Without Validation: A Data Sharing Framework Use Case in May at the EFMI MIE. doi:10.3233/SHTI230066 \"]},\"2\":{\"h\":\"and we will take care of your request as soon as possible.\"},\"3\":{\"h\":\"About\"},\"4\":{\"h\":\"Overview\",\"t\":[\"Contact & Community Guide\",\"Contributors\",\"Partners\",\"Public Funding\"]},\"5\":{\"h\":\"DSF for your project\",\"t\":[\"Summary\",\"Use case agnostic middleware: DSF is adaptable to any distributed process, leveraging BPMN 2.0 and FHIR R4 for secure, efficient data sharing across various biomedical research scenarios.\",\"Security: DSF prioritizes security through stringent authentication and authorization protocols, ensuring data is accessed and shared only by authorized organizations to maintain data confidentiality and integrity.\",\"Proven in clinical research: Deployed in German university hospitals, DSF's effectiveness and reliability are validated in real-world settings.\",\"Implementation guidance: DSF offers resources on how to implement new process plugins.\"]},\"6\":{\"h\":\"Overview of DSF\",\"t\":[\"The Data Sharing Framework (DSF) is a secure middleware solution designed to facilitate data sharing across different organizations for biomedical research. It utilizes BPMN 2.0 and FHIR R4 standards to support processes such as data extraction, merging, pseudonymization, and provisioning. Funded by the German Federal Ministry of Education and Research as part of the Medical Informatics initiative, the DSF aims to improve data interoperability and security across institutional boundaries.\"]},\"7\":{\"h\":\"Key features and benefits\"},\"8\":{\"h\":\"Distributed data sharing processes\",\"t\":[\"DSF enables distributed data sharing by providing each participating site with a FHIR endpoint and a business process engine. This setup ensures that data can be securely shared and processed across different sites, facilitating cross-site data sharing and feasibility analyses.\"]},\"9\":{\"h\":\"Flexibility with data standards\",\"t\":[\"While DSF primarily uses the FHIR R4 standard to ensure high-quality data exchange, it is designed to be open and adaptable to other data formats. This flexibility allows for a wide range of data types to be incorporated into research projects.\"]},\"10\":{\"h\":\"Security and access control\",\"t\":[\"Security is a critical component of DSF, which includes robust authentication and authorization protocols. These protocols ensure that data access and sharing are restricted to authorized organizations, maintaining the confidentiality and integrity of the data.\"]},\"11\":{\"h\":\"Deployment in clinical environments\",\"t\":[\"DSF is already deployed and operational in Data Integration Centers at German university hospitals, demonstrating its applicability and reliability in real-world clinical research settings.\"]},\"12\":{\"h\":\"Getting started with the DSF\",\"t\":[\"If you're looking to leverage the DSF for your research or you're interested in exploring how it can enhance your data sharing needs, we're here to support you. Visit the Learn how to implement your use case page to start your journey towards integrating the DSF into your research project.\",\"Should you have any questions or need personalized assistance, don't hesitate to reach out to the DSF core team directly at dsf-gecko@hs-heilbronn.de.\",\"Embark on your DSF journey today and join a community committed to advancing biomedical research through secure, interoperable data sharing.\"]},\"13\":{\"h\":\"How to implement your use-case\",\"t\":[\"Work in progress\",\"This site is work in progress, please come back later.\",\"If you want further information about the DSF and how to implement use cases, please visit:\",\"Documentation Overview\",\"Getting started\",\"Contact us\"]},\"14\":{\"h\":\"Hackathon\",\"t\":[\"Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+\",\"Montags, 13:00-14:00 Uhr\",\"Ort: https://dsf.dev/sprechstunde\",\"Zusammenfassung\",\"Vorbereitung\",\"Installationshinweise\",\"Beitritt\",\"Liebe Community,\",\"die Modul 2B Projekte FDPG+ und DSF Community möchten Sie herzlich zu einem Hackathon am 22.10.2024 von 10:00-16:00 Uhr einladen. Leiten Sie bitte die Einladung an die technischen Kolleg*innen in den DIZ und den DMSt weiter.\",\"Fokus des Hackathons liegt auf der Erprobung der neuen Machbarkeit und des neuen Datenselektion- und -Extraktionstools (TORCH) im Zusammenspiel mit den DSF Data Sharing Prozessen. Ergänzend wird der FHIR Data Evaluator vorgestellt und Updates zum DSF, dem Feasibility Prozess Plugin und dem Allowlist Management präsentiert.\",\"Wie üblich sollen die Tools und Prozesse hands-on auf der Testinfrastruktur erprobt und deployed werden, dazu folgen weitere Informationen kurz vor dem Hackathon.\",\"Vorläufiger Zeitplan:\",\"10:00-12:30 : Vorstellungen und Updates\",\"• Vorstellung Datenselektion und Extraktionstool TORCH – FDPG+ • Vorstellung FHIR Evaluator – FDPG+ • DSF Updates – DSF Community • Feasibility Prozessplugin Updates – DSF Community & FDPG+ • Allowlist Management Updates – DSF Community\",\"12:30-14:00 : Mittagspause\",\"14:00-16:00 : Hands-On\",\"• Erproben der vorgestellten Tools • Datenselektion und Extraktion mit Data Sharing • Support und Fragen zum Deployment und Betrieb • Wir freuen uns auf Ihre Teilnahme!\",\"Viele Grüße, Julian Gründner und Maximilian Kurscheidt für FDPG+ und DSF Community\"]},\"15\":{\"h\":\"Vorbereitung\",\"t\":[\"In diesem Hackathon ist das Aktualisieren der Systeme ein aktiver Bestandteil und bedarf keiner speziellen Vorbereitung. Für das Testen der Data Sharing Prozesse sollten jedoch einige Voraussetzungen bereits vor dem Termin erfüllt sein.\"]},\"16\":{\"h\":\"Netzwerkfreigaben\",\"t\":[\"Für den Hackathon werden wir primär die Test-DMS aus Heilbronn verwenden, dafür muss neben der Freigabe zur FDPG auch die Freigabe zum und vom MII-Test-System der HHN vorhanden sein (mii-test.gecko.hs-heilbronn.de).\",\"In diesem Kontext bietet es sich an, auch die Freigaben für weitere Test-DMSen zu beantragen. Weitere Details dazu befinden sich in der Liste der Firewallregeln im Test-Allowlist-Management-Tool (allowlist-test.gecko.hs-heilbronn.de) unter dem Punkt “Download Allowlist”. Wir planen während des Termins auch mit ausgewählten DIZen erste Funktionstests der Test-DMSen durchzuführen.\",\"Wir empfehlen auch sicherzustellen, dass Sie Zugriff auf die Weboberfläche Ihres DSF-FHIR-Servers haben.\"]},\"17\":{\"h\":\"FHIR-Store\",\"t\":[\"Zur Datenausleitung im Kontext des Data Sharing Prozesses werden wir FHIR Bundles mit Testdaten zur Verfügung stellen, die in Form eines FHIR Bundles auf einem FHIR Store gespeichert werden müssen. Dabei kann ein beliebiger FHIR Server (z.B. HAPI FHIR oder Blaze) verwendet werden. Es kann auch der FHIR Server verwendet werden, der z.B. für Feasibility im Testsystem genutzt wird.\",\"Weitere Details zum Data Sharing Prozess sind hier zu finden:\",\"https://github.com/medizininformatik-initiative/mii-process-data-sharing/wiki\",\"Eine Installation kann vor oder während des Hackathons durchgeführt werden.\"]},\"18\":{\"h\":\"Installationshinweise\",\"t\":[\"⚠️\",\"Versionen der unten aufgeführten Tools können sich noch bis zum Hackathon ändern.\"]},\"19\":{\"h\":\"DSF\",\"t\":[\"Installation oder Update\"]},\"20\":{\"h\":\"Prozessplugins\",\"t\":[\"DSF Ping Pong 1.0.1.0 Release Notes\",\"DSF Allowlist Plugin 1.0.0.1 Release Notes\",\"MII Feasibility 1.0.0.6 Instructions\",\"MII Process Report 1.1.1.1 for Test Infrastructure Instructions. Please use 1.1.1.1 for Prod for now Instructions\",\"MII Process Data Transfer 1.0.2.1 Instructions\",\"MII Process Data Sharing 1.0.1.1 Instructions\"]},\"21\":{\"h\":\"Weitere Anwendungen\",\"t\":[\"Flare Instructions\",\"Blaze 0.30.0 Instructions\",\"FHIR Evaluator Instructions\",\"TORCH Instructions\"]},\"22\":{\"h\":\"Data Sharing Demodaten\",\"t\":[\"Demodaten\",\"Falls Sie Fragen zum Hackathon oder der Installation des DSF haben, melden Sie sich gerne über den DSF-Community Zulip-Channel oder dsf-gecko@hs-heilbronn.de.\"]},\"23\":{\"h\":\"Documentation\"},\"24\":{\"h\":\"Overview\",\"t\":[\"Documentation \",\"Introduction\",\"Basics & Standards\",\"Architecture\",\"Security\",\"Allow Lists\",\"Process Plugins\"]},\"25\":{\"h\":\"Publications and Talks\"},\"26\":{\"h\":\"Publications\",\"t\":[\"H. Hund, R. Wettstein, C.M. Heidt, C. Fegeler, Executing Distributed Healthcare and Research Processes – The HiGHmed Data Sharing Framework, Stud Health Technol Inform, 278 (2021) 126-133, doi:10.3233/SHTI210060\",\"R. Wettstein, H. Hund, I. Kobylinski, C. Fegeler, O. Heinze, Feasibility Queries in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 278 (2021) 134-141, doi:10.3233/SHTI210061\",\"C.M. Heidt, H. Hund, C. Fegeler, A Federated Record Linkage Algorithm for Secure Medical Data Sharing, Stud Health Technol Inform, 278 (2021) 142-149, doi:10.3233/SHTI210062\",\"R. Wettstein, H. Hund, C. Fegeler, O. Heinze, Data Sharing in Distributed Architectures – Concept and Implementation in HiGHmed, Stud Health Technol Inform, 283 (2021) 111-118, doi:10.3233/SHTI210548\",\"H.-U. Prokosch, T. Bahls, M. Bialke, J. Eils, C. Fegeler, J. Gruendner, B. Haarbrandt, C. Hampf, W. Hoffmann, H. Hund, et al. The COVID-19 Data Exchange Platform of the German University Medicine, Stud Health Technol Inform, 294 (2022) 674-678, doi:10.3233/SHTI220554\",\"R. Wettstein, T. Kussel, H. Hund, C. Fegeler, M. Dugas, K. Hamacher, Secure Multi-Party Computation Based Distributed Feasibility Queries – A HiGHmed Use Case, Stud Health Technol Inform, 296 (2022) 41-49, doi:10.3233/SHTI220802\",\"C. Zilske, M. Kurscheidt, S.T. Schweizer, H. Hund, S. Mödinger, C. Fegeler, Monitoring Distributed Business Processes in Biomedical Research, Stud Health Technol Inform, 302 (2023) 252-256, doi:10.3233/SHTI230113\",\"H. Hund, R. Wettstein, C. Hampf, M. Bialke, M. Kurscheidt, S.T. Schweizer, C. Zilske, S. Mödinger, C. Fegeler, No Transfer Without Validation: A Data Sharing Framework Use Case, Stud Health Technol Inform, 302 (2023) 68-72, doi:10.3233/SHTI230066\",\"H. Hund, R. Wettstein, M. Kurscheidt, S.T. Schweizer, C. Zilske, C. Fegeler, Interoperability Is a Process- The Data Sharing Framework, Stud Health Technol Inform, 310 (2024) 28-32, doi:10.3233/SHTI230921\",\"S.T. Schweizer, H. Hund, M. Kurscheidt, C. Zilske, J.P. Böhringer, C. Fegeler, Handling Complexity in Decentralized Research Networks: The Data Sharing Framework Allowlist Management Application, Stud Health Technol Inform, 317 (2024) 85-93, doi:10.3233/SHTI240841\"]},\"27\":{\"h\":\"Recorded Talks\"},\"28\":{\"h\":\"GMDS Conference 2022\",\"t\":[\"Hands On! - Introduction to the Data Sharing Framework from a User Perspective \",\"Tutorial: Implementing BPMN Processes as DSF Process-Plugins\"]},\"29\":{\"h\":\"GMDS Conference 2020\",\"t\":[\"Executing Distributed Healthcare and Research Processes – the HiGHmed Data Sharing Framework\",\"Feasibility Queries in Distributed Architectures – Concept and Implementation in HiGHmed\",\"A Federated Record Linkage Algorithm for Secure Medical Data Sharing\"]},\"30\":{\"h\":\"Version 0.9.x\",\"t\":[\"Data Sharing Framework 0.9.x is an old version of the Data Sharing Framework. Click here to find more information about the DSF in general.\"]},\"31\":{\"h\":\"Overview (v 0.9.x)\",\"t\":[\"General Information\",\"Code\",\"Build and Test\",\"Releases and Deployment\",\"DSF Process Plugin Tutorial\"]},\"32\":{\"h\":\"Introduction\",\"t\":[\"The Data Sharing Framework implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. The DSF is used to support biomedical research with routine data. Every participating site runs a FHIR endpoint (dsf-fhir) accessible by other sites and a business process engine (dsf-bpe) in the local secured network. Authentication between sites is handled using X.509 client/server certificates. The process engines execute BPMN processes in order to coordinate local and remote steps necessary to enable cross-site data sharing and feasibility analyses. This includes access to local data repositories, use-and-access-committee decision support, consent filtering, and privacy preserving record-linkage and pseudonymization.\",\"DSF Architecture\"]},\"33\":{\"h\":\"Security\",\"t\":[\"We take security of the DSF, its process plugins, services and tools we operate very seriously.\",\"We describe the security mechanisms used by the DSF to implement secure communication on the pages Architecture, Security and Allow List.\",\"To ensure a high level of security, you should always install the latest DSF version and use the latest versions of the process plugins. Use the instructions to install the latest version of the DSF or to upgrade on the latest version. The instructions described there implement the security configuration recommended by us.\",\"It is also important that you ensure a secure operating environment in which you verify firewall configurations, keep the operating systems on which the DSF is running up to date and harden it according to the latest state of the art.\"]},\"34\":{\"h\":\"Security vulnerability disclosure policy\"},\"35\":{\"h\":\"Our commitment to security\",\"t\":[\"We as the DSF development team take security of our software, services and data very seriously. We understand that despite our best efforts, vulnerabilities can exist. To address this, we encourage responsible reporting of any security vulnerabilities discovered in our software and systems.\"]},\"36\":{\"h\":\"Responsible disclosure\",\"t\":[\"We kindly ask security researchers and the general public to follow the principles of Coordinated Vulnerability Disclosure (CVD) or Responsible Disclosure when reporting vulnerabilities to us. This approach helps us to mitigate potential risks and protect our users' data effectively.\"]},\"37\":{\"h\":\"How to Report a Vulnerability\",\"t\":[\"If you believe you have found a security vulnerability in our system, please email us at dsf-security@hs-heilbronn.de. If you want to use end-to-end-encryption, you can send us mails using s-mime with the certificate chain provided here. We kindly request the following:\",\"Provide a detailed description of the vulnerability, including if possible the potential impact and how it can be exploited.\",\"Include steps to reproduce the vulnerability or proof-of-concept code, if possible.\",\"Avoid accessing or modifying user data without permission, and do not exploit a security issue for any reason other than testing.\",\"Maintain confidentiality and do not publicly disclose the vulnerability, until we have had the opportunity to investigate and address it.\",\"Please do not file an issue on a security-related topic and use the e-mail address provided. You can verify the address both in the application repository and at the homepage (this page).\"]},\"38\":{\"h\":\"Our promise\",\"t\":[\"Acknowledgement: We usually will acknowledge receipt of your vulnerability report within 48 hours.\",\"Investigation: Our security team will investigate the issue and work diligently to verify and reproduce the vulnerability.\",\"Communication: We will keep you informed of our progress as we work to resolve the issue.\",\"Resolution: We will strive to resolve security issues in a timely manner and release updates, patches, or remediations as needed.\",\"Recognition: We value your effort in making our systems more secure and will recognize your contribution, if desired, once the vulnerability is resolved.\"]},\"39\":{\"h\":\"Legal Protection\",\"t\":[\"We promise not to initiate legal action against individuals who report vulnerabilities responsibly in accordance with this policy. This includes not suing for accidental access to data or reporting in good faith.\"]},\"40\":{\"h\":\"Questions?\",\"t\":[\"If you have any questions about this policy or security of the Data Sharing Framework, the services and tools we provide, please contact us at dsf-security@hs-heilbronn.de. You can send us encrypted e-mails using s-mime. You can find the certificate chain here.\"]},\"41\":{\"h\":\"Sprechstunde\",\"t\":[\"Terminverschiebung\",\"Die Sprechstunde wird aufgrund der FDPG Datenausleitungssprechstunde (DANA) ab dem 20.01.2025 von 14:00-14:50 Uhr stattfinden.\",\"Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+\",\"Montags, 14:00-14:50 Uhr\",\"Ort: https://dsf.dev/sprechstunde\",\"Klicken Sie hier, um der Sprechstunde beizutreten.\"]},\"42\":{\"h\":\"DSF 1.7.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.6.0\",\"Install DSF 1.7.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"43\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"44\":{\"h\":\"DSF 1.0.0\",\"t\":[\"Data Sharing Framework 1.0.0 is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Install DSF 1.0.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"45\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow user authenitication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features\"]},\"46\":{\"h\":\"DSF 1.1.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.x.\",\"Install DSF 1.1.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"47\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"48\":{\"h\":\"DSF 1.2.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.x.\",\"Install DSF 1.2.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"49\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"50\":{\"h\":\"DSF 1.3.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.x.\",\"Install DSF 1.3.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"51\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"52\":{\"h\":\"DSF 1.3.1\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.3.0\",\"Install DSF 1.3.1\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"53\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"54\":{\"h\":\"DSF 1.3.2\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.3.0\",\"Install DSF 1.3.2\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"55\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"56\":{\"h\":\"DSF 1.4.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.3.2\",\"Install DSF 1.4.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"57\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"58\":{\"h\":\"DSF 1.5.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.4.0\",\"Install DSF 1.5.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"59\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"60\":{\"h\":\"DSF 1.5.1\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.5.0\",\"Install DSF 1.5.1\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"61\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"62\":{\"h\":\"DSF 1.5.2\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.5.1\",\"Install DSF 1.5.2\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"63\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"64\":{\"h\":\"DSF 1.6.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.5.2\",\"Install DSF 1.6.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"65\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"66\":{\"h\":\"DSF 1.7.0\",\"t\":[\"Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.\",\"Important note\",\"This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.\",\"Upgrade from DSF 0.9.x.\",\"Upgrade from DSF 1.6.0\",\"Install DSF 1.7.0\",\"Create a new process plugin\",\"Upgrade from DSF 0.9.x.\"]},\"67\":{\"h\":\"New features\",\"t\":[\"Improved versioning to support up- and downwards-compatibility\",\"Enhanced web ui to start processes in the web browser\",\"Allow local user authentication and authorization with OpenID Connect\",\"New process plugin API\",\"Removed mostly unused features to simplify instance configuration\",\"Unified proxy setup\",\"Many more features, see 1.x release-notes\"]},\"68\":{\"h\":\"Learn more\"},\"69\":{\"h\":\"Overview\",\"t\":[\"Contact & Community Guide\",\"Contributors\",\"Partners\",\"Public Funding\"]},\"70\":{\"h\":\"Contact & Community\"},\"71\":{\"h\":\"\",\"t\":[\"Feel free to contact us via E-Mail (dsf-gecko@hs-heilbronn.de) and we will take care of your request as soon as possible.\"]},\"72\":{\"h\":\"👥 COMMUNITY\",\"t\":[\"DSF's community is growing and we welcome anyone who would like to join! 🚀\"]},\"73\":{\"h\":\"Stay up to Date\",\"t\":[\"GitHub\",\"Follow our contributors on GitHub\",\"Zulip Chat - MII (If you would like access, please write us an E-MAIL)\"]},\"74\":{\"h\":\"Contribute Code\",\"t\":[\"You can get familiar with the DSF code on GitHub. Branching follows the git-flow model, for the latest development version see branch develop. Additionally, you can find more information here in the documentation.\"]},\"75\":{\"h\":\"Share your Experience & Get support\",\"t\":[\"You´re welcome to share your experience with the Community. If you have a bug to report or feature to request, that's what the GitHub issues are for.\"]},\"76\":{\"h\":\"Partners\",\"t\":[\"Funded for further development of the Data Sharing Framework are:\"]},\"77\":{\"h\":\"Heilbronn University of Applied Sciences | Gecko Institute\",\"t\":[\"The GECKO Institute is a research institution of Heilbronn University of Applied Sciences and conducts research and development at the interfaces between medicine, economics and computer science. The DSF is part of Prof. Fegeler's research area: Interoperability and Digital Processes in Medicine. Other areas of research include educational technologies, health economics, and consumer health informatics.\"]},\"78\":{\"h\":\"University of Heidelberg | Institute of Medical Informatics\",\"t\":[\"The Institute of Medical Informatics belongs to the University of Heidelberg. The scientific focus of the institute is on structured patient data, e.g.\",\"in the Medical Data Integration Center (MeDIC),\",\"structured acquisition and transformation of biomedical data,\",\"medical information systems and data models\",\"and much more.\"]},\"79\":{\"h\":\"University of Leipzig | LIFE Institute\",\"t\":[\"The LIFE Institute of the University of Leipzig manages collaborative and follow-on projects in the fields of medicine, public health, medical informatics, and biobanking.\"]},\"80\":{\"h\":\"Public Funding\"},\"81\":{\"h\":\"DSF - Medical Informatics Structure \\\"Data Sharing Framework Community\\\" (2023-2026)\",\"t\":[\"The DSF Community connects the DSF competencies of the entire Medical Informatics Initiative (MII) so that new use cases, in particular from Module 3 or the Network University Medicine (NUM), are better supported in creating the respective DSF plugins. In the context of Module 2b, the DSF Community contributes to the further development of the common digital infrastructure of the MII together with the FDPG+ and TRANSIT projects. BMBF\",\"Heilbronn University (HHN) focuses on the connecting of DSF related topics and competencies in the MII with the community management. The quality assurance of new DSF plugins and further development of the application and core components aim at a scalable, stable and secure operation of the DSF (Funding code: 01ZZ2307A).\",\"Heidelberg University is focusing on the further development of the DSF core components as well as the rollout of the DSF plugins, in particular also from the perspective of a data integration center in consultation with the FDGP+ and TRANSIT projects (Funding code: 01ZZ2307B).\",\"The University of Leipzig will further develop and adapt the DSF plugin for the Research Data Portal for Health FDPG according to specifications resulting from the FDPG+ project and enable Data Integration Centers (DIC) to operate the FDPG plugin (Funding code: 01ZZ2307C).\"]},\"82\":{\"h\":\"Development of the DSF in the HiGHmed consortium -Contribution Heilbronn University and Heidelberg University (2018-2022)\",\"t\":[\"HiGHmed aims to increase the efficiency of clinical research and improve patient care through new medical informatics solutions and cross-organizational data exchange. The concept will be developed on the basis of three defined prototypical use cases, which will ensure close integration with the requirements of patient care and medical research. The GECKO Institute of HHN will establish a trusted third party with pseudonymization service to implement the goals of HiGHmed and is involved in the technical development of the DSF together with the partners (Funding code: 01ZZ1802E). Heidelberg University is in particular involved in the technical development of the DSF (Funding code: 01ZZ1802A).\"]},\"83\":{\"h\":\"Team\",\"t\":[\"The funded project team includes:\",\"Prof. Dr. Christian Fegeler • Homepage\",\"Hauke Hund • GitHub\",\"Maximilian Kurscheidt • GitHub\",\"Simon Schweizer • GitHub\",\"Christoph Zilske • GitHub\",\"Reto Wettstein • GitHub\",\"Alexander Kiel • GitHub\",\"We thank additional contributors, including:\",\"Florian Seidel • GitHub\",\"Simon Mödinger • GitHub\"]},\"84\":{\"h\":\"Allow Lists\"},\"85\":{\"h\":\"Goal\",\"t\":[\"The main objective is to allow only authorized organizations to do what \\\"we\\\" allow them to do (e.g. query data). First, we need a list of organizations that we trust. Secondly, we need a way to ensure that the other party is a member of the parent organization. Thirdly, a list of actions we want to allow the organization to perform is needed. An organization can have different roles in different use cases.\",\"The Allow List consists of Organization-, Endpoint- and OrganisationAffiliation- resources. With these resources the allow list defines communication partners and and parent organizations like research consortia and groups as well as the roles of each organization. Each DSF FHIR server stores their own allow list. To make sure that processes can be executed, parties must allow access via their allow list.\",\"Architecture\"]},\"86\":{\"h\":\"Allow List Managment\",\"t\":[\"Here you can read all the information if you want to create or update an Allow List.\"]},\"87\":{\"h\":\"and we will take care of your request as soon as possible.\"},\"88\":{\"h\":\"Architecture\",\"t\":[\"The Data Sharing Framework implements a distributed business process engine based on the BPMN 2.0 and FHIR R4 standards. Every participating organisation (e.g. ORG. A) runs a FHIR endpoint accessible by other sites and a business process engine (BPE) in the local secured network. Once the DSF has been installed in an organisation, it can be used for multiple use cases.\",\"Simplified DSF Architecture\",\"The following architecture diagram also shows three organisations, each of which has installed the DSF. The FHIR endpoint (green) is located in a demilitarised zone (DMZ) and is accessible from outside for communication with other organisations. It can be compared to a mailbox. The Business Process Engine (BPE - blue) is located in the intranet of an organisation and is responsible for the execution of processes. The metaphor: control centre helps here.\",\"DSF Architecture\"]},\"89\":{\"h\":\"DSF FHIR Server 📫\",\"t\":[\"As mentioned above, the externally accessible DSF FHIR server acts as a mailbox for communication. This means that an organisation creates a task resource in its DSF and drops the task resource (letters) into the mailbox of another organisation, requesting that something happen. Task resources have been explained in more detail in the section Basics and Standards. It is important to understand that the DSF FHIR server is not used for persisting medical data.\",\"DSF FHIR Server\"]},\"90\":{\"h\":\"Business Process Engine (BPE)\",\"t\":[\"The BPE located in the secure internal network executes the processes (BPMN/Java). The BPE is deployed in the internal network and has access to the local systems, such as the organisation's own FHIR server, on which medical data is stored. These FHIR servers are not to be confused with the DSF FHIR server, on which no medical data is persisted. Different processes can be executed simultaneously. For this, only a new process plugin file has to be added and configured. More about this in the Process Plugins.\",\"BPE\",\"The DSF BPE uses websocket (WSS) and webservice (HTTPS) connections to communicate with the DSF FHIR server. FHIR resources are created, read, updated and deleted via HTTP requests against the FHIR webservice API. The FHIR subscription mechanism is used to communicate Task resources with status 'requested' and QuestionnaireResponse resources with status 'completed' to the BPE via websockets. When the BPE starts and before the websocket connections are established, 'requested' Task resources and 'completed' QuestionnaireResponse not seen by the BPE are read via webservice requests.\"]},\"91\":{\"h\":\"Flexible Deployment\",\"t\":[\"The deployment of the architecture is flexible. The organisations can be deployed as a star schema (left) or as a mesh schema (right). In the Star schema (left), all Data Integration Centres (DIC) are connected to a central node (CRR - Central Research Repository), which transfers the information to all nodes (DIC). For security reasons, a data transfer hub (DTH) is connected upstream, which provides additional security so that the medical data is never transferred together with the authenticating data.\",\"In the mesh scheme (right), the nodes (DIC) are all directly connected to each other and the information is transferred from node to node. Here in the FDPG (Forschungsdatenportal - Research Data Portal), the data can then be accessed for research purposes. More about this here.\"]},\"92\":{\"h\":\"Network Setup & Additional Reverse Proxy in external DMZ\",\"t\":[\"You can find more information about the network setup here\"]},\"93\":{\"h\":\"Basics and Standards\",\"t\":[\"Here you can find some basic information about interoperability and the standards were using within the DSF before we go into details about the architecture. Here we only describe how the standards (FHIR and BPMN) are used within the DSF. If you want to gain a deeper knowledge of the standards, we recommend visiting these websites: HL7 FHIR and BPMN\"]},\"94\":{\"h\":\"Interoperability\",\"t\":[\"Interoperability is the ability of different systems to work together as seamlessly as possible. We can divide interoperability into four levels.\",\"The foundational level defines the basic interconnectivity requirements which are necessary for a system or application to securely transmit data to and receive data from another system or application. Techniques such as HTTPS or REST are used for this.\",\"The second level is the structural level. It defines the format and the syntax of the data exchange. Therefore, data formats like JSON or XML can be used.\",\"The semantic level ensures the correct interpretation of the contents of the exchanged data between the different systems. Therefore, information models as FHIR or CDA or medical terminology systems like SNOMED CT or ICD can be used.\",\"The final level, the organizational level, includes policy, social, legal and organizational aspects that enable secure, seamless and timely communication and use of data both within and between organizations. And importantly, these components enable shared consent, trust and integrated end-user processes and workflows.\",\"Levels of interoperability\"]},\"95\":{\"h\":\"HL7 FHIR 🔥\",\"t\":[\"HL7 FHIR is a standard for data exchange that can be used as an information model for communication within and between systems. The standard is based on resources, references and profiles. With this concept, FHIR offers interoperability out of the box. The resources describe data formats. 150 specified resources cover the entire health system. An example of a resource would be a patient, which consists of data such as name or gender. These resources can refer to other resources by means of references. This connects the information units into a network. For seamless exchange of information, FHIR supports RESTful architectures and web standards such as XML or JSON, which makes it easier for developers to use FHIR. The FHIR profiles can be understood as a set of rules. They explain, for example, which attributes must be mandatorily specified or which terminology may be used. In addition, profiles and controlled vocabulary can be validated.\"]},\"96\":{\"h\":\"BPMN\",\"t\":[\"Business Process Modelling Notation is a modelling language that can be used to model and implement processes. The models can be used for the documentation of processes and for communication between different stakeholders. Furthermore, BPMN forms a standardised bridge between process design and process implementation. This is because it simplifies implementation. These processes are executed by a Business Process Engine. Basically, a BPE is a server that can read and execute the business process. More about this in the section on architecture.\",\"Example of a BPMN model (Ping-Pong-Process of the DSF)\"]},\"97\":{\"h\":\"Why are we using FHIR and BPMN?\",\"t\":[\"On the one hand we use FHIR because of the mentioned benefits. On the other hand FHIR fits great with BPMN and these two in combination are a great fit for what we do:Execute distributed data sharing Processes.\",\"We do not need all 150 FHIR resources. The following FHIR resources are the ones we need and have implemented: ActivityDefinition, Binary, Bundle, CodeSystem, DocumentReference, Endpoint, Group, Library, Measure, MeasureReport, NamingSystem, Organization, Questionnaire, QuestionnaireResponse, ResearchStudy, StructureDefinition, Subscription, Task and ValueSet.\",\"Don't worry, it is not important to understand them all now. But to understand why we use FHIR and BPMN, it is important to look at the ActivityDefinition and TaskResources on the FHIR side and the Message Events on the BPMN side. In the following picture you can see parts of BPMN. These Message Events enable the communication between different organizations. Every time there is a Message Event between two business processes, there is a corresponding TaskResource on the FHIR side. When one organization sends a message for example “do some work” to another organization or when we send a message to ourselves to start or continue a process, we do this by creating a FHIR TaskResource with the status “requested”. After that the Business Process Engine starts the work and the status switches to “in-progress” and if the work is done to “completed” or if there is a problem to “failed”.\",\"The ActivityDefinition is needed to publish what can be done in an instance. That means the ActivityDefinition contains the process description with the authorisation who is allowed to send a message.\",\"BPMN MessageEvents\"]},\"98\":{\"h\":\"Introduction\",\"t\":[\"The German Federal Ministry of Education and Research is funding the Medical Informatics Initiative with the aim of making routine data available digitally, reliably and quickly for medical research. University hospitals have founded consortia with partners such as research institutions and other companies to create the conditions for research and patient care to share their data across sites. Data Integration Centers (DIC) have been established at the university hospitals and partner institutions to create the technical and organizational conditions for data exchange between patient care and medical research.\",\"The Data Sharing Framework (DSF) was developed within the HiGHmed consortium of the Medical Informatics Initiative and is now funded as an independent project by the German Federal Ministry of Education and Research within the Medical Informatics structure as DSF Community.\",\"The DSF is a concept for a secure middleware to distribute data sharing processes, aiming to extract, merge, pseudonymize and provide data stored in multiple distributed DICs. A researcher can use the DSF for example to submit feasibility queries to several DICs and thus has the opportunity to obtain sufficient data from different locations for his or her research. By using international standards such as FHIR and BPMN 2.0, the problem of heterogeneous data models, primary systems, architectures and federated legislation between DICs can be solved. The aim is to enable secure and syntactically-, semantically- and process-interoperable data exchange across organisational boundaries.\",\"DSF concept\",\"The DSF is a secure communication infrastructure, that (1) scales with communication relationships, (2) orchestrates processes and instances, (3) separates execution logic from program code, (4) enables automated and user-centeric process steps ​(5) and can be used for heterogeny structures.\",\"Federated data exchange between distributed DICs (CRP=Central Research Portal, DMU=Data Management Unit)\"]},\"99\":{\"h\":\"Network Setup and General Architecture\",\"t\":[\"The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.\",\"Network Setup Diagramm\",\"FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.\",\"FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server\",\"FHIR DB Server: PostgreSQL database for the FHIR App Server.\",\"BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.\",\"BPE DB Server: PostgreSQL database for the BPE App Server.\",\"PDP: IHE Policy Decision Point for deciding on patient consent.\",\"MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).\",\"MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.\",\"Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.\",\"More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates\"]},\"100\":{\"h\":\"Additional Reverse Proxy in external DMZ\",\"t\":[\"In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.\",\"Network Setup Diagramm\"]},\"101\":{\"h\":\"Process Plugins\"},\"102\":{\"h\":\"Overview\",\"t\":[\"It is important to understand that the DSF is only the silent helper in the background: a middleware. The DSF is use case agnostic. This means that process plugins make it possible to execute almost any use case you can imagine with the DSF. Process plugins provide individual functionality. For example, it is possible to use the Ping Pong process to test bilateral communication or the Feasibility process to perform feasibility queries for research. However, it is possible to deploy several process plugins together, even the same process plugin in different versions. A process plugin is basically an archive of BPMN 2.0 models, FHIR R4 resources and Java code. This process plugin is deployed as a Jar file on the BPE.\"]},\"103\":{\"h\":\"BPMN: Example\",\"t\":[\"BPMN models can be created with Camunda Modeler. The following model is a BPMN model consisting of two lanes: These are the square boxes, i.e. Organization A and B. This process is intended only as an example to illustrate the formalities. We will look at realistic processes in the next chapter.\",\"BPMN: Example\"]},\"104\":{\"h\":\"Ping Pong Process\",\"t\":[\"The ping process plugin can be used for (periodic) connection testing between organizations that are part of your DSF allow list. The following figure shows a representation of the process.\",\"Ping-Pong Process\",\"The ping pong process is composed of 3 different subprocesses:\"]},\"105\":{\"h\":\"Autostart Ping Process\",\"t\":[\"The autostart ping process is used to execute connection tests in a predefined interval. This subprocess performs the following steps:\",\"Start a timer with a predefined interval (default 24 h)\",\"Start the ping process once per interval\",\"Stop the timer after the current interval completes\"]},\"106\":{\"h\":\"Ping Process\",\"t\":[\"The ping process is used to check outgoing and incoming connections to organizations in your allow-list. This subprocess performs the following steps:\",\"Select organizations in your allow list that should receive a ping message\",\"Send ping message to selected organizations\",\"Receive pong message from selected organizations\",\"Log status of ping/pong messages\",\"Log errors if any occur\"]},\"107\":{\"h\":\"Pong Process\",\"t\":[\"The pong process is used to send a response during the connection test to the requesting organization. This subprocess performs the following steps:\",\"Receive ping message from requesting organizations\",\"Send pong message to requesting organizations\",\"Log status of ping/pong message\",\"Log errors if any occur\"]},\"108\":{\"h\":\"Security by Design\"},\"109\":{\"h\":\"Basics Security\",\"t\":[\"The open-source Data Sharing Framework is EU-GDPR compliant and meets the highest security standards by design. DSF FHIR servers only accept certain FHIR resources from internal systems/administrators (e.g. tasks, binary resources...). In addition, the communication partners are defined via Allow Lists. This means that an organisation can only communicate with organisations that are included in the allow list of approved organisations of the participating organisations. More information about allow lists can be found in the next chapter. For transport encryption, the TLS protocol is used. Secure Web Socket (WSS) connections provide security for the connection between the DSF FHIR server (DMZ) and the BPE (internal network). In addition, the DSF is being actively developed and there is an excellent community, both of which guarantee fast security patches.\"]},\"110\":{\"h\":\"Authentication\",\"t\":[\"Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.\",\"A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf\",\"More information about client and server certificates can be found here.\"]},\"111\":{\"h\":\"Certificate Requests 🔒\"},\"112\":{\"h\":\"FHIR Endpoint\",\"t\":[\"Server certificates are used to authenticate the FHIR endpoint on the local network and to other organisations\",\"Certificate profile: \",\"DFN-PKI Global G2 via DFN e.V.: Web Server\",\"D-Trust via TMF e.V.: Advanced SSL ID\",\"GÉANT TCS via DFN e.V.: Web Server\",\"Common name: FQDN of the server used while accessing from other organizations (external FQDN)\",\"Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)\",\"More information: Parameters FHIR Server\"]},\"113\":{\"h\":\"Business Process Engine Server\",\"t\":[\"Client certificates are used to authenticate against remote FHIR endpoints (when either the BPE server or the FHIR endpoint server acts as the client). In addition, client certificates are used to authenticate the Business Process Engine server on the local network.\",\"Certificate profile: \",\"DFN-PKI Global G2 via DFN e.V.: 802.1X Client\",\"D-Trust via TMF e.V.: Basic Team ID\",\"GÉANT TCS via DFN e.V.: Web Server\",\"Common name: FQDN of the server used while accessing from the local network (local FQDN)\",\"More information: Parameters BPE Server\"]},\"114\":{\"h\":\"GMDS2022 - Process Development\",\"t\":[\"Redirect to this webpage.\"]},\"115\":{\"h\":\"MIE May 2023\"},\"116\":{\"h\":\"Abstract\",\"t\":[\"With this tutorial, participants will gain a detailed insight into the Data Sharing Framework (DSF) (https://github.com/highmed/highmed-dsf). The open source DSF enables users to execute biomedical research and healthcare delivery processes across organizations, and the tutorial will demonstrate this with examples from the German Medical Informatics Initiative (MII) (https://www.medizininformatik-initiative.de/en/start) funded by the Federal Ministry of Education and Research (BMBF). The tutorial will cover fundamental concepts of distributed processes, the DSFs architecture and key standards such as HL7 FHIR and BPMN 2.0. Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization will be covered, as well as guidance on using the DSF for other use cases. This tutorial is designed for those involved in distributed research projects, including project members and software developers, as well as individuals interested in multi-organizational research projects.\"]},\"117\":{\"h\":\"Topic\",\"t\":[\"The use of real-world data collected by healthcare providers for bio-medical research requires the data to be available and accessible. This is especially important when considering the usage of data across organizations. Distributed processes such as feasibility studies, record linkage, and data sharing need to be established for effective consolidation and analysis. While even multi-center retrospective studies using real-world data become commonplace, maintaining infrastructure components for every project conducted is not sustainable. To address this, the Data Sharing Framework (DSF) was developed as an open source, use case independent distributed business process engine to execute cross-organizational research and healthcare delivery processes.\",\"The tutorial will cover the fundamental concepts of distributed processes and will provide an overview of the DSF's architecture and key standards such as HL7 FHIR and BPMN 2.0 that are used in the framework. The tutorial will present real-world examples to illustrate the DSFs capabilities and delve into specific issues the DSF addresses for the German Medical Informatics Initiative (MII).\",\"Participants will have the opportunity to gain hands-on experience with the DSF by working with different processes in a lab setting. Technical aspects such as authentication and authorization, onboarding of new organizations and guidance on using the DSF for other use cases, such as specific research projects or new infrastructure developments, will be covered. Finally, the tutorial will present lessons learned from the last years of using the DSF in test and production environments in multiple research consortia and will present ideas for future improvements based on feedback from end-users, process developers, project managers and administrative staff.\"]},\"118\":{\"h\":\"Target Group\",\"t\":[\"Decision makers and project members with data sharing ideas looking for an architecture, as well as medical informatics professionals and software developers tasked with building multi-centric data sharing applications, are the target audience for this tutorial.\"]},\"119\":{\"h\":\"What you need\",\"t\":[\"You need a laptop with a web browser for the hands-on portion of the tutorial.\"]},\"120\":{\"h\":\"What you will learn\",\"t\":[\"You will...\",\"… gain knowledge on various distributed processes specific to bio-medical research.\",\"… understand the unique challenges and considerations from the German MII resulting in the design and architecture of the DSF.\",\"… be introduced to the key concepts of the DSF and the various contexts in which it can be applied.\",\"… learn how to evaluate if the DSF is appropriate for their particular project or application your planning.\",\"… understand the difficulties that can occur when implementing distributed processes, as well as strategies for addressing them.\"]},\"121\":{\"h\":\"Tutorials\",\"t\":[\"MIE 2023\",\"GMDS 2022 - DSF Process Plugin Tutorial v 0.9.x\"]},\"122\":{\"h\":\"Recorded talks\",\"t\":[\"Redirect to this webpage.\"]},\"123\":{\"h\":\"Use-Cases\"},\"124\":{\"h\":\"Overview\",\"t\":[\"Feasibility\",\"Network University Medicine\"]},\"125\":{\"h\":\"Feasibility\"},\"126\":{\"h\":\"Overview\",\"t\":[\"Funded by the German Federal Ministry of Research and Education, 25 sites have installed the DSF to execute the Feasibility process. To perform feasibility queries, a researcher can register and query data on the FDPG (Forschungsdaten Portal für Gesundheit - Research Data Portal) website. Basic data of hospitalizations of over 8 million patients with over 40 million diagnoses and much more such as laboratory values or drug prescriptions are available. After a successful query, the data is made available in standardized FHIR format. Further information can be found in the flyer.\"]},\"127\":{\"h\":\"The Feasibility Process\",\"t\":[\"Medical routine data holds great promise for advancing research, yet its integration into a research context poses significant challenges. To address this, Medical Data Integration Centers have been established, by the medical informatics initiative to consolidate data from primary information systems into a central repository. However, relying on data from only one organization is rarely sufficient to answer complex research questions, so merging data across institutional boundaries is necessary.\",\"To enable researchers to leverage this integrated data for specific research projects, there is a critical need for the ability to query cohort sizes across institutions. The feasibility process allows researchers to conduct automated and distributed feasibility queries, i.e., cohort size estimates. This process is executed according to the open standard BPMN 2.0, the underlying process data model is based on HL7 FHIR R4 resources.\"]},\"128\":{\"h\":\"Technical Information\",\"t\":[\"DSF Middleware Setup: The DSF middleware connects your site to the central platform. This allows it to receive feasibility query requests as well as reporting back any results of these queries.\",\"Feasibility Process: Core Feasibility Process\",\"Feasibility Triangle: The Feasibility Triangle part of this repository provides a site (data integration center) with all the necessary components to set up in order to allow feasibility queries from the central feasibility portal.\",\"Data Transfer\",\"Data extraction after successful feasibility query\"]},\"129\":{\"h\":\"Network University Medicine\",\"t\":[\"The Network University Medicine was established in April 2020 as part of the COVID-19 pandemic crisis management. The aim of the NUM is to better coordinate COVID-19 research at all 36 university hospitals in Germany.'\",\"As part of the CODEX | COVID-19 Data Exchange Platform project, a nationwide, uniform, privacy-compliant infrastructure for storing and providing COVID-19 research datasets was established. Since 2022, the work continues within the project NUM RDP. All 36 university hospitals have installed the DSF to share Covid-19 research data.\"]},\"130\":{\"h\":\"The Data Transfer Process\",\"t\":[\"The Data Transfer Process is used in NUM CODEX to send data from a Data Integration Center (DIC), via the Gecco Transfer Hub (GTH), to the Central Research Repository (CRR). The infrastructure and communincation messages on which the process is based can be seen in the following figure. All organizations use the Data Sharing Framework (DSF) for deployment and execution of the process.\",\"More technical information can be found on GitHub.\"]},\"131\":{\"h\":\"Build and Test\",\"t\":[\"Build & Test Project\",\"Proxy Test Tool\",\"Release a new version\"]},\"132\":{\"h\":\"Build and Test\"},\"133\":{\"h\":\"Build Project\",\"t\":[\"Prerequisite: Java 11, Maven 3.6, Docker\",\"mvn install\"]},\"134\":{\"h\":\"Manual Integration Testing (without Docker)\",\"t\":[\"Prerequisite: Java 11, Maven 3.6, PostgreSQL 11\",\"Build the entire project from the root directory of the repository\",\"mvn install\",\"Install PostgreSQL 11 (localhost:5432)\",\"Add DB User liquibase_user\",\"CREATE USER liquibase_user WITH LOGIN NOSUPERUSER INHERIT CREATEDB CREATEROLE NOREPLICATION PASSWORD 'fLp6ZSd5QrMAkGZMjxqXjmcWrTfa3Dn8fA57h92Y';\",\"Create Databases fhir and bpe with owner liquibase_user\",\"CREATE DATABASE bpe OWNER liquibase_user; CREATE DATABASE fhir OWNER liquibase_user;\",\"Start org.highmed.dsf.fhir.FhirJettyServerHttps from your IDE with execution folder: .../highmed-dsf/dsf-fhir/dsf-fhir-server-jetty\",\"Start org.highmed.dsf.bpe.BpeJettyServerHttps from your IDE with execition folder: .../highmed-dsf/dsf-bpe/dsf-bpe-server-jetty\",\"To access the FHIR endpoint (https://localhost:8001/fhir/...) and BPE rest interface (https://localhost:8002/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for \\\"Webbrowser Test User\\\" and the \\\"Test CA\\\" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.\"]},\"135\":{\"h\":\"Manual Integration Testing (local with Docker)\",\"t\":[\"Prerequisite: Java 11, Maven 3.6, Docker 18\",\"Build the entire project from the root directory of this repository\",\"mvn install\",\"Build docker images \",\"Windows: in the .../dsf-docker-test-setup folder execute\",\"docker-build.bat\",\"Unix/Linux: in the .../dsf-docker-test-setup folder execute\",\"docker-build.sh\",\"Start docker containers \",\"To start the FHIR server execute in the .../dsf-docker-test-setup/fhir folder\",\"dev: docker-compose up prod: docker-compose -f docker-compose.yml -f docker-compose.prod.yml up\",\"To start the BPE server execute in the .../dsf-docker-test-setup/bpe folder\",\"dev: docker-compose up prod: docker-compose -f docker-compose.yml -f docker-compose.prod.yml up\",\"To access the FHIR endpoint (https://localhost/fhir/...) and BPE rest interface (https://localhost:8443/bpe/...) via WebBrowser install .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password) in your browsers certifiate store. The p12 file includes a client certificate for \\\"Webbrowser Test User\\\" and the \\\"Test CA\\\" certificate. All private-keys and certificates including the Test CA are generated during the maven build and are private to your machine. Make sure to protect the CA private-key at .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/ca/testca_private-key.pem from third-party access if you have installed the Test CA certificate in your certificate store.\"]},\"136\":{\"h\":\"Troubleshooting\",\"t\":[\"If you run in docker network troubles, clean up your network using docker network ls -q | xargs docker network rm\",\"In production: if the warning Service \\\"db\\\" is using volume \\\"/var/lib/postgresql/data\\\" from the previous container appears, run the command\",\"docker-compose down -v\",\"before starting the containers.\"]},\"137\":{\"h\":\"Manual Integration Testing (VMs for Docker-Registry, 3 MeDICs, TTP)\",\"t\":[\"For hints on setting up 5 Ubuntu VMs with Docker running on a Windows 10 host with Hyper-V and Ansible see test_setup_windows.txt\",\"For hints on setting up 5 Ubuntu VMs with Docker running on a MacOS Catalina host with VirtualBox and Ansible see test_setup_macos.txt\"]},\"138\":{\"h\":\"Starting the Processes\",\"t\":[\"Each process contains an ExampleStarter which creates FHIR resources and sends them to a designated FHIR-Endpoint in order to start the corresponding process in the Manual Integration Test Setup. The same client certificate can be used as above: .../highmed-dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).\",\"The following configuration is needed:\",\"The path to the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PATH or args[0] has to be set\",\"The password of the client certificate: either the environment-variable DSF_CLIENT_CERTIFICATE_PASSWORD or args[1] has to be set\"]},\"139\":{\"h\":\"Proxy Test Tool\",\"t\":[\"If the BPE will be deployed behind a proxy, you can test the internet access of the BPE using the tool in dsf-tools/dsf-tools-proxy-test.\",\"The proxy test jar takes three input variables:\",\"args[0]: the base url to test against (e.g. https://www.google.de)\",\"args[1]: the proxy url to connect to (e.g. http://proxy.klinikum.de:8080)\",\"args[1]: the proxy username\",\"The proxy password will be asked as command line input. The name of the main class is ProxyTest.\"]},\"140\":{\"h\":\"Release a new version\"},\"141\":{\"h\":\"Release a new final version\",\"t\":[\"Write release notes\",\"Create new release/x.y.z branch from develop\",\"Remove -SNAPSHOT from version in pom.xml files\",\"Change status from draft to active and update dates, verify versions in FHIR resources\",\"Update version and date-released in CITATION.cff\",\"Push branch release/x.y.z\",\"Create pull request (release/x.y.z -> main)\",\"Build maven\",\"Build docker images and run manual tests in 3MeDIC/TTP test setup\",\"Execute trivy and check CVEs for the docker images\",\"Merge release/x.y.z into main\",\"Git tag main branch\",\"Push main branch (including Git tag)\",\"Build maven\",\"Run multi-arch docker build (including push)\",\"Update release notes with docker links, check Git tag\",\"Publish release notes\",\"Create 'start next development cycle' issue and branch\",\"Merge main into issue branch\",\"Increase version\",\"Merge next development cycle issue branch into develop via PR\"]},\"142\":{\"h\":\"Release a new candidate version\",\"t\":[\"Write release notes\",\"Create new release/x.y.z-RC# branch from develop\",\"Replace -SNAPSHOT in versions with -RC# in pom.xml files\",\"Change status from draft to active and update dates, verify versions in FHIR resources\",\"Update version and date-released in CITATION.cff\",\"Git tag release/x.y.z-RC# branch\",\"Build maven\",\"Build docker images and run manual tests in 3MeDIC/TTP test setup\",\"Execute trivy and check CVEs for the docker images\",\"Push release/x.y.z-RC# branch (including Git tag)\",\"Run multi-arch docker build (including push)\",\"Update release notes with docker links, check Git tag\",\"Publish release notes\"]},\"143\":{\"h\":\"Code\",\"t\":[\"Writing Code\",\"Using the GitHub Maven Package Registry\",\"Adding a new FHIR Resource\",\"Changing BPMN Processes by Service Task Overwrites\",\"Adding a new MPI Client\",\"Adding a new openEHR Client\",\"Libraries\"]},\"144\":{\"h\":\"Adding FHIR Resources\",\"t\":[\"This wiki entry walks through the steps to add a new FHIR resource to the server\"]},\"145\":{\"h\":\"Database\",\"t\":[\"dsf-fhir-server > resources > db copy/past one file and change content to new resource (don't forget to allow permanent deletes like in db.questionnaires.changelog-0.6.0.xml)\",\"dsf-fhir-server > resources > db > db.changelog.xml include new generated db changelog file (are in alphabetic order)\",\"dsf-fhir-server > resources > db > trigger_functions copy/paste existing functions for insert/update triggers and change content to new resource\",\"dsf-fhir-server > resources > db > db.read_access.changelog.xml include new generated functions for insert/update triggers (are in alphabetic order)\"]},\"146\":{\"h\":\"JSON/XML Adapter\",\"t\":[\"dsf-fhir-rest-adapter > java copy/paste existing adapter for json/xml/html and change content to new resource\",\"dsf-fhir-webservice-client > java > FhirWebserviceClientJersey.javaregister generated json/xml (not html) adapters according to existing registrations (are in alphabetic order)\"]},\"147\":{\"h\":\"DAO\",\"t\":[\"dsf-fhir-server > java > dao copy/paste dao interface and change content to new resource\",\"dsf-fhir-server > java > search > parameters copy/paste a search parameter class based on type of the parameter (extends abstract search parameter type) and change content to new resource (existing search parameters can be found on the resources specification website)\",\"dsf-fhir-server > java > search > parameters > rev > include copy/paste rev include class and adapt content to resource to be rev included\",\"dsf-fhir-server > java > search > parameters > user copy/paste a search user filter class and adapt content to new resource\",\"dsf-fhir-server > java > dao > jdbc copy/paste dao jdbc class and adapt content (add search user filter and parameter)\",\"dsf-fhir-server > java > spring > config > DaoConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order) and add it in the `daoProvider()´ method\",\"dsf-fhir-server > java > spring > config > EventConfig.java add the new created bean from the DaoConfig to the MatcherFactory according to existing dao's (are in alphabetic order)\",\"dsf-fhir-server > java > dao > provider > DaoProvider.java add a method similar to the existing one\",\"dsf-fhir-server > java > dao > provider > DaoProviderImpl.java adapt the class according to the other resource and implement the method similar to the existing one\"]},\"148\":{\"h\":\"Resolve Resource References if needed\",\"t\":[\"dsf-fhir-rest-adapter > java > service > ReferenceExtractor.java add a method similar to the existing ones\",\"dsf-fhir-rest-adapter > java > service > ReferenceExtractorImpl.java implement the method similar to the existing ones\"]},\"149\":{\"h\":\"Authorization\",\"t\":[\"dsf-fhir-server > java > authorization copy/paste class and change content to new resource\",\"dsf-fhir-server > java > spring > config > AuthorizationConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order) and add it in the authorizationRuleProvider() and the binaryAuthorizationRule() method\"]},\"150\":{\"h\":\"Webservice\",\"t\":[\"dsf-fhir-server > java > webservice > specification copy/paste interface and change content to new resource\",\"dsf-fhir-server > java > webservice > impl copy/paste class and change content to new resource\",\"dsf-fhir-server > java > webservice > jaxrs copy/paste class and change content to new resource\",\"dsf-fhir-server > java > webservice > secure copy/paste class and change content to new resource\",\"dsf-fhir-server > java > webservice > impl > ConformanceServiceImpl add new Resource to list and add Search Parameter created above\",\"dsf-fhir-server > java > spring > config > WebserviceConfig.java register bean by adding a method according to existing resource bean methods (are in alphabetic order)\"]},\"151\":{\"h\":\"Test\",\"t\":[\"dsf-fhir-server > test-java > dao copy/paste class and change tests to new resource\",\"dsf-fhir-server > test-java > integration copy/paste class and change tests to new resource and above create search parameters\"]},\"152\":{\"h\":\"Adding MPI Clients\",\"t\":[\"The Master Patient Index (MPI) client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.mpi.webservice.factory.class and loaded using a service loader, which searches for a class of type MasterPatientIndexClientFactory on startup of the BPE.\",\"The framework currently includes an MPI client using the IHE PDQ interface, also supporting client certificate authentication. To use it, add the jar of the dsf-mpi-client-pdq module to the plugin configuration folder and set the property value to org.highmed.mpi.client.pdq.MasterPatientIndexClientPdqFactory.\",\"To implement a new MPI client, the following has to be taken into account:\",\"The plugin needs to supply an MPI client factory implementing the interface MasterPatientIndexClientFactory from the dsf-mpi-client module.\",\"The resources folder must contain a file with the name META-INF/services/org.highmed.mpi.client.MasterPatientIndexClientFactory containing the name of the new MPI client factory including the full package name.\",\"The client needs to implement the interface MasterPatientIndexClient. The interface defines a method returning instances of the interface Idat based on patient-ids used within the openEHR repository.\",\"An example of an MPI client implementation can be found in the dsf-mpi-client-pdq module.\"]},\"153\":{\"h\":\"Adding openEHR Clients\",\"t\":[\"The openEHR client that will be used by the Business Process Engine (BPE) is determined by the property org.highmed.dsf.bpe.openehr.webservice.factory.class and loaded using a service loader, which searches for a class of type OpenEhrClientFactory on startup of the BPE.\",\"The framework currently includes an openEHR Jersey REST client using basic authentication. To use it, add the jar of the dsf-openehr-client-impl module to the plugin configuration folder and set the property value to org.highmed.openehr.client.impl.OpenEhrClientJerseyFactory.\",\"To implement a new openEHR client, the following has to be taken into account:\",\"The plugin needs to supply an openEHR client factory implementing the interface OpenEhrClientFactory from the dsf-openehr-client module.\",\"The resources folder must contain a file with the name META-INF/services/org.highmed.openehr.client.OpenEhrClientFactory containing the name of the new openehr client factory including the full package name.\",\"The client needs to implement the interface OpenEhrClient. The interface defines a method executing an openEHR query returning an instance of an openEHR ResultSet.\",\"An example of an openEHR client implementation can be found in the dsf-openehr-client-impl module.\"]},\"154\":{\"h\":\"Changing BPMN Processes by Service Task Overwrites\",\"t\":[\"DEPRECATED SINCE VERSION 0.4.0\",\"A service task of a process integrated in the framework can be overwritten using the plugin interface. This means that entire processes do not have to be replaced when only individual steps need adaption. An example can be found in the module dsf-bpe > dsf-bpe-process-plugin-example > dsf-bpe-process-service-overwrite.\",\"A plugin has as its only dependency the process module which contains the service task to be overwritten.\",\"For a plugin replacing one service task, two new files must be generated:\",\"A new service task extending the task it overwrites. The method to be overwritten is doExecute(DelegateExecution execution).\",\"A new configuration file containing a method that has as return type the service task you want to overwrite. This method then returns a Bean of your own implementation of this specific service task. The method has to be annotated with @Primary.\"]},\"155\":{\"h\":\"Writing Code\"},\"156\":{\"h\":\"Code Style\",\"t\":[\"HiGHmed DSF code-style configurations for Eclipse and IntelliJ IDEA can be found here:\",\"Eclipse\",\"IntelliJ IDEA\",\"Pull Requests are only approved, if the code is formatted according to the code-style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"157\":{\"h\":\"Git Workflow\",\"t\":[\"Since Release 0.1.0, we follow git-flow as described here. New features should branch from develop and merged back if done. Hot-Fixes for the latest release will branch of master and will be merged into develop and later into master. A new release will branch of develop for a ramp down phase and will then be merged into master. The new master should merge back into develop to start a new development cycle.\"]},\"158\":{\"h\":\"Branch Naming:\",\"t\":[\"Features: issue/_\",\"Hot-Fix: hot-fix/_\",\"Release: release/\"]},\"159\":{\"h\":\"Eclipse code-style configurations\",\"t\":[\"Back\",\" \",\"Back\"]},\"160\":{\"h\":\"IntelliJ code-style configurations\",\"t\":[\"Back\",\" \",\"Back\"]},\"161\":{\"h\":\"Using the Github Maven Package Registry\"},\"162\":{\"h\":\"Authenticating to GitHub Packages\",\"t\":[\"For more information take a look at this GitHub documentation about authentication.\",\"In order to install the HiGHmed DSF packages using Maven in your own projects you need a personal GitHub access token. This GitHub documentation shows you how to generate one.\",\"After that, add the following configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the scope read:packages.\",\" github github github GitHub HiGHmed Apache Maven Packages https://maven.pkg.github.com/highmed/highmed-dsf true true github USERNAME TOKEN \"]},\"163\":{\"h\":\"Installing a Package\",\"t\":[\"For more information take a look at this GitHub documentation about package installation.\",\"To install an Apache Maven package from GitHub Packages edit the element dependencies in the pom.xml file by including the package. This could look as follows to include the dsf-bpe-process-base package (replace VERSION with the package version, e.g. 0.4.0-SNAPSHOT):\",\" org.highmed.dsf dsf-bpe-process-base VERSION \"]},\"164\":{\"h\":\"General Information\",\"t\":[\"Authentication\",\"Network Setup and General Architecture\"]},\"165\":{\"h\":\"Authentication\",\"t\":[\"Authentication of organizations within the DSF is handled by the use of X.509 client and server certificates. Currently the certificate authorities run by DFN-PKI Global G2, D-Trust via TMF e.V. and GÉANT TCS via DFN are supported. All participating organizations are entered in a distributed and synchronized allow-list of valid organizations and certificates.\",\"A webserver certificate is needed to run the FHIR endpoint and a 802.1X client certificate is used to authenticate against other organizations endpoints and as a server certificate for the business process engine. For available certificate profiles see DFN-PKI-Zertifikatprofile_Global.pdf\"]},\"166\":{\"h\":\"Certificate Requests\"},\"167\":{\"h\":\"FHIR Endpoint\",\"t\":[\"Purpose: Server certificate to authenticate the FHIR endpoint on the local network and against other organizations\",\"Certificate profile: \",\"DFN-PKI Global G2 via DFN e.V.: Web Server\",\"D-Trust via TMF e.V.: Advanced SSL ID\",\"GÉANT TCS via DFN e.V.: Web Server\",\"Common name: FQDN of the server used while accessing from other organizations (external FQDN)\",\"Subject alternative DNS entries: Use additional alternative FQDNs if a different name is used while accessing the Server from the local Network (local FQDN)\"]},\"168\":{\"h\":\"Business Process Engine Server\",\"t\":[\"Purpose: Client certificate to authenticate against remote FHIR endpoints (when either the BPE Server or the FHIR Endpoint Server is acting as a client), server certificate to authenticate the business process engine server on the local network\",\"Certificate profile: \",\"DFN-PKI Global G2 via DFN e.V.: 802.1X Client\",\"D-Trust via TMF e.V.: Basic Team ID\",\"GÉANT TCS via DFN e.V.: Web Server\",\"Common name: FQDN of the server used while accessing from the local network (local FQDN)\"]},\"169\":{\"h\":\"Network Setup and General Architecture\",\"t\":[\"The Data Sharing Framework consists of two components: A FHIR Endpoint Server used to except Task resources and provide resources for download by other organizations and a Business Process Engine Server run internal and not accessible by other organization to execute and coordinate processes.\",\"Network Setup Diagramm\",\"FHIR Reverse Proxy: The FHIR Reverse Proxy is used to terminate incoming https connections to the FHIR App Server. The Reverse Proxy needs to be accessible on port 443 from the internet. Incoming https connection will be delegate as http on a docker internal network to the FHIR App Server.\",\"FHIR App Server: The FHIR App Server is used as a FHIR Endpoint for incoming Task resources and providing resources for download by other organizations. In order to validate incoming FHIR resources the server will communicate with FHIR Servers at other organizations. Access to resources and authorization for creating or updating resources is granted based on the content of the resource and/or based on the client (identified by its client certificate) being part of an allow list. JDBC connections to the FHIR DB Server\",\"FHIR DB Server: PostgreSQL database for the FHIR App Server.\",\"BPE App Server: The BPE App Server is executing BPMN 2.0 business processes with the included business process engine. Automatic BPMN service tasks are used for example to check resource, access the PDP- and MPI-servers as well as the MDAT repository. The calculation of record linkage bit vectors (Record Bloom Filters) is also performed using an automatic service task. As of version 0.3.0 the BPE server does not provide any webservices for modifying an server resources.\",\"BPE DB Server: PostgreSQL database for the BPE App Server.\",\"PDP: IHE Policy Decision Point for deciding on patient consent.\",\"MDAT Repo: Repository (e.g. openEHR) for storing medical data (MDAT).\",\"MPI: IHE Master Patient Index for storing identifying patient date (IDAT) e.g. first name, last name, date of birth.\",\"Cohort Browser: Example for a system to trigger patient cohort size estimations across multiple organizations.\",\"More information on Client- and Server-Certificates are available on the dedicated wiki page: Authentication: Client/Server Certificates\"]},\"170\":{\"h\":\"Additional Reverse Proxy in external DMZ\",\"t\":[\"In some organizations an additional reverse proxy in an external DMZ is needed. This can be accomplished by using for example nginx or haproxy as a TCP-Proxy. Example configurations routing traffic using SNI can be found below. Configuring an additional reverse proxy to terminate the incoming TLS connection early is not recommended.\",\"Network Setup Diagramm\",\"nginx\",\"http { # ... } stream { map $ssl_preread_server_name $name { fhir.example.com fhir; } upstream fhir { server 192.168.0.1:443; } server { listen 443; proxy_pass $name; ssl_preread on; } }\",\"haproxy\",\"defaults timeout connect 5s timeout client 30s timeout server 30s frontend ingress bind :443 mode tcp tcp-request inspect-delay 5s tcp-request content accept if { req_ssl_hello_type 1 } use_backend fhir if { req.ssl_sni fhir.example.com } backend fhir mode tcp server fhir 192.168.0.1:443\"]},\"171\":{\"h\":\"Releases and Deployment\",\"t\":[\"Configuration Parameters FHIR Reverse Proxy\",\"Configuration Parameters FHIR\",\"Configuration Parameters BPE\",\"Upgrade from 0.9.1\",\"Upgrade from 0.9.2\",\"Older Versions\",\"NUM-CODEX Install\",\"HiGHmed Install\"]},\"172\":{\"h\":\"\"},\"173\":{\"h\":\"DSF 0.9.3 Configuration Parameters - BPE Server\",\"t\":[\"Please note: Additional parameters (not listed here) are used to configure process plugins.\"]},\"174\":{\"h\":\"ORG_HIGHMED_DSF_BPE_CONSENT_WEBSERVICE_FACTORY_CLASS\",\"t\":[\"Property: org.highmed.dsf.bpe.consent.webservice.factory.class\",\"Required: No\",\"Description: Factory for client implementations used to connect to a consent server in order to check permissions to access patient medical data\",\"Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your Consent server\",\"Default:org.highmed.consent.client.stub.ConsentClientStubFactory\"]},\"175\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"176\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"177\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_URL\",\"t\":[\"Property: org.highmed.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"178\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"179\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"180\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"181\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"182\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD or ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"183\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"184\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: org.highmed.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"185\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: org.highmed.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"186\":{\"h\":\"ORG_HIGHMED_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: org.highmed.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"187\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"188\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"189\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"190\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.proxy.password\",\"Required: No\",\"Description: Proxy password, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_PASSWORD_FILE\"]},\"191\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_URL\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.proxy.url\",\"Required: No\",\"Description: Proxy location, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy\",\"Example:http://proxy.foo:8080\"]},\"192\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_PROXY_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.proxy.username\",\"Required: No\",\"Description: Proxy username, set if the DSF BPE server can reach internal servers, like the DSF FHIR server, only through a proxy which requests authentication\"]},\"193\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"194\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"195\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"196\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.password\",\"Required: No\",\"Description: Proxy password, set if the DSF BPE server can reach internal servers via websocket, like the getSub server, only through a proxy which requests authentication\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_PASSWORD_FILE\"]},\"197\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_URL\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.url\",\"Required: No\",\"Description: Proxy location, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy\",\"Example:http://proxy.foo:8080\"]},\"198\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_LOCAL_WEBSOCKET_PROXY_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.local.websocket.proxy.username\",\"Required: No\",\"Description: Proxy username, set if the DSF BPE server can reach internal servers via websocket, like the DSF FHIR server, only through a proxy which requests authentication\"]},\"199\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD or ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.password\",\"Required: No\",\"Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_PASSWORD_FILE\"]},\"200\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_URL\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.url\",\"Required: No\",\"Description: Proxy location, set if the DSF BPE server can reach the internet only through a proxy\",\"Example:http://proxy.foo:8080\"]},\"201\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_PROXY_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.proxy.username\",\"Required: No\",\"Description: Proxy username, set if the the DSF BPE server can reach the internet only through a proxy which requests authentication\"]},\"202\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"203\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"204\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"205\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.client.trust.certificates\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"206\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"207\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"208\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"209\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"210\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"211\":{\"h\":\"ORG_HIGHMED_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: org.highmed.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"212\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"213\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"214\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"215\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"216\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"217\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"218\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"219\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\"]},\"220\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"221\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"222\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"223\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"224\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"225\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"226\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"227\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"228\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_TRUST_CERTIFICATES\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.trust.certificates\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"229\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\"]},\"230\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: org.highmed.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"231\":{\"h\":\"ORG_HIGHMED_DSF_BPE_MPI_WEBSERVICE_FACTORY_CLASS\",\"t\":[\"Property: org.highmed.dsf.bpe.mpi.webservice.factory.class\",\"Required: No\",\"Description: Factory for client implementations used to connect to a Master Patient Index (MPI) server in order to read patient demographic data\",\"Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your MPI\",\"Default:org.highmed.mpi.client.stub.MasterPatientIndexClientStubFactory\"]},\"232\":{\"h\":\"ORG_HIGHMED_DSF_BPE_OPENEHR_WEBSERVICE_FACTORY_CLASS\",\"t\":[\"Property: org.highmed.dsf.bpe.openehr.webservice.factory.class\",\"Required: No\",\"Description: Factory for client implementations used to connect to an openEHR repository in order to read patient medical data\",\"Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your openEHR repository\",\"Default:org.highmed.openehr.client.stub.OpenEhrClientStubFactory\"]},\"233\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: org.highmed.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\"]},\"234\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: org.highmed.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"235\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: org.highmed.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"236\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: org.highmed.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"237\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: org.highmed.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\"]},\"238\":{\"h\":\"ORG_HIGHMED_DSF_BPE_PSEUDONYMIZATION_WEBSERVICE_FACTORY_CLASS\",\"t\":[\"Property: org.highmed.dsf.bpe.pseudonymization.webservice.factory.class\",\"Required: No\",\"Description: Factory for client implementations used to connect to a pseudonymization service in order to pseudonymize patient demographic and medical data\",\"Recommendation: The default value is a factory for a stub implementation, change to a factory for client implementation that matches the API of your pseudonymization service\",\"Default:org.highmed.pseudonymization.client.stub.PseudonymizationClientStubFactory\"]},\"239\":{\"h\":\"\"},\"240\":{\"h\":\"DSF 0.9.3 Configuration Parameters - FHIR Server\",\"t\":[\"Please note: Additional parameters (not listed here) are used to define elements of the external FHIR bundle.\"]},\"241\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: org.highmed.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"242\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: org.highmed.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"243\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"244\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD or ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.fhir.client.proxy.password\",\"Required: No\",\"Description: Proxy password, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_PASSWORD_FILE\"]},\"245\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_URL\",\"t\":[\"Property: org.highmed.dsf.fhir.client.proxy.url\",\"Required: No\",\"Description: Proxy location, set if the DSF FHIR server can reach the internet only through a proxy\",\"Example:http://proxy.foo:8080\"]},\"246\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_PROXY_USERNAME\",\"t\":[\"Property: org.highmed.dsf.fhir.client.proxy.username\",\"Required: No\",\"Description: Proxy username, set if the the DSF FHIR server can reach the internet only through a proxy which requests authentication\"]},\"247\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: org.highmed.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"248\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: org.highmed.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"249\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES\",\"t\":[\"Property: org.highmed.dsf.fhir.client.trust.certificates\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"250\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: org.highmed.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"251\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"252\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: org.highmed.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"253\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_URL\",\"t\":[\"Property: org.highmed.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"254\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"255\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"256\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"257\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"258\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"259\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: org.highmed.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"260\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: org.highmed.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"261\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_CORS_ORIGINS\",\"t\":[\"Property: org.highmed.dsf.fhir.server.cors.origins\",\"Required: No\",\"Description: List of allowed CORS origins, used to set the Access-Control-Allow-Origin HTTP response header, which indicates whether the response can be shared with requesting code from the given origin; comma or space separated list, YAML block scalars supported\"]},\"262\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: org.highmed.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"263\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: org.highmed.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"264\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: org.highmed.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"265\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS\",\"t\":[\"Property: org.highmed.dsf.fhir.server.user.thumbprints\",\"Required: Yes\",\"Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes\"]},\"266\":{\"h\":\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE\",\"t\":[\"Property: org.highmed.dsf.fhir.server.user.thumbprints.permanent.delete\",\"Required: Yes\",\"Description: List of SHA512 thumbprints as hex from local client certificates that can be used to access the DSF FHIR server for permanent deletes; comma or space separated list, YAML block scalars supported\",\"Recommendation: Besides the DSF BPE client certificate thumbprint, add a second thumbprint of a personal client certificate for administration purposes\"]},\"267\":{\"h\":\"\"},\"268\":{\"h\":\"DSF 0.9.3 Configuration Parameters - FHIR Reverse Proxy\"},\"269\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"270\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"271\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"272\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"273\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"274\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"275\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"276\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"277\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"278\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"279\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"280\":{\"h\":\"\",\"t\":[\"This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is only suitable for HiGHmed organizations. If you are not a member of HiGHmed, see NUM-CODEX Install.\"]},\"281\":{\"h\":\"Prerequisites\"},\"282\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"283\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install\",\"docker:\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io\",\"docker-compose (warning: 2.17.3 might not be latest):\",\"sudo curl -L \\\"https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)\\\" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose\"]},\"284\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication\",\"Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\"]},\"285\":{\"h\":\"Network setup / Network access\",\"t\":[\"For additional information on the network setup see Network-and-Architecture.\",\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (GECCO Transfer Hub)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (GECCO Transfer Hub)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (GECCO Transfer Hub)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (GECCO Transfer Hub)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\"]},\"286\":{\"h\":\"On-Boarding Excel Spreadsheet\",\"t\":[\"You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.\"]},\"287\":{\"h\":\"Setup\"},\"288\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"289\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2101 fhir sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download prepared DSF FHIR server config files and folder structure from\",\"Test HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_fhir_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_fhir_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_highmed_test_fhir_0_9_3.tar.gz\",\"Production HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_fhir_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_fhir_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_highmed_prod_fhir_0_9_3.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/\",\"client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L56: ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L136: app_client_certificate_private_key.pem.password: L137: file: ./secrets/client_certificate_private_key.pem.password\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L101: ssl_certificate_chain_file.pem: L102: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF 0.9.3 FHIR Reverse Proxy configuration parameters\",\"services -> app -> environment:\",\"ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME Set your Organizations official name, e.g. Hochschule Heilbronn\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.\",\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.\",\"For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters\",\"Start the DSF FHIR Server Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"290\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2202 bpe sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download prepared DSF BPE server config files and folder structure from\",\"Test HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_bpe_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_bpe_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_highmed_test_bpe_0_9_3.tar.gz\",\"Production HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_bpe_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_bpe_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_highmed_prod_bpe_0_9_3.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"/opt/bpe/psn\",\"Add certificates and keys\",\"Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/\",\"client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L41: ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L99: app_client_certificate_private_key.pem.password: L100: file: ./secrets/client_certificate_private_key.pem.password\",\"Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/\",\"crr_public_key.pem (chmod: 440 chown: bpe:docker)\",\"You can download the 4096 Bit RSA PEM encoded public-key for \",\"a Test instance from:https://keys.num-codex.de/crr_public-key-pre-prod.pem\",\"a Production instance from:https://keys.num-codex.de/crr_public-key-prod.pem\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters\",\"Start the DSF BPE Server (without process plugins) Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\",\"Stop the DSF BPE Server\",\"Hit Ctrl-C to close log\",\"Stop using: docker-compose stop\",\"Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.\",\"num-codex / codex-processes-ap1 version 0.7.0 or later:https://github.com/num-codex/codex-processes-ap1/releases/tag/v0.7.0 See NUM-CODEX: Process Deployment and Configuration on how to configure the process plugin.\",\"highmed / highmed-processes / data-sharing version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0\",\"highmed / highmed-processes / feasibility version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0\",\"highmed / highmed-processes / feasibility-mpc version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0\",\"highmed / highmed-processes / local-services version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0\",\"highmed / highmed-processes / ping version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0\",\"highmed / highmed-processes / update-allow-list version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0 See HiGHmed: Process Ping Deployment on how to deploy and configure the process plugin.\",\"Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440\",\"Start the DSF BPE Server (with process plugins) Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\",\"Request Allow-List upload from HiGHmed TTP The Allow-List upload is needed in order to execute HiGHmed and NUM-CODEX processes.\"]},\"291\":{\"h\":\"\",\"t\":[\"This setup guide uses pre-build docker images for DSF Version 0.9.3. This guide is not suitable for HiGHmed organizations. If you are a member of HiGHmed, see HiGHmed Install.\"]},\"292\":{\"h\":\"Prerequisites\"},\"293\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"294\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker and docker-compose. For the latest install guide see https://docs.docker.com/engine/install and https://docs.docker.com/compose/install\",\"docker:\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io\",\"docker-compose (warning: 2.17.3 might not be latest):\",\"sudo curl -L \\\"https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-$(uname -s)-$(uname -m)\\\" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose\"]},\"295\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the DFN-PKI Global G2 (via DFN e.V.), GÉANT TCS (via DFN e.V.) or D-Trust (via TMF e.V.) are needed, more infos see Authentication\",\"Certificate A: Server Certificate (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\"]},\"296\":{\"h\":\"Network setup / Network access\",\"t\":[\"For additional information on the network setup see Network-and-Architecture.\",\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup. Connections to the fTTP, the terminology server and simplifier.net for validating GECCO FHIR resources as well as the local GECCO FHIR server are not listed:\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (GECCO Transfer Hub)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (GECCO Transfer Hub)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (GECCO Transfer Hub)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (GECCO Transfer Hub)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\"]},\"297\":{\"h\":\"On-Boarding Excel Spreadsheet\",\"t\":[\"You are required to fill out the on-boarding Excel spreadsheet, provided with the NUM-CODEX hackathon invite, and send it to the GECCO Transfer Hub. If the GECCO Transfer Hub already received and validated your On-Boarding Excel spreadsheet and you do not have to change any information, you can skip this step.\"]},\"298\":{\"h\":\"Setup\"},\"299\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"300\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2101 fhir sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download prepared DSF FHIR server config files and folder structure from\",\"Test NUM-CODEX instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_fhir_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_fhir_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_codex_test_fhir_0_9_3.tar.gz\",\"Production NUM-CODEX instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_fhir_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_fhir_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_codex_prod_fhir_0_9_3.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/\",\"client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L56: ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L137: app_client_certificate_private_key.pem.password: L138: file: ./secrets/client_certificate_private_key.pem.password\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L102: ssl_certificate_chain_file.pem: L103: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF 0.9.3 FHIR Reverse Proxy configuration parameters\",\"services -> app -> environment:\",\"ORG_HIGHMED_DSF_FHIR_SERVER_FQDN: TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN Set your FHIR servers external FQDN, e.g. foo.bar.de\",\"ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_EXTERNAL_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_NAME: TODO_ORGANIZATION_NAME Set your Organizations official name, e.g. Hochschule Heilbronn\",\"ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: TODO_CLIENT_CERTIFICATE_THUMBPRINTS Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. You can add additional client certificate thumbprints for example the thumbprint of your (the admins) personal DFN PKI S/MIME certificate, to access the DSF FHIR servers REST interface.\",\"ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: TODO_CLIENT_CERTIFICATE_THUMBPRINTS Set the SHA-512 Hash (lowercase hex) of your client certificate (certificate B) This parameter is a comma separated list e.g. ab12...37ff,f3a2...bb22. Usually it is not necessary to add additional thumbprints other than your client certificate (certificate B) here. When a client uses a certificate with a thumbprint listed here, the client is allowed to permanently delete FHIR resources.\",\"For additional environment variables, see DSF 0.9.3 FHIR Server configuration parameters\",\"Start the DSF FHIR Server Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"301\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2202 bpe sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download prepared DSF BPE server config files and folder structure from\",\"Test NUM-CODEX instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_bpe_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_bpe_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_codex_test_bpe_0_9_3.tar.gz\",\"Production NUM-CODEX instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_bpe_0_9_3.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_bpe_0_9_3.tar.gz sudo tar --same-owner -zxvf dsf_codex_prod_bpe_0_9_3.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/\",\"client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L38: ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L92: app_client_certificate_private_key.pem.password: L93: file: ./secrets/client_certificate_private_key.pem.password\",\"Add the CRR public-key used for asymmetrically encrypting the GECCO FHIR Bundles to /opt/bpe/secrets/\",\"crr_public_key.pem (chmod: 440 chown: bpe:docker)\",\"You can download the 4096 Bit RSA PEM encoded public-key for \",\"a Test instance from:https://keys.num-codex.de/crr_public-key-pre-prod.pem\",\"a Production instance from:https://keys.num-codex.de/crr_public-key-prod.pem\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see DSF 0.9.3 BPE Server configuration parameters\",\"Start the DSF BPE Server (without process plugins) Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\",\"Stop the DSF BPE Server\",\"Hit Ctrl-C to close log\",\"Stop using: docker-compose stop\",\"Add the following DSF BPE process plugins, for instructions on how to configure the plugin, see release notes.\",\"num-codex / codex-processes-ap1 version 0.7.0 or later:https://github.com/num-codex/codex-processes-ap1/releases/tag/v0.7.0 See NUM-CODEX: Process Deployment and Configuration on how to deploy and configure the process plugin.\",\"highmed / highmed-processes / ping version 0.7.0 or later:https://github.com/highmed/highmed-processes/releases/tag/v0.7.0 See HiGHmed: Process Ping Deployment on how to deploy and configure the process plugin.\",\"Notice: Jar-files within the folders /opt/bpe/process and /opt/bpe/plugin need to be readable by the linxux bpe user -> chown root:bpe, chmod 440\",\"Start the DSF BPE Server (with process plugins) Start using: docker-compose up -d && docker-compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"302\":{\"h\":\"Upgrading from 0.7.0 to 0.9.0\",\"t\":[\"Upgrading the DSF from 0.7.0 to 0.9.0 involves replacing a config file, modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.\",\"If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first.\"]},\"303\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace 0.7.0 with 0.9.0\",\"@@ -1,7 +1,7 @@ version: '3.8' services: proxy: - image: ghcr.io/highmed/fhir_proxy:0.7.0 + image: ghcr.io/highmed/fhir_proxy:0.9.0 restart: on-failure ports: - 127.0.0.1:80:80 @@ -27,7 +27,7 @@ services: - app app: - image: ghcr.io/highmed/fhir:0.7.0 + image: ghcr.io/highmed/fhir:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"org.highmed.dsf.fhir.StatusClient\\\"]\",\"Download prepared DSF FHIR server config files and extract/replace the external FHIR bundle\",\"Test NUM-CODEX (non HiGHmed) instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_fhir_0_9_0.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_test_fhir_0_9_0.tar.gz sudo tar --same-owner -zxvf dsf_codex_test_fhir_0_9_0.tar.gz fhir/conf/bundle.xml\",\"Test HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_fhir_0_9_0.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_test_fhir_0_9_0.tar.gz sudo tar --same-owner -zxvf dsf_highmed_test_fhir_0_9_0.tar.gz fhir/conf/bundle.xml\",\"Production NUM-CODEX (non HiGHmed) instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_fhir_0_9_0.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_codex_prod_fhir_0_9_0.tar.gz sudo tar --same-owner -zxvf dsf_codex_prod_fhir_0_9_0.tar.gz fhir/conf/bundle.xml\",\"Production HiGHmed instance:https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_fhir_0_9_0.tar.gz\",\"cd /opt wget https://github.com/highmed/highmed-dsf/wiki/resources/dsf_highmed_prod_fhir_0_9_0.tar.gz sudo tar --same-owner -zxvf dsf_highmed_prod_fhir_0_9_0.tar.gz fhir/conf/bundle.xml\",\"The command will update the external FHIR bundle at /opt/fhir/conf/bundle.xml\",\"The output of the tar command should be\",\"fhir/conf/bundle.xml\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker-compose up -d && docker-compose logs -f\"]},\"304\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file\",\"NUM-CODEX (non HiGHmed) instance: Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config and remove a bind mount\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.7.0 + image: ghcr.io/highmed/bpe:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"] @@ -29,9 +29,6 @@ services: - type: bind source: ./log target: /opt/bpe/log - - type: bind - source: ./last_event - target: /opt/bpe/last_event - type: bind source: ./cache target: /opt/bpe/cache @@ -48,8 +45,8 @@ services: ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: | - wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0 - wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0 + wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0 + wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0 #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions #TODO add process specific environment variables, see process documentation\",\"HiGHmed instance: Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.7.0 + image: ghcr.io/highmed/bpe:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"] @@ -29,9 +29,6 @@ services: - type: bind source: ./log target: /opt/bpe/log - - type: bind - source: ./last_event - target: /opt/bpe/last_event - type: bind source: ./psn target: /opt/bpe/psn @@ -51,11 +48,11 @@ services: ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: | - highmedorg_computeFeasibility/0.6.0 - highmedorg_computeDataSharing/0.6.0 - highmedorg_updateAllowList/0.6.0 - wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.6.0 - wwwnetzwerk-universitaetsmedizinde_dataReceive/0.6.0 + highmedorg_computeFeasibility/0.7.0 + highmedorg_computeDataSharing/0.7.0 + highmedorg_updateAllowList/0.7.0 + wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0 + wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0 #TODO modify ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED for later process versions #TODO add process specific environment variables, see process documentation\",\"Upgrade DSF Plugins and Process-Plugins\",\"NUM-CODEX (non HiGHmed) instance: \",\"Process plugins in /opt/bpe/process:\",\"Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release\",\"Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release\",\"Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.\",\"HiGHmed instance: \",\"Process plugins in /opt/bpe/process:\",\"Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release\",\"Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release\",\"Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.\",\"Plugins in '/opt/bpe/plugin':\",\"If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes\",\"If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes\",\"Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker-compose up -d && docker-compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.\",\"Verify your install with a ping/pong test For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.\"]},\"305\":{\"h\":\"Upgrading from 0.8.0 to 0.9.0\",\"t\":[\"Upgrading the DSF from 0.8.0 to 0.9.0 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.\",\"If you are upgrading from 0.6.0 please see the Upgrade from 0.6.0 to 0.7.0 guide first and then visit the Upgrade from 0.7.0 to 0.9.0 guide.If you are upgrading from 0.7.0 please see the Upgrade from 0.7.0 to 0.9.0 guide.\"]},\"306\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace 0.8.0 with 0.9.0\",\"@@ -1,7 +1,7 @@ version: '3.8' services: proxy: - image: ghcr.io/highmed/fhir_proxy:0.8.0 + image: ghcr.io/highmed/fhir_proxy:0.9.0 restart: on-failure ports: - 127.0.0.1:80:80 @@ -27,7 +27,7 @@ services: - app app: - image: ghcr.io/highmed/fhir:0.8.0 + image: ghcr.io/highmed/fhir:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"org.highmed.dsf.fhir.StatusClient\\\"]\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker-compose up -d && docker-compose logs -f\"]},\"307\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file\",\"NUM-CODEX (non HiGHmed) instance: Change the bpe container version from 0.8.0 to 0.9.0, update the process exclude config and remove a bind mount\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.8.0 + image: ghcr.io/highmed/bpe:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"]\",\"HiGHmed instance: Change the bpe container version from 0.7.0 to 0.9.0, update the process exclude config, and remove a bind mount\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.8.0 + image: ghcr.io/highmed/bpe:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"] @@ -48,9 +48,9 @@ services: ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FRIR_SERVER_FQDN/fhir ORG_HIGHMED_DSF_BPE_PROCESS_EXCLUDED: | - highmedorg_computeFeasibility/0.6.0 - highmedorg_computeDataSharing/0.6.0 - highmedorg_updateAllowList/0.6.0 + highmedorg_computeFeasibility/0.7.0 + highmedorg_computeDataSharing/0.7.0 + highmedorg_updateAllowList/0.7.0 wwwnetzwerk-universitaetsmedizinde_dataTranslate/0.7.0 wwwnetzwerk-universitaetsmedizinde_dataReceive/0.7.0\",\"Upgrade DSF Plugins and Process-Plugins\",\"NUM-CODEX (non HiGHmed) instance: \",\"Process plugins in /opt/bpe/process:\",\"Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release\",\"Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release\",\"Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.\",\"HiGHmed instance: \",\"Process plugins in /opt/bpe/process:\",\"Replace codex-process-data-transfer-0.6.0.jar with codex-process-data-transfer-0.7.0.jar from the latest NUM-CODEX processes release\",\"Replace dsf-bpe-process-data-sharing-0.6.0.jar with dsf-bpe-process-data-sharing-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-feasibility-0.6.0.jar with dsf-bpe-process-feasibility-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-feasibility-mpc-0.6.0.jar with dsf-bpe-process-feasibility-mpc-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-local-services-0.6.0.jar with dsf-bpe-process-local-services-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-ping-0.6.0.jar with dsf-bpe-process-ping-0.7.0.jar from the latest HiGHmed processes release\",\"Replace dsf-bpe-process-update-allow-list-0.6.0.jar with dsf-bpe-process-update-allow-list-0.7.0.jar from the latest HiGHmed processes release\",\"Make sure the process plugins in /opt/bpe/process are configured with chmod 440 and chown root:bpe.\",\"Plugins in '/opt/bpe/plugin':\",\"If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.0.zip, see DSF release notes\",\"If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.0.zip, see DSF release notes\",\"Make sure the plugins in /opt/bpe/plugin are configured with chmod 440 and chown root:bpe.\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker-compose up -d && docker-compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 0.9.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 0.9.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.\",\"Verify your install with a ping/pong test For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.\"]},\"308\":{\"h\":\"Upgrading from 0.9.0 to 0.9.1\",\"t\":[\"Upgrading the DSF from 0.9.0 to 0.9.1 involves modifying the docker-compose.yml files, replacing the process plugins and recreating the containers.\",\"If you are upgrading from 0.8.0 please see the Upgrade from 0.8.0 to 0.9.0 guide.\"]},\"309\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.1_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace 0.9.0 with 0.9.1\",\"@@ -1,7 +1,7 @@ version: '3.8' services: proxy: - image: ghcr.io/highmed/fhir_proxy:0.9.0 + image: ghcr.io/highmed/fhir_proxy:0.9.1 restart: on-failure ports: - 127.0.0.1:80:80 @@ -27,7 +27,7 @@ services: - app app: - image: ghcr.io/highmed/fhir:0.9.0 + image: ghcr.io/highmed/fhir:0.9.1 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"org.highmed.dsf.fhir.StatusClient\\\"]\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker-compose up -d && docker-compose logs -f\"]},\"310\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.1_upgrade\",\"Modify the DSF BPE docker-compose.yml file\",\"NUM-CODEX (non HiGHmed) instance: Change the bpe container version from 0.9.0 to 0.9.1\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.9.0 + image: ghcr.io/highmed/bpe:0.9.1 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"]\",\"HiGHmed instance: Change the bpe container version from 0.9.0 to 0.9.1\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.8.0 + image: ghcr.io/highmed/bpe:0.9.0 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"]\",\"Upgrade DSF Plugins and Process-Plugins * Plugins in '/opt/bpe/plugin': 1. If you are using the provided PDQ MPI Client, replace dsf-mpi-client-pdq-0.7.0.jar, hapi-base-2.3.jar and hapi-structures-v25-2.3.jar with the new files from dsf-mpi-client-pdq-0.9.1.zip, see DSF release notes 1. If you are using the provided openEHR Client, replace dsf-openehr-client-impl-0.7.0.jar with the new file from dsf-openehr-client-impl-0.9.1.zip, see DSF release notes\",\" Make sure the plugins in `/opt/bpe/plugin` are configured with `chmod 440` and `chown root:bpe`. \",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker-compose up -d && docker-compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 0.9.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.1, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 0.9.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.1, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify the DSF BPE server removed ActivityDefinition resources for the deleted process plugin from the DSF FHIR server and created new ActivityDefinition for the new process plugin.\",\"Verify your install with a ping/pong test For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.\"]},\"311\":{\"h\":\"Upgrading from 0.9.1\",\"t\":[\"Upgrading the DSF from 0.9.1 to 0.9.2 involves modifying the docker-compose.yml files and recreating the containers.\",\"As the upgrade from 0.9.0 to 0.9.1 does not require any changes except the change of the version numbers, you can directly follow the following instructions.\"]},\"312\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.2_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2\",\"@@ -1,7 +1,7 @@ version: '3.8' services: proxy: - image: ghcr.io/highmed/fhir_proxy:0.9.1 + image: ghcr.io/highmed/fhir_proxy:0.9.2 restart: on-failure ports: - 127.0.0.1:80:80 @@ -27,7 +27,7 @@ services: - app app: - image: ghcr.io/highmed/fhir:0.9.1 + image: ghcr.io/highmed/fhir:0.9.2 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"org.highmed.dsf.fhir.StatusClient\\\"]\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker-compose up -d && docker-compose logs -f\"]},\"313\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.2_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace 0.9.1 (or 0.9.0) with 0.9.2\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.9.1 + image: ghcr.io/highmed/bpe:0.9.2 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"]\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker-compose up -d && docker-compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 0.9.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.2, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 0.9.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.2, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.\"]},\"314\":{\"h\":\"Upgrading from 0.9.2\",\"t\":[\"Upgrading the DSF from 0.9.2 to 0.9.3 involves modifying the docker-compose.yml files and recreating the containers.\",\"As the upgrade from 0.9.0 to 0.9.1 and 0.9.1 to 0.9.2 does not require any changes except the change of the version numbers, you can directly follow the following instructions.\"]},\"315\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_0.9.3_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3\",\"@@ -1,7 +1,7 @@ version: '3.8' services: proxy: - image: ghcr.io/highmed/fhir_proxy:0.9.2 + image: ghcr.io/highmed/fhir_proxy:0.9.3 restart: on-failure ports: - 127.0.0.1:80:80 @@ -27,7 +27,7 @@ services: - app app: - image: ghcr.io/highmed/fhir:0.9.2 + image: ghcr.io/highmed/fhir:0.9.3 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"org.highmed.dsf.fhir.StatusClient\\\"]\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker-compose up -d && docker-compose logs -f\"]},\"316\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_0.9.3_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace 0.9.2 (or 0.9.0, 0.9.1) with 0.9.3\",\"@@ -1,7 +1,7 @@ version: '3.8' services: app: - image: ghcr.io/highmed/bpe:0.9.2 + image: ghcr.io/highmed/bpe:0.9.3 restart: on-failure healthcheck: test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"org.highmed.dsf.bpe.StatusClient\\\"]\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker-compose up -d && docker-compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 0.9.3. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 0.9.3, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 0.9.3. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 0.9.3, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test For a Task resource compatible with the 0.7.0 release of the ping process, see the Ping/Pong process wiki.\"]},\"317\":{\"h\":\"DSF Process Plugin Tutorial\"},\"318\":{\"h\":\"Implementing BPMN Processes as DSF Process-Plugins\",\"t\":[\"This repository contains exercises to learn how to implement process plugins for the Data Sharing Framework (DSF). The tutorial is divided into several exercises that build on each other. For each exercise, a sample solution is provided in a separate branch. This tutorial was first executed at the GMDS / TMF 2022 conference. A recording of the opening remarks by H. Hund and R. Wettstein can be found on YouTube. The slides of the opening remarks are available as a PDF download.\"]},\"319\":{\"h\":\"Prerequisites\",\"t\":[\"In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler and a minimum 16GB of RAM is needed. For more details see the detailed prerequisites document.\"]},\"320\":{\"h\":\"Exercise 1 - Simple Process\",\"t\":[\"The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process. For more details see the exercise 1 description.\"]},\"321\":{\"h\":\"Exercise 1.1 - Process Debugging\",\"t\":[\"Exercise 1.1 looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin. For more details see the exercise 1.1 description.\"]},\"322\":{\"h\":\"Exercise 2 - Input Parameters\",\"t\":[\"In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. For more details see the exercise 2 description.\"]},\"323\":{\"h\":\"Exercise 3 - Message Events\",\"t\":[\"Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization. For more details see the exercise 3 description.\"]},\"324\":{\"h\":\"Exercise 4 - Exclusive Gateways\",\"t\":[\"Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented. For more details see the exercise 4 description.\"]},\"325\":{\"h\":\"Exercise 5 - Event Based Gateways and Intermediate Events\",\"t\":[\"In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. For more details see the exercise 5 description.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"326\":{\"h\":\"Exercise 1.1 - Process Debugging\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"327\":{\"h\":\"docker-compose.yml\",\"t\":[\"version: '3.8' services: proxy: image: nginx:1.23 restart: \\\"no\\\" ports: - 127.0.0.1:443:443 secrets: - proxy_certificate_and_int_cas.pem - proxy_certificate_private_key.pem - proxy_trusted_client_cas.pem volumes: - type: bind source: ./proxy/conf.d target: /etc/nginx/conf.d read_only: true - type: bind source: ./proxy/nginx.conf target: /etc/nginx/nginx.conf read_only: true networks: dic-fhir-frontend: ipv4_address: 172.20.0.66 hrp-fhir-frontend: ipv4_address: 172.20.0.82 cos-fhir-frontend: ipv4_address: 172.20.0.98 internet: aliases: - cos - dic - hrp environment: TZ: Europe/Berlin db: image: postgres:13 restart: \\\"no\\\" healthcheck: test: [\\\"CMD-SHELL\\\", \\\"pg_isready -U liquibase_user -d postgres\\\"] interval: 10s timeout: 5s retries: 5 environment: TZ: Europe/Berlin POSTGRES_PASSWORD_FILE: /run/secrets/db_liquibase.password POSTGRES_USER: liquibase_user POSTGRES_DB: postgres networks: - cos-fhir-backend - dic-fhir-backend - hrp-fhir-backend - cos-bpe-backend - dic-bpe-backend - hrp-bpe-backend secrets: - db_liquibase.password volumes: - type: volume source: db-data target: /var/lib/postgresql/data - type: bind source: ./db/init-db.sh target: /docker-entrypoint-initdb.d/init-db.sh read_only: true cos-fhir: image: ghcr.io/highmed/fhir:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5002:5002 secrets: - db_liquibase.password - db_cos_fhir_user.password - db_cos_fhir_user_permanent_delete.password - app_client_trust_certificates.pem - app_cos_client_certificate.pem - app_cos_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./cos/fhir/conf/bundle.xml target: /opt/fhir/conf/bundle.xml - type: bind source: ./cos/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5002 ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_fhir_user.password ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_cos_fhir_user_permanent_delete.password ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/cos_fhir ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: cos_fhir_users ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: cos_fhir_server_user ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: cos_fhir_permanent_delete_users ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: cos_fhir_server_permanent_delete_user ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://cos/fhir ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${COS_USER_THUMBPRINTS} ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${COS_USER_THUMBPRINTS_PERMANENT_DELETE} networks: cos-fhir-frontend: ipv4_address: 172.20.0.99 cos-fhir-backend: internet: depends_on: - db - proxy cos-bpe: image: ghcr.io/highmed/bpe:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5005:5005 secrets: - db_liquibase.password - db_cos_bpe_user.password - db_cos_bpe_user_camunda.password - app_client_trust_certificates.pem - app_cos_client_certificate.pem - app_cos_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./cos/bpe/plugin target: /opt/bpe/plugin read_only: true - type: bind source: ./cos/bpe/process target: /opt/bpe/process read_only: true - type: bind source: ./cos/bpe/log target: /opt/bpe/log - type: bind source: ./cos/bpe/last_event target: /opt/bpe/last_event environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_cos_bpe_user.password ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_cos_bpe_user_camunda.password ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_cos_client_certificate.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_cos_client_certificate_private_key.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/cos_bpe ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: cos_bpe_users ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: cos_bpe_server_user ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: cos_camunda_users ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: cos_camunda_server_user ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_COS ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://cos/fhir networks: cos-bpe-frontend: cos-bpe-backend: internet: depends_on: - db - cos-fhir dic-fhir: image: ghcr.io/highmed/fhir:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5000:5000 secrets: - db_liquibase.password - db_dic_fhir_user.password - db_dic_fhir_user_permanent_delete.password - app_client_trust_certificates.pem - app_dic_client_certificate.pem - app_dic_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./dic/fhir/conf/bundle.xml target: /opt/fhir/conf/bundle.xml - type: bind source: ./dic/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5000 ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_fhir_user.password ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic_fhir_user_permanent_delete.password ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic_fhir ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: dic_fhir_users ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: dic_fhir_server_user ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic_fhir_permanent_delete_users ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic_fhir_server_permanent_delete_user ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://dic/fhir ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${DIC_USER_THUMBPRINTS} ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${DIC_USER_THUMBPRINTS_PERMANENT_DELETE} networks: dic-fhir-frontend: ipv4_address: 172.20.0.67 dic-fhir-backend: internet: depends_on: - db - proxy dic-bpe: image: ghcr.io/highmed/bpe:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5003:5003 secrets: - db_liquibase.password - db_dic_bpe_user.password - db_dic_bpe_user_camunda.password - app_client_trust_certificates.pem - app_dic_client_certificate.pem - app_dic_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./dic/bpe/plugin target: /opt/bpe/plugin read_only: true - type: bind source: ./dic/bpe/process target: /opt/bpe/process read_only: true - type: bind source: ./dic/bpe/log target: /opt/bpe/log - type: bind source: ./dic/bpe/last_event target: /opt/bpe/last_event environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5003 ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic_bpe_user.password ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic_bpe_user_camunda.password ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic_client_certificate.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic_client_certificate_private_key.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/dic_bpe ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: dic_bpe_users ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: dic_bpe_server_user ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic_camunda_users ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic_camunda_server_user ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic/fhir networks: dic-bpe-frontend: dic-bpe-backend: internet: depends_on: - db - dic-fhir hrp-fhir: image: ghcr.io/highmed/fhir:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5001:5001 secrets: - db_liquibase.password - db_hrp_fhir_user.password - db_hrp_fhir_user_permanent_delete.password - app_client_trust_certificates.pem - app_hrp_client_certificate.pem - app_hrp_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./hrp/fhir/conf/bundle.xml target: /opt/fhir/conf/bundle.xml - type: bind source: ./hrp/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5001 ORG_HIGHMED_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user.password ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_hrp_fhir_user_permanent_delete.password ORG_HIGHMED_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem ORG_HIGHMED_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_FHIR_DB_URL: jdbc:postgresql://db/hrp_fhir ORG_HIGHMED_DSF_FHIR_DB_USER_GROUP: hrp_fhir_users ORG_HIGHMED_DSF_FHIR_DB_USER_USERNAME: hrp_fhir_server_user ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: hrp_fhir_permanent_delete_users ORG_HIGHMED_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: hrp_fhir_server_permanent_delete_user ORG_HIGHMED_DSF_FHIR_SERVER_BASE_URL: https://hrp/fhir ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS: ${HRP_USER_THUMBPRINTS} ORG_HIGHMED_DSF_FHIR_SERVER_USER_THUMBPRINTS_PERMANENT_DELETE: ${HRP_USER_THUMBPRINTS_PERMANENT_DELETE} ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP networks: hrp-fhir-frontend: ipv4_address: 172.20.0.83 hrp-fhir-backend: internet: depends_on: - db - proxy hrp-bpe: image: ghcr.io/highmed/bpe:0.7.0 restart: \\\"no\\\" ports: - 127.0.0.1:5004:5004 secrets: - db_liquibase.password - db_hrp_bpe_user.password - db_hrp_bpe_user_camunda.password - app_client_trust_certificates.pem - app_hrp_client_certificate.pem - app_hrp_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password volumes: - type: bind source: ./hrp/bpe/plugin target: /opt/bpe/plugin read_only: true - type: bind source: ./hrp/bpe/process target: /opt/bpe/process read_only: true - type: bind source: ./hrp/bpe/log target: /opt/bpe/log - type: bind source: ./hrp/bpe/last_event target: /opt/bpe/last_event environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5004 ORG_HIGHMED_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ORG_HIGHMED_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user.password ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_hrp_bpe_user_camunda.password ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_hrp_client_certificate.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_hrp_client_certificate_private_key.pem ORG_HIGHMED_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ORG_HIGHMED_DSF_BPE_DB_URL: jdbc:postgresql://db/hrp_bpe ORG_HIGHMED_DSF_BPE_DB_USER_GROUP: hrp_bpe_users ORG_HIGHMED_DSF_BPE_DB_USER_USERNAME: hrp_bpe_server_user ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_GROUP: hrp_camunda_users ORG_HIGHMED_DSF_BPE_DB_USER_CAMUNDA_USERNAME: hrp_camunda_server_user ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_HRP ORG_HIGHMED_DSF_BPE_FHIR_SERVER_BASE_URL: https://hrp/fhir networks: hrp-bpe-frontend: hrp-bpe-backend: internet: depends_on: - db - hrp-fhir secrets: proxy_certificate_and_int_cas.pem: file: ./secrets/proxy_certificate_and_int_cas.pem proxy_certificate_private_key.pem: file: ./secrets/proxy_certificate_private_key.pem proxy_trusted_client_cas.pem: file: ./secrets/proxy_trusted_client_cas.pem db_liquibase.password: file: ./secrets/db_liquibase.password db_dic_fhir_user.password: file: ./secrets/db_dic_fhir_user.password db_dic_fhir_user_permanent_delete.password: file: ./secrets/db_dic_fhir_user_permanent_delete.password db_dic_bpe_user.password: file: ./secrets/db_dic_bpe_user.password db_dic_bpe_user_camunda.password: file: ./secrets/db_dic_bpe_user_camunda.password db_hrp_fhir_user.password: file: ./secrets/db_hrp_fhir_user.password db_hrp_fhir_user_permanent_delete.password: file: ./secrets/db_hrp_fhir_user_permanent_delete.password db_hrp_bpe_user.password: file: ./secrets/db_hrp_bpe_user.password db_hrp_bpe_user_camunda.password: file: ./secrets/db_hrp_bpe_user_camunda.password db_cos_fhir_user.password: file: ./secrets/db_cos_fhir_user.password db_cos_fhir_user_permanent_delete.password: file: ./secrets/db_cos_fhir_user_permanent_delete.password db_cos_bpe_user.password: file: ./secrets/db_cos_bpe_user.password db_cos_bpe_user_camunda.password: file: ./secrets/db_cos_bpe_user_camunda.password app_client_trust_certificates.pem: file: ./secrets/app_client_trust_certificates.pem app_client_certificate_private_key.pem.password: file: ./secrets/app_client_certificate_private_key.pem.password app_dic_client_certificate.pem: file: ./secrets/app_dic_client_certificate.pem app_dic_client_certificate_private_key.pem: file: ./secrets/app_dic_client_certificate_private_key.pem app_hrp_client_certificate.pem: file: ./secrets/app_hrp_client_certificate.pem app_hrp_client_certificate_private_key.pem: file: ./secrets/app_hrp_client_certificate_private_key.pem app_cos_client_certificate.pem: file: ./secrets/app_cos_client_certificate.pem app_cos_client_certificate_private_key.pem: file: ./secrets/app_cos_client_certificate_private_key.pem networks: internet: dic-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.64/28 dic-fhir-backend: dic-bpe-frontend: dic-bpe-backend: hrp-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.80/28 hrp-fhir-backend: hrp-bpe-frontend: hrp-bpe-backend: cos-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.96/28 cos-fhir-backend: cos-bpe-frontend: cos-bpe-backend: volumes: db-data: name: dsf-process-tutorial-db\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"328\":{\"h\":\"Exercise 1 - Simple Process\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"329\":{\"h\":\"Exercise 1 - Simple Process\",\"t\":[\"The first exercise focuses on setting up the testing environment used in this tutorial and shows how to implement and execute a simple BPMN process.\",\"With this exercise we will take a look at the general setup of the tutorial code base, modify a service class and execute the service within a simple demo process.\"]},\"330\":{\"h\":\"Introduction\"},\"331\":{\"h\":\"Tutorial Code Base Structure and Docker Test Setup\",\"t\":[\"The tutorial project consists of three parts: A test-data-generator project used to generate X.509 certificates and FHIR resources during the maven build of the project. The certificates and FHIR resources are needed to start DSF instances simulating installations at three different organizations used for this tutorial. The DSF instances are configured using a docker-compose.yml file in the test-setup folder. The docker-compose test setup uses a single PostgreSQL database server, a single nginx reverse proxy as well as three separate DSF FHIR server- and 3 separate DSF BPE server instances. The tutorial-process project contains all resource (FHIR resources, BPMN process models and Java code) for the actual DSF process plugin.\",\"Java code for the tutorial-process project is located at src/main/java, FHIR resources and BPMN process models at src/main/resources as well as prepared JUnit tests to verify your solution at src/test/java.\"]},\"332\":{\"h\":\"Process Plugin Main Components\",\"t\":[\"The most imported Java class used to specify the process plugin for the DSF BPE server is a class that implements the org.highmed.dsf.bpe.ProcessPluginDefinition interface from the DSF dsf-bpe-process-base module. The DSF BPE server searches for classes implementing this interface using the Java ServiceLoader mechanism. For this tutorial the TutorialProcessPluginDefinition class implements this interface. It is appropriately specified in the src/main/resources/META-INF/services/org.highmed.dsf.bpe.ProcessPluginDefinition file. The TutorialProcessPluginDefinition class is used to specify name and version of the process plugin, what BPMN processes are to be deployed and what FHIR resources and required by the BPMN processes. For the implementation of service task and message events of the processes a special Spring context is used for every process plugin. The TutorialProcessPluginDefinition class specifies what via Spring-Framework configuration class with Spring Beans are used for the process plugin specific Spring Context. For this plugin the TutorialConfig cass is used to define Spring Beans.\",\"The business process engine used by the DSF BPE server is based on the OpenSource Camunda Process Engine 7. In order to specify what Java code should be executed for a BPMN ServiceTask you need to specify the fully-qualified Java class name in the ServiceTask inside the BPMN model. To be executable the Java class needs to extend the org.highmed.dsf.bpe.delegate.AbstractServiceDelegate from the DSF dsf-bpe-process-base module and the class needs to be defined as as Spring Bean.\"]},\"333\":{\"h\":\"Process Execution and FHIR Task Resources\",\"t\":[\"Business process instances are started or the execution continued via FHIR Task resources. The Task resource specifies what process to instantiate or continue, what organization is requesting this action and what organization is the target for the request. When a Task resource starts a process we call it \\\"leading\\\", when it continues a process it's called \\\"current\\\". This differentiation is important for multi-instance use cases not covered by this tutorial. Each Java class extending the abstract class org.highmed.dsf.bpe.delegate.AbstractServiceDelegate has methods to access both types of Task resources.\"]},\"334\":{\"h\":\"Process Access Control\",\"t\":[\"FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. These resources are used by the DSF to specify what profile the Task resource needs to conform to and what BPMN message name is used to correlate the appropriate start or intermediate event within the BPMN model. The ActivityDefinition also defines what kind of organization can request the instantiation or continuation of a process instance and what kind of organization are allowed to fulfill the request.\",\"We will take a closer look as ActivityDefinition resources in Exercise 3 and Exercise 5.\"]},\"335\":{\"h\":\"Exercise Tasks\",\"t\":[\"Add a log message to the HelloDic#doExecute method that logs the recipient organization identifier from the \\\"leading\\\" Task.\",\"Register the HelloDic class as a singleton bean in the TutorialConfig class.\",\"Set the HelloDic class as the service implementation of the appropriate service task within the hello-dic.bpmn process model.\",\"Modify the ActivityDefinition for the highmedorg_helloDic process to only allow local clients to instantiate the process via a helloDic message.\"]},\"336\":{\"h\":\"Solution Verification\"},\"337\":{\"h\":\"Maven Build and Automated Tests\",\"t\":[\"Execute a maven build of the dsf-process-tutorial parent module via:\",\"mvn clean install -Pexercise-1\",\"Verify that the build was successful and no test failures occurred.\"]},\"338\":{\"h\":\"Process Execution and Manual Tests\",\"t\":[\"To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and to copy the jar to the appropriate locations of the docker test setup.\",\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://dic/fhir. The DSF FHIR server uses a server certificate that was generated during the first maven install build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password). Add the certificate and the generated Root CA to your browser certificate store.\",\"Caution: If you add the generated Root CA to your browsers certificate store as a trusted Root CA, make sure you are the only one with access to the private key at .../dsf-process-tutorial/test-data-generator/cert/ca/testca_private-key.pem.\",\"Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://dic/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a single ActivityDefinition. Also, go to https://dic/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-dic to check if the expected Task profile was created.\",\"Start the highmedorg_helloDic process by posting an appropriate FHIR Task resource to the DSF FHIR server:\",\"The Task resource is used to tell the DSF BPE server via the DSF FHIR server that a specific organization wants to start (or continue) one process instance at a specified organization. The needed Task resource can be generated and posted to the DSF FHIR server by executing the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class. For the TutorialExampleStarter to work the location of the client certificate and its password need to be specified:\",\"Either specify the location and password via program arguments: 1. location of the client certificate (.../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12), 2. password for the client certificate (password)\",\"Or set the environment variables DSF_CLIENT_CERTIFICATE_PATH and DSF_CLIENT_CERTIFICATE_PASSWORD with the appropriate values.\",\"Verify that the FHIR Task resource could be created at the DSF FHIR server. The TutorialExampleStarter class should print a message HTTP 201: Created showing that the Task resource was created.\",\"Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should print a message showing that the process was started, print the log message you added to the HelloDic class and end with a message showing that the process finished.\",\"Continue with Exercise 1.1.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"339\":{\"h\":\"Exercise 1.1 - Process Debugging\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"340\":{\"h\":\"Exercise 1.1 - Process Debugging\",\"t\":[\"This exercise looks at how to use the Java debugger of your IDE to remote debug the execution of a process plugin.\"]},\"341\":{\"h\":\"Introduction\",\"t\":[\"The DSF FHIR server and the DSF BPE server applications are written in Java and as such are execute on a headless JRE 11 within their docker containers. Command line arguments can be passed to the JVM inside the ghcr.io/highmed/fhir and ghcr.io/highmed/bpe docker images by specifying the environment variable EXTRA_JVM_ARGS. This can be used for example to configure the minimum and maximum heap of the JVM; but can also be used to specify a remote debugging port, which we will use in this exercise.\",\"An EXTRA_JVM_ARGS environment variable is already configure for all DSF FHIR server and DSF BPE server docker containers in the tutorial docker-compose test setup. Take a look at the docker-compose.yml file to lookup the port numbers specified for the different DSF FHIR and DSF BPE servers.\"]},\"342\":{\"h\":\"Exercise Tasks\",\"t\":[\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-bpe\",\"Configure your Java IDE for remote debugging\",\"Eclipse:\",\"IntelliJ:\",\"Create a debug breakpoint in the first line of the HelloDic class doExecute method.\",\"Start your previously defined remote Java debugger in your IDE.\",\"Execute the TutorialExampleStarter class to start highmed_helloDic process.\",\"User your IDE's debugger to step thru the code of the HelloDic class doExecute method.\",\"Continue with Exercise 2.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"343\":{\"h\":\"Exercise 2 - Input Parameters\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"344\":{\"h\":\"Exercise 2 - Input Parameters\",\"t\":[\"In order to configure processes that are packaged as process plugins, we will take a look at two possibilities on how to pass parameters to a process. The goal of this exercise is to enhance the highmedorg_helloDic process by trying them both.\"]},\"345\":{\"h\":\"Introduction\",\"t\":[\"DSF process plugins can be configured with input parameters using two different approaches:\",\"Static configuration using environment variables during the deployment of a process plugin.\",\"Dynamic configuration by sending values as part of the Task resource to start or continue a process instance.\"]},\"346\":{\"h\":\"Environment Variables\",\"t\":[\"Environment variables are the same for all running process instances and allow static configuration of processes. They can be defined by adding a member variable having the Spring-Framework @Value annotation to the configuration class TutorialConfig. The value of the annotation uses the ${..} notation and follows the form ${some.property:defaultValue}, where each dot in the property name corresponds to an underscore in the environment variable and environment variables are always written upper-case. The property some.property therefore corresponds to the environment variable SOME_PROPERTY.\",\"To create an automated documentation of environment variables during the Maven build process, the DSF provided @ProcessDocumentation annotation from the package org.highmed.dsf.tools.generator can be used. The pom.xml of the tutorial-process submodule calls the DSF provided DocumentGenerator class from the same package during the prepare-package phase of the build process. The generator searches for all @ProcessDocumentation annotations and generates a Markdown documentation based on the annotation's values in the target folder.\"]},\"347\":{\"h\":\"Task Input Parameters\",\"t\":[\"Providing input parameters to a specific process instance allows for dynamic configuration of process instances. It can be done by sending additional values as part of the Task resource that starts or continues a process instance. It should be noted that a FHIR profile must be created for each Task resource, i.e. for each message event in a process model, which inherits from the DSF Task Base Profile. This base profile defines three default input parameters:\",\"message-name (mandatory 1..1): the name of the BPMN message event, same as in the BPMN model\",\"business-key (optional 0..1): used to identify process instances\",\"correlation-key(optional 0..1): used to identify multi-instance process instances used for messaging multiple targets\",\"A later exercise will examine these input parameters and their meaning in more detail.\",\"Since input parameters of Task resources are identified by predefined codes, they are defined via FHIR CodeSystem and ValueSet resources. The BPMN-Message CodeSystem and the BPMN-Message ValueSet are used in the DSF Task Base Profile to define the three default input parameters of Task resources.\"]},\"348\":{\"h\":\"Version and Release-Date Placeholders\",\"t\":[\"To avoid the need to specify the version and release date for each CodeSystem, StructureDefinition (Task profile) and ValueSet resource, the placeholders #{version} and #{date} can be used. They are replaced with the values returned by the methods ProcessPluginDefinition#getVersion() and ProcessPluginDefinition#getReleaseDate() respectively during deployment of a process plugin by the DSF BPE server.\",\"Read Access Tag While writing FHIR resources on the DSF FHIR server is only allowed by the own organization (except Task), rules have to be defined for reading FHIR resources by external organizations (again except Task). The Resource.meta.tag field is used for this purpose. To allow read access for all organizations (the standard for metadata resources), the following read-access-tag value can be written into this field:\",\" \",\"The read access rules for Task resources are defined through the fields Task.requester and Task.restriction.recipient. Therefore, no read-access-tag is needed.\",\"It is also possible to restrict read access of FHIR resources to organizations with a specific role in a consortium or a specific identifier, but this is not covered in the tutorial.\",\"The write access rules for Task resources are defined through the ActivityDefinition resources belonging to the process. We will take a look at this in exercise 3 and exercise 5.\"]},\"349\":{\"h\":\"Exercise Tasks\",\"t\":[\"Add an environment variable to enable/disable logging to the TutorialConfig class specify the default value as false.\",\"Inject the value of the environment variable in to HelloDic class, by modifying its constructor and using the new field of the TutorialConfig class.\",\"Use the value of the environment variable in the HelloDic class to decide whether the log message from exercise 1 should be printed.\",\"Adapt test-setup/docker-compose.yml by adding the new environment variable to the service dic-bpe and set the value to \\\"true\\\".\",\"Create a new CodeSystem with url http://highmed.org/fhir/CodeSystem/tutorial having a concept with code tutorial-input.\",\"Create a new ValueSet with url http://highmed.org/fhir/ValueSet/tutorial that includes all concepts from the CodeSystem.\",\"Add the new CodeSystem and ValueSet resources to the highmedorg_helloDic process in the TutorialProcessPluginDefinition class.\",\"Add a new input parameter of type string to the task-hello-dic.xmlTask profile using the concept of the new CodeSystem as a fixed coding.\",\"Read the new input parameter in the HelloDic class from the \\\"leading\\\" Task and add the value to the log message from exercise 1.\",\"Adapt the starter class TutorialExampleStarter by adding the new input parameter with an arbitrary string.\"]},\"350\":{\"h\":\"Solution Verification\"},\"351\":{\"h\":\"Maven Build and Automated Tests\",\"t\":[\"Execute a maven build of the dsf-process-tutorial parent module via:\",\"mvn clean install -Pexercise-2\",\"Verify that the build was successful and no test failures occurred.\"]},\"352\":{\"h\":\"Process Execution and Manual Tests\",\"t\":[\"To verify the highmedorg_helloDic process can be executed successfully, we need to deploy it into a DSF instance and execute the process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.\",\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_DIC organization in second console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.\",\"Start the highmedorg_helloDic process by posting an appropriate FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class as in exercise 1 to create the Task resource needed to start the highmedorg_helloDic process.\",\"Verify that the highmedorg_helloDic process was executed by the DSF BPE server. The BPE server should:\",\"Print a message showing that the process was started.\",\"If logging is enabled - print the log message and the value of the input parameter you added to the HelloDic implementation.\",\"Print a message showing that the process finished.\",\"Check that you can disable logging of you message by modifying the docker-compose.yml file and configuring your environment variable with the value \\\"false\\\" or removing the environment variable. Note: Changes to environment variable require recreating the docker container.\",\"Also check that modification to the Task input parameter specified in the TutorialExampleStarter class, have the appropriate effect on your log message.\",\"Continue with Exercise 3.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"353\":{\"h\":\"Exercise 3 - Message Events\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"354\":{\"h\":\"Exercise 3 - Message Events\",\"t\":[\"Communication between organizations is modeled using message flow in BPMN processes. The third exercise shows how a process at one organization can trigger a process at another organization.\",\"To demonstrate communication between two organizations we will configure message flow between the processes highmedorg_helloDic and highmedorg_helloCos. The processes are then to be executed at the organizations Test_DIC and Test_COS respectively in the docker test setup, with the former triggering execution of the latter by automatically sending a Task from organization Test_DIC to organization Test_COS.\"]},\"355\":{\"h\":\"Introduction\"},\"356\":{\"h\":\"Message Flow and FHIR Task resources\",\"t\":[\"BPMN processes are instantiated and started within the DSF by creating a matching FHIR Task resource in the DSF FHIR server. This is true for executing a process on the local DSF BPE server by manually creating a Task resource, but also works by creating and starting a process instance at a remote DSF BPE server from an executing process automatically.\",\"In order to exchange information between different processes, for example at two different organizations, BPMN message flow is used. Typically represented by a dashed line arrow between elements with black (send) and white (receive) envelop icons. The following BPMN collaboration diagram shows two processes. The process at \\\"Organization 1\\\" is sending a message to \\\"Organization 2\\\" which results in the instantiation and execution of new process instance at the second organization.\",\"Message Flow\",\"Every time message flow is used in a BPMN process for the DSF, a corresponding FHIR Task profile needs to be specified for every interaction. This profile specifies which process should be started or continued and what the message name is when correlating the appropriate Message Start Event or Intermediate Message Catch Event. A Business Key and a Correlation Key are specified if different process instances need to be linked to a single execution, for example to be able to send a message back.\"]},\"357\":{\"h\":\"BPMN Process Definition Key vs. FHIR Task.instantiatesUri and ActivityDefinition.url / version\",\"t\":[\"FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance. They also control what kind of organization can request the instantiation or continuation of a process instance and what kind of organization is allowed to fulfill the request.\",\"In order to link the FHIR and BPMN worlds the BPMN process definition key needs to be specified following the pattern ^[-a-zA-Z0-9]+_[-a-zA-Z0-9]+$ for example:\",\"domainorg_processKey\",\"In addition the BPM process needs to specify a process version with the pattern ^\\\\d+.\\\\d+.\\\\d+$ for example:\",\"1.0.0\",\"This results in a canonical URL used to identify the process, for example:\",\"http://domain.org/bpe/Process/processKey/1.0.0\",\"The canonical URL is used for Task.instantiatesUri and ActivityDefinition.url / version.\"]},\"358\":{\"h\":\"ActivityDefinitions for the DSF\",\"t\":[\"FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.\",\"The authorization extension needs to be configured at least once and has four sub extensions:\"]},\"359\":{\"h\":\"message-name [1..1]\",\"t\":[\"String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.\"]},\"360\":{\"h\":\"task-profile [1..1]\",\"t\":[\"Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.\"]},\"361\":{\"h\":\"requester [1..]\",\"t\":[\"Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:\",\"LOCAL_ORGANIZATION A local organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"REMOTE_ORGANIZATION A remote (non local) organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"LOCAL_ROLE A local organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"REMOTE_ROLE A remote (non local) organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"LOCAL_ALL All local organizations regardless of their identifier or role in a consortium.\",\"REMOTE_ALL All remote (non local) organizations regardless of their identifier or role in a consortium.\"]},\"362\":{\"h\":\"recipient [1..]\",\"t\":[\"Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.\",\"LOCAL_ORGANIZATION Organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"LOCAL_ROLE Organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"LOCAL_ALL All organizations regardless of their identifier or role in a consortium.\",\"The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.\"]},\"363\":{\"h\":\"Authorization Extension Example\",\"t\":[\"The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.\",\" \"]},\"364\":{\"h\":\"Exercise Tasks\",\"t\":[\"Modify the highmedorg_helloDic process in the hello-dic.bpmn file and replace the End Event with a Message End Event. Configure input parameters instantiatesUri, profile and messageName in the BPMN model for the Message End Event. Set the message name of the Message End Event and configure it to be executed using the HelloCosMessage class. Use http://highmed.org/fhir/StructureDefinition/task-hello-cos|#{version} as the profile and helloCos as the message name. Figure out what the appropriate instantiatesUri value is, based on the name (process definition key) of the process to be triggered.\",\"Modify the highmedorg_helloCos process in the hello-cos.bpmn file and configure the message name of the Message Start Event with the same value as the message name of the Message End Event in the highmedorg_helloDic process.\",\"Create a new StructureDefinition with a Task profile for the helloCos message.\",\"Create a new ActivityDefinition resource for the highmedorg_helloCos process and configure the authorization extension to allow the Test_DIC organization as the requester and the Test_COS organization as the recipient.\",\"Add the highmedorg_helloCos process and its resources to the TutorialProcessPluginDefinition class.\",\"Modify HelloDic service class to set the target process variable for the Test_COS organization.\",\"Configure the HelloCosMessage class as a spring in the TutorialConfig class.\"]},\"365\":{\"h\":\"Solution Verification\"},\"366\":{\"h\":\"Maven Build and Automated Tests\",\"t\":[\"Execute a maven build of the dsf-process-tutorial parent module via:\",\"mvn clean install -Pexercise-3\",\"Verify that the build was successful and no test failures occurred.\"]},\"367\":{\"h\":\"Process Execution and Manual Tests\",\"t\":[\"To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.\",\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_DIC organization in another console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.\",\"Start the DSF FHIR server for the Test_COS organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-fhir\",\"Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://cos/fhir. The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).\",\"Start the DSF BPE server for the Test_COS organization in another console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://cos/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain two ActivityDefinition resources. Also, go to https://cos/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-cos to check if the expected Task profile was created.\",\"Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.\",\"Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was send to the Test_COS organization. Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was then executed by the DSF BPE server of the Test_COS organization.\",\"Continue with exercise 4.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"368\":{\"h\":\"Exercise 4 - Exclusive Gateways\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"369\":{\"h\":\"Exercise 4 - Exclusive Gateways\",\"t\":[\"Different execution paths in a process based on the state of process variables can be achieved using Exclusive Gateways. In Exercise 4 we will examine how this can be implemented by modifying the highmedorg_helloDic process.\"]},\"370\":{\"h\":\"Introduction\"},\"371\":{\"h\":\"Exclusive Gateways\",\"t\":[\"Different sequence flows during the execution of a process instance can be modeled using BPMN Exclusive Gateways. For each outgoing sequence flow of the gateway, a BPMN Condition Expression can be added to the process model, deciding whether a sequence flow should be followed. Thereby, all condition decisions must be in an XOR relationship to each other.\"]},\"372\":{\"h\":\"Condition Expressions\",\"t\":[\"A BPMN Condition Expression uses the ${..} notation. Within the curly braces all execution variables of a process instance can be accessed, e.g. the ones that were stored in a previous Java implementation of a BPMN ServiceTask. For example, the BPMN Condition Expression${cohortSize > 100} checks whether the value in the execution variable cohortSize is greater than 100.\"]},\"373\":{\"h\":\"Storing / Modifying Process Variables\",\"t\":[\"Via the DelegateExecution execution parameter of the doExecute method of a class extending AbstractServiceDelegate, we can write and read process variables of the current process instance. The following code listing show how to write and read a boolean variable:\",\"{ execution.setVariable(\\\"variable-name\\\", Variables.booleanValue(false)); boolean variable = (boolean) execution.getVariable(\\\"variable-name\\\"); }\",\"For more details on process variables see the Camunda documentation.\"]},\"374\":{\"h\":\"Exercise Tasks\",\"t\":[\"In the HelloDic class, write an algorithm deciding based on the \\\"leading\\\" Task's input parameter tutorial-input, whether the highmedorg_helloCos process should be started.\",\"Add a boolean variable to the process instance execution variables storing the decision.\",\"Add an exclusive gateway to the highmedorg_helloDic process model and two outgoing sequence flows - the first starting process highmedorg_helloDic, the second stopping process highmedorg_helloDic without starting process highmedorg_helloCos.\",\"Add a condition expressions to each outgoing sequence flow based on the previously stored execution variable.\"]},\"375\":{\"h\":\"Solution Verification\"},\"376\":{\"h\":\"Maven Build and Automated Tests\",\"t\":[\"Execute a maven build of the dsf-process-tutorial parent module via:\",\"mvn clean install -Pexercise-4\",\"Verify that the build was successful and no test failures occurred.\"]},\"377\":{\"h\":\"Process Execution and Manual Tests\",\"t\":[\"To verify the highmedorg_helloDic and highmedorg_helloCos processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.\",\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloCos process.\",\"Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.\",\"Verify that the highmedorg_helloDic process was executed successfully by the Test_DIC DSF BPE server and possibly the highmedorg_helloCos process by the Test_COS DSF BPE server, depending on whether decision of your algorithm based on the input parameter allowed to start the highmedorg_helloDic process.\",\"Continue with exercise 5\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"378\":{\"h\":\"Exercise 5 - Event Based Gateways and Intermediate Events\",\"t\":[\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"379\":{\"h\":\"Exercise 5 - Event Based Gateways and Intermediate Events\",\"t\":[\"In the final exercise we will look at message flow between three organizations as well as how to continue a waiting process if no return message arrives. With this exercise we will add a third process and complete a message loop from Test_DIC to Test_COR to Test_HRP back to Test_DIC.\"]},\"380\":{\"h\":\"Introduction\"},\"381\":{\"h\":\"Managing Multiple- and Missing Messages\",\"t\":[\"If an existing and started process instance is waiting for a message from another organization, the corresponding FHIR Task may never arrive. Either because the other organization decides to never send the \\\"message\\\" or because some technical problem prohibits the Task resource from being posted to the DSF FHIR server. This would result in stale process instances that never finish.\",\"In order to solve this problem we can add an Event Based Gateway to the process waiting for a response and then either handle a Task resource with the response and finish the process in a success state or fire of an Intermediate Timer Catch Event after a defined wait period and finish the process in an error state. The following BPMN collaboration diagram shows how the process at the first organization would look like if two different message or no message could be received:\"]},\"382\":{\"h\":\"Timer Events\",\"t\":[\"For Timer Events the duration until the timer fires is specified using the ISO 8601 Durations format. Examples can be found in the Camunda 7 documentation.\"]},\"383\":{\"h\":\"Matching Process Instances With Business Keys\",\"t\":[\"In the example above the first organization is sending a \\\"message\\\" to the second and waiting for a reply. In order to correlate the return message with the waiting process instance, a unique identifier needs to be exchanged between both process instances. Within the DSF this is implemented using the process instance business-key and a corresponding Task.input parameter. For 1:1 communication relationships this is handled by the DSF BPE servers automatically, but the corresponding Task profiles need to define the business-key input parameter as mandatory.\",\"If multiple message are send in a 1:n relationship with a n:1 return an additional correlation-key needs to be configured in order to correlate every bidirectional communication between two DSF instances.\"]},\"384\":{\"h\":\"ActivityDefinitions for the DSF\",\"t\":[\"FHIR ActivityDefinition resources are used to announce what processes can be instantiated at a given DSF instance and contain the authorization rules for the specified process. ActivityDefinition for the DSF need to comply with the http://highmed.org/fhir/StructureDefinition/activity-definition profile, with authorization rules configured using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization extension.\",\"The authorization extension needs to be configured at least once and has four sub extensions:\"]},\"385\":{\"h\":\"message-name [1..1]\",\"t\":[\"String value specifying the message name of Message Start Event, Intermediate Message Catch Event or Message Receive Task this authorization rule should match. Can only be specified once per authorization rule extension.\"]},\"386\":{\"h\":\"task-profile [1..1]\",\"t\":[\"Canonical URL value specifying the Task profile this authorization rule should match. Can only be specified once per authorization rule extension.\"]},\"387\":{\"h\":\"requester [1..]\",\"t\":[\"Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-requester ValueSet:\",\"LOCAL_ORGANIZATION A local organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"REMOTE_ORGANIZATION A remote (non local) organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"LOCAL_ROLE A local organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"REMOTE_ROLE A remote (non local) organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"LOCAL_ALL All local organizations regardless of their identifier or role in a consortium.\",\"REMOTE_ALL All remote (non local) organizations regardless of their identifier or role in a consortium.\"]},\"388\":{\"h\":\"recipient [1..]\",\"t\":[\"Coding value matching entries from the http://highmed.org/fhir/ValueSet/process-authorization-recipient ValueSet.\",\"LOCAL_ORGANIZATION Organization with a specific identifier. The organization identifier needs to specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-organization extension.\",\"LOCAL_ROLE Organizations with a specific role defined via OrganizationAffiliation. Role and consortium identifier need to be specified using the http://highmed.org/fhir/StructureDefinition/extension-process-authorization-consortium-role extension.\",\"LOCAL_ALL All organizations regardless of their identifier or role in a consortium.\",\"The local organization of a DSF instance is configured using the environment variables ORG_HIGHMED_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF FHIR server and ORG_HIGHMED_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE for the DSF BPE server.\"]},\"389\":{\"h\":\"Authorization Extension Example\",\"t\":[\"The following example specifies that process execution can only be requested by a organization with a specific identifier and only allows execution of the process in the DSF instance of an organization with a specific identifier.\",\" \"]},\"390\":{\"h\":\"Exercise Tasks\",\"t\":[\"Modify the HelloCosMessage and use the value from the Task.input parameter of the helloDicTask to send it to the highmedorg_helloCos process via a Task.input parameter in the helloCos Task. Override the getAdditionalInputParameters to configure a Task.input parameter to be send.\",\"Modify the highmedorg_helloCos process to use a Message End Event to trigger the process in file hello-hrp.bpmn. Figure out the values for the instantiatesUri, profile and messageName input parameters of the Message End Event based on the AcitvityDefinition in file hello-hrp.xml.\",\"Modify the highmedorg_helloDic process: \",\"Change the Message End Event to an Intermediate Message Throw Event\",\"Add an Event Based Gateway after the throw event\",\"Configure two cases for the Event Based Gateway: \",\"An Intermediate Message Catch Event to catch the goodbyDic message from the highmedorg_helloHrp process.\",\"An Intermediate Timer Catch Event to end the process if no message is sent by the highmedorg_helloHrp process after two minutes. Make sure both cases finish with a process End Event.\",\"Modify the process in file hello-hrp.bpmn and set the process definition key and version. Figure out the appropriate values based on the AcitvityDefinition in file hello-hrp.xml.\",\"Add the process in file hello-hrp.bpmn to the TutorialProcessPluginDefinition and configure the FHIR resources needed for the three processes.\",\"Add the HelloCos, HelloHrpMessage , HelloHrp and GoodbyeDicMessage classes as spring beans.\"]},\"391\":{\"h\":\"Solution Verification\"},\"392\":{\"h\":\"Maven Build and Automated Tests\",\"t\":[\"Execute a maven build of the dsf-process-tutorial parent module via:\",\"mvn clean install -Pexercise-5\",\"Verify that the build was successful and no test failures occurred.\"]},\"393\":{\"h\":\"Process Execution and Manual Tests\",\"t\":[\"To verify the highmedorg_helloDic, highmedorg_helloCos and highmedorg_helloHrp processes can be executed successfully, we need to deploy them into DSF instances and execute the highmedorg_helloDic process. The maven install build is configured to create a process jar file with all necessary resources and copy the jar to the appropriate locations of the docker test setup.\",\"Start the DSF FHIR server for the Test_DIC organization in a console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_DIC organization in a second console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up dic-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.\",\"Start the DSF FHIR server for the Test_COS organization in a third console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-fhir\",\"Verify the DSF FHIR server started successfully.\",\"Start the DSF BPE server for the Test_COS organization in a fourth console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up cos-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloDic process.\",\"Start the DSF FHIR server for the Test_HRP organization in a fifth at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up hrp-fhir\",\"Verify the DSF FHIR server started successfully. You can access the webservice of the DSF FHIR server at https://hrp/fhir. The DSF FHIR server uses a server certificate that was generated during the first maven build. To authenticate yourself to the server you can use the client certificate located at .../dsf-process-tutorial/test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12 (Password: password).\",\"Start the DSF BPE server for the Test_HRP organization in a sixth console at location .../dsf-process-tutorial/test-setup:\",\"docker-compose up hrp-bpe\",\"Verify the DSF BPE server started successfully and deployed the highmedorg_helloHrp process. The DSF BPE server should print a message that the process was deployed. The DSF FHIR server should now have a new ActivityDefinition resource. Go to https://hrp/fhir/ActivityDefinition to check if the expected resource was created by the BPE while deploying the process. The returned FHIR Bundle should contain a three ActivityDefinition resources. Also, go to https://hrp/fhir/StructureDefinition?url=http://highmed.org/fhir/StructureDefinition/task-hello-hrp to check if the expected Task profile was created.\",\"Start the highmedorg_helloDic process by posting a specific FHIR Task resource to the DSF FHIR server of the Test_DIC organization: Execute therefore the main method of the org.highmed.dsf.process.tutorial.TutorialExampleStarter class to create the Task resource needed to start the highmedorg_helloDic process.\",\"Verify that the FHIR Task resource was created at the DSF FHIR server and the highmedorg_helloDic process was executed by the DSF BPE server of the Test_DIC organization. The DSF BPE server of the Test_DIC organization should print a message showing that a Task resource to start the highmedorg_helloCos process was sent to the Test_COS organization. Verify that a FHIR Task resource was created at the DSF FHIR server of the Test_COS organization and the highmedorg_helloCos process was executed by the DSF BPE server of the Test_COS organization. The DSF BPE server of the Test_COS organization should print a message showing that a Task resource to start the highmedorg_helloHrp process was send to the Test_HRP organization.\",\"Based on the value of the Task.input parameter you send, the highmedorg_helloHrp process will either send a goodbyDic message to the Test_DIC organization or finish without sending a message.\",\"To trigger the goodbyDic message, use send-response as the http://highmed.org/fhir/CodeSystem/tutorial#tutorial-input input parameter.\",\"Verify that the highmedorg_helloDic process either finishes with the arrival of the goodbyDic message or after waiting for two minutes.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"394\":{\"h\":\"Prerequisites\",\"t\":[\"In order to be able to solve the exercises described in this tutorial a software development environment with git, Java 11, Maven 3.8, Docker, docker-compose, a Java IDE like Eclipse or IntelliJ, a BPMN Editor like the Camunda Modeler a and minimum 16GB of RAM is needed.\"]},\"395\":{\"h\":\"git\",\"t\":[\"git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.\",\"An installation guide for Linux, Mac and Windows can be found here: installation guide\",\"The most basic git CLI commands are described here: commands\"]},\"396\":{\"h\":\"Java 11\",\"t\":[\"Processes for the DSF are written using the Java programming language in version 11. Various open source releases of the Java Developer Kit (JDK) 11 exist, you are free in your choice.\"]},\"397\":{\"h\":\"Maven 3.8\",\"t\":[\"When implementing DSF processes, we use Maven 3.8 to manage the software project's build, reporting and documentation workflow.\",\"An installation guide for Maven 3.8 can be found here: installation guide\",\"The most important maven commands are described here: commands\"]},\"398\":{\"h\":\"GitHub Packages\",\"t\":[\"In order to download DSF packages from the GitHub Package Registry using Maven you need a personal GitHub access token with scope read:packages. This GitHub documentation shows you how to generate one.\",\"After that, add the following server configuration to your local .m2/settings.xml. Replace USERNAME with your GitHub username and TOKEN with the previously generated personal GitHub access token. The token needs at least the read:packages scope.\",\" ... github USERNAME TOKEN \"]},\"399\":{\"h\":\"Docker and docker-compose\",\"t\":[\"To be able to test the implemented processes, we use a test-setup based on Docker and docker-compose. This allows us to simulate multiple organizations with different roles and run the processes across \\\"organizational boundaries\\\".\",\"An installation guide for Docker and docker-compose can be found here: installation guide\",\"The most important Docker commands are described here: Docker commands\",\"An overview of docker-compose commands are described here: docker-compose commands\"]},\"400\":{\"h\":\"Host entries for test-setup\",\"t\":[\"The following entries are required in the hosts file of your computer so that the FHIR servers of the simulated organizations can be accessed in your web browser. On Linux and Mac this file is located at /etc/hosts. On Windows you can find it at C:\\\\Windows\\\\System32\\\\drivers\\\\etc\\\\hosts\",\"127.0.0.1 dic 127.0.0.1 cos 127.0.0.1 hrp\"]},\"401\":{\"h\":\"Java IDE\",\"t\":[\"For the development of the processes we recommend the use of an IDE, e.g. Eclipse or IntelliJ:\",\"An installation guide for Eclipse can be found here: Eclipse installation guide\",\"An installation guide for IntelliJ can be found here: IntelliJ installation guide\"]},\"402\":{\"h\":\"BPMN Editor\",\"t\":[\"To simplify modeling of BPMN processes, we recommend a graphical editor, e.g. the Camunda Modeler:\",\"An installation guide for the Camunda Modeler can be found here: installation guide\"]},\"403\":{\"h\":\"Hardware\",\"t\":[\"The minimum hardware requirements to run all simulated organizations as part of the Docker test-setup is 16 GB of RAM.\",\"Prerequisites | Exercise 1 | Exercise 1.1 | Exercise 2 | Exercise 3 | Exercise 4 | Exercise 5\"]},\"404\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"405\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"406\":{\"h\":\"General\"},\"407\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"408\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"409\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"410\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"411\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"412\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"413\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"414\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"415\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"416\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"417\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"418\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"419\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"420\":{\"h\":\"Develop Process Plugins\"},\"421\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"422\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"423\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"424\":{\"h\":\"Maintain a DSF instance\"},\"425\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.7.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"426\":{\"h\":\"Allow List Management\",\"t\":[\"You can read all about the concept of Allow Lists in our introduction.\"]},\"427\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"428\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"429\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"430\":{\"h\":\"Install Plugins\",\"t\":[\"Marketplace for process plugins\",\"To install and learn more about each Process Plugin, you can visit the Marketplace here.\"]},\"431\":{\"h\":\"\",\"t\":[\"You can find an overview of compatable process plugins below (last updated 2025-01-22).\",\"Process Plugin\",\"released for test\",\"released for production\",\"Ping-Pong\",\"v1.0.1.0\",\"v1.0.1.0\",\"Allow-List\",\"v1.0.0.1\",\"v1.0.0.1\",\"MII Process Feasibility\",\"v1.0.0.7\",\"v1.0.0.7\",\"MII Process Report\",\"v1.1.2.0\",\"v1.1.2.0\",\"MII Process Data Transfer\",\"v1.0.3.0\",\"v1.0.3.0\",\"MII Process Data Sharing\",\"v1.0.2.0\",\"v1.0.2.0\",\"NUM-RDP\",\"v1.1.0.0\",\"v1.1.0.0\",\"Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.\",\"Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).\"]},\"432\":{\"h\":\"Prerequisites\",\"t\":[\"A DSF installation of version 1.3.x or higher. An installation guide can be found here.\"]},\"433\":{\"h\":\"Deployment\",\"t\":[\"Add the process jar-file to the DSF BPE folder /opt/bpe/process:\",\"wget (your jar-file download link)\",\"For example:\",\" wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar\",\"Make sure the process is readable by the bpe user or group, for example by executing:\",\"sudo chmod 440 (your jar-file name.jar) sudo chown root:bpe (your jar-file name.jar)\",\"For example:\",\"sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar\",\"Modify the process exclude config in /opt/bpe/docker-compose.yml\",\"Reminder: Update/verify required configurations in docker-compose.yml\"]},\"434\":{\"h\":\"Install DSF 1.7.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"435\":{\"h\":\"Prerequisites\"},\"436\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"437\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"438\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"439\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"440\":{\"h\":\"Setup\"},\"441\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"442\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L34: - app_client_certificate_private_key.pem.password ... L47: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L109: app_client_certificate_private_key.pem.password: L110: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443 Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see the FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"443\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L12: - app_client_certificate_private_key.pem.password ... L32: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L83: app_client_certificate_private_key.pem.password: L84: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"444\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1 INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2\"]},\"445\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"446\":{\"h\":\"Passwords and Secrets\",\"t\":[\"Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.\"]},\"447\":{\"h\":\"Example Environment Variables\",\"t\":[\"DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.\"]},\"448\":{\"h\":\"Docker Secrets\",\"t\":[\"It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/ inside the container.\"]},\"449\":{\"h\":\"Example docker-compose\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir secrets: - db_user_password - oidc_client_secret environment: DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret secrets: db_user_password: file: ./secrets/db_user.password api_key: file: ./secrets/oidc_client.secret\"]},\"450\":{\"h\":\"Default Root Certificates\",\"t\":[\"A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.\"]},\"451\":{\"h\":\"Extending or Replacing Trusted Certificate Authorities\",\"t\":[\"X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.\"]},\"452\":{\"h\":\"FHIR Reverse Proxy\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile). Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"SSL_CA_CERTIFICATE_FILE Default Value: ca/client_cert_ca_chains.pem\",\"SSL_CA_DN_REQUEST_FILE Default Value: ca/client_cert_issuing_cas.pem\",\"Note: Default file location are relative to the docker image work directory /usr/local/apache2.Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.\"]},\"453\":{\"h\":\"FHIR Server\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using OpenID Connect for authenticating local users. Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS Default Value: ca/client_cert_ca_chains.pem\",\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"Note: Default file location are relative to the docker image work directory /opt/fhir.\"]},\"454\":{\"h\":\"BPE Reverse Proxy\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile). Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"SSL_CA_CERTIFICATE_FILE Default Value: ca/client_cert_ca_chains.pem\",\"SSL_CA_DN_REQUEST_FILE Default Value: ca/client_cert_issuing_cas.pem\",\"Note: Default file location are relative to the docker image work directory /usr/local/apache2.Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.\"]},\"455\":{\"h\":\"BPE Server\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using OpenID Connect for authenticating local users. Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS Default Value: ca/client_cert_ca_chains.pem\",\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pemDEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"Note: Default file location are relative to the docker image work directory /opt/bpe.\"]},\"456\":{\"h\":\"List of Default Trusted Certificate Authorities\",\"t\":[\"If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.\"]},\"457\":{\"h\":\"CAs Trusted by Common Web Browsers and Operating Systems\",\"t\":[\"Root CA: HARICA TLS ECC Root CA 2021 Info: https://crt.sh/?caid=202185 X509 Certificate: https://crt.sh/?id=4147045948 Not after: Feb 13 11:01:09 2045 GMT \",\"Issuing CA: GEANT TLS ECC 1 Info: https://crt.sh/?caid=390050 X509 Certificate: https://crt.sh/?id=16099180990 Not after: Dec 31 11:14:20 2039 GMT\",\"Issuing CA: HARICA OV TLS ECC Info: https://crt.sh/?caid=207661 X509 Certificate: https://crt.sh/?id=4442848530 Not after: Mar 15 09:33:51 2036 GMT\",\"Root CA: HARICA TLS RSA Root CA 2021 Info: https://crt.sh/?caid=202184 X509 Certificate: https://crt.sh/?id=4147041876 Not after: Feb 13 10:55:37 2045 GMT \",\"Issuing CA: GEANT TLS RSA 1 Info: https://crt.sh/?caid=390054 X509 Certificate: https://crt.sh/?id=16099180997 Not after: Dec 31 11:14:59 2039 GMT\",\"Issuing CA: HARICA OV TLS RSA Info: https://crt.sh/?caid=207660 X509 Certificate: https://crt.sh/?id=4442848529 Not after: Mar 15 09:34:16 2036 GMT\",\"Root CA: HARICA Client ECC Root CA 2021 Info: https://crt.sh/?caid=202189 X509 Certificate: https://crt.sh/?id=4147052292 Not after: Feb 13 11:03:33 2045 GMT \",\"Issuing CA: GEANT S/MIME ECC 1 [client/smime certificates only] Info: https://crt.sh/?caid=390048 X509 Certificate: https://crt.sh/?id=16099180988 Not after: Dec 31 11:11:39 2039 GMT\",\"Issuing CA: HARICA S/MIME ECC [client/smime certificates only] Info: https://crt.sh/?caid=207659 X509 Certificate: https://crt.sh/?id=4442848523 Not after: Mar 15 09:36:57 2036 GMT\",\"Root CA: HARICA Client RSA Root CA 2021 Info: https://crt.sh/?caid=202188 X509 Certificate: https://crt.sh/?id=4147049674 Not after: Feb 13 10:58:45 2045 GMT \",\"Issuing CA: GEANT S/MIME RSA 1 [client/smime certificates only] Info: https://crt.sh/?caid=390049 X509 Certificate: https://crt.sh/?id=16099180989 Not after: Dec 31 11:13:07 2039 GMT\",\"Issuing CA: HARICA S/MIME RSA [client/smime certificates only] Info: https://crt.sh/?caid=207658 X509 Certificate: https://crt.sh/?id=4442848517 Not after: Mar 15 09:37:37 2036 GMT\",\"Root CA: T-TeleSec GlobalRoot Class 2 [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=6068 X509 Certificate: https://crt.sh/?id=8733622 Not after: Oct 1 23:59:59 2033 GMT \",\"Intermediate Root CA: DFN-Verein Certification Authority 2 Info: https://crt.sh/?caid=22818 X509 Certificate: https://crt.sh/?id=23908438 Not after: Feb 22 23:59:59 2031 GMT \",\"Issuing CA: DFN-Verein Global Issuing CA [existing, still valid client certificates, no new certificates] Info: https://crt.sh/?caid=23770 X509 Certificate: https://crt.sh/?id=25484751 Not after: Feb 22 23:59:59 2031 GMT\",\"Issuing CA: Fraunhofer User CA - G02 [existing, still valid client certificates, no new certificates] Info: https://crt.sh/?caid=23772 X509 Certificate: https://crt.sh/?id=25484789 Not after: Feb 22 23:59:59 2031 GMT\",\"Root CA: D-TRUST Root Class 3 CA 2 2009 Info: https://crt.sh/?caid=712 X509 Certificate: https://crt.sh/?id=133226 Not after: Nov 5 08:35:58 2029 GMT \",\"Issuing CA: D-TRUST SSL Class 3 CA 1 2009 [server certificates via TMF e.V.] Info: https://crt.sh/?caid=713 X509 Certificate: https://crt.sh/?id=133227 Not after: Nov 5 08:35:58 2029 GMT\",\"Root CA: USERTrust ECC Certification Authority [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=1390 X509 Certificate: https://crt.sh/?id=2841410 Not after: Jan 18 23:59:59 2038 GMT \",\"Issuing CA: Sectigo ECC Organization Validation Secure Server CA Info: https://crt.sh/?caid=105483 X509 Certificate: https://crt.sh/?id=924467859 Not after: Dec 31 23:59:59 2030 GMT\",\"Issuing CA: GEANT OV ECC CA 4 Info: https://crt.sh/?caid=160140 X509 Certificate: https://crt.sh/?id=2475254970\",\"Issuing CA: GEANT Personal ECC CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160136 X509 Certificate: https://crt.sh/?id=2475254903 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT eScience Personal ECC CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160138 X509 Certificate: https://crt.sh/?id=2475254888 Not after: May 1 23:59:59 2033 GMT\",\"Root CA: USERTrust RSA Certification Authority [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=1167 X509 Certificate: https://crt.sh/?id=1199354 Not after: Jan 18 23:59:59 2038 GMT \",\"Issuing CA: Sectigo RSA Organization Validation Secure Server CA Info: https://crt.sh/?caid=105487 X509 Certificate: https://crt.sh/?id=924467857 Not after: Dec 31 23:59:59 2030 GMT\",\"Issuing CA: GEANT OV RSA CA 4 Info: https://crt.sh/?caid=160137 X509 Certificate: https://crt.sh/?id=2475254782 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT Personal CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160144 X509 Certificate: https://crt.sh/?id=2475255043 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT eScience Personal CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160134 X509 Certificate: https://crt.sh/?id=2475253350 Not after: May 1 23:59:59 2033 GMT\"]},\"458\":{\"h\":\"Other CAs\",\"t\":[\"Root CA: D-TRUST Limited Basic Root CA 1 2019 X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_Root_CA_1_2019.crt Not after: Jun 19 08:15:51 2034 GMT \",\"Issuing CA: D-TRUST Limited Basic CA 1-2 2019 [client certificates via TMF e.V.] X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_CA_1-2_2019.crt Not after: Jun 19 08:15:51 2034 GMT\",\"Issuing CA: D-TRUST Limited Basic CA 1-3 2019 [client certificates via TMF e.V.] X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_CA_1-3_2019.crt Not after: Jun 19 08:15:51 2034 GMT\"]},\"459\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"460\":{\"h\":\"Upgrade from DSF 1.6.0\",\"t\":[\"Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.\",\"Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.\"]},\"461\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.\",\" version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.6.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.7.0 restart: on-failure ... - ssl_certificate_file.pem - ssl_certificate_key_file.pem - ssl_certificate_chain_file.pem - - ssl_ca_certificate_file.pem - - ssl_ca_dn_request_file.pem environment: ... SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem - SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem - SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem networks: ... app: - image: ghcr.io/datasharingframework/fhir:1.6.0 + image: ghcr.io/datasharingframework/fhir:1.7.0 restart: on-failure ... secrets: - db_liquibase.password - db_user.password - db_user_permanent_delete.password - - app_client_trust_certificates.pem - app_client_certificate.pem - app_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password - - ssl_ca_certificate_file.pem volumes: ... environment: TZ: Europe/Berlin - DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ... DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem ... secrets: ... - ssl_ca_certificate_file.pem: - file: ./secrets/ssl_ca_certificate_file.pem - ssl_ca_dn_request_file.pem: - file: ./secrets/ssl_ca_dn_request_file.pem ... - app_client_trust_certificates.pem: - file: ./secrets/ssl_root_ca_certificate_file.pem ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"462\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.\",\" version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.6.0 + image: ghcr.io/datasharingframework/bpe:1.7.0 restart: on-failure secrets: - db_liquibase.password - db_user.password - db_user_camunda.password - - app_client_trust_certificates.pem - app_client_certificate.pem - app_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password - - ssl_ca_certificate_file.pem volumes: ... environment: TZ: Europe/Berlin - DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ... DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem ... secrets: ... - app_client_trust_certificates.pem: - file: ./secrets/ssl_root_ca_certificate_file.pem ... - ssl_ca_certificate_file.pem: - file: ./secrets/ssl_ca_certificate_file.pem ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"463\":{\"h\":\"Develop Process Plugins\"},\"464\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"465\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"466\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"467\":{\"h\":\"Maintain a DSF instance\"},\"468\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.0.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"Configuration Paramters\"]},\"469\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists here.\"]},\"470\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here. Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.\"]},\"471\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test infrastructure) 1.1 If none exists yet, read here\",\"Certificate 2.1 If none exists yet, read here\",\"Organization identifier (FQDN of your organization, e.g. hs-heilbronn.de)\",\"FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"472\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool. At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"473\":{\"h\":\"Install DSF 1.0.0\",\"t\":[\"Member of existing networks\",\"If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.\",\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"474\":{\"h\":\"Prerequisites\"},\"475\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"476\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"477\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"478\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"479\":{\"h\":\"Setup\"},\"480\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"481\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2101 fhir sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_0_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_0_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L44: - app_client_certificate_private_key.pem.password ... L59: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L149: app_client_certificate_private_key.pem.password: L150: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: You can add other client certificates (e.g. personal DFN PKI S/MIME certificates, e.g. from admins) to your DSF instance. Set the SHA-512 Hash (lowercase hex) of your additional client certificates. The parameter TODO_WEBUSER_CLIENT_CERTIFICATE_THUMBPRINT can be a single thumbprint or can be expanded to a list (like dsf-role). If you don't have additional thumbprints you want to add, simply remove the DEV_DSF_FHIR_SERVER_ROLECONFIG variable from your docker-compose file.\",\"For additional environment variables, see DSF configuration parameters - FHIR Server\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"482\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2202 bpe sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_0_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_0_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L18: - app_client_certificate_private_key.pem.password ... L40: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_FQDN/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see DSF configuration parameters - BPE Server\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"483\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"484\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"485\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"Do not upgrade unless prompted!\",\"Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).\",\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:\",\"shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"install the new DSF according to the instructions.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\"]},\"486\":{\"h\":\"Develop Process Plugins\"},\"487\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"488\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"489\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"490\":{\"h\":\"Maintain a DSF instance\"},\"491\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.1.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"492\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists here.\"]},\"493\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here. Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.\"]},\"494\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test infrastructure) 1.1 If none exists yet, read here\",\"Certificate 2.1 If none exists yet, read here\",\"Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)\",\"FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"495\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool. At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"496\":{\"h\":\"Install DSF 1.1.0\",\"t\":[\"Member of existing networks\",\"If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.\",\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"497\":{\"h\":\"Prerequisites\"},\"498\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"499\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"500\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"501\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"502\":{\"h\":\"Setup\"},\"503\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"504\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2101 fhir sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_1_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_1_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L44: - app_client_certificate_private_key.pem.password ... L59: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L146: app_client_certificate_private_key.pem.password: L147: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"505\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo addgroup --gid 2202 bpe sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_1_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_1_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L18: - app_client_certificate_private_key.pem.password ... L40: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L97: app_client_certificate_private_key.pem.password: L98: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"506\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"507\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"508\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"Do not upgrade unless prompted!\",\"Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).\",\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:\",\"shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"install the new DSF according to the instructions.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\"]},\"509\":{\"h\":\"Upgrade from DSF 1.x\",\"t\":[\"Upgrading the DSF from 1.0.0 to 1.1.0 involves modifying the docker-compose.yml files and recreating the containers.\",\"Upgrade from 0.9.x\",\"If you want to migrate from DSF 0.9.x, please follow these instructions.\"]},\"510\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.1.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.1.0\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.0.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.1.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.0.0 + image: ghcr.io/datasharingframework/fhir:1.1.0 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"511\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.1.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.1.0\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.0.0 + image: ghcr.io/datasharingframework/bpe:1.1.0 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.1.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.1.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.1.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.1.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"512\":{\"h\":\"Develop Process Plugins\"},\"513\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"514\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"515\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"516\":{\"h\":\"Maintain a DSF instance\"},\"517\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.2.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"518\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists here.\"]},\"519\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here. Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.\"]},\"520\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test infrastructure) 1.1 If none exists yet, read here\",\"Certificate 2.1 If none exists yet, read here\",\"Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)\",\"FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"521\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool. At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"522\":{\"h\":\"Install DSF 1.2.0\",\"t\":[\"Member of existing networks\",\"If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.\",\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"523\":{\"h\":\"Prerequisites\"},\"524\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"525\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"526\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"527\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"528\":{\"h\":\"Setup\"},\"529\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"530\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_2_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_2_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L44: - app_client_certificate_private_key.pem.password ... L59: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L146: app_client_certificate_private_key.pem.password: L147: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"531\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_2_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_2_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L18: - app_client_certificate_private_key.pem.password ... L40: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L97: app_client_certificate_private_key.pem.password: L98: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"532\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"533\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"534\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"Do not upgrade unless prompted!\",\"Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).\",\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:\",\"shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"install the new DSF according to the instructions.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\"]},\"535\":{\"h\":\"Upgrade from DSF 1.1.0\",\"t\":[\"Upgrading the DSF from 1.1.0 to 1.2.0 involves modifying the docker-compose.yml files and recreating the containers.\",\"Upgrade from 0.9.x\",\"If you want to migrate from DSF 0.9.x, please follow these instructions.\"]},\"536\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.2.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.1.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.2.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.1.0 + image: ghcr.io/datasharingframework/fhir:1.2.0 restart: on-failure - healthcheck: - test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_fhir.jar\\\", \\\"dev.dsf.common.status.client.StatusClient\\\"] - interval: 10s - timeout: 15s - retries: 5 ...\",\"The role configuration is now optional. If you don't use roles, you can remove the role config (default for new installations):\",\" app: ... environment: ... - # TODO specify role configuration to allow access to the UI via web-browser or REST API for specific users, see documentation at dsf.dev - DEV_DSF_FHIR_SERVER_ROLECONFIG: |\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"537\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.2.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.1.0 + image: ghcr.io/datasharingframework/bpe:1.2.0 restart: on-failure - healthcheck: - test: [\\\"CMD\\\", \\\"java\\\", \\\"-cp\\\", \\\"dsf_bpe.jar\\\", \\\"dev.dsf.common.status.client.StatusClient\\\"] - interval: 10s - timeout: 15s - retries: 5 ...\",\"DSF v1.2.0 is not compatible with the Ping/Pong process plugin v1.0.0.0, upgrade to the Ping/Pong plugin v1.0.1.0 by removing the old jar file and replacing it with the new v1.0.1.0 one.\",\"We have released a new version of the Allow List Process plugin where we added support for delete operations. Please upgrade to the Allow-List process v1.0.0.1 by removing the old jar file and replacing it with the new v1.0.0.1 one.\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.2.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.2.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.2.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.2.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"538\":{\"h\":\"Develop Process Plugins\"},\"539\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"540\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"541\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"542\":{\"h\":\"Maintain a DSF instance\"},\"543\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.3.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"544\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"545\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.\"]},\"546\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)\",\"FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"547\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists respective Allow List Management Tool.\",\"Click here to open the DSF Allow List Management Tool for the Test infrastructure.\",\"Click here to open the DSF Allow List Management Tool for the Production infrastructure.\",\"We use different colors for the DSF Allow List Management Tools in the Test (green) and Production (blue) infastructure.\",\"At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"548\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatable process plugins below.\"]},\"549\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"550\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/feasibility-dsf-process/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\"]},\"551\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"552\":{\"h\":\"Install DSF 1.3.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"553\":{\"h\":\"Prerequisites\"},\"554\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"555\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"556\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"557\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"558\":{\"h\":\"Setup\"},\"559\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"560\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_3_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_3_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L44: - app_client_certificate_private_key.pem.password ... L59: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L146: app_client_certificate_private_key.pem.password: L147: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"561\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_3_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_3_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L18: - app_client_certificate_private_key.pem.password ... L40: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L97: app_client_certificate_private_key.pem.password: L98: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"562\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"563\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"564\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"565\":{\"h\":\"Upgrade from DSF 1.2.0\",\"t\":[\"Upgrading the DSF from 1.2.0 to 1.3.0 involves modifying the docker-compose.yml files and recreating the containers.\",\"Upgrade from 0.9.x\",\"If you want to migrate from DSF 0.9.x, please follow these instructions.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"566\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.0.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.2.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.3.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.2.0 + image: ghcr.io/datasharingframework/fhir:1.3.0 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"567\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.0.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.2.0 + image: ghcr.io/datasharingframework/bpe:1.3.0 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.3.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.3.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"568\":{\"h\":\"Develop Process Plugins\"},\"569\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"570\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"571\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"572\":{\"h\":\"Maintain a DSF instance\"},\"573\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.3.1\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"574\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"575\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"576\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"577\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"578\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatable process plugins below.\"]},\"579\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"580\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/feasibility-dsf-process/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\"]},\"581\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"582\":{\"h\":\"Install DSF 1.3.1\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"583\":{\"h\":\"Prerequisites\"},\"584\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"585\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"586\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"587\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"588\":{\"h\":\"Setup\"},\"589\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"590\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_3_1.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_3_1.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"591\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_3_1.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_3_1.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"592\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"593\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"594\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"595\":{\"h\":\"Upgrade from DSF 1.3.0\",\"t\":[\"Upgrading the DSF from 1.3.0 to 1.3.1 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"596\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.1_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.1.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.3.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.3.1 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.3.0 + image: ghcr.io/datasharingframework/fhir:1.3.1 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"597\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.1_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.1.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.3.0 + image: ghcr.io/datasharingframework/bpe:1.3.1 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.3.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.1, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.3.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.1, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"598\":{\"h\":\"Develop Process Plugins\"},\"599\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"600\":{\"h\":\"Create a new process plugin\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"601\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"602\":{\"h\":\"Maintain a DSF instance\"},\"603\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.3.1\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"604\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"605\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"606\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"607\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"608\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatable process plugins below.\"]},\"609\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"610\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/feasibility-dsf-process/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\",\"MII-Data-Transfer: https://github.com/medizininformatik-initiative/mii-process-data-transfer/releases\"]},\"611\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"612\":{\"h\":\"Install DSF 1.3.2\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"613\":{\"h\":\"Prerequisites\"},\"614\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"615\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"616\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"617\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"618\":{\"h\":\"Setup\"},\"619\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"620\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_3_2.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_3_2.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"621\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_3_2.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_3_2.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"622\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"623\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"624\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"625\":{\"h\":\"Upgrade from DSF 1.3.1\",\"t\":[\"Upgrading the DSF from 1.3.1 to 1.3.2 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"626\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.2_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.2.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.3.1 + image: ghcr.io/datasharingframework/fhir_proxy:1.3.2 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.3.1 + image: ghcr.io/datasharingframework/fhir:1.3.2 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"627\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.2_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.2.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.3.1 + image: ghcr.io/datasharingframework/bpe:1.3.2 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.3.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.2, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.3.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.2, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"628\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"629\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"630\":{\"h\":\"General\"},\"631\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"632\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"633\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"634\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"635\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"636\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"637\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"638\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"639\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"640\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"641\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"642\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"643\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"644\":{\"h\":\"Develop Process Plugins\"},\"645\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"646\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"647\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"648\":{\"h\":\"Maintain a DSF instance\"},\"649\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.4.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Server \",\"Configuration Parameters\"]},\"650\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"651\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"652\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"653\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"654\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatable process plugins below.\"]},\"655\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"656\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/mii-process-feasibility/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\",\"MII-Data-Transfer: https://github.com/medizininformatik-initiative/mii-process-data-transfer/releases\"]},\"657\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"658\":{\"h\":\"Install DSF 1.4.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"659\":{\"h\":\"Prerequisites\"},\"660\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"661\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"662\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"663\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"664\":{\"h\":\"Setup\"},\"665\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"666\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_4_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_4_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"667\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_4_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_4_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"668\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"669\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"670\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"671\":{\"h\":\"Upgrade from DSF 1.3.2\",\"t\":[\"Upgrading the DSF from 1.3.2 to 1.4.0 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"672\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.4.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.4.0.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.3.2 + image: ghcr.io/datasharingframework/fhir_proxy:1.4.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.3.2 + image: ghcr.io/datasharingframework/fhir:1.4.0 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"673\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.4.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.4.0.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.3.2 + image: ghcr.io/datasharingframework/bpe:1.4.0 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.4.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.4.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.4.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.4.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"674\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"675\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"676\":{\"h\":\"General\"},\"677\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"678\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"679\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"680\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"681\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"682\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"683\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"684\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"685\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"686\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"687\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"688\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"689\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"690\":{\"h\":\"Develop Process Plugins\"},\"691\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"692\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"693\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"694\":{\"h\":\"Maintain a DSF instance\"},\"695\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.5.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"696\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"697\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"698\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"699\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"700\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatable process plugins below.\"]},\"701\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"702\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/mii-process-feasibility/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\",\"MII-Data-Transfer: https://github.com/medizininformatik-initiative/mii-process-data-transfer/releases\"]},\"703\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"704\":{\"h\":\"Install DSF 1.5.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"705\":{\"h\":\"Prerequisites\"},\"706\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"707\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"708\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"709\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"710\":{\"h\":\"Setup\"},\"711\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"712\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_5_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_5_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"713\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_5_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_5_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"714\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1} INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}\"]},\"715\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"716\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"717\":{\"h\":\"Upgrade from DSF 1.4.0\",\"t\":[\"Upgrading the DSF from 1.4.0 to 1.5.0 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"718\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.0.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.4.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.5.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.4.0 + image: ghcr.io/datasharingframework/fhir:1.5.0 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"719\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.0.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.4.0 + image: ghcr.io/datasharingframework/bpe:1.5.0 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.5.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.5.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"720\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"721\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"722\":{\"h\":\"General\"},\"723\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"724\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"725\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"726\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"727\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"728\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"729\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"730\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"731\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"732\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"733\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"734\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"735\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"736\":{\"h\":\"Develop Process Plugins\"},\"737\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"738\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"739\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"740\":{\"h\":\"Maintain a DSF instance\"},\"741\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.5.1\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"742\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"743\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"744\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"745\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"746\":{\"h\":\"Install Plugins\",\"t\":[\"You can find an overview of compatible process plugins below.\"]},\"747\":{\"h\":\"Common processes\",\"t\":[\"Ping-Pong: https://github.com/datasharingframework/dsf-process-ping-pong/releases\",\"AllowList Download: https://github.com/datasharingframework/dsf-process-allow-list/releases\"]},\"748\":{\"h\":\"MII processes\",\"t\":[\"Feasibility: https://github.com/medizininformatik-initiative/mii-process-feasibility/releases\",\"KDS-Report: https://github.com/medizininformatik-initiative/mii-process-report/releases\",\"MII-Data-Sharing: https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases\",\"MII-Data-Transfer: https://github.com/medizininformatik-initiative/mii-process-data-transfer/releases\"]},\"749\":{\"h\":\"NUM processes\",\"t\":[\"NUM-RDP: https://github.com/num-codex/codex-processes-ap1/releases\"]},\"750\":{\"h\":\"Install DSF 1.5.1\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"751\":{\"h\":\"Prerequisites\"},\"752\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"753\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"754\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"755\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"756\":{\"h\":\"Setup\"},\"757\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"758\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_5_1.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_5_1.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"759\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_5_1.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_5_1.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"760\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1 INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2\"]},\"761\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"762\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"763\":{\"h\":\"Upgrade from DSF 1.5.0\",\"t\":[\"Upgrading the DSF from 1.5.0 to 1.5.1 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"764\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.1_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.1.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.5.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.5.1 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.5.0 + image: ghcr.io/datasharingframework/fhir:1.5.1 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"765\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.1_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.1.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.5.0 + image: ghcr.io/datasharingframework/bpe:1.5.1 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.5.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.1, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.5.1. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.1, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"766\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"767\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"768\":{\"h\":\"General\"},\"769\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"770\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"771\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"772\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"773\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"774\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"775\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"776\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"777\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"778\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"779\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"780\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"781\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"782\":{\"h\":\"Develop Process Plugins\"},\"783\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"784\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"785\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"786\":{\"h\":\"Maintain a DSF instance\"},\"787\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.5.2\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"788\":{\"h\":\"Allow List Management\",\"t\":[\"Caution\",\"This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.\",\"You can read all about the concept of Allow Lists in our introduction.\"]},\"789\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"790\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"791\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"792\":{\"h\":\"Install Plugins\",\"t\":[\"Marketplace for process plugins\",\"To install and learn more about each Process Plugin, you can visit the Marketplace here.\"]},\"793\":{\"h\":\"\",\"t\":[\"You can find an overview of compatable process plugins below (last updated 14/08/2024).\",\"Process Plugin\",\"released for test\",\"released for production\",\"Ping-Pong\",\"v1.0.1.0\",\"v1.0.1.0\",\"Allow-List\",\"v1.0.0.1\",\"v1.0.0.1\",\"MII Process Feasibility\",\"v1.0.0.6\",\"v1.0.0.6\",\"MII Process Report\",\"v1.1.1.1\",\"v1.1.1.1\",\"MII Process Data Transfer\",\"v1.0.2.1\",\"v1.0.2.1\",\"MII Process Data Sharing\",\"v1.0.1.1\",\"v1.0.1.1\",\"NUM-RDP\",\"v1.1.0.0\",\"v1.1.0.0\",\"Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.\",\"Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).\"]},\"794\":{\"h\":\"Prerequisites\",\"t\":[\"A DSF installation of version 1.3.x or higher. An installation guide can be found here.\"]},\"795\":{\"h\":\"Deployment\",\"t\":[\"Add the process jar-file to the DSF BPE folder /opt/bpe/process:\",\"wget (your jar-file download link)\",\"For example:\",\" wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar\",\"Make sure the process is readable by the bpe user or group, for example by executing:\",\"sudo chmod 440 (your jar-file name.jar) sudo chown root:bpe (your jar-file name.jar)\",\"For example:\",\"sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar\",\"Modify the process exclude config in /opt/bpe/docker-compose.yml\",\"Reminder: Update/verify required configurations in docker-compose.yml\"]},\"796\":{\"h\":\"Install DSF 1.5.2\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"797\":{\"h\":\"Prerequisites\"},\"798\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"799\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"800\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"801\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"802\":{\"h\":\"Setup\"},\"803\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"804\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_5_2.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_5_2.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"805\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_5_2.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_5_2.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"806\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1 INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2\"]},\"807\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"808\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"809\":{\"h\":\"Upgrade from DSF 1.5.1\",\"t\":[\"Upgrading the DSF from 1.5.1 to 1.5.2 involves modifying the docker-compose.yml files and recreating the containers.\",\"Update to DSF 1.2.0 first\",\"When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.\"]},\"810\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.2_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.2.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.5.1 + image: ghcr.io/datasharingframework/fhir_proxy:1.5.2 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.5.1 + image: ghcr.io/datasharingframework/fhir:1.5.2 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"811\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.2_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.2.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.5.1 + image: ghcr.io/datasharingframework/bpe:1.5.2 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.5.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.2, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.5.2. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.2, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"812\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"813\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"814\":{\"h\":\"General\"},\"815\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"816\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"817\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"818\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"819\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"820\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"821\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"822\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"823\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"824\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"825\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"826\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"827\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"828\":{\"h\":\"Develop Process Plugins\"},\"829\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"830\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"831\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"832\":{\"h\":\"Maintain a DSF instance\"},\"833\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.6.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"834\":{\"h\":\"Allow List Management\",\"t\":[\"You can read all about the concept of Allow Lists in our introduction.\"]},\"835\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"836\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"837\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"838\":{\"h\":\"Install Plugins\",\"t\":[\"Marketplace for process plugins\",\"To install and learn more about each Process Plugin, you can visit the Marketplace here.\"]},\"839\":{\"h\":\"\",\"t\":[\"You can find an overview of compatable process plugins below (last updated 14/08/2024).\",\"Process Plugin\",\"released for test\",\"released for production\",\"Ping-Pong\",\"v1.0.1.0\",\"v1.0.1.0\",\"Allow-List\",\"v1.0.0.1\",\"v1.0.0.1\",\"MII Process Feasibility\",\"v1.0.0.7\",\"v1.0.0.7\",\"MII Process Report\",\"v1.1.1.1\",\"v1.1.1.1\",\"MII Process Data Transfer\",\"v1.0.2.1\",\"v1.0.2.1\",\"MII Process Data Sharing\",\"v1.0.1.1\",\"v1.0.1.1\",\"NUM-RDP\",\"v1.1.0.0\",\"v1.1.0.0\",\"Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.\",\"Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).\"]},\"840\":{\"h\":\"Prerequisites\",\"t\":[\"A DSF installation of version 1.3.x or higher. An installation guide can be found here.\"]},\"841\":{\"h\":\"Deployment\",\"t\":[\"Add the process jar-file to the DSF BPE folder /opt/bpe/process:\",\"wget (your jar-file download link)\",\"For example:\",\" wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar\",\"Make sure the process is readable by the bpe user or group, for example by executing:\",\"sudo chmod 440 (your jar-file name.jar) sudo chown root:bpe (your jar-file name.jar)\",\"For example:\",\"sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar\",\"Modify the process exclude config in /opt/bpe/docker-compose.yml\",\"Reminder: Update/verify required configurations in docker-compose.yml\"]},\"842\":{\"h\":\"Install DSF 1.6.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"843\":{\"h\":\"Prerequisites\"},\"844\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"845\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"846\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"847\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"848\":{\"h\":\"Setup\"},\"849\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"850\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_6_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_6_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L39: - app_client_certificate_private_key.pem.password ... L54: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L141: app_client_certificate_private_key.pem.password: L142: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA\",\"L114: ssl_certificate_chain_file.pem: L115: file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN:443 Set your FHIR servers external FQDN, e.g. foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see DSF configuration parameters - FHIR Reverse Proxy\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"851\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_6_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_6_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L13: - app_client_certificate_private_key.pem.password ... L35: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L89: app_client_certificate_private_key.pem.password: L90: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"852\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1 INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2\"]},\"853\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"854\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"855\":{\"h\":\"Upgrade from DSF 1.5.2\",\"t\":[\"Upgrading the DSF from 1.5.2 to 1.6.0 involves modifying the docker-compose.yml files and recreating the containers.\"]},\"856\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.6.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.6.0.\",\"version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.5.2 + image: ghcr.io/datasharingframework/fhir_proxy:1.6.0 restart: on-failure ... app: - image: ghcr.io/datasharingframework/fhir:1.5.2 + image: ghcr.io/datasharingframework/fhir:1.6.0 restart: on-failure ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"857\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.6.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.6.0.\",\"version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.5.2 + image: ghcr.io/datasharingframework/bpe:1.6.0 restart: on-failure ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.6.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.6.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"858\":{\"h\":\"Contribute code\",\"t\":[\"Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.\"]},\"859\":{\"h\":\"Benefits of Contributing:\",\"t\":[\"Foster community growth and diversification.\",\"Sharpen your coding skills.\",\"Gain recognition in the DSF community.\",\"Directly impact the future of data sharing in medicine.\",\"Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.\"]},\"860\":{\"h\":\"General\"},\"861\":{\"h\":\"Code style\",\"t\":[\"You can import our code style for your specific IDE:\",\"Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.\",\"IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.\",\"Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.\"]},\"862\":{\"h\":\"Branching strategy\",\"t\":[\"Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:\",\"main\",\"develop\",\"issue\",\"hotfix\",\"release\",\"Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.\"]},\"863\":{\"h\":\"Branch naming\",\"t\":[\"The following ruleset is applied to name branches:\",\"issue/_\",\"hotfix/\",\"release/\"]},\"864\":{\"h\":\"Setting up the project\",\"t\":[\"This chapter lists all important requirements to get the project buildable and running properly.\"]},\"865\":{\"h\":\"Java\",\"t\":[\"This project uses Java JDK 17, so make sure you have it installed on your system.\"]},\"866\":{\"h\":\"Docker\",\"t\":[\"Docker is used in this project to test database functionality and to run more complex test-setups.\"]},\"867\":{\"h\":\"Maven\",\"t\":[\"The project relies on Maven as its management tool.Important: When building the project you might encounter the following error:Could not determine gpg versionGPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.\"]},\"868\":{\"h\":\"Workflow\",\"t\":[\"Create an issue or comment on an issue that you want to contribute some feature\",\"Fork the repository, create a branch and mention it in the issue\",\"If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests\",\"If your changes are production-ready, create a pull request.\"]},\"869\":{\"h\":\"Pull request process\",\"t\":[\"We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:\",\"Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.\",\"Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.\",\"Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.\",\"This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.\",\"For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.\"]},\"870\":{\"h\":\"Data Security in DSF Development\",\"t\":[\"The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:\",\"No development with real personal data: Always use anonymized or synthetic data for development purposes.\",\"No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.\",\"Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.\"]},\"871\":{\"h\":\"Contribute documentation\",\"t\":[\"Join us in enhancing our documentation!\",\"We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!\",\"Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.\",\"Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.\",\"Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.\",\"We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!\"]},\"872\":{\"h\":\"Contribute\",\"t\":[\"We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.\"]},\"873\":{\"h\":\"\",\"t\":[\"Helping other users: \",\"MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.\",\"GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.\",\"Testing releases: \",\"Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.\",\"Report findings: Share your testing results to help us refine and enhance our releases.\",\"Reviewing changes: \",\"Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.\",\"Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.\",\"Documentation changes: \",\"Improve documentation: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our Getting started guide for documentation contributions to DSF.\",\"Suggest improvements: If you notice gaps or areas for enhancement in our documentation, we welcome your suggestions and contributions.\",\"Contributing bug reports: \",\"Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.\",\"Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.\",\"Contributing feature requests: \",\"Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.\",\"Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.\",\"Contributing process plugins: \",\"Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.\",\"Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.\",\"Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.\",\"Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!\"]},\"874\":{\"h\":\"Develop Process Plugins\"},\"875\":{\"h\":\"Overview\",\"t\":[\"Create a new process plugin\",\"Upgrade processes from 0.9.x\"]},\"876\":{\"h\":\"Create a new process plugin\",\"t\":[\"Visit the how the DSF can help you page to get started.\",\"Work in progress\",\"We are currently in the process of updating the written documentation on how to create a DSF process plugin. In the meantime we recommend to study the oldstable version of the process plugin tutorial. Additionally, we recommend to take a look at the upgraded DSF processes here:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"877\":{\"h\":\"Upgrade processes from 0.9.x\",\"t\":[\"Work in progress\",\"We are currently in the process of updating the written documentation on how to upgrade a DSF process plugin to DSF 1.0.0. In the meantime we recommend to take a look at the provided sample plugin and the upgraded DSF plugins:\",\"The hello world plugin\",\"The ping pong plugin\",\"The update allowlist plugin\"]},\"878\":{\"h\":\"Maintain a DSF instance\"},\"879\":{\"h\":\"Overview\",\"t\":[\"Install DSF 1.7.0\",\"Upgrade from DSF 0.9.x\",\"Allow List Management\",\"FHIR Reverse Proxy \",\"Configuration Parameters\",\"FHIR Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\",\"BPE Reverse Proxy \",\"Configuration Parameters\",\"BPE Server \",\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"880\":{\"h\":\"Allow List Management\",\"t\":[\"You can read all about the concept of Allow Lists in our introduction.\"]},\"881\":{\"h\":\"Overview\",\"t\":[\"To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.\",\"The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.\"]},\"882\":{\"h\":\"Prerequisites\",\"t\":[\"Deployed DSF instance (test or production infrastructure) 1.1 If none exists yet, read the installation guide\",\"Certificate 2.1 If none exists yet, read the certificate requirements\",\"Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de\",\"FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir\",\"Contact details from a responsible person of your organization\",\"Access to the E-Mail address from your organization for verification\"]},\"883\":{\"h\":\"Start here\",\"t\":[\"When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:\",\"Test infrastructure\",\"Production infrastructure\",\"We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"884\":{\"h\":\"Install Plugins\",\"t\":[\"Marketplace for process plugins\",\"To install and learn more about each Process Plugin, you can visit the Marketplace here.\"]},\"885\":{\"h\":\"\",\"t\":[\"You can find an overview of compatable process plugins below (last updated 2025-01-22).\",\"Process Plugin\",\"released for test\",\"released for production\",\"Ping-Pong\",\"v1.0.1.0\",\"v1.0.1.0\",\"Allow-List\",\"v1.0.0.1\",\"v1.0.0.1\",\"MII Process Feasibility\",\"v1.0.0.7\",\"v1.0.0.7\",\"MII Process Report\",\"v1.1.2.0\",\"v1.1.2.0\",\"MII Process Data Transfer\",\"v1.0.3.0\",\"v1.0.3.0\",\"MII Process Data Sharing\",\"v1.0.2.0\",\"v1.0.2.0\",\"NUM-RDP\",\"v1.1.0.0\",\"v1.1.0.0\",\"Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.\",\"Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).\"]},\"886\":{\"h\":\"Prerequisites\",\"t\":[\"A DSF installation of version 1.3.x or higher. An installation guide can be found here.\"]},\"887\":{\"h\":\"Deployment\",\"t\":[\"Add the process jar-file to the DSF BPE folder /opt/bpe/process:\",\"wget (your jar-file download link)\",\"For example:\",\" wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar\",\"Make sure the process is readable by the bpe user or group, for example by executing:\",\"sudo chmod 440 (your jar-file name.jar) sudo chown root:bpe (your jar-file name.jar)\",\"For example:\",\"sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar\",\"Modify the process exclude config in /opt/bpe/docker-compose.yml\",\"Reminder: Update/verify required configurations in docker-compose.yml\"]},\"888\":{\"h\":\"Install DSF 1.7.0\",\"t\":[\"In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.\",\"Unified installation manual\",\"The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.\"]},\"889\":{\"h\":\"Prerequisites\"},\"890\":{\"h\":\"Virtual Machines\",\"t\":[\"DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\",\"DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD\"]},\"891\":{\"h\":\"Docker / Docker-Compose\",\"t\":[\"Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.\",\"sudo apt-get update sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo \\\"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin sudo systemctl enable docker.service sudo systemctl enable containerd.service\",\"The current version of docker compose is installed with the current docker version.\"]},\"892\":{\"h\":\"Client/Server Certificates\",\"t\":[\"Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:\",\"Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)\",\"Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)\",\"If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.\"]},\"893\":{\"h\":\"Network setup / Network access\",\"t\":[\"The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.\",\"The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.\",\"Here is a quick overview of the expected network setup.\",\"Source\",\"Target\",\"Port\",\"Protocol\",\"DSF BPE (local)\",\"DSF FHIR (local)\",\"443\",\"https, wss\",\"DSF BPE (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https\",\"DSF FHIR (local)\",\"DSF FHIR (other DSF communication partners)\",\"443\",\"https (HTTP HEAD only)\",\"DSF BPE (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https\",\"DSF FHIR (other DSF communication partners)\",\"DSF FHIR (local)\",\"443\",\"https (HTTP HEAD only)\",\"Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.\"]},\"894\":{\"h\":\"Setup\"},\"895\":{\"h\":\"Prepare Certificates\",\"t\":[\"Server Certificate (certificate A)This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)\",\"Store PEM encoded certificate as ssl_certificate_file.pem\",\"Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem\",\"Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem\",\"Client Certificate (Certificate B)This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)\",\"Store PEM encoded certificate as client_certificate.pem\",\"Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem\"]},\"896\":{\"h\":\"DSF FHIR Server\",\"t\":[\"Add Group/User Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2101 fhir sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir\",\"Download and Extract Config Files Download and unpack the prepared DSF FHIR server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz\",\"The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.\",\"Verify that the fhir system user or group can write into the following folder\",\"/opt/fhir/log\",\"Add certificates and keys\",\"Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/\",\"ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)\",\"ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/\",\"client_certificate.pem (chmod: 440, chown: fhir:docker)\",\"client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L34: - app_client_certificate_private_key.pem.password ... L47: DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L109: app_client_certificate_private_key.pem.password: L110: file: ./secrets/client_certificate_private_key.pem.password\",\"How to chmod / chown\",\"For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:\",\"Set the file content as requested\",\"Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem\",\"Change the owner of the file to the user fhir and the group the file belongs to to docker:chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem\",\"Modify database passwords\",\"/opt/fhir/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/fhir/secrets/db_user_permanent_delete.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> proxy -> environment:\",\"HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443 Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443\",\"For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.\",\"services -> app -> environment:\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de\",\"DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B) Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.\",\"DEV_DSF_FHIR_SERVER_ROLECONFIG: | (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.\",\"For additional environment variables, see the FHIR server Configuration Parameters page.\",\"Start the DSF FHIR Server Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\"]},\"897\":{\"h\":\"DSF BPE Server\",\"t\":[\"Add Group/User Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:\",\"sudo groupadd --gid 2202 bpe sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe\",\"Download and Extract Config Files Download and extract prepared DSF BPE server config files and folder structure:\",\"cd /opt wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz\",\"The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.\",\"Verify that the bpe system user or group can write into the following folders\",\"/opt/bpe/log\",\"Add certificates and keys\",\"Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/\",\"client_certificate.pem (chmod: 440 chown: bpe:docker)\",\"client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)\",\"If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password\",\"If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file\",\"L12: - app_client_certificate_private_key.pem.password ... L32: DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password ... L83: app_client_certificate_private_key.pem.password: L84: file: ./secrets/client_certificate_private_key.pem.password\",\"Modify database passwords\",\"/opt/bpe/secrets/db_liquibase.password\",\"Generate a random password (min. 32 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"/opt/bpe/secrets/db_user_camunda.password\",\"Generate a random password (min. 16 characters recommended) and replace the content of the file.\",\"Modify the docker-compose.yml file and set environment variables to the appropriate values\",\"services -> app -> environment:\",\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir\",\"For additional environment variables, see the BPE server Configuration Parameters page.\",\"Start the DSF BPE Server (without process plugins) Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)\",\"Verify DSF BPE Startup\",\"Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.\",\"Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.\",\"Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.\",\"If you need to debug the TLS connection to your DSF FHIR server use for example:docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443 The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]\"]},\"898\":{\"h\":\"Logs\",\"t\":[\"By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.\",\"On a successful BPE start, you should see the following entries in your BPE log:\",\"INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1 INFO Grizzly(1) - INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2\"]},\"899\":{\"h\":\"On-Boarding\",\"t\":[\"Please visit the on boarding website of your network for more information.\",\"Ideas for improvement?\",\"Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!\"]},\"900\":{\"h\":\"Passwords and Secrets\",\"t\":[\"Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.\"]},\"901\":{\"h\":\"Example Environment Variables\",\"t\":[\"DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.\"]},\"902\":{\"h\":\"Docker Secrets\",\"t\":[\"It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/ inside the container.\"]},\"903\":{\"h\":\"Example docker-compose\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir secrets: - db_user_password - oidc_client_secret environment: DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret secrets: db_user_password: file: ./secrets/db_user.password api_key: file: ./secrets/oidc_client.secret\"]},\"904\":{\"h\":\"Default Root Certificates\",\"t\":[\"A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.\"]},\"905\":{\"h\":\"Extending or Replacing Trusted Certificate Authorities\",\"t\":[\"X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.\"]},\"906\":{\"h\":\"FHIR Reverse Proxy\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile). Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"SSL_CA_CERTIFICATE_FILE Default Value: ca/client_cert_ca_chains.pem\",\"SSL_CA_DN_REQUEST_FILE Default Value: ca/client_cert_issuing_cas.pem\",\"Note: Default file location are relative to the docker image work directory /usr/local/apache2.Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.\"]},\"907\":{\"h\":\"FHIR Server\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using OpenID Connect for authenticating local users. Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS Default Value: ca/client_cert_ca_chains.pem\",\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"Note: Default file location are relative to the docker image work directory /opt/fhir.\"]},\"908\":{\"h\":\"BPE Reverse Proxy\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile). Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"SSL_CA_CERTIFICATE_FILE Default Value: ca/client_cert_ca_chains.pem\",\"SSL_CA_DN_REQUEST_FILE Default Value: ca/client_cert_issuing_cas.pem\",\"Note: Default file location are relative to the docker image work directory /usr/local/apache2.Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.\"]},\"909\":{\"h\":\"BPE Server\",\"t\":[\"Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using OpenID Connect for authenticating local users. Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:\",\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS Default Value: ca/client_cert_ca_chains.pem\",\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pemDEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS Default Value: ca/server_cert_root_cas.pem\",\"Note: Default file location are relative to the docker image work directory /opt/bpe.\"]},\"910\":{\"h\":\"List of Default Trusted Certificate Authorities\",\"t\":[\"If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.\"]},\"911\":{\"h\":\"CAs Trusted by Common Web Browsers and Operating Systems\",\"t\":[\"Root CA: HARICA TLS ECC Root CA 2021 Info: https://crt.sh/?caid=202185 X509 Certificate: https://crt.sh/?id=4147045948 Not after: Feb 13 11:01:09 2045 GMT \",\"Issuing CA: GEANT TLS ECC 1 Info: https://crt.sh/?caid=390050 X509 Certificate: https://crt.sh/?id=16099180990 Not after: Dec 31 11:14:20 2039 GMT\",\"Issuing CA: HARICA OV TLS ECC Info: https://crt.sh/?caid=207661 X509 Certificate: https://crt.sh/?id=4442848530 Not after: Mar 15 09:33:51 2036 GMT\",\"Root CA: HARICA TLS RSA Root CA 2021 Info: https://crt.sh/?caid=202184 X509 Certificate: https://crt.sh/?id=4147041876 Not after: Feb 13 10:55:37 2045 GMT \",\"Issuing CA: GEANT TLS RSA 1 Info: https://crt.sh/?caid=390054 X509 Certificate: https://crt.sh/?id=16099180997 Not after: Dec 31 11:14:59 2039 GMT\",\"Issuing CA: HARICA OV TLS RSA Info: https://crt.sh/?caid=207660 X509 Certificate: https://crt.sh/?id=4442848529 Not after: Mar 15 09:34:16 2036 GMT\",\"Root CA: HARICA Client ECC Root CA 2021 Info: https://crt.sh/?caid=202189 X509 Certificate: https://crt.sh/?id=4147052292 Not after: Feb 13 11:03:33 2045 GMT \",\"Issuing CA: GEANT S/MIME ECC 1 [client/smime certificates only] Info: https://crt.sh/?caid=390048 X509 Certificate: https://crt.sh/?id=16099180988 Not after: Dec 31 11:11:39 2039 GMT\",\"Issuing CA: HARICA S/MIME ECC [client/smime certificates only] Info: https://crt.sh/?caid=207659 X509 Certificate: https://crt.sh/?id=4442848523 Not after: Mar 15 09:36:57 2036 GMT\",\"Root CA: HARICA Client RSA Root CA 2021 Info: https://crt.sh/?caid=202188 X509 Certificate: https://crt.sh/?id=4147049674 Not after: Feb 13 10:58:45 2045 GMT \",\"Issuing CA: GEANT S/MIME RSA 1 [client/smime certificates only] Info: https://crt.sh/?caid=390049 X509 Certificate: https://crt.sh/?id=16099180989 Not after: Dec 31 11:13:07 2039 GMT\",\"Issuing CA: HARICA S/MIME RSA [client/smime certificates only] Info: https://crt.sh/?caid=207658 X509 Certificate: https://crt.sh/?id=4442848517 Not after: Mar 15 09:37:37 2036 GMT\",\"Root CA: T-TeleSec GlobalRoot Class 2 [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=6068 X509 Certificate: https://crt.sh/?id=8733622 Not after: Oct 1 23:59:59 2033 GMT \",\"Intermediate Root CA: DFN-Verein Certification Authority 2 Info: https://crt.sh/?caid=22818 X509 Certificate: https://crt.sh/?id=23908438 Not after: Feb 22 23:59:59 2031 GMT \",\"Issuing CA: DFN-Verein Global Issuing CA [existing, still valid client certificates, no new certificates] Info: https://crt.sh/?caid=23770 X509 Certificate: https://crt.sh/?id=25484751 Not after: Feb 22 23:59:59 2031 GMT\",\"Issuing CA: Fraunhofer User CA - G02 [existing, still valid client certificates, no new certificates] Info: https://crt.sh/?caid=23772 X509 Certificate: https://crt.sh/?id=25484789 Not after: Feb 22 23:59:59 2031 GMT\",\"Root CA: D-TRUST Root Class 3 CA 2 2009 Info: https://crt.sh/?caid=712 X509 Certificate: https://crt.sh/?id=133226 Not after: Nov 5 08:35:58 2029 GMT \",\"Issuing CA: D-TRUST SSL Class 3 CA 1 2009 [server certificates via TMF e.V.] Info: https://crt.sh/?caid=713 X509 Certificate: https://crt.sh/?id=133227 Not after: Nov 5 08:35:58 2029 GMT\",\"Root CA: USERTrust ECC Certification Authority [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=1390 X509 Certificate: https://crt.sh/?id=2841410 Not after: Jan 18 23:59:59 2038 GMT \",\"Issuing CA: Sectigo ECC Organization Validation Secure Server CA Info: https://crt.sh/?caid=105483 X509 Certificate: https://crt.sh/?id=924467859 Not after: Dec 31 23:59:59 2030 GMT\",\"Issuing CA: GEANT OV ECC CA 4 Info: https://crt.sh/?caid=160140 X509 Certificate: https://crt.sh/?id=2475254970\",\"Issuing CA: GEANT Personal ECC CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160136 X509 Certificate: https://crt.sh/?id=2475254903 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT eScience Personal ECC CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160138 X509 Certificate: https://crt.sh/?id=2475254888 Not after: May 1 23:59:59 2033 GMT\",\"Root CA: USERTrust RSA Certification Authority [will be removed in a future release, incl. derived CAs] Info: https://crt.sh/?caid=1167 X509 Certificate: https://crt.sh/?id=1199354 Not after: Jan 18 23:59:59 2038 GMT \",\"Issuing CA: Sectigo RSA Organization Validation Secure Server CA Info: https://crt.sh/?caid=105487 X509 Certificate: https://crt.sh/?id=924467857 Not after: Dec 31 23:59:59 2030 GMT\",\"Issuing CA: GEANT OV RSA CA 4 Info: https://crt.sh/?caid=160137 X509 Certificate: https://crt.sh/?id=2475254782 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT Personal CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160144 X509 Certificate: https://crt.sh/?id=2475255043 Not after: May 1 23:59:59 2033 GMT\",\"Issuing CA: GEANT eScience Personal CA 4 [client/smime certificates only] Info: https://crt.sh/?caid=160134 X509 Certificate: https://crt.sh/?id=2475253350 Not after: May 1 23:59:59 2033 GMT\"]},\"912\":{\"h\":\"Other CAs\",\"t\":[\"Root CA: D-TRUST Limited Basic Root CA 1 2019 X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_Root_CA_1_2019.crt Not after: Jun 19 08:15:51 2034 GMT \",\"Issuing CA: D-TRUST Limited Basic CA 1-2 2019 [client certificates via TMF e.V.] X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_CA_1-2_2019.crt Not after: Jun 19 08:15:51 2034 GMT\",\"Issuing CA: D-TRUST Limited Basic CA 1-3 2019 [client certificates via TMF e.V.] X509 Certificate: https://www.d-trust.net/cgi-bin/D-TRUST_Limited_Basic_CA_1-3_2019.crt Not after: Jun 19 08:15:51 2034 GMT\"]},\"913\":{\"h\":\"Upgrade from DSF 0.9.x\",\"t\":[\"A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.\",\"Do not use your 0.9.x configuration as starting point\",\"There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.\",\"Please use the new installation manual to perform a new installation and use the old setup only for reference.\",\"Instead, please perform the following steps:\",\"Shut down your DSF instances (DSF FHIR Server and DSF BPE).\",\"Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)\",\"Install the new DSF according to the instructions.\",\"You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).\",\"Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).\",\"If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).\",\"If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.\",\"New process plugins\",\"Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.\",\"Use your old virtual machine\",\"We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.\"]},\"914\":{\"h\":\"Upgrade from DSF 1.6.0\",\"t\":[\"Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.\",\"Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.\"]},\"915\":{\"h\":\"Modify DSF FHIR Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade\",\"Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.\",\" version: '3.8' services: proxy: - image: ghcr.io/datasharingframework/fhir_proxy:1.6.0 + image: ghcr.io/datasharingframework/fhir_proxy:1.7.0 restart: on-failure ... - ssl_certificate_file.pem - ssl_certificate_key_file.pem - ssl_certificate_chain_file.pem - - ssl_ca_certificate_file.pem - - ssl_ca_dn_request_file.pem environment: ... SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem - SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem - SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem networks: ... app: - image: ghcr.io/datasharingframework/fhir:1.6.0 + image: ghcr.io/datasharingframework/fhir:1.7.0 restart: on-failure ... secrets: - db_liquibase.password - db_user.password - db_user_permanent_delete.password - - app_client_trust_certificates.pem - app_client_certificate.pem - app_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password - - ssl_ca_certificate_file.pem volumes: ... environment: TZ: Europe/Berlin - DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ... DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem ... secrets: ... - ssl_ca_certificate_file.pem: - file: ./secrets/ssl_ca_certificate_file.pem - ssl_ca_dn_request_file.pem: - file: ./secrets/ssl_ca_dn_request_file.pem ... - app_client_trust_certificates.pem: - file: ./secrets/ssl_root_ca_certificate_file.pem ...\",\"Upgrade the DSF FHIR containers From /opt/fhir execute\",\"docker compose up -d && docker compose logs -f\"]},\"916\":{\"h\":\"Modify DSF BPE Server Setup\",\"t\":[\"Preparation / Backup\",\"We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade. For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade\",\"Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.\",\" version: '3.8' services: app: - image: ghcr.io/datasharingframework/bpe:1.6.0 + image: ghcr.io/datasharingframework/bpe:1.7.0 restart: on-failure secrets: - db_liquibase.password - db_user.password - db_user_camunda.password - - app_client_trust_certificates.pem - app_client_certificate.pem - app_client_certificate_private_key.pem - app_client_certificate_private_key.pem.password - - ssl_ca_certificate_file.pem volumes: ... environment: TZ: Europe/Berlin - DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password ... DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem ... secrets: ... - app_client_trust_certificates.pem: - file: ./secrets/ssl_root_ca_certificate_file.pem ... - ssl_ca_certificate_file.pem: - file: ./secrets/ssl_ca_certificate_file.pem ...\",\"Upgrade the DSF BPE containers From /opt/bpe execute\",\"docker compose up -d && docker compose logs -f\",\"Verify your upgrade:\",\"Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]\",\"Verify the DSF FHIR server started without errors\",\"Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)\",\"Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]\",\"Verify the DSF BPE server started without errors\",\"Verify your install with a ping/pong test\"]},\"917\":{\"h\":\"BPE Server\"},\"918\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"919\":{\"h\":\"Access Control\"},\"920\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"921\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"922\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"923\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"924\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"925\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"926\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"927\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"928\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"929\":{\"h\":\"Configuration Parameters\"},\"930\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"931\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"932\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"933\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"934\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"935\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"936\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"937\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"938\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"939\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"940\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"941\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"942\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"943\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true\",\"Recommendation: This debug function should only be activated during process plugin development\",\"Default:false\"]},\"944\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true\",\"Recommendation: This debug function should only be activated during process plugin development\",\"Default:false\"]},\"945\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true\",\"Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"946\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true\",\"Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"947\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"948\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"949\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"950\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"951\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"952\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"953\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"954\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"955\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"956\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"957\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"958\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"959\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"960\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"961\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"962\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"963\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"964\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"965\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"966\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"967\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"968\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect\",\"Default:4\"]},\"969\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect\",\"Default:/opt/bpe/log/bpe.log\"]},\"970\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"971\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"972\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"973\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured\",\"Default:false\"]},\"974\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured\",\"Default:false\"]},\"975\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"976\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"977\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"978\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"979\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"980\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"981\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"982\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"983\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"984\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"985\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"986\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"987\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"988\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"989\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"990\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"991\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"992\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control\"]},\"993\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"994\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"995\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"996\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"997\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"998\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"999\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: No\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1000\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: No\",\"Description: API connector port, default in docker image: 8080\"]},\"1001\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: No\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1002\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1003\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1004\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1005\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1006\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1007\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1008\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1009\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1010\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1011\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1012\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1013\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"1014\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1015\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/client_cert_ca_chains.pem\"]},\"1016\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1017\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1018\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1019\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1020\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: No\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1021\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: No\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1022\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: No\",\"Description: Status connector port, default in docker image: 10000\"]},\"1023\":{\"h\":\"OpenID Connect\"},\"1024\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1025\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1026\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1027\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1028\":{\"h\":\"BPE Reverse Proxy\"},\"1029\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1030\":{\"h\":\"Configuration Parameters\"},\"1031\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1032\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1033\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1034\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1035\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1036\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1037\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path\",\"Default:/bpe\"]},\"1038\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_ca_chains.pem\"]},\"1039\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_issuing_cas.pem\"]},\"1040\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1041\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1042\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1043\":{\"h\":\"SSL_EXPECTED_CLIENT_S_DN_C_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code\",\"Default:'DE'\"]},\"1044\":{\"h\":\"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code\",\"Default:'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'\"]},\"1045\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1046\":{\"h\":\"FHIR Server\"},\"1047\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"1048\":{\"h\":\"Access Control\"},\"1049\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"1050\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"1051\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"1052\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"1053\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"1054\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"1055\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"1056\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"1057\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"1058\":{\"h\":\"Configuration Parameters\"},\"1059\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1060\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1061\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1062\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1063\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1064\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"1065\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1066\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1067\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1068\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1069\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1070\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1071\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1072\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1073\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1074\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1075\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1076\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1077\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1078\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1079\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1080\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1081\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1082\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1083\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"1084\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1085\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control\"]},\"1086\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1087\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"1088\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1089\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1090\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1091\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1092\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: No\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1093\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: No\",\"Description: API connector port, default in docker image: 8080\"]},\"1094\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: No\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1095\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1096\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1097\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1098\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1099\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1100\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1101\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1102\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1103\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1104\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1105\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1106\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"1107\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1108\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/client_cert_ca_chains.pem\"]},\"1109\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1110\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1111\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1112\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1113\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: No\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1114\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: No\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1115\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: No\",\"Description: Status connector port, default in docker image: 10000\"]},\"1116\":{\"h\":\"OpenID Connect\"},\"1117\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1118\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1119\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"1120\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1121\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1122\":{\"h\":\"FHIR Reverse Proxy\"},\"1123\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1124\":{\"h\":\"Configuration Parameters\"},\"1125\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1126\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1127\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1128\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1129\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1130\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1131\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path\",\"Default:/fhir\"]},\"1132\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_ca_chains.pem\"]},\"1133\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_issuing_cas.pem\"]},\"1134\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1135\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1136\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1137\":{\"h\":\"SSL_EXPECTED_CLIENT_S_DN_C_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code\",\"Default:'DE'\"]},\"1138\":{\"h\":\"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code\",\"Default:'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'\"]},\"1139\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1140\":{\"h\":\"Configuration Parameters\"},\"1141\":{\"h\":\"Overview\",\"t\":[\"Common Parameters\",\"Parameters FHIR Server\",\"Parameters BPE Server\",\"Parameters FHIR Reverse Proxy\"]},\"1142\":{\"h\":\"Parameters BPE Server\",\"t\":[\"Please also check common parameters for additional configuration options.\"]},\"1143\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1144\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1145\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1146\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"1147\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"1148\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"1149\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"1150\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"1151\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"1152\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1153\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"1154\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1155\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1156\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1157\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1158\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1159\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1160\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1161\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1162\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"1163\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"1164\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1165\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1166\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1167\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1168\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1169\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1170\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"1171\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"1172\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1173\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"1174\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"1175\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"1176\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"1177\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"1178\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"1179\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"1180\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1181\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"1182\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"1183\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1184\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1185\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"1186\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"1187\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"1188\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"1189\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"1190\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1191\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"1192\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\"]},\"1193\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"1194\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"1195\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"1196\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\"]},\"1197\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1198\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1199\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1200\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1201\":{\"h\":\"Common Parameters\"},\"1202\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1203\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1204\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1205\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1206\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1207\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1208\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1209\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1210\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1211\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1212\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1213\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1214\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1215\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1216\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1217\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1218\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1219\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1220\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1221\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1222\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1223\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1224\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1225\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1226\":{\"h\":\"Parameters FHIR Server\",\"t\":[\"Please also check common parameters for additional configuration options.\"]},\"1227\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1228\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1229\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1230\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1231\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1232\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1233\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1234\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1235\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1236\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1237\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1238\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1239\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1240\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1241\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1242\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1243\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1244\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1245\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1246\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1247\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1248\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1249\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: Yes\",\"Description: Role config YAML\"]},\"1250\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1251\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1252\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1253\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1254\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1255\":{\"h\":\"Parameters FHIR Reverse Proxy\"},\"1256\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1257\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1258\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1259\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1260\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1261\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1262\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"1263\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"1264\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1265\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1266\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1267\":{\"h\":\"BPE Server\"},\"1268\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1269\":{\"h\":\"Configuration Parameters\"},\"1270\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1271\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1272\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1273\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1274\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1275\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1276\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1277\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1278\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1279\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1280\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1281\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1282\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1283\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1284\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1285\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1286\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1287\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1288\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1289\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1290\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1291\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1292\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1293\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1294\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1295\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1296\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1297\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"1298\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"1299\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"1300\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"1301\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"1302\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"1303\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1304\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"1305\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1306\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1307\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1308\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1309\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1310\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1311\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1312\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1313\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"1314\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"1315\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1316\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1317\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1318\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1319\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1320\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1321\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"1322\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"1323\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1324\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"1325\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"1326\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"1327\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"1328\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"1329\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"1330\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"1331\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1332\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"1333\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"1334\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1335\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1336\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"1337\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"1338\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"1339\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"1340\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"1341\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1342\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"1343\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\"]},\"1344\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"1345\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"1346\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"1347\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\"]},\"1348\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1349\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1350\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1351\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1352\":{\"h\":\"FHIR Server\"},\"1353\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"1354\":{\"h\":\"Access Control\"},\"1355\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"1356\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"1357\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"1358\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"1359\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"1360\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"1361\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"1362\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"1363\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"1364\":{\"h\":\"Configuration Parameters\"},\"1365\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1366\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1367\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1368\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1369\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1370\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1371\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1372\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1373\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1374\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1375\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1376\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1377\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1378\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1379\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1380\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1381\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1382\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1383\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1384\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1385\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1386\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"1387\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1388\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: Yes\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\",\"Recommendation: Use an empty string \\\"\\\" or a single block scalar | character if no roles should be configured\"]},\"1389\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1390\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1391\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1392\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1393\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1394\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1395\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1396\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1397\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1398\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1399\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1400\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1401\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1402\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1403\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1404\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1405\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1406\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1407\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1408\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1409\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1410\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1411\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1412\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1413\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1414\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1415\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1416\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1417\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1418\":{\"h\":\"OpenID Connect\"},\"1419\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1420\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1421\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"1422\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1423\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.1.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1424\":{\"h\":\"FHIR Reverse Proxy\"},\"1425\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1426\":{\"h\":\"Configuration Parameters\"},\"1427\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1428\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1429\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1430\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1431\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1432\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1433\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"1434\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"1435\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1436\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1437\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1438\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient \",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1439\":{\"h\":\"BPE Server\"},\"1440\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1441\":{\"h\":\"Configuration Parameters\"},\"1442\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1443\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1444\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1445\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1446\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1447\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1448\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1449\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1450\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1451\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1452\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1453\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1454\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1455\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1456\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1457\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1458\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1459\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1460\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1461\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1462\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1463\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1464\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1465\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1466\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1467\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1468\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1469\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"1470\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"1471\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"1472\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"1473\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"1474\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"1475\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1476\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"1477\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1478\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1479\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1480\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1481\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1482\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1483\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1484\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1485\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1486\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"1487\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"1488\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1489\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1490\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1491\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1492\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1493\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"1494\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"1495\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1496\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"1497\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"1498\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"1499\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"1500\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"1501\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"1502\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"1503\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1504\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"1505\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"1506\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1507\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1508\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"1509\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"1510\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"1511\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"1512\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"1513\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1514\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"1515\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"1516\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"1517\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"1518\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"1519\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"1520\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"1521\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"1522\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"1523\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"1524\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1525\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1526\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1527\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1528\":{\"h\":\"FHIR Server\"},\"1529\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"1530\":{\"h\":\"Access Control\"},\"1531\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"1532\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"1533\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"1534\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"1535\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"1536\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"1537\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"1538\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"1539\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"1540\":{\"h\":\"Configuration Parameters\"},\"1541\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1542\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1543\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1544\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1545\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1546\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_server_trust_certificates.pem\"]},\"1547\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1548\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1549\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1550\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1551\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1552\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1553\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1554\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1555\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1556\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1557\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1558\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1559\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1560\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1561\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1562\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"1563\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1564\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"1565\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1566\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1567\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1568\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1569\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1570\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1571\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1572\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1573\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1574\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1575\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1576\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1577\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1578\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1579\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1580\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1581\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1582\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1583\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1584\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1585\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1586\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1587\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1588\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1589\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1590\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1591\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1592\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1593\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1594\":{\"h\":\"OpenID Connect\"},\"1595\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1596\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1597\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"1598\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1599\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.2.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1600\":{\"h\":\"FHIR Reverse Proxy\"},\"1601\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1602\":{\"h\":\"Configuration Parameters\"},\"1603\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1604\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1605\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1606\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1607\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1608\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1609\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"1610\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"1611\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"1612\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1613\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1614\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1615\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1616\":{\"h\":\"BPE Server\"},\"1617\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1618\":{\"h\":\"Configuration Parameters\"},\"1619\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1620\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1621\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1622\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1623\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1624\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1625\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1626\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1627\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1628\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1629\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1630\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1631\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1632\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1633\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1634\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1635\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1636\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1637\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1638\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1639\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1640\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1641\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1642\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1643\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1644\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1645\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1646\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"1647\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"1648\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"1649\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"1650\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"1651\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"1652\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1653\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"1654\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1655\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1656\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1657\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1658\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1659\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1660\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1661\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1662\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1663\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"1664\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"1665\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1666\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1667\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1668\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1669\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1670\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"1671\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"1672\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1673\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"1674\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"1675\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"1676\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"1677\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"1678\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"1679\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"1680\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1681\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"1682\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"1683\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1684\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1685\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"1686\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"1687\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"1688\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"1689\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"1690\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1691\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"1692\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"1693\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"1694\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"1695\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"1696\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"1697\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"1698\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"1699\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"1700\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"1701\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1702\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1703\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1704\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1705\":{\"h\":\"FHIR Server\"},\"1706\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"1707\":{\"h\":\"Access Control\"},\"1708\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"1709\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"1710\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"1711\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"1712\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"1713\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"1714\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"1715\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"1716\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"1717\":{\"h\":\"Configuration Parameters\"},\"1718\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1719\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1720\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1721\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1722\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1723\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"1724\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1725\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1726\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1727\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1728\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1729\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1730\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1731\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1732\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1733\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1734\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1735\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1736\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1737\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1738\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1739\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"1740\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1741\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"1742\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1743\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1744\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1745\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1746\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1747\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1748\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1749\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1750\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1751\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1752\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1753\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1754\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1755\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1756\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1757\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1758\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1759\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1760\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1761\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1762\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1763\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1764\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1765\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1766\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1767\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1768\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1769\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1770\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1771\":{\"h\":\"OpenID Connect\"},\"1772\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1773\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1774\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"1775\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1776\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.3.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1777\":{\"h\":\"FHIR Reverse Proxy\"},\"1778\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1779\":{\"h\":\"Configuration Parameters\"},\"1780\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1781\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1782\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1783\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1784\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1785\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1786\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"1787\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"1788\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"1789\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1790\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1791\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1792\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1793\":{\"h\":\"BPE Server\"},\"1794\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1795\":{\"h\":\"Configuration Parameters\"},\"1796\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1797\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1798\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1799\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1800\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1801\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1802\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1803\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1804\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1805\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1806\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1807\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1808\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1809\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1810\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1811\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1812\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1813\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1814\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1815\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1816\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1817\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1818\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1819\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1820\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1821\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1822\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1823\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"1824\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"1825\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"1826\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"1827\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"1828\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"1829\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1830\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"1831\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1832\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"1833\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1834\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"1835\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1836\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1837\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1838\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1839\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1840\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"1841\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"1842\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"1843\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1844\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1845\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1846\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1847\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"1848\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"1849\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"1850\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"1851\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"1852\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"1853\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"1854\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"1855\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"1856\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"1857\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1858\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"1859\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"1860\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1861\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"1862\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"1863\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"1864\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"1865\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"1866\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"1867\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"1868\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"1869\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"1870\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"1871\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"1872\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"1873\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"1874\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"1875\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"1876\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"1877\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"1878\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1879\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1880\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1881\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1882\":{\"h\":\"FHIR Server\"},\"1883\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"1884\":{\"h\":\"Access Control\"},\"1885\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"1886\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"1887\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"1888\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"1889\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"1890\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"1891\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"1892\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"1893\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"1894\":{\"h\":\"Configuration Parameters\"},\"1895\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"1896\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"1897\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"1898\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"1899\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"1900\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"1901\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"1902\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1903\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1904\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"1905\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"1906\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"1907\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"1908\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"1909\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"1910\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"1911\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"1912\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"1913\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"1914\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"1915\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"1916\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"1917\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"1918\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"1919\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"1920\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"1921\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"1922\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"1923\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"1924\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1925\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1926\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1927\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1928\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1929\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1930\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1931\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1932\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1933\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1934\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1935\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1936\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1937\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1938\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1939\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1940\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1941\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1942\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1943\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1944\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1945\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1946\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1947\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1948\":{\"h\":\"OpenID Connect\"},\"1949\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"1950\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"1951\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"1952\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"1953\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.3.1 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"1954\":{\"h\":\"FHIR Reverse Proxy\"},\"1955\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1956\":{\"h\":\"Configuration Parameters\"},\"1957\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"1958\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"1959\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1960\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"1961\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1962\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"1963\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"1964\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"1965\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"1966\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"1967\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"1968\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"1969\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"1970\":{\"h\":\"BPE Server\"},\"1971\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"1972\":{\"h\":\"Configuration Parameters\"},\"1973\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"1974\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"1975\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"1976\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"1977\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"1978\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"1979\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"1980\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1981\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"1982\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"1983\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"1984\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"1985\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"1986\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"1987\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"1988\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"1989\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"1990\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1991\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1992\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1993\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"1994\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"1995\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"1996\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"1997\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"1998\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"1999\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2000\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"2001\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"2002\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"2003\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"2004\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"2005\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"2006\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2007\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"2008\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2009\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2010\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2011\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2012\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2013\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2014\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2015\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2016\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2017\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"2018\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"2019\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2020\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2021\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2022\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2023\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2024\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"2025\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"2026\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2027\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"2028\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"2029\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"2030\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"2031\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"2032\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"2033\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"2034\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2035\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"2036\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"2037\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2038\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2039\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"2040\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"2041\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"2042\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"2043\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"2044\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2045\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"2046\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"2047\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"2048\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"2049\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"2050\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"2051\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"2052\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"2053\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"2054\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"2055\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2056\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2057\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2058\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2059\":{\"h\":\"FHIR Server\"},\"2060\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2061\":{\"h\":\"Access Control\"},\"2062\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2063\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2064\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2065\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2066\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2067\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"2068\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"2069\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"2070\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"2071\":{\"h\":\"Configuration Parameters\"},\"2072\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2073\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2074\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2075\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2076\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"2077\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"2078\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2079\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2080\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2081\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2082\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"2083\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"2084\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"2085\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2086\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"2087\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"2088\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"2089\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"2090\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2091\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"2092\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"2093\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"2094\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"2095\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2096\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2097\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2098\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2099\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2100\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2101\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2102\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2103\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2104\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2105\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2106\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2107\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2108\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2109\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2110\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2111\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2112\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2113\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2114\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2115\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2116\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2117\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2118\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2119\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2120\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2121\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2122\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2123\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2124\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2125\":{\"h\":\"OpenID Connect\"},\"2126\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2127\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2128\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"2129\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2130\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.3.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2131\":{\"h\":\"FHIR Reverse Proxy\"},\"2132\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2133\":{\"h\":\"Configuration Parameters\"},\"2134\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2135\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2136\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2137\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2138\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2139\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2140\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"2141\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2142\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2143\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2144\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2145\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2146\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2147\":{\"h\":\"BPE Server\"},\"2148\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2149\":{\"h\":\"Configuration Parameters\"},\"2150\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2151\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2152\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2153\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2154\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2155\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2156\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2157\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2158\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2159\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2160\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2161\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2162\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2163\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2164\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2165\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2166\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2167\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2168\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2169\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2170\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2171\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2172\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2173\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2174\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2175\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2176\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2177\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"2178\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"2179\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"2180\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"2181\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"2182\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"2183\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2184\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"2185\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2186\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2187\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2188\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2189\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2190\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2191\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2192\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2193\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2194\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"2195\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"2196\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2197\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2198\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2199\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2200\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2201\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"2202\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"2203\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2204\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"2205\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"2206\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"2207\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"2208\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"2209\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"2210\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"2211\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2212\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"2213\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"2214\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2215\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2216\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"2217\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"2218\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"2219\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"2220\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"2221\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2222\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"2223\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"2224\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"2225\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"2226\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"2227\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"2228\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"2229\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"2230\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"2231\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"2232\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2233\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2234\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2235\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2236\":{\"h\":\"FHIR Server\"},\"2237\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2238\":{\"h\":\"Access Control\"},\"2239\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2240\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2241\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2242\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2243\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2244\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"To types of roles can be applied to matched users.\"]},\"2245\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"2246\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"2247\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"2248\":{\"h\":\"Configuration Parameters\"},\"2249\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2250\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2251\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2252\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2253\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"2254\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"2255\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2256\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2257\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2258\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2259\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"2260\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: The address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"2261\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"2262\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2263\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"2264\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"2265\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"2266\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"2267\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: The base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2268\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"2269\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: The local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"2270\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"2271\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: The page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"2272\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2273\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2274\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2275\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2276\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2277\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2278\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2279\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2280\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2281\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2282\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2283\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2284\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2285\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2286\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2287\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2288\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2289\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2290\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2291\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2292\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2293\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2294\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2295\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2296\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2297\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2298\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2299\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2300\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2301\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2302\":{\"h\":\"OpenID Connect\"},\"2303\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2304\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2305\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"2306\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2307\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.4.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2308\":{\"h\":\"FHIR Reverse Proxy\"},\"2309\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2310\":{\"h\":\"Configuration Parameters\"},\"2311\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2312\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2313\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2314\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2315\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2316\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2317\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"2318\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2319\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2320\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2321\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2322\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2323\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2324\":{\"h\":\"BPE Server\"},\"2325\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2326\":{\"h\":\"Access Control\"},\"2327\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2328\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2329\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2330\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2331\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2332\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2333\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"2334\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"2335\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"2336\":{\"h\":\"Configuration Parameters\"},\"2337\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2338\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2339\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2340\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2341\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2342\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2343\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2344\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2345\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2346\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2347\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2348\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2349\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2350\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2351\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2352\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2353\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2354\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2355\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2356\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2357\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2358\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2359\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2360\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2361\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2362\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2363\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2364\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"2365\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"2366\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"2367\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"2368\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"2369\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"2370\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2371\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"2372\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2373\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2374\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2375\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2376\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2377\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2378\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2379\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2380\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2381\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2382\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2383\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2384\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"2385\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"2386\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2387\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2388\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2389\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2390\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2391\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"2392\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"2393\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2394\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"2395\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"2396\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"2397\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"2398\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"2399\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"2400\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"2401\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2402\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"2403\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"2404\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2405\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2406\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"2407\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"2408\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"2409\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"2410\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"2411\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2412\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"2413\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"2414\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"2415\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"2416\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"2417\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"2418\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"2419\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"2420\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"2421\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"2422\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"2423\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2424\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2425\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2426\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2427\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2428\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2429\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2430\":{\"h\":\"OpenID Connect\"},\"2431\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2432\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2433\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2434\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2435\":{\"h\":\"BPE Reverse Proxy\"},\"2436\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2437\":{\"h\":\"Configuration Parameters\"},\"2438\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2439\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2440\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2441\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2442\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2443\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2444\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/bpe\"]},\"2445\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2446\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2447\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2448\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2449\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2450\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2451\":{\"h\":\"FHIR Server\"},\"2452\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2453\":{\"h\":\"Access Control\"},\"2454\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2455\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2456\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2457\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2458\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2459\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2460\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"2461\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"2462\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"2463\":{\"h\":\"Configuration Parameters\"},\"2464\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2465\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2466\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2467\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2468\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"2469\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"2470\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2471\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2472\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2473\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2474\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"2475\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"2476\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"2477\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2478\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"2479\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"2480\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"2481\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"2482\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2483\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2484\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2485\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2486\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"2487\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"2488\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"2489\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"2490\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2491\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2492\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2493\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2494\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2495\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2496\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2497\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2498\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2499\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2500\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2501\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2502\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2503\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2504\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2505\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2506\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2507\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2508\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2509\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2510\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2511\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2512\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2513\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2514\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2515\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2516\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2517\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2518\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2519\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2520\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2521\":{\"h\":\"OpenID Connect\"},\"2522\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2523\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2524\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"2525\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2526\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.0 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2527\":{\"h\":\"FHIR Reverse Proxy\"},\"2528\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2529\":{\"h\":\"Configuration Parameters\"},\"2530\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2531\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2532\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2533\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2534\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2535\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2536\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"2537\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2538\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2539\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2540\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2541\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2542\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2543\":{\"h\":\"BPE Server\"},\"2544\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2545\":{\"h\":\"Access Control\"},\"2546\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2547\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2548\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2549\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2550\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2551\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2552\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"2553\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"2554\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"2555\":{\"h\":\"Configuration Parameters\"},\"2556\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2557\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2558\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2559\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2560\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2561\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2562\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2563\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2564\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2565\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2566\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2567\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2568\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2569\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2570\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2571\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2572\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2573\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2574\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2575\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2576\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2577\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2578\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2579\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2580\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2581\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2582\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2583\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"2584\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"2585\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"2586\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"2587\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"2588\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"2589\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2590\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"2591\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2592\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2593\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2594\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2595\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2596\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2597\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2598\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2599\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2600\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2601\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2602\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2603\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"2604\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"2605\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2606\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2607\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2608\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2609\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2610\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"2611\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"2612\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2613\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"2614\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"2615\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"2616\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"2617\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"2618\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"2619\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"2620\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2621\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"2622\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"2623\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2624\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2625\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"2626\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"2627\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"2628\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"2629\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"2630\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2631\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"2632\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"2633\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"2634\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"2635\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"2636\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"2637\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"2638\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"2639\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"2640\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"2641\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"2642\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2643\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2644\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2645\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2646\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2647\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2648\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2649\":{\"h\":\"OpenID Connect\"},\"2650\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2651\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2652\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2653\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.1 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2654\":{\"h\":\"BPE Reverse Proxy\"},\"2655\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2656\":{\"h\":\"Configuration Parameters\"},\"2657\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2658\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2659\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2660\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2661\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2662\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2663\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/bpe\"]},\"2664\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2665\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2666\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2667\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2668\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2669\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2670\":{\"h\":\"FHIR Server\"},\"2671\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2672\":{\"h\":\"Access Control\"},\"2673\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2674\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2675\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2676\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2677\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2678\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2679\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"2680\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"2681\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"2682\":{\"h\":\"Configuration Parameters\"},\"2683\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2684\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2685\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2686\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2687\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"2688\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"2689\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2690\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2691\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2692\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2693\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"2694\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"2695\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"2696\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2697\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"2698\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"2699\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"2700\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"2701\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2702\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2703\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2704\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2705\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"2706\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"2707\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"2708\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"2709\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2710\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2711\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2712\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2713\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2714\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2715\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2716\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2717\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2718\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2719\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2720\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2721\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2722\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2723\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2724\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2725\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2726\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2727\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2728\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2729\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2730\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2731\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2732\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2733\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2734\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2735\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2736\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2737\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2738\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2739\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2740\":{\"h\":\"OpenID Connect\"},\"2741\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2742\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2743\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"2744\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2745\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.1 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2746\":{\"h\":\"FHIR Reverse Proxy\"},\"2747\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2748\":{\"h\":\"Configuration Parameters\"},\"2749\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2750\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2751\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2752\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2753\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2754\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2755\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"2756\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2757\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2758\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2759\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2760\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2761\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2762\":{\"h\":\"BPE Server\"},\"2763\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2764\":{\"h\":\"Access Control\"},\"2765\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2766\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2767\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2768\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2769\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2770\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2771\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"2772\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"2773\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"2774\":{\"h\":\"Configuration Parameters\"},\"2775\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2776\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2777\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2778\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2779\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2780\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2781\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2782\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2783\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2784\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2785\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2786\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2787\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2788\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2789\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2790\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2791\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2792\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2793\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2794\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2795\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2796\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2797\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2798\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2799\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2800\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2801\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2802\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"2803\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"2804\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"2805\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"2806\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"2807\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"2808\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2809\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"2810\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2811\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2812\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2813\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"2814\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2815\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2816\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2817\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2818\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2819\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2820\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2821\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2822\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"2823\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"2824\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"2825\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2826\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2827\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2828\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2829\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"2830\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"2831\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"2832\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"2833\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"2834\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"2835\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"2836\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"2837\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"2838\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"2839\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2840\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"2841\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"2842\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2843\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"2844\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"2845\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"2846\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"2847\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"2848\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"2849\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"2850\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"2851\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"2852\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"2853\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"2854\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"2855\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"2856\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"2857\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"2858\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"2859\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"2860\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"2861\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2862\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2863\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2864\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2865\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2866\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2867\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2868\":{\"h\":\"OpenID Connect\"},\"2869\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2870\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2871\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2872\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2873\":{\"h\":\"BPE Reverse Proxy\"},\"2874\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2875\":{\"h\":\"Configuration Parameters\"},\"2876\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2877\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2878\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2879\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2880\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2881\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2882\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/bpe\"]},\"2883\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2884\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2885\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2886\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2887\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2888\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2889\":{\"h\":\"FHIR Server\"},\"2890\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2891\":{\"h\":\"Access Control\"},\"2892\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2893\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2894\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2895\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2896\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2897\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2898\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"2899\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"2900\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"2901\":{\"h\":\"Configuration Parameters\"},\"2902\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"2903\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"2904\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"2905\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"2906\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"2907\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"2908\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"2909\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"2910\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"2911\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"2912\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"2913\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"2914\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"2915\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"2916\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"2917\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"2918\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"2919\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"2920\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2921\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2922\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"2923\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"2924\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"2925\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"2926\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"2927\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"2928\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"2929\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"2930\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"2931\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"2932\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"2933\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"2934\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"2935\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2936\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2937\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2938\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2939\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2940\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"2941\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"2942\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2943\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"2944\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"2945\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"2946\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"2947\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"2948\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"2949\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"2950\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"2951\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"2952\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2953\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2954\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2955\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"2956\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"2957\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"2958\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"2959\":{\"h\":\"OpenID Connect\"},\"2960\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"2961\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"2962\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"2963\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"2964\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"2965\":{\"h\":\"FHIR Reverse Proxy\"},\"2966\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"2967\":{\"h\":\"Configuration Parameters\"},\"2968\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"2969\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"2970\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2971\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"2972\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2973\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"2974\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"2975\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"2976\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"2977\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"2978\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"2979\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"2980\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"2981\":{\"h\":\"BPE Server\"},\"2982\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"2983\":{\"h\":\"Access Control\"},\"2984\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"2985\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"2986\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"2987\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"2988\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"2989\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"2990\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"2991\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"2992\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"2993\":{\"h\":\"Configuration Parameters\"},\"2994\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"2995\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"2996\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"2997\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"2998\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"2999\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"3000\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"3001\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3002\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3003\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"3004\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"3005\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"3006\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"3007\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"3008\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"3009\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"3010\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"3011\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3012\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3013\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3014\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3015\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"3016\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"3017\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"3018\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"3019\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"3020\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"3021\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"3022\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"3023\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"3024\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"3025\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"3026\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"3027\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"3028\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"3029\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3030\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3031\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"3032\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development.\",\"Default:false\"]},\"3033\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3034\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.\",\"Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3035\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3036\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"3037\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"3038\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"3039\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"3040\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"3041\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"3042\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"3043\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"3044\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"3045\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"3046\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"3047\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"3048\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"3049\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"3050\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"3051\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"3052\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"3053\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"3054\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"3055\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"3056\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:4\"]},\"3057\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.\",\"Default:/opt/bpe/log/bpe.log\"]},\"3058\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"3059\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"3060\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"3061\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"3062\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.\",\"Default:false\"]},\"3063\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"3064\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"3065\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"3066\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"3067\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\"]},\"3068\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"3069\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"3070\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"3071\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"3072\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"3073\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"3074\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"3075\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"3076\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"3077\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"3078\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"3079\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"3080\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"3081\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"3082\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"3083\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"3084\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"3085\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"3086\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"3087\":{\"h\":\"OpenID Connect\"},\"3088\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"3089\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"3090\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"3091\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"3092\":{\"h\":\"BPE Reverse Proxy\"},\"3093\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"3094\":{\"h\":\"Configuration Parameters\"},\"3095\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"3096\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"3097\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3098\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3099\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3100\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3101\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/bpe\"]},\"3102\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"3103\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"3104\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"3105\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"3106\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"3107\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"3108\":{\"h\":\"FHIR Server\"},\"3109\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"3110\":{\"h\":\"Access Control\"},\"3111\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"3112\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"3113\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"3114\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"3115\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"3116\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"3117\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"3118\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"3119\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"3120\":{\"h\":\"Configuration Parameters\"},\"3121\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"3122\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"3123\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"3124\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"3125\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"3126\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client _trust_certificates.pem\"]},\"3127\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"3128\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"3129\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"3130\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: The password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"3131\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: The user name to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"3132\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"3133\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"3134\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"3135\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"3136\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"3137\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"3138\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"3139\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3140\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3141\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true.\",\"Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3142\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"3143\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"3144\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"3145\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"3146\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"3147\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control.\"]},\"3148\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"3149\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"3150\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"3151\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"3152\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"3153\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"3154\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: Yes\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"3155\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: Yes\",\"Description: API connector port, default in docker image: 8080\"]},\"3156\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: Yes\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"3157\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"3158\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"3159\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"3160\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"3161\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3162\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3163\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"3164\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"3165\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"3166\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"3167\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"3168\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\"]},\"3169\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"3170\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: Yes\",\"Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\"]},\"3171\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3172\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3173\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3174\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3175\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: Yes\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"3176\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: Yes\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"3177\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: Yes\",\"Description: Status connector port, default in docker image: 10000\"]},\"3178\":{\"h\":\"OpenID Connect\"},\"3179\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"3180\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"3181\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"3182\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"3183\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"3184\":{\"h\":\"FHIR Reverse Proxy\"},\"3185\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"3186\":{\"h\":\"Configuration Parameters\"},\"3187\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"3188\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"3189\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3190\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3191\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3192\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3193\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.\",\"Default:/fhir\"]},\"3194\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_certificate_file.pem\"]},\"3195\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_ca_dn_request_file.pem\"]},\"3196\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"3197\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"3198\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"3199\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"3200\":{\"h\":\"BPE Server\"},\"3201\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"3202\":{\"h\":\"Access Control\"},\"3203\":{\"h\":\"Overview\",\"t\":[\"The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.\",\"Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable access for a specific client-certificate:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - ADMIN\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.\"]},\"3204\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"3205\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"3206\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"3207\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"3208\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"3209\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:\",\"ADMIN.\"]},\"3210\":{\"h\":\"practitioner-role\",\"t\":[\"The BPE server currently does not support any practionier-roles.\"]},\"3211\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - ADMIN\",\"The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_BPE_SERVER_ROLECONFIG: | - email-admins: email: - first.user@test.org - second.user@test.org dsf-role: - ADMIN\"]},\"3212\":{\"h\":\"Configuration Parameters\"},\"3213\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"3214\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"3215\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"3216\":{\"h\":\"DEV_DSF_BPE_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.liquibase.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server to execute database migrations\",\"Default:liquibase_user\"]},\"3217\":{\"h\":\"DEV_DSF_BPE_DB_URL\",\"t\":[\"Property: dev.dsf.bpe.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF BPE server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/bpe\"]},\"3218\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF BPE server for camunda processes\",\"Default:camunda_users\"]},\"3219\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE\",\"Example:/run/secrets/db_user_camunda.password\"]},\"3220\":{\"h\":\"DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.camunda.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server for camunda processes\",\"Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME\",\"Default:camunda_server_user\"]},\"3221\":{\"h\":\"DEV_DSF_BPE_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.bpe.db.user.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF BPE server\",\"Default:bpe_users\"]},\"3222\":{\"h\":\"DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF BPE server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"3223\":{\"h\":\"DEV_DSF_BPE_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF BPE server\",\"Default:bpe_server_user\"]},\"3224\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3225\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3226\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityEnd\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity end, set to true\",\"Recommendation: This debug function should only be activated during process plugin development\",\"Default:false\"]},\"3227\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.onActivityStart\",\"Required: No\",\"Description: To enable debug log messages for every bpmn activity start, set to true\",\"Recommendation: This debug function should only be activated during process plugin development\",\"Default:false\"]},\"3228\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variables\",\"Required: No\",\"Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true\",\"Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3229\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.variablesLocal\",\"Required: No\",\"Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true\",\"Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3230\":{\"h\":\"DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.bpe.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3231\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"3232\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"3233\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"3234\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"3235\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"3236\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.local.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true\",\"Default:false\"]},\"3237\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:5000\"]},\"3238\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:60000\"]},\"3239\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.remote.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"3240\":{\"h\":\"DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"3241\":{\"h\":\"DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server\",\"Default:?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"3242\":{\"h\":\"DEV_DSF_BPE_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of the local DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"3243\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.max\",\"Required: No\",\"Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries\",\"Default:-1\"]},\"3244\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server\",\"Default:5000\"]},\"3245\":{\"h\":\"DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER\",\"t\":[\"Property: dev.dsf.bpe.fhir.task.subscription.search.parameter\",\"Required: No\",\"Description: Subscription to receive notifications about task resources from the DSF FHIR server\",\"Default:?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson\"]},\"3246\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate.pem\"]},\"3247\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem\"]},\"3248\":{\"h\":\"DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/smtp_server_client_certificate_private_key.pem.password\"]},\"3249\":{\"h\":\"DEV_DSF_BPE_MAIL_FROMADDRESS\",\"t\":[\"Property: dev.dsf.bpe.mail.fromAddress\",\"Required: No\",\"Description: Mail service sender address\",\"Example:sender@localhost\"]},\"3250\":{\"h\":\"DEV_DSF_BPE_MAIL_HOST\",\"t\":[\"Property: dev.dsf.bpe.mail.host\",\"Required: No\",\"Description: SMTP server hostname\",\"Example:smtp.server.de\"]},\"3251\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize\",\"Required: No\",\"Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect\",\"Default:4\"]},\"3252\":{\"h\":\"DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION\",\"t\":[\"Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation\",\"Required: No\",\"Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect\",\"Default:/opt/bpe/log/bpe.log\"]},\"3253\":{\"h\":\"DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.password\",\"Required: No\",\"Description: SMTP server authentication password\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"3254\":{\"h\":\"DEV_DSF_BPE_MAIL_PORT\",\"t\":[\"Property: dev.dsf.bpe.mail.port\",\"Required: No\",\"Description: SMTP server port\",\"Example:465\",\"Default:0\"]},\"3255\":{\"h\":\"DEV_DSF_BPE_MAIL_REPLYTOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.replyToAddresses\",\"Required: No\",\"Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported\",\"Example:reply.to@localhost\"]},\"3256\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT\",\"t\":[\"Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent\",\"Required: No\",\"Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured\",\"Default:false\"]},\"3257\":{\"h\":\"DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP\",\"t\":[\"Property: dev.dsf.bpe.mail.sendTestMailOnStartup\",\"Required: No\",\"Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured\",\"Default:false\"]},\"3258\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore\",\"Required: No\",\"Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smime_certificate.p12\"]},\"3259\":{\"h\":\"DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.bpe.mail.smime.p12Keystore.password\",\"Required: No\",\"Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file\",\"Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE\",\"Example:/run/secrets/smime_certificate.p12.password\"]},\"3260\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSES\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddresses\",\"Required: No\",\"Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported\",\"Example:recipient@localhost\"]},\"3261\":{\"h\":\"DEV_DSF_BPE_MAIL_TOADDRESSESCC\",\"t\":[\"Property: dev.dsf.bpe.mail.toAddressesCc\",\"Required: No\",\"Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported\",\"Example:cc.recipient@localhost\"]},\"3262\":{\"h\":\"DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.bpe.mail.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/smtp_server_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"3263\":{\"h\":\"DEV_DSF_BPE_MAIL_USERNAME\",\"t\":[\"Property: dev.dsf.bpe.mail.username\",\"Required: No\",\"Description: SMTP server authentication username\",\"Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS\"]},\"3264\":{\"h\":\"DEV_DSF_BPE_MAIL_USESMTPS\",\"t\":[\"Property: dev.dsf.bpe.mail.useSmtps\",\"Required: No\",\"Description: To enable SMTP over TLS (smtps), set to true\",\"Default:false\"]},\"3265\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.corePoolSize\",\"Required: No\",\"Description: Process engine job executor core pool size\",\"Default:4\"]},\"3266\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.maxPoolSize\",\"Required: No\",\"Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full\",\"Default:10\"]},\"3267\":{\"h\":\"DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE\",\"t\":[\"Property: dev.dsf.bpe.process.engine.queueSize\",\"Required: No\",\"Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy\",\"Default:40\"]},\"3268\":{\"h\":\"DEV_DSF_BPE_PROCESS_EXCLUDED\",\"t\":[\"Property: dev.dsf.bpe.process.excluded\",\"Required: No\",\"Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List\",\"Example:dsfdev_updateAllowList|1.0, another_process|x.y\"]},\"3269\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.max\",\"Required: No\",\"Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries\",\"Default:-1\"]},\"3270\":{\"h\":\"DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP\",\"t\":[\"Property: dev.dsf.bpe.process.fhir.server.retry.sleep\",\"Required: No\",\"Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment\",\"Default:5000\"]},\"3271\":{\"h\":\"DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY\",\"t\":[\"Property: dev.dsf.bpe.process.plugin.directroy\",\"Required: No\",\"Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server\",\"Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit\",\"Default:process\"]},\"3272\":{\"h\":\"DEV_DSF_BPE_PROCESS_RETIRED\",\"t\":[\"Property: dev.dsf.bpe.process.retired\",\"Required: No\",\"Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported\",\"Recommendation: Retire processes that where deployed previously but are not anymore available\",\"Example:old_process|x.y\"]},\"3273\":{\"h\":\"DEV_DSF_BPE_PROCESS_THREADS\",\"t\":[\"Property: dev.dsf.bpe.process.threads\",\"Required: No\",\"Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores\",\"Default:-1\"]},\"3274\":{\"h\":\"DEV_DSF_BPE_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.bpe.server.base.url\",\"Required: No\",\"Description: Base address of the BPE server, configure when exposing the web-ui\",\"Example:https://foo.bar/bpe\",\"Default:https://localhost/bpe\"]},\"3275\":{\"h\":\"DEV_DSF_BPE_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.bpe.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control\"]},\"3276\":{\"h\":\"DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.bpe.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"3277\":{\"h\":\"DEV_DSF_BPE_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.bpe.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"3278\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"3279\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"3280\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"3281\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"3282\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: No\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"3283\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: No\",\"Description: API connector port, default in docker image: 8080\"]},\"3284\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: No\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"3285\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"3286\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"3287\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"3288\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"3289\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3290\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3291\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"3292\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"3293\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"3294\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"3295\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"3296\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"3297\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"3298\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/client_cert_ca_chains.pem\"]},\"3299\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3300\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3301\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3302\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3303\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: No\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"3304\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: No\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"3305\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: No\",\"Description: Status connector port, default in docker image: 10000\"]},\"3306\":{\"h\":\"OpenID Connect\"},\"3307\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.\",\"BPE Reverse Proxy\",\"The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"3308\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"3309\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"3310\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/bpe:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"3311\":{\"h\":\"BPE Reverse Proxy\"},\"3312\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"3313\":{\"h\":\"Configuration Parameters\"},\"3314\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"3315\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: FQDN of your DSF BPE server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"3316\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3317\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3318\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3319\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3320\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path\",\"Default:/bpe\"]},\"3321\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_ca_chains.pem\"]},\"3322\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_issuing_cas.pem\"]},\"3323\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"3324\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"3325\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"3326\":{\"h\":\"SSL_EXPECTED_CLIENT_S_DN_C_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code\",\"Default:'DE'\"]},\"3327\":{\"h\":\"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code\",\"Default:'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'\"]},\"3328\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"3329\":{\"h\":\"FHIR Server\"},\"3330\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\",\"Access Control\",\"OpenID Connect\"]},\"3331\":{\"h\":\"Access Control\"},\"3332\":{\"h\":\"Overview\",\"t\":[\"The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"OpenID Connect\",\"To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.\",\"Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.\",\"The listing below shows a minimal configuration to enable read access for a specific client-certificate:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - example_read_only_role: thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128} dsf-role: - READ - SEARCH - HISTORY\",\"The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.\",\"Certificate Thumbprints\",\"SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:\",\"certtool --fingerprint --hash=sha512 --infile=certificate.pem\",\"Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string \\\"\\\" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.\"]},\"3333\":{\"h\":\"Matching Users\",\"t\":[\"To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.\"]},\"3334\":{\"h\":\"thumbprint\",\"t\":[\"The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.\"]},\"3335\":{\"h\":\"email\",\"t\":[\"Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the emailclaim from the access token will be matched against the property values.\"]},\"3336\":{\"h\":\"token-role and token-group\",\"t\":[\"With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.\"]},\"3337\":{\"h\":\"DSF and Practitioner Roles\",\"t\":[\"Two types of roles can be applied to matched users.\"]},\"3338\":{\"h\":\"dsf-role\",\"t\":[\"DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:\",\"CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.\"]},\"3339\":{\"h\":\"practitioner-role\",\"t\":[\"In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code. If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-roleCREATE.\",\"Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:\",\"UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.\"]},\"3340\":{\"h\":\"Examples\",\"t\":[\"The first example defines a group of DSF administrators. Two client certificates match against this role:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - certificate-admins: thumbprint: - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - token-role-admins: token-role: admin dsf-role: - CREATE - READ - UPDATE - DELETE - SEARCH - HISTORY practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN\",\"The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:\",\" DEV_DSF_FHIR_SERVER_ROLECONFIG: | - read-only: email: - first.user@test.org - second.user@test.org dsf-role: - READ - SEARCH - HISTORY\"]},\"3341\":{\"h\":\"Configuration Parameters\"},\"3342\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate\",\"Required: Yes\",\"Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate.pem\"]},\"3343\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key\",\"Required: Yes\",\"Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_certificate_private_key.pem\"]},\"3344\":{\"h\":\"DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the local client certificate encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/app_client_certificate_private_key.pem.password\"]},\"3345\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.connect\",\"Required: No\",\"Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:2000\"]},\"3346\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TIMEOUT_READ\",\"t\":[\"Property: dev.dsf.fhir.client.timeout.read\",\"Required: No\",\"Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted\",\"Recommendation: Change default value only if timeout exceptions occur\",\"Default:10000\"]},\"3347\":{\"h\":\"DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.fhir.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"3348\":{\"h\":\"DEV_DSF_FHIR_CLIENT_VERBOSE\",\"t\":[\"Property: dev.dsf.fhir.client.verbose\",\"Required: No\",\"Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true\",\"Default:false\"]},\"3349\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.forceUnlock\",\"Required: No\",\"Description: To force liquibase to unlock the migration lock set to true\",\"Recommendation: Only use this option temporarily to unlock a stuck DB migration step\",\"Default:false\"]},\"3350\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.lockWaitTime\",\"Required: No\",\"Description: Liquibase change lock wait time in minutes, default 2 minutes\",\"Default:2\"]},\"3351\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server to execute database migrations\",\"Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE\",\"Example:/run/secrets/db_liquibase.password\"]},\"3352\":{\"h\":\"DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.liquibase.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server to execute database migrations\",\"Default:liquibase_user\"]},\"3353\":{\"h\":\"DEV_DSF_FHIR_DB_URL\",\"t\":[\"Property: dev.dsf.fhir.db.url\",\"Required: Yes\",\"Description: Address of the database used for the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose\",\"Example:jdbc:postgresql://db/fhir\"]},\"3354\":{\"h\":\"DEV_DSF_FHIR_DB_USER_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF FHIR server\",\"Default:fhir_users\"]},\"3355\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE\",\"Example:/run/secrets/db_user.password\"]},\"3356\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.group\",\"Required: No\",\"Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes\",\"Default:fhir_permanent_delete_users\"]},\"3357\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.password\",\"Required: Yes\",\"Description: Password to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE\",\"Example:/run/secrets/db_user_permanent_delete.password\"]},\"3358\":{\"h\":\"DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.permanent.delete.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server for permanent deletes\",\"Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME\",\"Default:fhir_server_permanent_delete_user\"]},\"3359\":{\"h\":\"DEV_DSF_FHIR_DB_USER_USERNAME\",\"t\":[\"Property: dev.dsf.fhir.db.user.username\",\"Required: No\",\"Description: Username to access the database from the DSF FHIR server\",\"Default:fhir_server_user\"]},\"3360\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.currentUser\",\"Required: No\",\"Description: To enable logging of the currently requesting user set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3361\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.dbStatement\",\"Required: No\",\"Description: To enable logging of DB queries set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3362\":{\"h\":\"DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST\",\"t\":[\"Property: dev.dsf.fhir.debug.log.message.webserviceRequest\",\"Required: No\",\"Description: To enable logging of webservices requests set to true\",\"Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!\",\"Default:false\"]},\"3363\":{\"h\":\"DEV_DSF_FHIR_SERVER_BASE_URL\",\"t\":[\"Property: dev.dsf.fhir.server.base.url\",\"Required: Yes\",\"Description: Base address of this DSF FHIR server to read/store fhir resources\",\"Example:https://foo.bar/fhir\"]},\"3364\":{\"h\":\"DEV_DSF_FHIR_SERVER_INIT_BUNDLE\",\"t\":[\"Property: dev.dsf.fhir.server.init.bundle\",\"Required: No\",\"Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server\",\"Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source\",\"Default:conf/bundle.xml\"]},\"3365\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE\",\"t\":[\"Property: dev.dsf.fhir.server.organization.identifier.value\",\"Required: Yes\",\"Description: Local identifier value used in the Allow-List\",\"Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization\",\"Example:hospital.com\"]},\"3366\":{\"h\":\"DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT\",\"t\":[\"Property: dev.dsf.fhir.server.organization.thumbprint\",\"Required: Yes\",\"Description: The SHA-512 thumbprint of the local organization client certificate\",\"Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem\"]},\"3367\":{\"h\":\"DEV_DSF_FHIR_SERVER_PAGE_COUNT\",\"t\":[\"Property: dev.dsf.fhir.server.page.count\",\"Required: No\",\"Description: Page size returned by the DSF FHIR server when reading/searching fhir resources\",\"Default:20\"]},\"3368\":{\"h\":\"DEV_DSF_FHIR_SERVER_ROLECONFIG\",\"t\":[\"Property: dev.dsf.fhir.server.roleConfig\",\"Required: No\",\"Description: Role config YAML as defined in FHIR Server: Access Control\"]},\"3369\":{\"h\":\"DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE\",\"t\":[\"Property: dev.dsf.fhir.server.static.resource.cache\",\"Required: No\",\"Description: To disable static resource caching, set to false\",\"Recommendation: Only set to false for development\",\"Default:true\"]},\"3370\":{\"h\":\"DEV_DSF_FHIR_SERVER_UI_THEME\",\"t\":[\"Property: dev.dsf.fhir.server.ui.theme\",\"Required: No\",\"Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod\"]},\"3371\":{\"h\":\"DEV_DSF_PROXY_NOPROXY\",\"t\":[\"Property: dev.dsf.proxy.noProxy\",\"Required: No\",\"Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported\",\"Example:foo.bar, test.com:8080\"]},\"3372\":{\"h\":\"DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.proxy.password\",\"Required: No\",\"Description: Forward Proxy password\",\"Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE\"]},\"3373\":{\"h\":\"DEV_DSF_PROXY_URL\",\"t\":[\"Property: dev.dsf.proxy.url\",\"Required: No\",\"Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy\",\"Example:http://proxy.foo:8080\"]},\"3374\":{\"h\":\"DEV_DSF_PROXY_USERNAME\",\"t\":[\"Property: dev.dsf.proxy.username\",\"Required: No\",\"Description: Forward proxy username\",\"Recommendation: Configure username if proxy requires authentication\"]},\"3375\":{\"h\":\"DEV_DSF_SERVER_API_HOST\",\"t\":[\"Property: dev.dsf.server.api.host\",\"Required: No\",\"Description: API connector host, default in docker image: 0.0.0.0\",\"Default:127.0.0.1\"]},\"3376\":{\"h\":\"DEV_DSF_SERVER_API_PORT\",\"t\":[\"Property: dev.dsf.server.api.port\",\"Required: No\",\"Description: API connector port, default in docker image: 8080\"]},\"3377\":{\"h\":\"DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER\",\"t\":[\"Property: dev.dsf.server.auth.client.certificate.header\",\"Required: No\",\"Description: Name of HTTP header with client certificate from reverse proxy\",\"Default:X-ClientCert\"]},\"3378\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW\",\"t\":[\"Property: dev.dsf.server.auth.oidc.authorization.code.flow\",\"Required: No\",\"Description: Set to true to enable OIDC authorization code flow\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified\",\"Default:false\"]},\"3379\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout\",\"Required: No\",\"Description: Set to true to enable OIDC back-channel logout\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified\",\"Default:false\"]},\"3380\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH\",\"t\":[\"Property: dev.dsf.server.auth.oidc.back.channel.logout.path\",\"Required: No\",\"Description: Path called by the OIDC provide to request back-channel logout\",\"Default:/back-channel-logout\"]},\"3381\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN\",\"t\":[\"Property: dev.dsf.server.auth.oidc.bearer.token\",\"Required: No\",\"Description: Set to true to enable OIDC bearer token authentication\",\"Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified\",\"Default:false\"]},\"3382\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"t\":[\"Property:dev.dsf.server.auth.oidc.client.id\",\"Required: No\",\"Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3383\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"t\":[\"Property: dev.dsf.server.auth.oidc.client.secret\",\"Required: No\",\"Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled\"]},\"3384\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate\",\"Required: No\",\"Description: PEM encoded file with client certificate for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate.pem\"]},\"3385\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key\",\"Required: No\",\"Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem\"]},\"3386\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password\",\"Required: No\",\"Description: Password to decrypt the client certificate for the OIDC provider encrypted private key\",\"Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE\",\"Example:/run/secrets/oidc_provider_client_certificate_private_key.pem.password\"]},\"3387\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout\",\"Required: No\",\"Description: OIDC provider client connect timeout in milliseconds\",\"Default:5000\"]},\"3388\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout\",\"Required: No\",\"Description: OIDC provider client idle timeout in milliseconds\",\"Default:30000\"]},\"3389\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/oidc_provider_trust_certificates.pem\",\"Default:ca/server_cert_root_cas.pem\"]},\"3390\":{\"h\":\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"t\":[\"Property: dev.dsf.server.auth.oidc.provider.realm.base.url\",\"Required: No\",\"Description: OIDC provider realm base url\",\"Example:https://keycloak.test.com:8443/realms/example-realm-name\"]},\"3391\":{\"h\":\"DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS\",\"t\":[\"Property: dev.dsf.server.auth.trust.client.certificate.cas\",\"Required: No\",\"Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/app_client_trust_certificates.pem\",\"Default:ca/client_cert_ca_chains.pem\"]},\"3392\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE\",\"t\":[\"Property: dev.dsf.server.certificate\",\"Required: No\",\"Description: Server certificate file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3393\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_CHAIN\",\"t\":[\"Property: dev.dsf.server.certificate.chain\",\"Required: No\",\"Description: Server certificate chain file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3394\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY\",\"t\":[\"Property: dev.dsf.server.certificate.key\",\"Required: No\",\"Description: Server certificate private key file for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3395\":{\"h\":\"DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE\",\"t\":[\"Property: dev.dsf.server.certificate.key.password\",\"Required: No\",\"Description: Server certificate private key file password for testing\",\"Recommendation: Only specify For testing when terminating TLS in jetty server\"]},\"3396\":{\"h\":\"DEV_DSF_SERVER_CONTEXT_PATH\",\"t\":[\"Property: dev.dsf.server.context.path\",\"Required: No\",\"Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir\",\"Recommendation: Only modify for testing\"]},\"3397\":{\"h\":\"DEV_DSF_SERVER_STATUS_HOST\",\"t\":[\"Property: dev.dsf.server.status.host\",\"Required: No\",\"Description: Status connector host\",\"Default:127.0.0.1\"]},\"3398\":{\"h\":\"DEV_DSF_SERVER_STATUS_PORT\",\"t\":[\"Property: dev.dsf.server.status.port\",\"Required: No\",\"Description: Status connector port, default in docker image: 10000\"]},\"3399\":{\"h\":\"OpenID Connect\"},\"3400\":{\"h\":\"Overview\",\"t\":[\"Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.\",\"The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.\",\"FHIR Reverse Proxy\",\"The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.\"]},\"3401\":{\"h\":\"Authorization Code Flow\",\"t\":[\"To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID\",\"DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET\",\"Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.\"]},\"3402\":{\"h\":\"Bearer Token Authentication\",\"t\":[\"To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:\",\"DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL\"]},\"3403\":{\"h\":\"Additional ODIC Configuration Parameter\",\"t\":[\"A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.\",\"For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.\"]},\"3404\":{\"h\":\"Example\",\"t\":[\"services: app: image: ghcr.io/datasharingframework/fhir:1.5.2 # ... secrets: - keycloak_root_ca.pem # ... environment: # ... DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3 # ... secrets: keycloak_root_ca.pem: file: ./secrets/keycloak_root_ca.pem\"]},\"3405\":{\"h\":\"FHIR Reverse Proxy\"},\"3406\":{\"h\":\"Overview\",\"t\":[\"Configuration Parameters\"]},\"3407\":{\"h\":\"Configuration Parameters\"},\"3408\":{\"h\":\"APP_SERVER_IP\",\"t\":[\"Required: Yes\",\"Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target\",\"Example:app, 172.28.1.3\"]},\"3409\":{\"h\":\"HTTPS_SERVER_NAME_PORT\",\"t\":[\"Required: Yes\",\"Description: External FQDN of your DSF FHIR server with port, typically 443\",\"Example:my-external.fqdn:443\"]},\"3410\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3411\":{\"h\":\"PROXY_PASS_CONNECTION_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established\",\"Default:30 seconds\"]},\"3412\":{\"h\":\"PROXY_PASS_TIMEOUT_HTTP\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3413\":{\"h\":\"PROXY_PASS_TIMEOUT_WS\",\"t\":[\"Required: No\",\"Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply\",\"Default:60 seconds\"]},\"3414\":{\"h\":\"SERVER_CONTEXT_PATH\",\"t\":[\"Required: No\",\"Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path\",\"Default:/fhir\"]},\"3415\":{\"h\":\"SSL_CA_CERTIFICATE_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_ca_chains.pem\"]},\"3416\":{\"h\":\"SSL_CA_DN_REQUEST_FILE\",\"t\":[\"Required: No\",\"Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used\",\"Recommendation: Use docker secret file to configure\",\"Default:ca/client_cert_issuing_cas.pem\"]},\"3417\":{\"h\":\"SSL_CERTIFICATE_CHAIN_FILE\",\"t\":[\"Required: No\",\"Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_chain_file.pem\"]},\"3418\":{\"h\":\"SSL_CERTIFICATE_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_file.pem\"]},\"3419\":{\"h\":\"SSL_CERTIFICATE_KEY_FILE\",\"t\":[\"Required: Yes\",\"Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile\",\"Recommendation: Use docker secret file to configure\",\"Example:/run/secrets/ssl_certificate_key_file.pem\"]},\"3420\":{\"h\":\"SSL_EXPECTED_CLIENT_S_DN_C_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code\",\"Default:'DE'\"]},\"3421\":{\"h\":\"SSL_EXPECTED_CLIENT_I_DN_CN_VALUES\",\"t\":[\"Required: No\",\"Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code\",\"Default:'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'\"]},\"3422\":{\"h\":\"SSL_VERIFY_CLIENT\",\"t\":[\"Required: No\",\"Description: Modifies the apache mod_ssl config parameter SSLVerifyClient\",\"Recommendation: Set to optional when using OIDC authentication\",\"Default:require\"]},\"3423\":{\"h\":\"\",\"t\":[\"404 Not Found\"]},\"3424\":{\"h\":\"Info\"}},\"dirtCount\":0,\"index\":[[\"=\",{\"1\":{\"373\":1}}],[\"^\",{\"1\":{\"357\":2}}],[\"`chown\",{\"1\":{\"310\":1}}],[\"`chmod\",{\"1\":{\"310\":1}}],[\"`\",{\"1\":{\"310\":1}}],[\"`daoprovider\",{\"1\":{\"147\":1}}],[\"+$\",{\"1\":{\"357\":1}}],[\"+48\",{\"1\":{\"304\":1,\"307\":1}}],[\"+45\",{\"1\":{\"304\":1}}],[\"+29\",{\"1\":{\"304\":2}}],[\"+27\",{\"1\":{\"303\":1,\"306\":1,\"309\":1,\"312\":1,\"315\":1}}],[\"+\",{\"1\":{\"303\":2,\"304\":9,\"306\":2,\"307\":5,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"357\":1,\"459\":1,\"461\":2,\"462\":1,\"510\":2,\"511\":1,\"536\":2,\"537\":1,\"564\":1,\"566\":2,\"567\":1,\"594\":1,\"596\":2,\"597\":1,\"624\":1,\"626\":2,\"627\":1,\"670\":1,\"672\":2,\"673\":1,\"716\":1,\"718\":2,\"719\":1,\"762\":1,\"764\":2,\"765\":1,\"808\":1,\"810\":2,\"811\":1,\"854\":1,\"856\":2,\"857\":1,\"913\":1,\"915\":2,\"916\":1,\"1025\":1,\"1118\":1,\"1420\":1,\"1596\":1,\"1773\":1,\"1950\":1,\"2127\":1,\"2304\":1,\"2432\":1,\"2523\":1,\"2651\":1,\"2742\":1,\"2870\":1,\"2961\":1,\"3089\":1,\"3180\":1,\"3308\":1,\"3401\":1}}],[\"+1\",{\"1\":{\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1}}],[\"+x\",{\"1\":{\"283\":1,\"294\":1}}],[\"$\",{\"1\":{\"283\":3,\"294\":3,\"327\":6,\"346\":2,\"372\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"$name\",{\"1\":{\"170\":2}}],[\"$ssl\",{\"1\":{\"170\":1}}],[\"<=\",{\"1\":{\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"\",{\"1\":{\"348\":1}}],[\"\",{\"1\":{\"348\":1}}],[\"dsf\",{\"1\":{\"163\":1}}],[\"github<\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"162\":1}}],[\"org\",{\"1\":{\"163\":1}}],[\"\",{\"1\":{\"163\":1}}],[\"\",{\"1\":{\"163\":2}}],[\"username<\",{\"1\":{\"162\":1,\"398\":1}}],[\"https\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"162\":1,\"398\":1}}],[\"\",{\"1\":{\"162\":1,\"398\":1}}],[\"true<\",{\"1\":{\"162\":1}}],[\"true<\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"162\":1}}],[\"github\",{\"1\":{\"162\":1}}],[\"github<\",{\"1\":{\"162\":3,\"398\":1}}],[\"\",{\"1\":{\"160\":1}}],[\"token<\",{\"1\":{\"162\":1,\"398\":1}}],[\"\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"162\":1}}],[\"\",{\"1\":{\"363\":2,\"389\":2}}],[\"\",{\"1\":{\"363\":2,\"389\":4}}],[\"\",{\"1\":{\"160\":1}}],[\"version<\",{\"1\":{\"163\":1}}],[\"\",{\"1\":{\"158\":1,\"409\":2,\"633\":2,\"679\":2,\"725\":2,\"771\":2,\"817\":2,\"863\":2}}],[\"\",{\"1\":{\"160\":1}}],[\"=\",{\"1\":{\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\">=0\",{\"1\":{\"217\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\">\",{\"1\":{\"141\":1,\"145\":11,\"146\":3,\"147\":33,\"148\":6,\"149\":6,\"150\":20,\"151\":4,\"154\":2,\"159\":320,\"160\":57,\"162\":1,\"283\":1,\"289\":6,\"290\":4,\"294\":1,\"300\":6,\"301\":4,\"348\":2,\"363\":17,\"372\":1,\"389\":25,\"398\":1,\"437\":1,\"442\":6,\"443\":3,\"476\":1,\"481\":6,\"482\":3,\"499\":1,\"504\":6,\"505\":3,\"525\":1,\"530\":6,\"531\":3,\"555\":1,\"560\":6,\"561\":3,\"585\":1,\"590\":6,\"591\":3,\"615\":1,\"620\":6,\"621\":3,\"661\":1,\"666\":6,\"667\":3,\"707\":1,\"712\":6,\"713\":3,\"753\":1,\"758\":6,\"759\":3,\"799\":1,\"804\":6,\"805\":3,\"845\":1,\"850\":6,\"851\":3,\"891\":1,\"896\":6,\"897\":3}}],[\"q\",{\"1\":{\"136\":1}}],[\"quotation\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"quick\",{\"1\":{\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"quickly\",{\"1\":{\"98\":1}}],[\"qualified\",{\"1\":{\"159\":1,\"332\":1}}],[\"quality\",{\"1\":{\"9\":1,\"81\":1,\"415\":2,\"419\":1,\"639\":2,\"643\":1,\"685\":2,\"689\":1,\"731\":2,\"735\":1,\"777\":2,\"781\":1,\"823\":2,\"827\":1,\"869\":2,\"873\":1}}],[\"queuesize\",{\"0\":{\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1},\"1\":{\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1}}],[\"queue\",{\"1\":{\"983\":1,\"984\":2,\"1516\":1,\"1517\":2,\"1693\":1,\"1694\":2,\"1870\":1,\"1871\":2,\"2047\":1,\"2048\":2,\"2224\":1,\"2225\":2,\"2414\":1,\"2415\":2,\"2633\":1,\"2634\":2,\"2852\":1,\"2853\":2,\"3071\":1,\"3072\":2,\"3266\":1,\"3267\":2}}],[\"question\",{\"1\":{\"159\":4}}],[\"questionnaires\",{\"1\":{\"145\":1}}],[\"questionnaire\",{\"0\":{\"206\":1,\"958\":1,\"1167\":1,\"1318\":1,\"1491\":1,\"1668\":1,\"1845\":1,\"2022\":1,\"2199\":1,\"2389\":1,\"2608\":1,\"2827\":1,\"3046\":1,\"3241\":1},\"1\":{\"97\":1,\"206\":2,\"958\":2,\"1167\":2,\"1318\":2,\"1491\":2,\"1668\":2,\"1845\":2,\"2022\":2,\"2199\":2,\"2389\":2,\"2608\":2,\"2827\":2,\"3046\":2,\"3241\":2}}],[\"questionnaireresponse\",{\"1\":{\"90\":2,\"97\":1,\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"questions\",{\"0\":{\"40\":1},\"1\":{\"12\":1,\"40\":1,\"127\":1,\"419\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"643\":1,\"668\":1,\"689\":1,\"714\":1,\"735\":1,\"760\":1,\"781\":1,\"806\":1,\"827\":1,\"852\":1,\"873\":1,\"898\":1}}],[\"query\",{\"1\":{\"85\":1,\"126\":2,\"127\":1,\"128\":2,\"153\":1}}],[\"queries\",{\"1\":{\"26\":2,\"29\":1,\"98\":1,\"102\":1,\"126\":1,\"127\":1,\"128\":2,\"942\":1,\"1078\":1,\"2373\":1,\"2483\":1,\"2592\":1,\"2702\":1,\"2811\":1,\"2921\":1,\"3030\":1,\"3140\":1,\"3225\":1,\"3361\":1}}],[\"yaml\",{\"1\":{\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"920\":1,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"992\":1,\"995\":1,\"1049\":1,\"1085\":1,\"1088\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1249\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1355\":1,\"1388\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1531\":1,\"1564\":1,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1708\":1,\"1741\":1,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1885\":1,\"1918\":1,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2062\":1,\"2095\":1,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2239\":1,\"2272\":1,\"2274\":1,\"2327\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2423\":1,\"2426\":1,\"2454\":1,\"2490\":1,\"2493\":1,\"2546\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2642\":1,\"2645\":1,\"2673\":1,\"2709\":1,\"2712\":1,\"2765\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2861\":1,\"2864\":1,\"2892\":1,\"2928\":1,\"2931\":1,\"2984\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3080\":1,\"3083\":1,\"3111\":1,\"3147\":1,\"3150\":1,\"3203\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3275\":1,\"3278\":1,\"3332\":1,\"3368\":1,\"3371\":1}}],[\"y\",{\"1\":{\"141\":4,\"142\":3,\"985\":1,\"989\":1,\"1518\":1,\"1522\":1,\"1695\":1,\"1699\":1,\"1872\":1,\"1876\":1,\"2049\":1,\"2053\":1,\"2226\":1,\"2230\":1,\"2416\":1,\"2420\":1,\"2635\":1,\"2639\":1,\"2854\":1,\"2858\":1,\"3073\":1,\"3077\":1,\"3268\":1,\"3272\":1}}],[\"yml\",{\"0\":{\"327\":1},\"1\":{\"135\":4,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"302\":1,\"303\":1,\"304\":1,\"305\":1,\"306\":1,\"307\":1,\"308\":1,\"309\":1,\"310\":1,\"311\":1,\"312\":1,\"313\":1,\"314\":1,\"315\":1,\"316\":1,\"331\":1,\"341\":1,\"349\":1,\"352\":1,\"433\":2,\"442\":2,\"443\":2,\"460\":1,\"461\":1,\"462\":1,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"509\":1,\"510\":1,\"511\":1,\"530\":2,\"531\":2,\"535\":1,\"536\":1,\"537\":1,\"560\":2,\"561\":2,\"565\":1,\"566\":1,\"567\":1,\"590\":2,\"591\":2,\"595\":1,\"596\":1,\"597\":1,\"620\":2,\"621\":2,\"625\":1,\"626\":1,\"627\":1,\"666\":2,\"667\":2,\"671\":1,\"672\":1,\"673\":1,\"712\":2,\"713\":2,\"717\":1,\"718\":1,\"719\":1,\"758\":2,\"759\":2,\"763\":1,\"764\":1,\"765\":1,\"795\":2,\"804\":2,\"805\":2,\"809\":1,\"810\":1,\"811\":1,\"841\":2,\"850\":2,\"851\":2,\"855\":1,\"856\":1,\"857\":1,\"887\":2,\"896\":2,\"897\":2,\"914\":1,\"915\":1,\"916\":1}}],[\"yes\",{\"1\":{\"175\":1,\"177\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"205\":1,\"207\":1,\"208\":1,\"241\":1,\"242\":1,\"249\":1,\"251\":1,\"253\":1,\"255\":1,\"257\":1,\"260\":1,\"263\":1,\"265\":1,\"266\":1,\"269\":1,\"270\":1,\"275\":1,\"278\":1,\"279\":1,\"932\":1,\"934\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"959\":1,\"1031\":1,\"1032\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1068\":1,\"1070\":1,\"1072\":1,\"1074\":1,\"1080\":1,\"1082\":1,\"1083\":1,\"1125\":1,\"1126\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1147\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1166\":1,\"1168\":1,\"1169\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1218\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1232\":1,\"1236\":1,\"1238\":1,\"1240\":1,\"1242\":1,\"1245\":1,\"1247\":1,\"1249\":1,\"1256\":1,\"1257\":1,\"1262\":1,\"1265\":1,\"1266\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1286\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1296\":1,\"1298\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1317\":1,\"1319\":1,\"1320\":1,\"1365\":1,\"1366\":1,\"1370\":1,\"1374\":1,\"1376\":1,\"1378\":1,\"1380\":1,\"1383\":1,\"1385\":1,\"1386\":1,\"1388\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1410\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1427\":1,\"1428\":1,\"1433\":1,\"1436\":1,\"1437\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1458\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1468\":1,\"1470\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1490\":1,\"1492\":1,\"1541\":1,\"1542\":1,\"1546\":1,\"1550\":1,\"1552\":1,\"1554\":1,\"1556\":1,\"1559\":1,\"1561\":1,\"1562\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1586\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1603\":1,\"1604\":1,\"1610\":1,\"1613\":1,\"1614\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1635\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1645\":1,\"1647\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1667\":1,\"1669\":1,\"1718\":1,\"1719\":1,\"1723\":1,\"1727\":1,\"1729\":1,\"1731\":1,\"1733\":1,\"1736\":1,\"1738\":1,\"1739\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1763\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1780\":1,\"1781\":1,\"1787\":1,\"1790\":1,\"1791\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1812\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1822\":1,\"1824\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1844\":1,\"1846\":1,\"1895\":1,\"1896\":1,\"1900\":1,\"1904\":1,\"1906\":1,\"1908\":1,\"1910\":1,\"1913\":1,\"1915\":1,\"1916\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1940\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1957\":1,\"1958\":1,\"1964\":1,\"1967\":1,\"1968\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1989\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1999\":1,\"2001\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2021\":1,\"2023\":1,\"2072\":1,\"2073\":1,\"2077\":1,\"2081\":1,\"2083\":1,\"2085\":1,\"2087\":1,\"2090\":1,\"2092\":1,\"2093\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2117\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2134\":1,\"2135\":1,\"2141\":1,\"2144\":1,\"2145\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2166\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2176\":1,\"2178\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2198\":1,\"2200\":1,\"2249\":1,\"2250\":1,\"2254\":1,\"2258\":1,\"2260\":1,\"2262\":1,\"2264\":1,\"2267\":1,\"2269\":1,\"2270\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2294\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2311\":1,\"2312\":1,\"2318\":1,\"2321\":1,\"2322\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2353\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2363\":1,\"2365\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2388\":1,\"2390\":1,\"2438\":1,\"2439\":1,\"2445\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2469\":1,\"2473\":1,\"2475\":1,\"2477\":1,\"2479\":1,\"2485\":1,\"2487\":1,\"2488\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2513\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2530\":1,\"2531\":1,\"2537\":1,\"2540\":1,\"2541\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2572\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2582\":1,\"2584\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2607\":1,\"2609\":1,\"2657\":1,\"2658\":1,\"2664\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2688\":1,\"2692\":1,\"2694\":1,\"2696\":1,\"2698\":1,\"2704\":1,\"2706\":1,\"2707\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2732\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2749\":1,\"2750\":1,\"2756\":1,\"2759\":1,\"2760\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2791\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2801\":1,\"2803\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2826\":1,\"2828\":1,\"2876\":1,\"2877\":1,\"2883\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2907\":1,\"2911\":1,\"2913\":1,\"2915\":1,\"2917\":1,\"2923\":1,\"2925\":1,\"2926\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2951\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2968\":1,\"2969\":1,\"2975\":1,\"2978\":1,\"2979\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"3010\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3020\":1,\"3022\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3045\":1,\"3047\":1,\"3095\":1,\"3096\":1,\"3102\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3126\":1,\"3130\":1,\"3132\":1,\"3134\":1,\"3136\":1,\"3142\":1,\"3144\":1,\"3145\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3170\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3187\":1,\"3188\":1,\"3194\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3217\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3242\":1,\"3314\":1,\"3315\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3351\":1,\"3353\":1,\"3355\":1,\"3357\":1,\"3363\":1,\"3365\":1,\"3366\":1,\"3408\":1,\"3409\":1,\"3418\":1,\"3419\":1}}],[\"yet\",{\"1\":{\"127\":1,\"414\":1,\"417\":1,\"428\":2,\"471\":2,\"494\":2,\"520\":2,\"546\":2,\"576\":2,\"606\":2,\"638\":1,\"641\":1,\"652\":2,\"684\":1,\"687\":1,\"698\":2,\"730\":1,\"733\":1,\"744\":2,\"776\":1,\"779\":1,\"790\":2,\"822\":1,\"825\":1,\"836\":2,\"868\":1,\"871\":1,\"882\":2}}],[\"years\",{\"1\":{\"117\":1}}],[\"youtube\",{\"1\":{\"318\":1}}],[\"you´re\",{\"1\":{\"75\":1}}],[\"you\",{\"0\":{\"119\":1,\"120\":1},\"1\":{\"12\":4,\"13\":1,\"33\":3,\"37\":5,\"38\":1,\"40\":3,\"73\":1,\"74\":2,\"75\":1,\"86\":2,\"92\":1,\"93\":2,\"97\":1,\"102\":1,\"119\":1,\"120\":1,\"134\":1,\"135\":1,\"136\":1,\"139\":1,\"154\":1,\"162\":2,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"280\":1,\"286\":3,\"289\":2,\"290\":3,\"291\":1,\"297\":3,\"300\":2,\"301\":3,\"302\":1,\"304\":2,\"305\":2,\"307\":2,\"308\":1,\"310\":2,\"311\":1,\"314\":1,\"332\":1,\"338\":5,\"352\":3,\"367\":2,\"393\":3,\"396\":1,\"398\":2,\"400\":1,\"407\":1,\"408\":1,\"411\":1,\"413\":2,\"414\":3,\"417\":7,\"418\":3,\"419\":9,\"422\":1,\"426\":1,\"427\":3,\"429\":6,\"430\":1,\"431\":1,\"434\":2,\"438\":1,\"442\":3,\"443\":2,\"444\":6,\"445\":3,\"459\":7,\"469\":2,\"470\":3,\"472\":7,\"473\":3,\"477\":1,\"481\":5,\"482\":2,\"483\":6,\"484\":3,\"485\":1,\"492\":2,\"493\":3,\"495\":7,\"496\":3,\"500\":1,\"504\":3,\"505\":2,\"506\":6,\"507\":3,\"508\":1,\"509\":1,\"518\":2,\"519\":3,\"521\":7,\"522\":3,\"526\":1,\"530\":3,\"531\":2,\"532\":6,\"533\":3,\"534\":1,\"535\":1,\"536\":2,\"544\":2,\"545\":3,\"547\":7,\"548\":1,\"552\":2,\"556\":1,\"560\":3,\"561\":2,\"562\":6,\"563\":3,\"564\":7,\"565\":1,\"574\":2,\"575\":3,\"577\":6,\"578\":1,\"582\":2,\"586\":1,\"590\":3,\"591\":2,\"592\":6,\"593\":3,\"594\":7,\"604\":2,\"605\":3,\"607\":6,\"608\":1,\"612\":2,\"616\":1,\"620\":3,\"621\":2,\"622\":6,\"623\":3,\"624\":7,\"631\":1,\"632\":1,\"635\":1,\"637\":2,\"638\":3,\"641\":7,\"642\":3,\"643\":9,\"646\":1,\"650\":2,\"651\":3,\"653\":6,\"654\":1,\"658\":2,\"662\":1,\"666\":3,\"667\":2,\"668\":6,\"669\":3,\"670\":7,\"677\":1,\"678\":1,\"681\":1,\"683\":2,\"684\":3,\"687\":7,\"688\":3,\"689\":9,\"692\":1,\"696\":2,\"697\":3,\"699\":6,\"700\":1,\"704\":2,\"708\":1,\"712\":3,\"713\":2,\"714\":6,\"715\":3,\"716\":7,\"723\":1,\"724\":1,\"727\":1,\"729\":2,\"730\":3,\"733\":7,\"734\":3,\"735\":9,\"738\":1,\"742\":2,\"743\":3,\"745\":6,\"746\":1,\"750\":2,\"754\":1,\"758\":3,\"759\":2,\"760\":6,\"761\":3,\"762\":7,\"769\":1,\"770\":1,\"773\":1,\"775\":2,\"776\":3,\"779\":7,\"780\":3,\"781\":9,\"784\":1,\"788\":2,\"789\":3,\"791\":6,\"792\":1,\"793\":1,\"796\":2,\"800\":1,\"804\":3,\"805\":2,\"806\":6,\"807\":3,\"808\":7,\"815\":1,\"816\":1,\"819\":1,\"821\":2,\"822\":3,\"825\":7,\"826\":3,\"827\":9,\"830\":1,\"834\":1,\"835\":3,\"837\":6,\"838\":1,\"839\":1,\"842\":2,\"846\":1,\"850\":3,\"851\":2,\"852\":6,\"853\":3,\"854\":7,\"861\":1,\"862\":1,\"865\":1,\"867\":2,\"868\":3,\"871\":7,\"872\":3,\"873\":9,\"876\":1,\"880\":1,\"881\":3,\"883\":6,\"884\":1,\"885\":1,\"888\":2,\"892\":1,\"896\":3,\"897\":2,\"898\":6,\"899\":3,\"913\":7,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"yourself\",{\"1\":{\"338\":1,\"367\":1,\"393\":1,\"429\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"577\":1,\"592\":1,\"607\":1,\"622\":1,\"653\":1,\"668\":1,\"699\":1,\"714\":1,\"745\":1,\"760\":1,\"791\":1,\"806\":1,\"837\":1,\"852\":1,\"883\":1,\"898\":1}}],[\"your\",{\"0\":{\"2\":1,\"5\":1,\"13\":1,\"75\":1,\"87\":1},\"1\":{\"12\":6,\"38\":3,\"71\":1,\"75\":1,\"104\":1,\"106\":2,\"120\":1,\"128\":1,\"134\":5,\"135\":3,\"136\":1,\"154\":1,\"162\":3,\"174\":1,\"231\":1,\"232\":1,\"233\":1,\"238\":1,\"270\":1,\"284\":2,\"285\":1,\"286\":1,\"289\":10,\"290\":5,\"295\":2,\"296\":1,\"297\":1,\"300\":11,\"301\":5,\"304\":4,\"307\":4,\"310\":4,\"313\":4,\"316\":4,\"321\":1,\"331\":1,\"338\":2,\"340\":1,\"342\":4,\"352\":2,\"377\":1,\"396\":1,\"398\":2,\"400\":2,\"404\":1,\"405\":1,\"407\":3,\"411\":1,\"414\":3,\"417\":4,\"418\":1,\"419\":12,\"427\":3,\"428\":3,\"429\":2,\"433\":3,\"434\":1,\"438\":2,\"439\":1,\"442\":5,\"443\":4,\"444\":2,\"445\":1,\"459\":14,\"462\":4,\"470\":6,\"471\":3,\"472\":2,\"473\":1,\"477\":2,\"478\":1,\"481\":8,\"482\":5,\"483\":2,\"484\":1,\"485\":5,\"493\":6,\"494\":3,\"495\":2,\"496\":1,\"500\":2,\"501\":1,\"504\":6,\"505\":5,\"506\":2,\"507\":1,\"508\":5,\"511\":4,\"519\":6,\"520\":3,\"521\":2,\"522\":1,\"526\":2,\"527\":1,\"530\":6,\"531\":5,\"532\":2,\"533\":1,\"534\":5,\"537\":4,\"545\":5,\"546\":3,\"547\":2,\"552\":1,\"556\":2,\"557\":1,\"560\":6,\"561\":5,\"562\":2,\"563\":1,\"564\":14,\"567\":4,\"575\":3,\"576\":3,\"577\":2,\"582\":1,\"586\":2,\"587\":1,\"590\":6,\"591\":4,\"592\":2,\"593\":1,\"594\":14,\"597\":4,\"605\":3,\"606\":3,\"607\":2,\"612\":1,\"616\":2,\"617\":1,\"620\":6,\"621\":4,\"622\":2,\"623\":1,\"624\":14,\"627\":4,\"628\":1,\"629\":1,\"631\":3,\"635\":1,\"638\":3,\"641\":4,\"642\":1,\"643\":12,\"651\":3,\"652\":3,\"653\":2,\"658\":1,\"662\":2,\"663\":1,\"666\":6,\"667\":4,\"668\":2,\"669\":1,\"670\":14,\"673\":4,\"674\":1,\"675\":1,\"677\":3,\"681\":1,\"684\":3,\"687\":4,\"688\":1,\"689\":12,\"697\":3,\"698\":3,\"699\":2,\"704\":1,\"708\":2,\"709\":1,\"712\":6,\"713\":4,\"714\":2,\"715\":1,\"716\":14,\"719\":4,\"720\":1,\"721\":1,\"723\":3,\"727\":1,\"730\":3,\"733\":4,\"734\":1,\"735\":12,\"743\":3,\"744\":3,\"745\":2,\"750\":1,\"754\":2,\"755\":1,\"758\":6,\"759\":4,\"760\":2,\"761\":1,\"762\":14,\"765\":4,\"766\":1,\"767\":1,\"769\":3,\"773\":1,\"776\":3,\"779\":4,\"780\":1,\"781\":12,\"789\":3,\"790\":3,\"791\":2,\"795\":3,\"796\":1,\"800\":2,\"801\":1,\"804\":6,\"805\":4,\"806\":2,\"807\":1,\"808\":14,\"811\":4,\"812\":1,\"813\":1,\"815\":3,\"819\":1,\"822\":3,\"825\":4,\"826\":1,\"827\":12,\"835\":3,\"836\":3,\"837\":2,\"841\":3,\"842\":1,\"846\":2,\"847\":1,\"850\":6,\"851\":4,\"852\":2,\"853\":1,\"854\":14,\"857\":4,\"858\":1,\"859\":1,\"861\":3,\"865\":1,\"868\":3,\"871\":4,\"872\":1,\"873\":12,\"881\":3,\"882\":3,\"883\":2,\"887\":3,\"888\":1,\"892\":2,\"893\":1,\"896\":5,\"897\":4,\"898\":2,\"899\":1,\"913\":14,\"916\":4,\"985\":1,\"1032\":1,\"1126\":1,\"1192\":1,\"1257\":1,\"1343\":1,\"1428\":1,\"1518\":1,\"1604\":1,\"1695\":1,\"1781\":1,\"1872\":1,\"1958\":1,\"2049\":1,\"2135\":1,\"2226\":1,\"2312\":1,\"2416\":1,\"2439\":1,\"2531\":1,\"2635\":1,\"2658\":1,\"2750\":1,\"2854\":1,\"2877\":1,\"2969\":1,\"3073\":1,\"3096\":1,\"3188\":1,\"3268\":1,\"3315\":1,\"3409\":1}}],[\"840\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"8443\",{\"1\":{\"135\":1,\"1014\":1,\"1107\":1,\"1217\":1,\"1285\":1,\"1409\":1,\"1457\":1,\"1585\":1,\"1634\":1,\"1762\":1,\"1811\":1,\"1939\":1,\"1988\":1,\"2116\":1,\"2165\":1,\"2293\":1,\"2352\":1,\"2512\":1,\"2571\":1,\"2731\":1,\"2790\":1,\"2950\":1,\"3009\":1,\"3169\":1,\"3297\":1,\"3390\":1}}],[\"8601\",{\"1\":{\"382\":1}}],[\"83\",{\"1\":{\"327\":1}}],[\"822\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"82\",{\"1\":{\"327\":1}}],[\"80\",{\"1\":{\"159\":2,\"303\":2,\"306\":2,\"309\":2,\"312\":2,\"315\":2,\"327\":1}}],[\"8080\",{\"1\":{\"139\":1,\"191\":1,\"197\":1,\"200\":1,\"245\":1,\"995\":1,\"997\":1,\"1000\":1,\"1088\":1,\"1090\":1,\"1093\":1,\"1197\":1,\"1199\":1,\"1203\":1,\"1251\":1,\"1253\":1,\"1271\":1,\"1348\":1,\"1350\":1,\"1390\":1,\"1392\":1,\"1395\":1,\"1443\":1,\"1524\":1,\"1526\":1,\"1566\":1,\"1568\":1,\"1571\":1,\"1620\":1,\"1701\":1,\"1703\":1,\"1743\":1,\"1745\":1,\"1748\":1,\"1797\":1,\"1878\":1,\"1880\":1,\"1920\":1,\"1922\":1,\"1925\":1,\"1974\":1,\"2055\":1,\"2057\":1,\"2097\":1,\"2099\":1,\"2102\":1,\"2151\":1,\"2232\":1,\"2234\":1,\"2274\":1,\"2276\":1,\"2279\":1,\"2338\":1,\"2426\":1,\"2428\":1,\"2493\":1,\"2495\":1,\"2498\":1,\"2557\":1,\"2645\":1,\"2647\":1,\"2712\":1,\"2714\":1,\"2717\":1,\"2776\":1,\"2864\":1,\"2866\":1,\"2931\":1,\"2933\":1,\"2936\":1,\"2995\":1,\"3083\":1,\"3085\":1,\"3150\":1,\"3152\":1,\"3155\":1,\"3278\":1,\"3280\":1,\"3283\":1,\"3371\":1,\"3373\":1,\"3376\":1}}],[\"8002\",{\"1\":{\"134\":1}}],[\"8001\",{\"1\":{\"134\":1}}],[\"802\",{\"1\":{\"110\":1,\"113\":1,\"165\":1,\"168\":1,\"284\":1,\"295\":1,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"8\",{\"0\":{\"305\":1,\"397\":1},\"1\":{\"126\":1,\"159\":1,\"303\":1,\"304\":4,\"305\":1,\"306\":4,\"307\":5,\"308\":2,\"309\":1,\"310\":3,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"319\":1,\"327\":1,\"394\":1,\"397\":2,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"85\",{\"1\":{\"26\":1}}],[\"​\",{\"1\":{\"98\":1}}],[\"|\",{\"0\":{\"77\":1,\"78\":1,\"79\":1},\"1\":{\"129\":1,\"136\":1,\"283\":2,\"294\":2,\"304\":4,\"307\":3,\"310\":2,\"313\":2,\"316\":2,\"325\":6,\"326\":6,\"327\":6,\"328\":6,\"338\":6,\"339\":6,\"342\":6,\"343\":6,\"352\":6,\"353\":6,\"367\":6,\"368\":6,\"377\":6,\"378\":6,\"393\":6,\"403\":6,\"437\":2,\"442\":1,\"444\":2,\"462\":2,\"476\":2,\"483\":2,\"499\":2,\"504\":1,\"506\":2,\"511\":2,\"525\":2,\"530\":1,\"532\":2,\"536\":1,\"537\":2,\"555\":2,\"560\":1,\"562\":2,\"567\":2,\"585\":2,\"590\":1,\"592\":2,\"597\":2,\"615\":2,\"620\":1,\"622\":2,\"627\":2,\"661\":2,\"666\":1,\"668\":2,\"673\":2,\"707\":2,\"712\":1,\"714\":2,\"719\":2,\"753\":2,\"758\":1,\"760\":2,\"765\":2,\"799\":2,\"804\":1,\"806\":2,\"811\":2,\"845\":2,\"850\":1,\"852\":2,\"857\":2,\"891\":2,\"896\":1,\"898\":2,\"916\":2,\"920\":3,\"928\":3,\"1049\":3,\"1057\":3,\"1355\":3,\"1363\":3,\"1388\":1,\"1531\":3,\"1539\":3,\"1708\":3,\"1716\":3,\"1885\":3,\"1893\":3,\"2062\":3,\"2070\":3,\"2239\":3,\"2247\":3,\"2327\":3,\"2335\":3,\"2454\":3,\"2462\":3,\"2546\":3,\"2554\":3,\"2673\":3,\"2681\":3,\"2765\":3,\"2773\":3,\"2892\":3,\"2900\":3,\"2984\":3,\"2992\":3,\"3111\":3,\"3119\":3,\"3203\":3,\"3211\":3,\"3332\":3,\"3340\":3}}],[\"🔒\",{\"0\":{\"111\":1}}],[\"🔥\",{\"0\":{\"95\":1}}],[\"📫\",{\"0\":{\"89\":1}}],[\"🚀\",{\"1\":{\"72\":1}}],[\"👥\",{\"0\":{\"72\":1}}],[\"58\",{\"1\":{\"457\":3,\"911\":3}}],[\"57\",{\"1\":{\"457\":1,\"911\":1}}],[\"59\",{\"1\":{\"457\":27,\"911\":27}}],[\"55\",{\"1\":{\"457\":1,\"911\":1}}],[\"51\",{\"1\":{\"304\":1,\"457\":1,\"458\":3,\"911\":1,\"912\":3}}],[\"512\",{\"1\":{\"289\":3,\"300\":3,\"442\":1,\"481\":2,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":2,\"922\":1,\"1049\":2,\"1051\":1,\"1083\":1,\"1355\":2,\"1357\":1,\"1386\":1,\"1531\":2,\"1533\":1,\"1562\":1,\"1708\":2,\"1710\":1,\"1739\":1,\"1885\":2,\"1887\":1,\"1916\":1,\"2062\":2,\"2064\":1,\"2093\":1,\"2239\":2,\"2241\":1,\"2270\":1,\"2327\":2,\"2329\":1,\"2454\":2,\"2456\":1,\"2488\":1,\"2546\":2,\"2548\":1,\"2673\":2,\"2675\":1,\"2707\":1,\"2765\":2,\"2767\":1,\"2892\":2,\"2894\":1,\"2926\":1,\"2984\":2,\"2986\":1,\"3111\":2,\"3113\":1,\"3145\":1,\"3203\":2,\"3205\":1,\"3332\":2,\"3334\":1,\"3366\":1}}],[\"5s\",{\"1\":{\"170\":2,\"327\":1}}],[\"5432\",{\"1\":{\"134\":1}}],[\"5\",{\"0\":{\"58\":1,\"60\":1,\"62\":1,\"325\":1,\"378\":1,\"379\":1,\"704\":1,\"750\":1,\"763\":1,\"796\":1,\"809\":1,\"855\":1},\"1\":{\"58\":1,\"60\":2,\"62\":2,\"64\":1,\"98\":1,\"137\":2,\"160\":2,\"325\":2,\"326\":1,\"327\":2,\"328\":1,\"334\":1,\"338\":1,\"339\":1,\"342\":1,\"343\":1,\"348\":1,\"352\":1,\"353\":1,\"367\":1,\"368\":1,\"377\":2,\"378\":1,\"392\":1,\"393\":1,\"403\":1,\"457\":2,\"536\":1,\"537\":1,\"695\":1,\"712\":2,\"713\":2,\"717\":1,\"718\":4,\"719\":7,\"741\":1,\"758\":2,\"759\":2,\"763\":2,\"764\":6,\"765\":8,\"787\":1,\"804\":2,\"805\":2,\"809\":2,\"810\":6,\"811\":8,\"855\":1,\"856\":2,\"857\":1,\"911\":2,\"1027\":1,\"1121\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"5004\",{\"1\":{\"327\":3}}],[\"5001\",{\"1\":{\"327\":3}}],[\"5003\",{\"1\":{\"327\":3}}],[\"5005\",{\"1\":{\"327\":3}}],[\"5002\",{\"1\":{\"327\":3}}],[\"5000\",{\"1\":{\"202\":1,\"210\":1,\"235\":1,\"327\":3,\"954\":1,\"961\":1,\"987\":1,\"1011\":1,\"1104\":1,\"1163\":1,\"1171\":1,\"1194\":1,\"1214\":1,\"1282\":1,\"1314\":1,\"1322\":1,\"1345\":1,\"1406\":1,\"1454\":1,\"1487\":1,\"1494\":1,\"1520\":1,\"1582\":1,\"1631\":1,\"1664\":1,\"1671\":1,\"1697\":1,\"1759\":1,\"1808\":1,\"1841\":1,\"1848\":1,\"1874\":1,\"1936\":1,\"1985\":1,\"2018\":1,\"2025\":1,\"2051\":1,\"2113\":1,\"2162\":1,\"2195\":1,\"2202\":1,\"2228\":1,\"2290\":1,\"2349\":1,\"2385\":1,\"2392\":1,\"2418\":1,\"2509\":1,\"2568\":1,\"2604\":1,\"2611\":1,\"2637\":1,\"2728\":1,\"2787\":1,\"2823\":1,\"2830\":1,\"2856\":1,\"2947\":1,\"3006\":1,\"3042\":1,\"3049\":1,\"3075\":1,\"3166\":1,\"3237\":1,\"3244\":1,\"3270\":1,\"3294\":1,\"3387\":1}}],[\"50\",{\"1\":{\"41\":2}}],[\"509\",{\"1\":{\"32\":1,\"110\":1,\"165\":1,\"331\":1,\"451\":1,\"456\":1,\"905\":1,\"910\":1,\"920\":1,\"923\":1,\"928\":1,\"1024\":1,\"1049\":1,\"1052\":1,\"1057\":1,\"1117\":1,\"1355\":1,\"1358\":1,\"1363\":1,\"1419\":1,\"1531\":1,\"1534\":1,\"1539\":1,\"1595\":1,\"1708\":1,\"1711\":1,\"1716\":1,\"1772\":1,\"1885\":1,\"1888\":1,\"1893\":1,\"1949\":1,\"2062\":1,\"2065\":1,\"2070\":1,\"2126\":1,\"2239\":1,\"2242\":1,\"2247\":1,\"2303\":1,\"2327\":1,\"2330\":1,\"2335\":1,\"2431\":1,\"2454\":1,\"2457\":1,\"2462\":1,\"2522\":1,\"2546\":1,\"2549\":1,\"2554\":1,\"2650\":1,\"2673\":1,\"2676\":1,\"2681\":1,\"2741\":1,\"2765\":1,\"2768\":1,\"2773\":1,\"2869\":1,\"2892\":1,\"2895\":1,\"2900\":1,\"2960\":1,\"2984\":1,\"2987\":1,\"2992\":1,\"3088\":1,\"3111\":1,\"3114\":1,\"3119\":1,\"3179\":1,\"3203\":1,\"3206\":1,\"3211\":1,\"3307\":1,\"3332\":1,\"3335\":1,\"3340\":1,\"3400\":1}}],[\"7\",{\"0\":{\"42\":1,\"66\":1,\"302\":1,\"434\":1,\"888\":1},\"1\":{\"42\":1,\"66\":1,\"290\":14,\"301\":4,\"302\":2,\"303\":7,\"304\":27,\"305\":4,\"306\":4,\"307\":22,\"309\":4,\"310\":7,\"312\":4,\"313\":3,\"315\":4,\"316\":3,\"327\":6,\"332\":1,\"382\":1,\"425\":1,\"431\":2,\"442\":2,\"443\":2,\"460\":1,\"461\":4,\"462\":5,\"839\":2,\"879\":1,\"885\":2,\"896\":2,\"897\":2,\"914\":1,\"915\":4,\"916\":5}}],[\"72\",{\"1\":{\"26\":1}}],[\"x509\",{\"1\":{\"457\":28,\"458\":3,\"911\":28,\"912\":3}}],[\"x509v3\",{\"1\":{\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"xor\",{\"1\":{\"371\":1}}],[\"xsd\",{\"1\":{\"162\":2,\"398\":2}}],[\"xsi\",{\"1\":{\"162\":1,\"398\":1}}],[\"xsi=\",{\"1\":{\"162\":1,\"398\":1}}],[\"xargs\",{\"1\":{\"136\":1}}],[\"xmltask\",{\"1\":{\"349\":1}}],[\"xmlschema\",{\"1\":{\"162\":1,\"398\":1}}],[\"xmlns\",{\"1\":{\"162\":1,\"398\":1}}],[\"xmlns=\",{\"1\":{\"162\":1,\"398\":1}}],[\"xml\",{\"0\":{\"146\":1},\"1\":{\"94\":1,\"95\":1,\"141\":1,\"142\":1,\"145\":3,\"146\":2,\"159\":1,\"162\":1,\"163\":1,\"262\":1,\"303\":6,\"327\":6,\"346\":1,\"390\":2,\"398\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"x\",{\"0\":{\"30\":1,\"31\":1,\"423\":1,\"459\":1,\"466\":1,\"485\":1,\"489\":1,\"508\":1,\"509\":1,\"515\":1,\"534\":1,\"541\":1,\"564\":1,\"571\":1,\"594\":1,\"601\":1,\"624\":1,\"647\":1,\"670\":1,\"693\":1,\"716\":1,\"739\":1,\"762\":1,\"785\":1,\"808\":1,\"831\":1,\"854\":1,\"877\":1,\"913\":1},\"1\":{\"30\":1,\"32\":1,\"42\":4,\"43\":1,\"44\":3,\"46\":5,\"47\":1,\"48\":5,\"49\":1,\"50\":5,\"51\":1,\"52\":4,\"53\":1,\"54\":4,\"55\":1,\"56\":4,\"57\":1,\"58\":4,\"59\":1,\"60\":4,\"61\":1,\"62\":4,\"63\":1,\"64\":4,\"65\":1,\"66\":4,\"67\":1,\"110\":1,\"121\":1,\"141\":4,\"142\":3,\"165\":1,\"331\":1,\"421\":1,\"425\":1,\"432\":1,\"434\":1,\"451\":1,\"456\":1,\"459\":7,\"464\":1,\"468\":1,\"473\":2,\"485\":4,\"487\":1,\"491\":1,\"496\":2,\"508\":4,\"509\":2,\"513\":1,\"517\":1,\"522\":2,\"534\":4,\"535\":2,\"539\":1,\"543\":1,\"552\":1,\"564\":7,\"565\":2,\"569\":1,\"573\":1,\"582\":1,\"594\":7,\"599\":1,\"603\":1,\"612\":1,\"624\":7,\"645\":1,\"649\":1,\"658\":1,\"670\":7,\"691\":1,\"695\":1,\"704\":1,\"716\":7,\"737\":1,\"741\":1,\"750\":1,\"762\":7,\"783\":1,\"787\":1,\"794\":1,\"796\":1,\"808\":7,\"829\":1,\"833\":1,\"840\":1,\"842\":1,\"854\":7,\"875\":1,\"879\":1,\"886\":1,\"888\":1,\"905\":1,\"910\":1,\"913\":7,\"920\":1,\"923\":1,\"928\":1,\"1001\":1,\"1024\":1,\"1049\":1,\"1052\":1,\"1057\":1,\"1094\":1,\"1117\":1,\"1204\":1,\"1272\":1,\"1355\":1,\"1358\":1,\"1363\":1,\"1396\":1,\"1419\":1,\"1444\":1,\"1531\":1,\"1534\":1,\"1539\":1,\"1572\":1,\"1595\":1,\"1621\":1,\"1708\":1,\"1711\":1,\"1716\":1,\"1749\":1,\"1772\":1,\"1798\":1,\"1885\":1,\"1888\":1,\"1893\":1,\"1926\":1,\"1949\":1,\"1975\":1,\"2062\":1,\"2065\":1,\"2070\":1,\"2103\":1,\"2126\":1,\"2152\":1,\"2239\":1,\"2242\":1,\"2247\":1,\"2280\":1,\"2303\":1,\"2327\":1,\"2330\":1,\"2335\":1,\"2339\":1,\"2431\":1,\"2454\":1,\"2457\":1,\"2462\":1,\"2499\":1,\"2522\":1,\"2546\":1,\"2549\":1,\"2554\":1,\"2558\":1,\"2650\":1,\"2673\":1,\"2676\":1,\"2681\":1,\"2718\":1,\"2741\":1,\"2765\":1,\"2768\":1,\"2773\":1,\"2777\":1,\"2869\":1,\"2892\":1,\"2895\":1,\"2900\":1,\"2937\":1,\"2960\":1,\"2984\":1,\"2987\":1,\"2992\":1,\"2996\":1,\"3088\":1,\"3111\":1,\"3114\":1,\"3119\":1,\"3156\":1,\"3179\":1,\"3203\":1,\"3206\":1,\"3211\":1,\"3284\":1,\"3307\":1,\"3332\":1,\"3335\":1,\"3340\":1,\"3377\":1,\"3400\":1}}],[\"96\",{\"1\":{\"327\":1}}],[\"98\",{\"1\":{\"327\":1}}],[\"99\",{\"1\":{\"160\":2,\"327\":1}}],[\"9\",{\"0\":{\"30\":1,\"31\":1,\"173\":1,\"240\":1,\"268\":1,\"302\":1,\"305\":1,\"308\":2,\"311\":1,\"314\":1,\"423\":1,\"459\":1,\"466\":1,\"485\":1,\"489\":1,\"508\":1,\"515\":1,\"534\":1,\"541\":1,\"564\":1,\"571\":1,\"594\":1,\"601\":1,\"624\":1,\"647\":1,\"670\":1,\"693\":1,\"716\":1,\"739\":1,\"762\":1,\"785\":1,\"808\":1,\"831\":1,\"854\":1,\"877\":1,\"913\":1},\"1\":{\"30\":1,\"42\":3,\"44\":3,\"46\":3,\"48\":3,\"50\":3,\"52\":3,\"54\":3,\"56\":3,\"58\":3,\"60\":3,\"62\":3,\"64\":3,\"66\":3,\"121\":1,\"171\":2,\"280\":1,\"289\":8,\"290\":7,\"291\":1,\"300\":8,\"301\":7,\"302\":1,\"303\":16,\"304\":13,\"305\":3,\"306\":4,\"307\":13,\"308\":3,\"309\":7,\"310\":14,\"311\":4,\"312\":8,\"313\":10,\"314\":6,\"315\":9,\"316\":11,\"357\":2,\"421\":1,\"425\":1,\"434\":1,\"459\":8,\"464\":1,\"468\":1,\"473\":2,\"485\":4,\"487\":1,\"491\":1,\"496\":2,\"508\":4,\"509\":2,\"513\":1,\"517\":1,\"522\":2,\"534\":4,\"535\":2,\"539\":1,\"543\":1,\"552\":1,\"564\":8,\"565\":2,\"569\":1,\"573\":1,\"582\":1,\"594\":8,\"599\":1,\"603\":1,\"612\":1,\"624\":8,\"645\":1,\"649\":1,\"658\":1,\"670\":8,\"691\":1,\"695\":1,\"704\":1,\"716\":8,\"737\":1,\"741\":1,\"750\":1,\"762\":8,\"783\":1,\"787\":1,\"796\":1,\"808\":8,\"829\":1,\"833\":1,\"842\":1,\"854\":8,\"875\":1,\"879\":1,\"888\":1,\"913\":8,\"920\":2,\"923\":2,\"1049\":2,\"1052\":2,\"1355\":2,\"1358\":2,\"1531\":2,\"1534\":2,\"1708\":2,\"1711\":2,\"1885\":2,\"1888\":2,\"2062\":2,\"2065\":2,\"2239\":2,\"2242\":2,\"2327\":2,\"2330\":2,\"2454\":2,\"2457\":2,\"2546\":2,\"2549\":2,\"2673\":2,\"2676\":2,\"2765\":2,\"2768\":2,\"2892\":2,\"2895\":2,\"2984\":2,\"2987\":2,\"3111\":2,\"3114\":2,\"3203\":2,\"3206\":2,\"3332\":2,\"3335\":2}}],[\"93\",{\"1\":{\"26\":1}}],[\"45\",{\"1\":{\"457\":1,\"911\":1}}],[\"440`\",{\"1\":{\"310\":1}}],[\"440\",{\"1\":{\"289\":4,\"290\":4,\"300\":4,\"301\":4,\"304\":3,\"307\":3,\"433\":2,\"442\":8,\"443\":2,\"481\":7,\"482\":2,\"504\":7,\"505\":2,\"530\":7,\"531\":2,\"560\":7,\"561\":2,\"590\":7,\"591\":2,\"620\":7,\"621\":2,\"666\":7,\"667\":2,\"712\":7,\"713\":2,\"758\":7,\"759\":2,\"795\":2,\"804\":7,\"805\":2,\"841\":2,\"850\":7,\"851\":2,\"887\":2,\"896\":8,\"897\":2}}],[\"443\",{\"1\":{\"99\":1,\"169\":1,\"170\":4,\"270\":2,\"285\":5,\"289\":2,\"290\":1,\"296\":5,\"300\":2,\"301\":1,\"327\":2,\"439\":5,\"442\":2,\"443\":1,\"478\":5,\"481\":2,\"482\":1,\"501\":5,\"504\":2,\"505\":1,\"527\":5,\"530\":2,\"531\":1,\"557\":5,\"560\":2,\"561\":1,\"587\":5,\"590\":2,\"591\":1,\"617\":5,\"620\":2,\"621\":1,\"663\":5,\"666\":2,\"667\":1,\"709\":5,\"712\":2,\"713\":1,\"755\":5,\"758\":2,\"759\":1,\"801\":5,\"804\":2,\"805\":1,\"847\":5,\"850\":2,\"851\":1,\"893\":5,\"896\":2,\"897\":1,\"1032\":2,\"1126\":2,\"1257\":2,\"1428\":2,\"1604\":2,\"1781\":2,\"1958\":2,\"2135\":2,\"2312\":2,\"2439\":2,\"2531\":2,\"2658\":2,\"2750\":2,\"2877\":2,\"2969\":2,\"3096\":2,\"3188\":2,\"3315\":2,\"3409\":2}}],[\"465\",{\"1\":{\"220\":1,\"971\":1,\"1181\":1,\"1332\":1,\"1504\":1,\"1681\":1,\"1858\":1,\"2035\":1,\"2212\":1,\"2402\":1,\"2621\":1,\"2840\":1,\"3059\":1,\"3254\":1}}],[\"404\",{\"1\":{\"3423\":1}}],[\"403\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"4096\",{\"1\":{\"290\":1,\"301\":1}}],[\"40\",{\"1\":{\"126\":1,\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1}}],[\"4\",{\"0\":{\"56\":1,\"324\":1,\"368\":1,\"369\":1,\"658\":1,\"717\":1},\"1\":{\"56\":1,\"58\":1,\"98\":1,\"154\":1,\"159\":2,\"163\":1,\"217\":1,\"282\":4,\"293\":4,\"324\":2,\"325\":1,\"326\":1,\"327\":1,\"328\":1,\"338\":1,\"339\":1,\"342\":1,\"343\":1,\"352\":1,\"353\":1,\"367\":2,\"368\":1,\"369\":1,\"376\":1,\"377\":1,\"378\":1,\"393\":1,\"403\":1,\"436\":4,\"457\":6,\"475\":4,\"498\":4,\"524\":4,\"554\":4,\"584\":4,\"614\":4,\"649\":1,\"660\":4,\"666\":2,\"667\":2,\"671\":1,\"672\":4,\"673\":7,\"706\":4,\"717\":1,\"718\":2,\"719\":1,\"752\":4,\"798\":4,\"844\":4,\"890\":4,\"911\":6,\"968\":1,\"982\":1,\"1044\":6,\"1138\":6,\"1178\":1,\"1329\":1,\"1501\":1,\"1515\":1,\"1678\":1,\"1692\":1,\"1855\":1,\"1869\":1,\"2032\":1,\"2046\":1,\"2209\":1,\"2223\":1,\"2307\":1,\"2399\":1,\"2413\":1,\"2618\":1,\"2632\":1,\"2837\":1,\"2851\":1,\"3056\":1,\"3070\":1,\"3251\":1,\"3265\":1,\"3327\":6,\"3421\":6}}],[\"48\",{\"1\":{\"38\":1,\"304\":1,\"307\":1}}],[\"49\",{\"1\":{\"26\":1}}],[\"41\",{\"1\":{\"26\":1}}],[\"über\",{\"1\":{\"22\":1}}],[\"üblich\",{\"1\":{\"14\":1}}],[\"64\",{\"1\":{\"327\":1}}],[\"66\",{\"1\":{\"327\":1}}],[\"60\",{\"1\":{\"273\":1,\"274\":1,\"1035\":1,\"1036\":1,\"1129\":1,\"1130\":1,\"1260\":1,\"1261\":1,\"1431\":1,\"1432\":1,\"1607\":1,\"1608\":1,\"1784\":1,\"1785\":1,\"1961\":1,\"1962\":1,\"2138\":1,\"2139\":1,\"2315\":1,\"2316\":1,\"2442\":1,\"2443\":1,\"2534\":1,\"2535\":1,\"2661\":1,\"2662\":1,\"2753\":1,\"2754\":1,\"2880\":1,\"2881\":1,\"2972\":1,\"2973\":1,\"3099\":1,\"3100\":1,\"3191\":1,\"3192\":1,\"3318\":1,\"3319\":1,\"3412\":1,\"3413\":1}}],[\"60000\",{\"1\":{\"194\":1,\"203\":1,\"952\":1,\"955\":1,\"1161\":1,\"1164\":1,\"1312\":1,\"1315\":1,\"1485\":1,\"1488\":1,\"1662\":1,\"1665\":1,\"1839\":1,\"1842\":1,\"2016\":1,\"2019\":1,\"2193\":1,\"2196\":1,\"2383\":1,\"2386\":1,\"2602\":1,\"2605\":1,\"2821\":1,\"2824\":1,\"3040\":1,\"3043\":1,\"3235\":1,\"3238\":1}}],[\"68\",{\"1\":{\"26\":1}}],[\"67\",{\"1\":{\"327\":1}}],[\"678\",{\"1\":{\"26\":1}}],[\"674\",{\"1\":{\"26\":1}}],[\"6\",{\"0\":{\"64\":1,\"460\":1,\"842\":1,\"914\":1},\"1\":{\"20\":1,\"42\":1,\"64\":1,\"66\":1,\"133\":1,\"134\":1,\"135\":1,\"145\":1,\"302\":2,\"304\":18,\"305\":2,\"307\":12,\"460\":1,\"461\":2,\"462\":3,\"793\":2,\"833\":1,\"850\":2,\"851\":2,\"855\":1,\"856\":4,\"857\":7,\"914\":1,\"915\":2,\"916\":3}}],[\"ändern\",{\"1\":{\"18\":1}}],[\"⚠️\",{\"1\":{\"18\":1}}],[\"jre\",{\"1\":{\"341\":1}}],[\"jun\",{\"1\":{\"458\":3,\"912\":3}}],[\"junit\",{\"1\":{\"331\":1}}],[\"just\",{\"1\":{\"418\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"642\":1,\"670\":1,\"688\":1,\"716\":1,\"734\":1,\"762\":1,\"780\":1,\"808\":1,\"826\":1,\"854\":1,\"872\":1,\"913\":1}}],[\"julian\",{\"1\":{\"14\":1}}],[\"jvm\",{\"1\":{\"327\":6,\"341\":4,\"1026\":1,\"1120\":1,\"1422\":1,\"1598\":1,\"1775\":1,\"1952\":1,\"2129\":1,\"2306\":1,\"2433\":1,\"2525\":1,\"2652\":1,\"2744\":1,\"2871\":1,\"2963\":1,\"3090\":1,\"3182\":1,\"3309\":1,\"3403\":1}}],[\"jdk\",{\"1\":{\"396\":1,\"411\":1,\"635\":1,\"681\":1,\"727\":1,\"773\":1,\"819\":1,\"865\":1}}],[\"jdwp=transport=dt\",{\"1\":{\"327\":6}}],[\"jdt\",{\"1\":{\"159\":317}}],[\"jdbc\",{\"1\":{\"99\":1,\"147\":2,\"169\":1,\"177\":1,\"253\":1,\"327\":6,\"934\":1,\"1070\":1,\"1147\":1,\"1238\":1,\"1298\":1,\"1376\":1,\"1470\":1,\"1552\":1,\"1647\":1,\"1729\":1,\"1824\":1,\"1906\":1,\"2001\":1,\"2083\":1,\"2178\":1,\"2260\":1,\"2365\":1,\"2475\":1,\"2584\":1,\"2694\":1,\"2803\":1,\"2913\":1,\"3022\":1,\"3132\":1,\"3217\":1,\"3353\":1}}],[\"jersey\",{\"1\":{\"153\":1}}],[\"jetty\",{\"1\":{\"134\":2,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1}}],[\"jedoch\",{\"1\":{\"15\":1}}],[\"jan\",{\"1\":{\"457\":2,\"911\":2}}],[\"jaxrs\",{\"1\":{\"150\":1}}],[\"jar\",{\"1\":{\"102\":1,\"139\":1,\"152\":1,\"153\":1,\"290\":1,\"301\":1,\"303\":1,\"304\":24,\"306\":1,\"307\":24,\"309\":1,\"310\":6,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"338\":2,\"352\":2,\"367\":2,\"377\":2,\"393\":2,\"431\":1,\"433\":9,\"536\":1,\"537\":3,\"793\":1,\"795\":9,\"839\":1,\"841\":9,\"885\":1,\"887\":9}}],[\"javacodestylesettings>\",{\"1\":{\"160\":1}}],[\"javax\",{\"1\":{\"160\":1}}],[\"javadoc\",{\"1\":{\"159\":3}}],[\"javaregister\",{\"1\":{\"146\":1}}],[\"java\",{\"0\":{\"396\":1,\"401\":1,\"411\":1,\"635\":1,\"681\":1,\"727\":1,\"773\":1,\"819\":1,\"865\":1},\"1\":{\"90\":1,\"102\":1,\"133\":1,\"134\":1,\"135\":1,\"146\":2,\"147\":13,\"148\":4,\"149\":3,\"150\":7,\"151\":2,\"160\":2,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"319\":2,\"321\":1,\"331\":4,\"332\":5,\"333\":1,\"340\":1,\"341\":1,\"342\":2,\"372\":1,\"394\":2,\"396\":2,\"407\":2,\"411\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"631\":2,\"635\":1,\"666\":1,\"667\":1,\"677\":2,\"681\":1,\"712\":1,\"713\":1,\"723\":2,\"727\":1,\"758\":1,\"759\":1,\"769\":2,\"773\":1,\"804\":1,\"805\":1,\"815\":2,\"819\":1,\"850\":1,\"851\":1,\"861\":2,\"865\":1,\"896\":1,\"897\":1}}],[\"json\",{\"0\":{\"146\":1},\"1\":{\"94\":1,\"95\":1,\"146\":2}}],[\"j\",{\"1\":{\"26\":3}}],[\"jobs\",{\"1\":{\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1}}],[\"job\",{\"1\":{\"982\":1,\"983\":1,\"984\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3265\":1,\"3266\":1,\"3267\":1}}],[\"join\",{\"1\":{\"12\":1,\"72\":1,\"159\":2,\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"journey\",{\"1\":{\"12\":2}}],[\"35\",{\"1\":{\"457\":2,\"911\":2}}],[\"39\",{\"1\":{\"457\":1,\"911\":1}}],[\"34\",{\"1\":{\"457\":1,\"911\":1}}],[\"33\",{\"1\":{\"457\":2,\"911\":2}}],[\"37\",{\"1\":{\"444\":2,\"457\":3,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":2,\"806\":2,\"852\":2,\"898\":2,\"911\":3}}],[\"37ff\",{\"1\":{\"289\":2,\"300\":2}}],[\"3drequested\",{\"1\":{\"211\":1,\"962\":1,\"1172\":1,\"1323\":1,\"1495\":1,\"1672\":1,\"1849\":1,\"2026\":1,\"2203\":1,\"2393\":1,\"2612\":1,\"2831\":1,\"3050\":1,\"3245\":1}}],[\"3dcompleted\",{\"1\":{\"206\":1,\"958\":1,\"1167\":1,\"1318\":1,\"1491\":1,\"1668\":1,\"1845\":1,\"2022\":1,\"2199\":1,\"2389\":1,\"2608\":1,\"2827\":1,\"3046\":1,\"3241\":1}}],[\"3fstatus\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"3medic\",{\"1\":{\"141\":1,\"142\":1}}],[\"36\",{\"1\":{\"129\":2,\"457\":1,\"911\":1}}],[\"3\",{\"0\":{\"50\":1,\"52\":1,\"54\":1,\"137\":1,\"173\":1,\"240\":1,\"268\":1,\"323\":1,\"353\":1,\"354\":1,\"397\":1,\"552\":1,\"582\":1,\"595\":1,\"612\":1,\"625\":1,\"671\":1},\"1\":{\"50\":1,\"52\":2,\"54\":2,\"56\":1,\"81\":1,\"98\":1,\"99\":1,\"104\":1,\"133\":1,\"134\":1,\"135\":1,\"169\":1,\"269\":1,\"280\":1,\"283\":2,\"289\":8,\"290\":7,\"291\":1,\"294\":2,\"300\":8,\"301\":7,\"303\":1,\"304\":4,\"306\":1,\"307\":4,\"309\":1,\"310\":4,\"312\":1,\"313\":1,\"314\":1,\"315\":5,\"316\":8,\"319\":1,\"323\":1,\"325\":1,\"326\":1,\"327\":2,\"328\":1,\"331\":1,\"334\":1,\"338\":1,\"339\":1,\"342\":1,\"343\":1,\"348\":1,\"352\":2,\"353\":1,\"366\":1,\"367\":1,\"368\":1,\"377\":1,\"378\":1,\"393\":1,\"394\":1,\"397\":2,\"403\":1,\"431\":2,\"432\":1,\"457\":2,\"458\":2,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"543\":1,\"560\":2,\"561\":2,\"565\":1,\"566\":5,\"567\":8,\"573\":1,\"590\":2,\"591\":2,\"595\":2,\"596\":7,\"597\":9,\"603\":1,\"620\":2,\"621\":2,\"625\":2,\"626\":7,\"627\":9,\"671\":1,\"672\":3,\"673\":2,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"794\":1,\"810\":1,\"811\":1,\"840\":1,\"856\":1,\"857\":1,\"885\":2,\"886\":1,\"911\":2,\"912\":2,\"915\":1,\"916\":1,\"1031\":1,\"1044\":2,\"1125\":1,\"1138\":2,\"1256\":1,\"1427\":1,\"1603\":1,\"1776\":1,\"1780\":1,\"1953\":1,\"1957\":1,\"2130\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3327\":2,\"3408\":1,\"3421\":2}}],[\"31\",{\"1\":{\"457\":6,\"911\":6}}],[\"317\",{\"1\":{\"26\":1}}],[\"310\",{\"1\":{\"26\":1}}],[\"32\",{\"1\":{\"26\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"3233\",{\"1\":{\"1\":1,\"26\":10}}],[\"30000\",{\"1\":{\"1012\":1,\"1105\":1,\"1215\":1,\"1283\":1,\"1407\":1,\"1455\":1,\"1583\":1,\"1632\":1,\"1760\":1,\"1809\":1,\"1937\":1,\"1986\":1,\"2114\":1,\"2163\":1,\"2291\":1,\"2350\":1,\"2510\":1,\"2569\":1,\"2729\":1,\"2788\":1,\"2948\":1,\"3007\":1,\"3167\":1,\"3295\":1,\"3388\":1}}],[\"30s\",{\"1\":{\"170\":2}}],[\"302\",{\"1\":{\"26\":2}}],[\"30\",{\"1\":{\"14\":2,\"21\":1,\"271\":1,\"272\":1,\"1033\":1,\"1034\":1,\"1127\":1,\"1128\":1,\"1258\":1,\"1259\":1,\"1429\":1,\"1430\":1,\"1605\":1,\"1606\":1,\"1782\":1,\"1783\":1,\"1959\":1,\"1960\":1,\"2136\":1,\"2137\":1,\"2313\":1,\"2314\":1,\"2440\":1,\"2441\":1,\"2532\":1,\"2533\":1,\"2659\":1,\"2660\":1,\"2751\":1,\"2752\":1,\"2878\":1,\"2879\":1,\"2970\":1,\"2971\":1,\"3097\":1,\"3098\":1,\"3189\":1,\"3190\":1,\"3316\":1,\"3317\":1,\"3410\":1,\"3411\":1}}],[\"z0\",{\"1\":{\"357\":2}}],[\"za\",{\"1\":{\"357\":2}}],[\"zip\",{\"1\":{\"304\":2,\"307\":2,\"310\":2}}],[\"zilske\",{\"1\":{\"26\":4,\"83\":1}}],[\"zxvf\",{\"1\":{\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":4,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"zertifikatprofile\",{\"1\":{\"110\":1,\"165\":1}}],[\"zeitplan\",{\"1\":{\"14\":1}}],[\"zone\",{\"1\":{\"88\":1}}],[\"z\",{\"1\":{\"17\":2,\"141\":4,\"142\":3}}],[\"zulip\",{\"1\":{\"22\":1,\"73\":1,\"419\":2,\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"643\":2,\"653\":1,\"689\":2,\"699\":1,\"735\":2,\"745\":1,\"781\":2,\"791\":1,\"827\":2,\"837\":1,\"873\":2,\"883\":1}}],[\"zugriff\",{\"1\":{\"16\":1}}],[\"zur\",{\"1\":{\"16\":1,\"17\":2}}],[\"zum\",{\"1\":{\"14\":2,\"16\":1,\"17\":1,\"18\":1,\"22\":1}}],[\"zusammenspiel\",{\"1\":{\"14\":1}}],[\"zusammenfassung\",{\"1\":{\"14\":1}}],[\"zu\",{\"1\":{\"14\":1,\"16\":1,\"17\":1}}],[\"kds\",{\"1\":{\"460\":1,\"550\":1,\"580\":1,\"610\":1,\"656\":1,\"702\":1,\"748\":1,\"914\":1}}],[\"klinikum\",{\"1\":{\"139\":1}}],[\"klicken\",{\"1\":{\"41\":1}}],[\"knowledge\",{\"1\":{\"93\":1,\"120\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"known\",{\"1\":{\"1\":1}}],[\"kit\",{\"1\":{\"396\":1}}],[\"kind\",{\"1\":{\"334\":2,\"357\":2}}],[\"kind=\",{\"1\":{\"159\":1}}],[\"kindly\",{\"1\":{\"36\":1,\"37\":1}}],[\"kiel\",{\"1\":{\"83\":1}}],[\"k\",{\"1\":{\"26\":1}}],[\"kussel\",{\"1\":{\"26\":1}}],[\"kurscheidt\",{\"1\":{\"14\":1,\"26\":4,\"83\":1}}],[\"kurz\",{\"1\":{\"14\":1}}],[\"können\",{\"1\":{\"18\":1}}],[\"kann\",{\"1\":{\"17\":3}}],[\"kobylinski\",{\"1\":{\"26\":1}}],[\"kontext\",{\"1\":{\"16\":1,\"17\":1}}],[\"kolleg\",{\"1\":{\"14\":1}}],[\"keep\",{\"1\":{\"33\":1,\"38\":1,\"159\":18,\"160\":6}}],[\"keiner\",{\"1\":{\"15\":1}}],[\"keycloak\",{\"1\":{\"1014\":1,\"1027\":5,\"1107\":1,\"1121\":5,\"1217\":1,\"1285\":1,\"1409\":1,\"1423\":5,\"1457\":1,\"1585\":1,\"1599\":5,\"1634\":1,\"1762\":1,\"1776\":5,\"1811\":1,\"1939\":1,\"1953\":5,\"1988\":1,\"2116\":1,\"2130\":5,\"2165\":1,\"2293\":1,\"2307\":5,\"2352\":1,\"2434\":5,\"2512\":1,\"2526\":5,\"2571\":1,\"2653\":5,\"2731\":1,\"2745\":5,\"2790\":1,\"2872\":5,\"2950\":1,\"2964\":5,\"3009\":1,\"3091\":5,\"3169\":1,\"3183\":5,\"3297\":1,\"3310\":5,\"3390\":1,\"3404\":5}}],[\"keyring\",{\"1\":{\"283\":2,\"294\":2,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"keyrings\",{\"1\":{\"283\":2,\"294\":2,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"keyword\",{\"1\":{\"160\":2}}],[\"keys\",{\"0\":{\"383\":1},\"1\":{\"134\":1,\"135\":1,\"289\":1,\"290\":3,\"300\":1,\"301\":3,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"key\",{\"0\":{\"7\":1,\"188\":1,\"189\":2,\"213\":1,\"214\":2,\"242\":1,\"243\":2,\"279\":1,\"357\":1,\"949\":1,\"950\":2,\"964\":1,\"965\":2,\"1009\":1,\"1010\":2,\"1018\":1,\"1019\":2,\"1042\":1,\"1060\":1,\"1061\":2,\"1102\":1,\"1103\":2,\"1111\":1,\"1112\":2,\"1136\":1,\"1158\":1,\"1159\":2,\"1174\":1,\"1175\":2,\"1212\":1,\"1213\":2,\"1221\":1,\"1222\":2,\"1228\":1,\"1229\":2,\"1266\":1,\"1280\":1,\"1281\":2,\"1289\":1,\"1290\":2,\"1309\":1,\"1310\":2,\"1325\":1,\"1326\":2,\"1366\":1,\"1367\":2,\"1404\":1,\"1405\":2,\"1413\":1,\"1414\":2,\"1437\":1,\"1452\":1,\"1453\":2,\"1461\":1,\"1462\":2,\"1482\":1,\"1483\":2,\"1497\":1,\"1498\":2,\"1542\":1,\"1543\":2,\"1580\":1,\"1581\":2,\"1589\":1,\"1590\":2,\"1614\":1,\"1629\":1,\"1630\":2,\"1638\":1,\"1639\":2,\"1659\":1,\"1660\":2,\"1674\":1,\"1675\":2,\"1719\":1,\"1720\":2,\"1757\":1,\"1758\":2,\"1766\":1,\"1767\":2,\"1791\":1,\"1806\":1,\"1807\":2,\"1815\":1,\"1816\":2,\"1836\":1,\"1837\":2,\"1851\":1,\"1852\":2,\"1896\":1,\"1897\":2,\"1934\":1,\"1935\":2,\"1943\":1,\"1944\":2,\"1968\":1,\"1983\":1,\"1984\":2,\"1992\":1,\"1993\":2,\"2013\":1,\"2014\":2,\"2028\":1,\"2029\":2,\"2073\":1,\"2074\":2,\"2111\":1,\"2112\":2,\"2120\":1,\"2121\":2,\"2145\":1,\"2160\":1,\"2161\":2,\"2169\":1,\"2170\":2,\"2190\":1,\"2191\":2,\"2205\":1,\"2206\":2,\"2250\":1,\"2251\":2,\"2288\":1,\"2289\":2,\"2297\":1,\"2298\":2,\"2322\":1,\"2347\":1,\"2348\":2,\"2356\":1,\"2357\":2,\"2380\":1,\"2381\":2,\"2395\":1,\"2396\":2,\"2449\":1,\"2465\":1,\"2466\":2,\"2507\":1,\"2508\":2,\"2516\":1,\"2517\":2,\"2541\":1,\"2566\":1,\"2567\":2,\"2575\":1,\"2576\":2,\"2599\":1,\"2600\":2,\"2614\":1,\"2615\":2,\"2668\":1,\"2684\":1,\"2685\":2,\"2726\":1,\"2727\":2,\"2735\":1,\"2736\":2,\"2760\":1,\"2785\":1,\"2786\":2,\"2794\":1,\"2795\":2,\"2818\":1,\"2819\":2,\"2833\":1,\"2834\":2,\"2887\":1,\"2903\":1,\"2904\":2,\"2945\":1,\"2946\":2,\"2954\":1,\"2955\":2,\"2979\":1,\"3004\":1,\"3005\":2,\"3013\":1,\"3014\":2,\"3037\":1,\"3038\":2,\"3052\":1,\"3053\":2,\"3106\":1,\"3122\":1,\"3123\":2,\"3164\":1,\"3165\":2,\"3173\":1,\"3174\":2,\"3198\":1,\"3232\":1,\"3233\":2,\"3247\":1,\"3248\":2,\"3292\":1,\"3293\":2,\"3301\":1,\"3302\":2,\"3325\":1,\"3343\":1,\"3344\":2,\"3385\":1,\"3386\":2,\"3394\":1,\"3395\":2,\"3419\":1},\"1\":{\"116\":1,\"117\":1,\"120\":1,\"134\":2,\"135\":2,\"188\":6,\"189\":4,\"213\":6,\"214\":4,\"224\":1,\"242\":6,\"243\":4,\"279\":2,\"288\":7,\"289\":12,\"290\":15,\"299\":7,\"300\":12,\"301\":15,\"327\":47,\"338\":2,\"347\":2,\"356\":2,\"357\":1,\"364\":1,\"383\":3,\"390\":1,\"438\":1,\"441\":7,\"442\":12,\"443\":10,\"449\":1,\"456\":1,\"461\":5,\"462\":2,\"477\":1,\"480\":7,\"481\":12,\"482\":10,\"500\":1,\"503\":7,\"504\":12,\"505\":10,\"526\":1,\"529\":7,\"530\":12,\"531\":10,\"556\":1,\"559\":7,\"560\":12,\"561\":10,\"586\":1,\"589\":7,\"590\":12,\"591\":10,\"616\":1,\"619\":7,\"620\":12,\"621\":10,\"662\":1,\"665\":7,\"666\":12,\"667\":10,\"708\":1,\"711\":7,\"712\":12,\"713\":10,\"754\":1,\"757\":7,\"758\":12,\"759\":10,\"800\":1,\"803\":7,\"804\":12,\"805\":10,\"846\":1,\"849\":7,\"850\":12,\"851\":10,\"892\":1,\"895\":7,\"896\":12,\"897\":10,\"903\":1,\"910\":1,\"915\":5,\"916\":2,\"949\":6,\"950\":4,\"964\":6,\"965\":4,\"975\":1,\"1009\":6,\"1010\":4,\"1018\":2,\"1019\":2,\"1042\":2,\"1060\":6,\"1061\":4,\"1102\":6,\"1103\":4,\"1111\":2,\"1112\":2,\"1136\":2,\"1158\":6,\"1159\":4,\"1174\":6,\"1175\":4,\"1185\":1,\"1212\":6,\"1213\":4,\"1221\":2,\"1222\":2,\"1228\":6,\"1229\":4,\"1266\":2,\"1280\":6,\"1281\":4,\"1289\":2,\"1290\":2,\"1309\":6,\"1310\":4,\"1325\":6,\"1326\":4,\"1336\":1,\"1366\":6,\"1367\":4,\"1404\":6,\"1405\":4,\"1413\":2,\"1414\":2,\"1437\":2,\"1452\":6,\"1453\":4,\"1461\":2,\"1462\":2,\"1482\":6,\"1483\":4,\"1497\":6,\"1498\":4,\"1508\":1,\"1542\":6,\"1543\":4,\"1580\":6,\"1581\":4,\"1589\":2,\"1590\":2,\"1614\":2,\"1629\":6,\"1630\":4,\"1638\":2,\"1639\":2,\"1659\":6,\"1660\":4,\"1674\":6,\"1675\":4,\"1685\":1,\"1719\":6,\"1720\":4,\"1757\":6,\"1758\":4,\"1766\":2,\"1767\":2,\"1791\":2,\"1806\":6,\"1807\":4,\"1815\":2,\"1816\":2,\"1836\":6,\"1837\":4,\"1851\":6,\"1852\":4,\"1862\":1,\"1896\":6,\"1897\":4,\"1934\":6,\"1935\":4,\"1943\":2,\"1944\":2,\"1968\":2,\"1983\":6,\"1984\":4,\"1992\":2,\"1993\":2,\"2013\":6,\"2014\":4,\"2028\":6,\"2029\":4,\"2039\":1,\"2073\":6,\"2074\":4,\"2111\":6,\"2112\":4,\"2120\":2,\"2121\":2,\"2145\":2,\"2160\":6,\"2161\":4,\"2169\":2,\"2170\":2,\"2190\":6,\"2191\":4,\"2205\":6,\"2206\":4,\"2216\":1,\"2250\":6,\"2251\":4,\"2288\":6,\"2289\":4,\"2297\":2,\"2298\":2,\"2322\":2,\"2347\":6,\"2348\":4,\"2356\":2,\"2357\":2,\"2380\":6,\"2381\":4,\"2395\":6,\"2396\":4,\"2406\":1,\"2449\":2,\"2465\":6,\"2466\":4,\"2507\":6,\"2508\":4,\"2516\":2,\"2517\":2,\"2541\":2,\"2566\":6,\"2567\":4,\"2575\":2,\"2576\":2,\"2599\":6,\"2600\":4,\"2614\":6,\"2615\":4,\"2625\":1,\"2668\":2,\"2684\":6,\"2685\":4,\"2726\":6,\"2727\":4,\"2735\":2,\"2736\":2,\"2760\":2,\"2785\":6,\"2786\":4,\"2794\":2,\"2795\":2,\"2818\":6,\"2819\":4,\"2833\":6,\"2834\":4,\"2844\":1,\"2887\":2,\"2903\":6,\"2904\":4,\"2945\":6,\"2946\":4,\"2954\":2,\"2955\":2,\"2979\":2,\"3004\":6,\"3005\":4,\"3013\":2,\"3014\":2,\"3037\":6,\"3038\":4,\"3052\":6,\"3053\":4,\"3063\":1,\"3106\":2,\"3122\":6,\"3123\":4,\"3164\":6,\"3165\":4,\"3173\":2,\"3174\":2,\"3198\":2,\"3232\":6,\"3233\":4,\"3247\":6,\"3248\":4,\"3258\":1,\"3292\":6,\"3293\":4,\"3301\":2,\"3302\":2,\"3325\":2,\"3343\":6,\"3344\":4,\"3385\":6,\"3386\":4,\"3394\":2,\"3395\":2,\"3419\":2}}],[\"uac\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"uri\",{\"1\":{\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2}}],[\"url|code\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"url=\",{\"1\":{\"363\":7,\"389\":11}}],[\"url=http\",{\"1\":{\"338\":1,\"367\":1,\"393\":1}}],[\"url>\",{\"1\":{\"162\":1}}],[\"url\",{\"0\":{\"177\":1,\"191\":1,\"197\":1,\"200\":1,\"207\":1,\"245\":1,\"253\":1,\"260\":1,\"357\":1,\"934\":1,\"959\":1,\"991\":1,\"997\":1,\"1014\":1,\"1070\":1,\"1080\":1,\"1090\":1,\"1107\":1,\"1147\":1,\"1168\":1,\"1199\":1,\"1217\":1,\"1238\":1,\"1245\":1,\"1253\":1,\"1285\":1,\"1298\":1,\"1319\":1,\"1350\":1,\"1376\":1,\"1383\":1,\"1392\":1,\"1409\":1,\"1457\":1,\"1470\":1,\"1492\":1,\"1526\":1,\"1552\":1,\"1559\":1,\"1568\":1,\"1585\":1,\"1634\":1,\"1647\":1,\"1669\":1,\"1703\":1,\"1729\":1,\"1736\":1,\"1745\":1,\"1762\":1,\"1811\":1,\"1824\":1,\"1846\":1,\"1880\":1,\"1906\":1,\"1913\":1,\"1922\":1,\"1939\":1,\"1988\":1,\"2001\":1,\"2023\":1,\"2057\":1,\"2083\":1,\"2090\":1,\"2099\":1,\"2116\":1,\"2165\":1,\"2178\":1,\"2200\":1,\"2234\":1,\"2260\":1,\"2267\":1,\"2276\":1,\"2293\":1,\"2352\":1,\"2365\":1,\"2390\":1,\"2422\":1,\"2428\":1,\"2475\":1,\"2485\":1,\"2495\":1,\"2512\":1,\"2571\":1,\"2584\":1,\"2609\":1,\"2641\":1,\"2647\":1,\"2694\":1,\"2704\":1,\"2714\":1,\"2731\":1,\"2790\":1,\"2803\":1,\"2828\":1,\"2860\":1,\"2866\":1,\"2913\":1,\"2923\":1,\"2933\":1,\"2950\":1,\"3009\":1,\"3022\":1,\"3047\":1,\"3079\":1,\"3085\":1,\"3132\":1,\"3142\":1,\"3152\":1,\"3169\":1,\"3217\":1,\"3242\":1,\"3274\":1,\"3280\":1,\"3297\":1,\"3353\":1,\"3363\":1,\"3373\":1,\"3390\":1},\"1\":{\"139\":2,\"177\":1,\"191\":1,\"197\":1,\"200\":1,\"207\":1,\"245\":1,\"253\":1,\"260\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"304\":2,\"307\":1,\"327\":12,\"349\":2,\"357\":3,\"360\":1,\"386\":1,\"428\":1,\"442\":1,\"443\":1,\"471\":1,\"481\":1,\"482\":1,\"494\":1,\"504\":1,\"505\":1,\"520\":1,\"530\":1,\"531\":1,\"546\":1,\"560\":1,\"561\":1,\"576\":1,\"590\":1,\"591\":1,\"606\":1,\"620\":1,\"621\":1,\"652\":1,\"666\":1,\"667\":1,\"698\":1,\"712\":1,\"713\":1,\"744\":1,\"758\":1,\"759\":1,\"790\":1,\"804\":1,\"805\":1,\"836\":1,\"850\":1,\"851\":1,\"882\":1,\"896\":1,\"897\":1,\"934\":1,\"959\":1,\"991\":1,\"997\":2,\"1002\":1,\"1005\":1,\"1014\":2,\"1025\":2,\"1027\":1,\"1070\":1,\"1080\":1,\"1090\":2,\"1095\":1,\"1098\":1,\"1107\":2,\"1118\":2,\"1119\":1,\"1121\":1,\"1147\":1,\"1168\":1,\"1199\":2,\"1205\":1,\"1208\":1,\"1217\":2,\"1238\":1,\"1245\":1,\"1253\":2,\"1273\":1,\"1276\":1,\"1285\":2,\"1298\":1,\"1319\":1,\"1350\":2,\"1376\":1,\"1383\":1,\"1392\":2,\"1397\":1,\"1400\":1,\"1409\":2,\"1420\":2,\"1421\":1,\"1423\":1,\"1445\":1,\"1448\":1,\"1457\":2,\"1470\":1,\"1492\":1,\"1526\":2,\"1552\":1,\"1559\":1,\"1568\":2,\"1573\":1,\"1576\":1,\"1585\":2,\"1596\":2,\"1597\":1,\"1599\":1,\"1622\":1,\"1625\":1,\"1634\":2,\"1647\":1,\"1669\":1,\"1703\":2,\"1729\":1,\"1736\":1,\"1745\":2,\"1750\":1,\"1753\":1,\"1762\":2,\"1773\":2,\"1774\":1,\"1776\":1,\"1799\":1,\"1802\":1,\"1811\":2,\"1824\":1,\"1846\":1,\"1880\":2,\"1906\":1,\"1913\":1,\"1922\":2,\"1927\":1,\"1930\":1,\"1939\":2,\"1950\":2,\"1951\":1,\"1953\":1,\"1976\":1,\"1979\":1,\"1988\":2,\"2001\":1,\"2023\":1,\"2057\":2,\"2083\":1,\"2090\":1,\"2099\":2,\"2104\":1,\"2107\":1,\"2116\":2,\"2127\":2,\"2128\":1,\"2130\":1,\"2153\":1,\"2156\":1,\"2165\":2,\"2178\":1,\"2200\":1,\"2234\":2,\"2260\":1,\"2267\":1,\"2276\":2,\"2281\":1,\"2284\":1,\"2293\":2,\"2304\":2,\"2305\":1,\"2307\":1,\"2340\":1,\"2343\":1,\"2352\":2,\"2365\":1,\"2390\":1,\"2422\":1,\"2428\":2,\"2432\":2,\"2434\":1,\"2475\":1,\"2485\":1,\"2495\":2,\"2500\":1,\"2503\":1,\"2512\":2,\"2523\":2,\"2524\":1,\"2526\":1,\"2559\":1,\"2562\":1,\"2571\":2,\"2584\":1,\"2609\":1,\"2641\":1,\"2647\":2,\"2651\":2,\"2653\":1,\"2694\":1,\"2704\":1,\"2714\":2,\"2719\":1,\"2722\":1,\"2731\":2,\"2742\":2,\"2743\":1,\"2745\":1,\"2778\":1,\"2781\":1,\"2790\":2,\"2803\":1,\"2828\":1,\"2860\":1,\"2866\":2,\"2870\":2,\"2872\":1,\"2913\":1,\"2923\":1,\"2933\":2,\"2938\":1,\"2941\":1,\"2950\":2,\"2961\":2,\"2962\":1,\"2964\":1,\"2997\":1,\"3000\":1,\"3009\":2,\"3022\":1,\"3047\":1,\"3079\":1,\"3085\":2,\"3089\":2,\"3091\":1,\"3132\":1,\"3142\":1,\"3152\":2,\"3157\":1,\"3160\":1,\"3169\":2,\"3180\":2,\"3181\":1,\"3183\":1,\"3217\":1,\"3242\":1,\"3274\":1,\"3280\":2,\"3285\":1,\"3288\":1,\"3297\":2,\"3308\":2,\"3310\":1,\"3353\":1,\"3363\":1,\"3373\":2,\"3378\":1,\"3381\":1,\"3390\":2,\"3401\":2,\"3402\":1,\"3404\":1}}],[\"uuid2\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"uuid1\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"utf\",{\"1\":{\"159\":1}}],[\"utilizes\",{\"1\":{\"6\":1}}],[\"ubuntu\",{\"1\":{\"137\":2,\"283\":2,\"289\":1,\"290\":1,\"294\":2,\"300\":1,\"301\":1,\"437\":2,\"442\":1,\"443\":1,\"476\":2,\"481\":1,\"482\":1,\"499\":2,\"504\":1,\"505\":1,\"525\":2,\"530\":1,\"531\":1,\"555\":2,\"560\":1,\"561\":1,\"585\":2,\"590\":1,\"591\":1,\"615\":2,\"620\":1,\"621\":1,\"661\":2,\"666\":1,\"667\":1,\"707\":2,\"712\":1,\"713\":1,\"753\":2,\"758\":1,\"759\":1,\"799\":2,\"804\":1,\"805\":1,\"845\":2,\"850\":1,\"851\":1,\"891\":2,\"896\":1,\"897\":1}}],[\"uid\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"ui\",{\"0\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"536\":1,\"991\":1,\"994\":3,\"1087\":3,\"2422\":1,\"2425\":3,\"2492\":3,\"2641\":1,\"2644\":3,\"2711\":3,\"2860\":1,\"2863\":3,\"2930\":3,\"3079\":1,\"3082\":3,\"3149\":3,\"3274\":1,\"3277\":3,\"3370\":3}}],[\"um\",{\"1\":{\"41\":1}}],[\"upper\",{\"1\":{\"346\":1}}],[\"upgrading\",{\"0\":{\"302\":1,\"305\":1,\"308\":1,\"311\":1,\"314\":1},\"1\":{\"302\":2,\"305\":3,\"308\":2,\"311\":1,\"314\":1,\"460\":1,\"509\":1,\"535\":1,\"565\":2,\"595\":2,\"625\":2,\"671\":2,\"717\":2,\"763\":2,\"809\":2,\"855\":1,\"914\":1}}],[\"upgraded\",{\"1\":{\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"upgrade\",{\"0\":{\"423\":1,\"459\":1,\"460\":1,\"466\":1,\"485\":1,\"489\":1,\"508\":1,\"509\":1,\"515\":1,\"534\":1,\"535\":1,\"541\":1,\"564\":1,\"565\":1,\"571\":1,\"594\":1,\"595\":1,\"601\":1,\"624\":1,\"625\":1,\"647\":1,\"670\":1,\"671\":1,\"693\":1,\"716\":1,\"717\":1,\"739\":1,\"762\":1,\"763\":1,\"785\":1,\"808\":1,\"809\":1,\"831\":1,\"854\":1,\"855\":1,\"877\":1,\"913\":1,\"914\":1},\"1\":{\"33\":1,\"42\":3,\"44\":2,\"46\":3,\"48\":3,\"50\":3,\"52\":3,\"54\":3,\"56\":3,\"58\":3,\"60\":3,\"62\":3,\"64\":3,\"66\":3,\"171\":2,\"302\":1,\"303\":3,\"304\":5,\"305\":3,\"306\":3,\"307\":5,\"308\":1,\"309\":3,\"310\":5,\"311\":1,\"312\":3,\"313\":4,\"314\":1,\"315\":3,\"316\":4,\"421\":1,\"423\":1,\"425\":1,\"459\":1,\"461\":3,\"462\":4,\"464\":1,\"466\":1,\"468\":1,\"485\":3,\"487\":1,\"489\":1,\"491\":1,\"508\":3,\"509\":1,\"510\":3,\"511\":4,\"513\":1,\"515\":1,\"517\":1,\"534\":3,\"535\":1,\"536\":3,\"537\":6,\"539\":1,\"541\":1,\"543\":1,\"564\":1,\"565\":1,\"566\":3,\"567\":4,\"569\":1,\"571\":1,\"573\":1,\"594\":1,\"596\":3,\"597\":4,\"599\":1,\"601\":1,\"603\":1,\"624\":1,\"626\":3,\"627\":4,\"645\":1,\"647\":1,\"649\":1,\"670\":1,\"672\":3,\"673\":4,\"691\":1,\"693\":1,\"695\":1,\"716\":1,\"718\":3,\"719\":4,\"737\":1,\"739\":1,\"741\":1,\"762\":1,\"764\":3,\"765\":4,\"783\":1,\"785\":1,\"787\":1,\"808\":1,\"810\":3,\"811\":4,\"829\":1,\"831\":1,\"833\":1,\"854\":1,\"856\":3,\"857\":4,\"875\":1,\"877\":1,\"879\":1,\"913\":1,\"915\":3,\"916\":4}}],[\"upload\",{\"1\":{\"290\":2}}],[\"updating\",{\"1\":{\"99\":1,\"169\":1,\"419\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"643\":1,\"646\":1,\"647\":1,\"689\":1,\"692\":1,\"693\":1,\"735\":1,\"738\":1,\"739\":1,\"781\":1,\"784\":1,\"785\":1,\"827\":1,\"830\":1,\"831\":1,\"873\":1,\"876\":1,\"877\":1}}],[\"updateallowlist|1\",{\"1\":{\"985\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1}}],[\"updateallowlist\",{\"1\":{\"304\":2,\"307\":2}}],[\"updated\",{\"1\":{\"90\":1,\"431\":1,\"460\":1,\"793\":1,\"839\":1,\"885\":1,\"914\":1}}],[\"update\",{\"1\":{\"19\":1,\"86\":1,\"141\":3,\"142\":3,\"145\":2,\"283\":2,\"290\":1,\"294\":2,\"303\":1,\"304\":4,\"307\":4,\"422\":1,\"423\":1,\"427\":1,\"433\":1,\"437\":2,\"459\":1,\"465\":1,\"466\":1,\"470\":1,\"476\":2,\"485\":1,\"488\":1,\"489\":1,\"493\":1,\"499\":2,\"508\":1,\"514\":1,\"515\":1,\"519\":1,\"525\":2,\"534\":1,\"540\":1,\"541\":1,\"545\":1,\"555\":2,\"564\":1,\"565\":1,\"570\":1,\"571\":1,\"575\":1,\"585\":2,\"594\":1,\"595\":1,\"600\":1,\"601\":1,\"605\":1,\"615\":2,\"624\":1,\"625\":1,\"646\":1,\"647\":1,\"651\":1,\"661\":2,\"670\":1,\"671\":1,\"692\":1,\"693\":1,\"697\":1,\"707\":2,\"716\":1,\"717\":1,\"738\":1,\"739\":1,\"743\":1,\"753\":2,\"762\":1,\"763\":1,\"784\":1,\"785\":1,\"789\":1,\"795\":1,\"799\":2,\"808\":1,\"809\":1,\"830\":1,\"831\":1,\"835\":1,\"841\":1,\"845\":2,\"854\":1,\"876\":1,\"877\":1,\"881\":1,\"887\":1,\"891\":2,\"913\":1,\"1055\":1,\"1057\":2,\"1361\":1,\"1363\":2,\"1537\":1,\"1539\":2,\"1714\":1,\"1716\":2,\"1891\":1,\"1893\":2,\"2068\":1,\"2070\":2,\"2245\":1,\"2247\":2,\"2460\":1,\"2462\":2,\"2679\":1,\"2681\":2,\"2898\":1,\"2900\":2,\"3117\":1,\"3119\":2,\"3338\":1,\"3340\":2}}],[\"updates\",{\"1\":{\"14\":5,\"38\":1}}],[\"upstream\",{\"1\":{\"91\":1,\"170\":1}}],[\"up\",{\"0\":{\"73\":1,\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1},\"1\":{\"33\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"128\":1,\"135\":4,\"136\":1,\"137\":2,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"320\":1,\"329\":1,\"338\":2,\"342\":2,\"352\":2,\"367\":4,\"377\":3,\"393\":6,\"442\":1,\"443\":1,\"461\":1,\"462\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"510\":1,\"511\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"566\":1,\"567\":1,\"590\":1,\"591\":1,\"596\":1,\"597\":1,\"620\":1,\"621\":1,\"626\":1,\"627\":1,\"666\":1,\"667\":1,\"672\":1,\"673\":1,\"712\":1,\"713\":1,\"718\":1,\"719\":1,\"758\":1,\"759\":1,\"764\":1,\"765\":1,\"804\":1,\"805\":1,\"810\":1,\"811\":1,\"850\":1,\"851\":1,\"856\":1,\"857\":1,\"896\":1,\"897\":1,\"915\":1,\"916\":1}}],[\"u\",{\"1\":{\"26\":1,\"327\":1}}],[\"uhr\",{\"1\":{\"14\":2,\"41\":2}}],[\"unlock\",{\"1\":{\"930\":2,\"1066\":2,\"1143\":2,\"1234\":2,\"1294\":2,\"1372\":2,\"1466\":2,\"1548\":2,\"1643\":2,\"1725\":2,\"1820\":2,\"1902\":2,\"1997\":2,\"2079\":2,\"2174\":2,\"2256\":2,\"2361\":2,\"2471\":2,\"2580\":2,\"2690\":2,\"2799\":2,\"2909\":2,\"3018\":2,\"3128\":2,\"3213\":2,\"3349\":2}}],[\"unless\",{\"1\":{\"485\":2,\"508\":2,\"534\":2}}],[\"unclear\",{\"1\":{\"417\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"641\":1,\"653\":1,\"669\":1,\"687\":1,\"699\":1,\"715\":1,\"733\":1,\"745\":1,\"761\":1,\"779\":1,\"791\":1,\"807\":1,\"825\":1,\"837\":1,\"853\":1,\"871\":1,\"883\":1,\"899\":1}}],[\"uncomment\",{\"1\":{\"289\":1,\"300\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"unpack\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":2,\"443\":1,\"481\":2,\"482\":1,\"504\":2,\"505\":1,\"530\":2,\"531\":1,\"560\":2,\"561\":1,\"590\":2,\"591\":1,\"620\":2,\"621\":1,\"666\":2,\"667\":1,\"712\":2,\"713\":1,\"758\":2,\"759\":1,\"804\":2,\"805\":1,\"850\":2,\"851\":1,\"896\":2,\"897\":1}}],[\"uname\",{\"1\":{\"283\":2,\"294\":2}}],[\"unary\",{\"1\":{\"159\":2}}],[\"unencrypted\",{\"1\":{\"279\":1,\"288\":1,\"299\":1,\"441\":1,\"480\":1,\"503\":1,\"529\":1,\"559\":1,\"589\":1,\"619\":1,\"665\":1,\"711\":1,\"757\":1,\"803\":1,\"849\":1,\"895\":1,\"1042\":1,\"1136\":1,\"1266\":1,\"1437\":1,\"1614\":1,\"1791\":1,\"1968\":1,\"2145\":1,\"2322\":1,\"2449\":1,\"2541\":1,\"2668\":1,\"2760\":1,\"2887\":1,\"2979\":1,\"3106\":1,\"3198\":1,\"3325\":1,\"3419\":1}}],[\"universitaetsmedizinde\",{\"1\":{\"304\":8,\"307\":2}}],[\"university\",{\"0\":{\"77\":1,\"78\":1,\"79\":1,\"82\":2,\"129\":1},\"1\":{\"5\":1,\"11\":1,\"26\":1,\"77\":1,\"78\":1,\"79\":1,\"81\":4,\"82\":1,\"98\":2,\"124\":1,\"129\":3,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"union\",{\"1\":{\"159\":1}}],[\"unix\",{\"1\":{\"135\":1}}],[\"uniform\",{\"1\":{\"129\":1}}],[\"unified\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"unique\",{\"1\":{\"120\":1,\"383\":1}}],[\"unit\",{\"1\":{\"98\":1}}],[\"units\",{\"1\":{\"95\":1}}],[\"unused\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"until\",{\"1\":{\"37\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"209\":1,\"234\":1,\"247\":1,\"248\":1,\"382\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"960\":1,\"983\":1,\"986\":1,\"1062\":1,\"1063\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1170\":1,\"1193\":1,\"1230\":1,\"1231\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1321\":1,\"1344\":1,\"1368\":1,\"1369\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1493\":1,\"1516\":1,\"1519\":1,\"1544\":1,\"1545\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1670\":1,\"1693\":1,\"1696\":1,\"1721\":1,\"1722\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1847\":1,\"1870\":1,\"1873\":1,\"1898\":1,\"1899\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2024\":1,\"2047\":1,\"2050\":1,\"2075\":1,\"2076\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2201\":1,\"2224\":1,\"2227\":1,\"2252\":1,\"2253\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2391\":1,\"2414\":1,\"2417\":1,\"2467\":1,\"2468\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2610\":1,\"2633\":1,\"2636\":1,\"2686\":1,\"2687\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2829\":1,\"2852\":1,\"2855\":1,\"2905\":1,\"2906\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3048\":1,\"3071\":1,\"3074\":1,\"3124\":1,\"3125\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3243\":1,\"3266\":1,\"3269\":1,\"3345\":1,\"3346\":1}}],[\"unten\",{\"1\":{\"18\":1}}],[\"unter\",{\"1\":{\"16\":1}}],[\"uns\",{\"1\":{\"14\":1}}],[\"under\",{\"1\":{\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"underscore\",{\"1\":{\"346\":1}}],[\"understood\",{\"1\":{\"95\":1}}],[\"understanding\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"understand\",{\"1\":{\"35\":1,\"89\":1,\"97\":2,\"102\":1,\"120\":2}}],[\"underlying\",{\"1\":{\"127\":1}}],[\"und\",{\"1\":{\"14\":16,\"15\":1,\"16\":1,\"41\":1}}],[\"usr\",{\"1\":{\"283\":4,\"294\":4,\"437\":2,\"452\":1,\"454\":1,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2,\"906\":1,\"908\":1}}],[\"usages\",{\"1\":{\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"usage\",{\"1\":{\"117\":1,\"450\":1,\"456\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"904\":1,\"910\":1,\"913\":1}}],[\"usually\",{\"1\":{\"38\":1,\"289\":1,\"300\":1}}],[\"using\",{\"0\":{\"97\":1,\"161\":1},\"1\":{\"32\":1,\"37\":1,\"40\":1,\"93\":1,\"98\":1,\"99\":1,\"100\":2,\"116\":1,\"117\":3,\"136\":2,\"139\":1,\"143\":1,\"152\":2,\"153\":2,\"154\":1,\"162\":1,\"169\":1,\"170\":2,\"175\":1,\"179\":1,\"182\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"214\":1,\"219\":1,\"225\":1,\"243\":1,\"244\":1,\"251\":1,\"255\":1,\"257\":1,\"289\":1,\"290\":3,\"300\":1,\"301\":3,\"303\":1,\"304\":3,\"306\":1,\"307\":3,\"309\":1,\"310\":3,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"323\":1,\"324\":1,\"331\":1,\"332\":1,\"345\":2,\"349\":2,\"354\":1,\"358\":1,\"361\":4,\"362\":3,\"364\":1,\"369\":1,\"371\":1,\"382\":1,\"383\":1,\"384\":1,\"387\":4,\"388\":3,\"396\":1,\"398\":1,\"416\":1,\"442\":1,\"443\":1,\"446\":1,\"451\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"461\":1,\"462\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"510\":1,\"511\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"566\":1,\"567\":1,\"590\":1,\"591\":1,\"596\":1,\"597\":1,\"620\":1,\"621\":1,\"626\":1,\"627\":1,\"640\":1,\"666\":1,\"667\":1,\"672\":1,\"673\":1,\"686\":1,\"712\":1,\"713\":1,\"718\":1,\"719\":1,\"732\":1,\"758\":1,\"759\":1,\"764\":1,\"765\":1,\"778\":1,\"804\":1,\"805\":1,\"810\":1,\"811\":1,\"824\":1,\"850\":1,\"851\":1,\"856\":1,\"857\":1,\"870\":1,\"896\":1,\"897\":1,\"900\":1,\"905\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"915\":1,\"916\":1,\"920\":3,\"923\":1,\"932\":1,\"936\":1,\"939\":1,\"950\":1,\"965\":1,\"970\":1,\"976\":1,\"996\":1,\"1010\":1,\"1024\":1,\"1045\":1,\"1049\":3,\"1052\":1,\"1061\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1089\":1,\"1103\":1,\"1117\":1,\"1139\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1159\":1,\"1175\":1,\"1180\":1,\"1186\":1,\"1198\":1,\"1213\":1,\"1229\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1252\":1,\"1281\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1310\":1,\"1326\":1,\"1331\":1,\"1337\":1,\"1349\":1,\"1355\":3,\"1358\":1,\"1367\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1391\":1,\"1405\":1,\"1419\":1,\"1438\":1,\"1453\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1483\":1,\"1498\":1,\"1503\":1,\"1509\":1,\"1525\":1,\"1531\":3,\"1534\":1,\"1543\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1567\":1,\"1581\":1,\"1595\":1,\"1615\":1,\"1630\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1660\":1,\"1675\":1,\"1680\":1,\"1686\":1,\"1702\":1,\"1708\":3,\"1711\":1,\"1720\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1744\":1,\"1758\":1,\"1772\":1,\"1792\":1,\"1807\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1837\":1,\"1852\":1,\"1857\":1,\"1863\":1,\"1879\":1,\"1885\":3,\"1888\":1,\"1897\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1921\":1,\"1935\":1,\"1949\":1,\"1969\":1,\"1984\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2014\":1,\"2029\":1,\"2034\":1,\"2040\":1,\"2056\":1,\"2062\":3,\"2065\":1,\"2074\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2098\":1,\"2112\":1,\"2126\":1,\"2146\":1,\"2161\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2191\":1,\"2206\":1,\"2211\":1,\"2217\":1,\"2233\":1,\"2239\":3,\"2242\":1,\"2251\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2275\":1,\"2289\":1,\"2303\":1,\"2323\":1,\"2327\":3,\"2330\":1,\"2348\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2381\":1,\"2396\":1,\"2401\":1,\"2407\":1,\"2427\":1,\"2431\":1,\"2450\":1,\"2454\":3,\"2457\":1,\"2466\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2494\":1,\"2508\":1,\"2522\":1,\"2542\":1,\"2546\":3,\"2549\":1,\"2567\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2600\":1,\"2615\":1,\"2620\":1,\"2626\":1,\"2646\":1,\"2650\":1,\"2669\":1,\"2673\":3,\"2676\":1,\"2685\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2713\":1,\"2727\":1,\"2741\":1,\"2761\":1,\"2765\":3,\"2768\":1,\"2786\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2819\":1,\"2834\":1,\"2839\":1,\"2845\":1,\"2865\":1,\"2869\":1,\"2888\":1,\"2892\":3,\"2895\":1,\"2904\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2932\":1,\"2946\":1,\"2960\":1,\"2980\":1,\"2984\":3,\"2987\":1,\"3005\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3038\":1,\"3053\":1,\"3058\":1,\"3064\":1,\"3084\":1,\"3088\":1,\"3107\":1,\"3111\":3,\"3114\":1,\"3123\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3151\":1,\"3165\":1,\"3179\":1,\"3199\":1,\"3203\":3,\"3206\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3233\":1,\"3248\":1,\"3253\":1,\"3259\":1,\"3279\":1,\"3293\":1,\"3307\":1,\"3328\":1,\"3332\":3,\"3335\":1,\"3344\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3372\":1,\"3386\":1,\"3400\":1,\"3422\":1}}],[\"us\",{\"1\":{\"13\":1,\"33\":1,\"36\":2,\"37\":2,\"40\":2,\"71\":1,\"73\":1,\"399\":1,\"405\":1,\"415\":1,\"417\":5,\"419\":3,\"427\":1,\"429\":2,\"445\":1,\"470\":2,\"472\":2,\"484\":1,\"493\":2,\"495\":2,\"507\":1,\"519\":2,\"521\":2,\"533\":1,\"545\":1,\"547\":2,\"563\":1,\"575\":1,\"577\":2,\"593\":1,\"605\":1,\"607\":2,\"623\":1,\"629\":1,\"639\":1,\"641\":5,\"643\":3,\"651\":1,\"653\":2,\"669\":1,\"675\":1,\"685\":1,\"687\":5,\"689\":3,\"697\":1,\"699\":2,\"715\":1,\"721\":1,\"731\":1,\"733\":5,\"735\":3,\"743\":1,\"745\":2,\"761\":1,\"767\":1,\"777\":1,\"779\":5,\"781\":3,\"789\":1,\"791\":2,\"807\":1,\"813\":1,\"823\":1,\"825\":5,\"827\":3,\"835\":1,\"837\":2,\"853\":1,\"859\":1,\"869\":1,\"871\":5,\"873\":3,\"881\":1,\"883\":2,\"899\":1}}],[\"useful\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"usertrust\",{\"1\":{\"457\":2,\"911\":2}}],[\"useradd\",{\"1\":{\"442\":1,\"443\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"username>\",{\"1\":{\"162\":1,\"398\":1}}],[\"username\",{\"0\":{\"176\":1,\"180\":1,\"183\":1,\"192\":1,\"198\":1,\"201\":1,\"229\":1,\"246\":1,\"252\":1,\"258\":1,\"259\":1,\"933\":1,\"937\":1,\"940\":1,\"980\":1,\"998\":1,\"1069\":1,\"1075\":1,\"1076\":1,\"1091\":1,\"1146\":1,\"1150\":1,\"1153\":1,\"1190\":1,\"1200\":1,\"1237\":1,\"1243\":1,\"1244\":1,\"1254\":1,\"1297\":1,\"1301\":1,\"1304\":1,\"1341\":1,\"1351\":1,\"1375\":1,\"1381\":1,\"1382\":1,\"1393\":1,\"1469\":1,\"1473\":1,\"1476\":1,\"1513\":1,\"1527\":1,\"1551\":1,\"1557\":1,\"1558\":1,\"1569\":1,\"1646\":1,\"1650\":1,\"1653\":1,\"1690\":1,\"1704\":1,\"1728\":1,\"1734\":1,\"1735\":1,\"1746\":1,\"1823\":1,\"1827\":1,\"1830\":1,\"1867\":1,\"1881\":1,\"1905\":1,\"1911\":1,\"1912\":1,\"1923\":1,\"2000\":1,\"2004\":1,\"2007\":1,\"2044\":1,\"2058\":1,\"2082\":1,\"2088\":1,\"2089\":1,\"2100\":1,\"2177\":1,\"2181\":1,\"2184\":1,\"2221\":1,\"2235\":1,\"2259\":1,\"2265\":1,\"2266\":1,\"2277\":1,\"2364\":1,\"2368\":1,\"2371\":1,\"2411\":1,\"2429\":1,\"2474\":1,\"2480\":1,\"2481\":1,\"2496\":1,\"2583\":1,\"2587\":1,\"2590\":1,\"2630\":1,\"2648\":1,\"2693\":1,\"2699\":1,\"2700\":1,\"2715\":1,\"2802\":1,\"2806\":1,\"2809\":1,\"2849\":1,\"2867\":1,\"2912\":1,\"2918\":1,\"2919\":1,\"2934\":1,\"3021\":1,\"3025\":1,\"3028\":1,\"3068\":1,\"3086\":1,\"3131\":1,\"3137\":1,\"3138\":1,\"3153\":1,\"3216\":1,\"3220\":1,\"3223\":1,\"3263\":1,\"3281\":1,\"3352\":1,\"3358\":1,\"3359\":1,\"3374\":1},\"1\":{\"139\":1,\"162\":2,\"176\":1,\"180\":2,\"183\":1,\"192\":2,\"198\":2,\"201\":2,\"219\":1,\"229\":3,\"246\":2,\"252\":1,\"258\":2,\"259\":1,\"327\":12,\"398\":2,\"933\":2,\"937\":3,\"940\":2,\"970\":1,\"980\":3,\"998\":3,\"1069\":2,\"1075\":3,\"1076\":2,\"1091\":3,\"1146\":1,\"1150\":2,\"1153\":1,\"1180\":1,\"1190\":3,\"1200\":3,\"1237\":1,\"1243\":2,\"1244\":1,\"1254\":3,\"1297\":1,\"1301\":2,\"1304\":1,\"1331\":1,\"1341\":3,\"1351\":3,\"1375\":1,\"1381\":2,\"1382\":1,\"1393\":3,\"1469\":1,\"1473\":2,\"1476\":1,\"1503\":1,\"1513\":3,\"1527\":3,\"1551\":1,\"1557\":2,\"1558\":1,\"1569\":3,\"1646\":1,\"1650\":2,\"1653\":1,\"1680\":1,\"1690\":3,\"1704\":3,\"1728\":1,\"1734\":2,\"1735\":1,\"1746\":3,\"1823\":1,\"1827\":2,\"1830\":1,\"1857\":1,\"1867\":3,\"1881\":3,\"1905\":1,\"1911\":2,\"1912\":1,\"1923\":3,\"2000\":1,\"2004\":2,\"2007\":1,\"2034\":1,\"2044\":3,\"2058\":3,\"2082\":1,\"2088\":2,\"2089\":1,\"2100\":3,\"2177\":1,\"2181\":2,\"2184\":1,\"2211\":1,\"2221\":3,\"2235\":3,\"2259\":1,\"2265\":2,\"2266\":1,\"2277\":3,\"2364\":1,\"2368\":3,\"2371\":2,\"2401\":1,\"2411\":3,\"2429\":3,\"2474\":1,\"2480\":3,\"2481\":2,\"2496\":3,\"2583\":1,\"2587\":3,\"2590\":2,\"2620\":1,\"2630\":3,\"2648\":3,\"2693\":1,\"2699\":3,\"2700\":2,\"2715\":3,\"2802\":1,\"2806\":3,\"2809\":2,\"2839\":1,\"2849\":3,\"2867\":3,\"2912\":1,\"2918\":3,\"2919\":2,\"2934\":3,\"3021\":1,\"3025\":3,\"3028\":2,\"3058\":1,\"3068\":3,\"3086\":3,\"3131\":1,\"3137\":3,\"3138\":2,\"3153\":3,\"3216\":2,\"3220\":3,\"3223\":2,\"3253\":1,\"3263\":3,\"3281\":3,\"3352\":2,\"3358\":3,\"3359\":2,\"3374\":3}}],[\"users\",{\"0\":{\"921\":1,\"1050\":1,\"1356\":1,\"1532\":1,\"1709\":1,\"1886\":1,\"2063\":1,\"2240\":1,\"2328\":1,\"2455\":1,\"2547\":1,\"2674\":1,\"2766\":1,\"2893\":1,\"2985\":1,\"3112\":1,\"3204\":1,\"3333\":1},\"1\":{\"36\":1,\"116\":1,\"117\":1,\"178\":1,\"181\":1,\"254\":1,\"256\":1,\"327\":12,\"404\":1,\"419\":2,\"442\":1,\"453\":1,\"455\":1,\"481\":1,\"504\":1,\"530\":1,\"536\":1,\"560\":1,\"590\":1,\"620\":1,\"628\":1,\"643\":2,\"666\":1,\"674\":1,\"689\":2,\"712\":1,\"720\":1,\"735\":2,\"758\":1,\"766\":1,\"781\":2,\"804\":1,\"812\":1,\"827\":2,\"850\":1,\"858\":1,\"873\":2,\"896\":1,\"907\":1,\"909\":1,\"920\":2,\"921\":1,\"923\":1,\"925\":1,\"928\":1,\"935\":1,\"938\":1,\"1024\":2,\"1049\":2,\"1050\":1,\"1052\":1,\"1054\":1,\"1056\":1,\"1071\":1,\"1073\":1,\"1117\":2,\"1148\":1,\"1151\":1,\"1239\":1,\"1241\":1,\"1299\":1,\"1302\":1,\"1355\":2,\"1356\":1,\"1358\":1,\"1360\":1,\"1362\":1,\"1377\":1,\"1379\":1,\"1419\":2,\"1471\":1,\"1474\":1,\"1531\":2,\"1532\":1,\"1534\":1,\"1536\":1,\"1538\":1,\"1553\":1,\"1555\":1,\"1595\":2,\"1648\":1,\"1651\":1,\"1708\":2,\"1709\":1,\"1711\":1,\"1713\":1,\"1715\":1,\"1730\":1,\"1732\":1,\"1772\":2,\"1825\":1,\"1828\":1,\"1885\":2,\"1886\":1,\"1888\":1,\"1890\":1,\"1892\":1,\"1907\":1,\"1909\":1,\"1949\":2,\"2002\":1,\"2005\":1,\"2062\":2,\"2063\":1,\"2065\":1,\"2067\":1,\"2069\":1,\"2084\":1,\"2086\":1,\"2126\":2,\"2179\":1,\"2182\":1,\"2239\":2,\"2240\":1,\"2242\":1,\"2244\":1,\"2246\":1,\"2261\":1,\"2263\":1,\"2303\":2,\"2327\":2,\"2328\":1,\"2330\":1,\"2332\":1,\"2335\":1,\"2366\":1,\"2369\":1,\"2431\":2,\"2454\":2,\"2455\":1,\"2457\":1,\"2459\":1,\"2461\":1,\"2476\":1,\"2478\":1,\"2522\":2,\"2546\":2,\"2547\":1,\"2549\":1,\"2551\":1,\"2554\":1,\"2585\":1,\"2588\":1,\"2650\":2,\"2673\":2,\"2674\":1,\"2676\":1,\"2678\":1,\"2680\":1,\"2695\":1,\"2697\":1,\"2741\":2,\"2765\":2,\"2766\":1,\"2768\":1,\"2770\":1,\"2773\":1,\"2804\":1,\"2807\":1,\"2869\":2,\"2892\":2,\"2893\":1,\"2895\":1,\"2897\":1,\"2899\":1,\"2914\":1,\"2916\":1,\"2960\":2,\"2984\":2,\"2985\":1,\"2987\":1,\"2989\":1,\"2992\":1,\"3023\":1,\"3026\":1,\"3088\":2,\"3111\":2,\"3112\":1,\"3114\":1,\"3116\":1,\"3118\":1,\"3133\":1,\"3135\":1,\"3179\":2,\"3203\":2,\"3204\":1,\"3206\":1,\"3208\":1,\"3211\":1,\"3218\":1,\"3221\":1,\"3307\":2,\"3332\":2,\"3333\":1,\"3335\":1,\"3337\":1,\"3339\":1,\"3354\":1,\"3356\":1,\"3400\":2}}],[\"user\",{\"0\":{\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"265\":1,\"266\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1},\"1\":{\"28\":1,\"37\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"94\":1,\"98\":1,\"134\":10,\"135\":3,\"138\":2,\"147\":3,\"176\":2,\"178\":2,\"179\":3,\"180\":5,\"181\":2,\"182\":3,\"183\":3,\"252\":2,\"254\":2,\"255\":3,\"256\":2,\"257\":3,\"258\":5,\"259\":3,\"265\":1,\"266\":1,\"289\":7,\"290\":6,\"300\":7,\"301\":6,\"327\":111,\"338\":4,\"342\":1,\"367\":2,\"393\":2,\"417\":1,\"419\":2,\"433\":1,\"442\":6,\"443\":5,\"447\":4,\"449\":5,\"457\":1,\"461\":4,\"462\":4,\"481\":6,\"482\":5,\"504\":6,\"505\":5,\"530\":6,\"531\":5,\"560\":6,\"561\":5,\"590\":6,\"591\":5,\"620\":6,\"621\":5,\"641\":1,\"643\":2,\"666\":6,\"667\":5,\"687\":1,\"689\":2,\"712\":6,\"713\":5,\"733\":1,\"735\":2,\"758\":6,\"759\":5,\"779\":1,\"781\":2,\"795\":1,\"804\":6,\"805\":5,\"825\":1,\"827\":2,\"841\":1,\"850\":6,\"851\":5,\"871\":1,\"873\":2,\"887\":1,\"896\":6,\"897\":5,\"901\":4,\"903\":5,\"911\":1,\"915\":4,\"916\":4,\"920\":8,\"922\":1,\"923\":1,\"926\":1,\"928\":2,\"933\":1,\"935\":2,\"936\":3,\"937\":4,\"938\":2,\"939\":3,\"940\":2,\"941\":1,\"1024\":2,\"1044\":1,\"1049\":7,\"1051\":1,\"1052\":1,\"1055\":1,\"1056\":10,\"1057\":2,\"1069\":1,\"1071\":2,\"1072\":3,\"1073\":2,\"1074\":3,\"1075\":4,\"1076\":2,\"1077\":1,\"1117\":2,\"1138\":1,\"1146\":2,\"1148\":2,\"1149\":3,\"1150\":5,\"1151\":2,\"1152\":3,\"1153\":3,\"1237\":2,\"1239\":2,\"1240\":3,\"1241\":2,\"1242\":3,\"1243\":5,\"1244\":3,\"1297\":2,\"1299\":2,\"1300\":3,\"1301\":5,\"1302\":2,\"1303\":3,\"1304\":3,\"1355\":7,\"1357\":1,\"1358\":1,\"1361\":1,\"1362\":10,\"1363\":2,\"1375\":2,\"1377\":2,\"1378\":3,\"1379\":2,\"1380\":3,\"1381\":5,\"1382\":3,\"1419\":2,\"1469\":2,\"1471\":2,\"1472\":3,\"1473\":5,\"1474\":2,\"1475\":3,\"1476\":3,\"1531\":7,\"1533\":1,\"1534\":1,\"1537\":1,\"1538\":10,\"1539\":2,\"1551\":2,\"1553\":2,\"1554\":3,\"1555\":2,\"1556\":3,\"1557\":5,\"1558\":3,\"1595\":2,\"1646\":2,\"1648\":2,\"1649\":3,\"1650\":5,\"1651\":2,\"1652\":3,\"1653\":3,\"1708\":7,\"1710\":1,\"1711\":1,\"1714\":1,\"1715\":10,\"1716\":2,\"1728\":2,\"1730\":2,\"1731\":3,\"1732\":2,\"1733\":3,\"1734\":5,\"1735\":3,\"1772\":2,\"1823\":2,\"1825\":2,\"1826\":3,\"1827\":5,\"1828\":2,\"1829\":3,\"1830\":3,\"1885\":7,\"1887\":1,\"1888\":1,\"1891\":1,\"1892\":10,\"1893\":2,\"1905\":2,\"1907\":2,\"1908\":3,\"1909\":2,\"1910\":3,\"1911\":5,\"1912\":3,\"1949\":2,\"2000\":2,\"2002\":2,\"2003\":3,\"2004\":5,\"2005\":2,\"2006\":3,\"2007\":3,\"2062\":7,\"2064\":1,\"2065\":1,\"2068\":1,\"2069\":10,\"2070\":2,\"2082\":2,\"2084\":2,\"2085\":3,\"2086\":2,\"2087\":3,\"2088\":5,\"2089\":3,\"2126\":2,\"2177\":2,\"2179\":2,\"2180\":3,\"2181\":5,\"2182\":2,\"2183\":3,\"2184\":3,\"2239\":7,\"2241\":1,\"2242\":1,\"2245\":1,\"2246\":10,\"2247\":2,\"2259\":2,\"2261\":2,\"2262\":3,\"2263\":2,\"2264\":3,\"2265\":5,\"2266\":3,\"2303\":2,\"2327\":8,\"2329\":1,\"2330\":1,\"2333\":1,\"2335\":2,\"2364\":2,\"2366\":2,\"2367\":3,\"2368\":4,\"2369\":2,\"2370\":3,\"2371\":2,\"2372\":1,\"2431\":2,\"2454\":7,\"2456\":1,\"2457\":1,\"2460\":1,\"2461\":10,\"2462\":2,\"2474\":2,\"2476\":2,\"2477\":3,\"2478\":2,\"2479\":3,\"2480\":4,\"2481\":2,\"2482\":1,\"2522\":2,\"2546\":8,\"2548\":1,\"2549\":1,\"2552\":1,\"2554\":2,\"2583\":2,\"2585\":2,\"2586\":3,\"2587\":4,\"2588\":2,\"2589\":3,\"2590\":2,\"2591\":1,\"2650\":2,\"2673\":7,\"2675\":1,\"2676\":1,\"2679\":1,\"2680\":10,\"2681\":2,\"2693\":2,\"2695\":2,\"2696\":3,\"2697\":2,\"2698\":3,\"2699\":4,\"2700\":2,\"2701\":1,\"2741\":2,\"2765\":8,\"2767\":1,\"2768\":1,\"2771\":1,\"2773\":2,\"2802\":2,\"2804\":2,\"2805\":3,\"2806\":4,\"2807\":2,\"2808\":3,\"2809\":2,\"2810\":1,\"2869\":2,\"2892\":7,\"2894\":1,\"2895\":1,\"2898\":1,\"2899\":10,\"2900\":2,\"2912\":2,\"2914\":2,\"2915\":3,\"2916\":2,\"2917\":3,\"2918\":4,\"2919\":2,\"2920\":1,\"2960\":2,\"2984\":8,\"2986\":1,\"2987\":1,\"2990\":1,\"2992\":2,\"3021\":2,\"3023\":2,\"3024\":3,\"3025\":4,\"3026\":2,\"3027\":3,\"3028\":2,\"3029\":1,\"3088\":2,\"3111\":7,\"3113\":1,\"3114\":1,\"3117\":1,\"3118\":10,\"3119\":2,\"3131\":2,\"3133\":2,\"3134\":3,\"3135\":2,\"3136\":3,\"3137\":4,\"3138\":2,\"3139\":1,\"3179\":2,\"3203\":8,\"3205\":1,\"3206\":1,\"3209\":1,\"3211\":2,\"3216\":1,\"3218\":2,\"3219\":3,\"3220\":4,\"3221\":2,\"3222\":3,\"3223\":2,\"3224\":1,\"3307\":2,\"3327\":1,\"3332\":7,\"3334\":1,\"3335\":1,\"3338\":1,\"3339\":10,\"3340\":2,\"3352\":1,\"3354\":2,\"3355\":3,\"3356\":2,\"3357\":3,\"3358\":4,\"3359\":2,\"3360\":1,\"3400\":2,\"3421\":1}}],[\"usesmtps\",{\"0\":{\"230\":1,\"981\":1,\"1191\":1,\"1342\":1,\"1514\":1,\"1691\":1,\"1868\":1,\"2045\":1,\"2222\":1,\"2412\":1,\"2631\":1,\"2850\":1,\"3069\":1,\"3264\":1},\"1\":{\"212\":1,\"213\":1,\"219\":1,\"228\":1,\"229\":1,\"230\":1,\"963\":1,\"964\":1,\"970\":1,\"979\":1,\"980\":1,\"981\":1,\"1173\":1,\"1174\":1,\"1180\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1324\":1,\"1325\":1,\"1331\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1496\":1,\"1497\":1,\"1503\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1673\":1,\"1674\":1,\"1680\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1850\":1,\"1851\":1,\"1857\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"2027\":1,\"2028\":1,\"2034\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2204\":1,\"2205\":1,\"2211\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2394\":1,\"2395\":1,\"2401\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2613\":1,\"2614\":1,\"2620\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2832\":1,\"2833\":1,\"2839\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"3051\":1,\"3052\":1,\"3058\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3246\":1,\"3247\":1,\"3253\":1,\"3262\":1,\"3263\":1,\"3264\":1}}],[\"uses\",{\"1\":{\"9\":1,\"90\":1,\"280\":1,\"289\":1,\"291\":1,\"300\":1,\"331\":1,\"338\":1,\"346\":1,\"367\":1,\"372\":1,\"393\":1,\"411\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"635\":1,\"651\":1,\"681\":1,\"697\":1,\"727\":1,\"743\":1,\"773\":1,\"789\":1,\"819\":1,\"835\":1,\"865\":1,\"881\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"use\",{\"0\":{\"13\":1,\"123\":1},\"1\":{\"0\":1,\"1\":1,\"5\":1,\"12\":1,\"13\":1,\"20\":1,\"26\":2,\"32\":1,\"33\":2,\"37\":2,\"81\":1,\"82\":1,\"85\":1,\"88\":1,\"94\":1,\"95\":1,\"97\":2,\"98\":1,\"102\":3,\"110\":1,\"112\":1,\"116\":1,\"117\":3,\"130\":1,\"152\":1,\"153\":1,\"156\":1,\"159\":2,\"160\":4,\"165\":1,\"167\":1,\"170\":1,\"175\":1,\"177\":1,\"179\":1,\"180\":1,\"182\":1,\"187\":1,\"188\":2,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"205\":1,\"212\":1,\"213\":2,\"214\":1,\"219\":1,\"224\":1,\"225\":1,\"228\":1,\"236\":1,\"241\":1,\"242\":2,\"243\":1,\"244\":1,\"249\":1,\"251\":1,\"253\":1,\"255\":1,\"257\":1,\"258\":1,\"262\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"321\":1,\"333\":1,\"338\":1,\"340\":1,\"341\":1,\"349\":1,\"364\":1,\"367\":1,\"390\":2,\"393\":2,\"397\":1,\"399\":1,\"401\":1,\"407\":1,\"416\":1,\"427\":1,\"429\":1,\"434\":1,\"438\":1,\"442\":1,\"443\":1,\"444\":1,\"448\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"459\":7,\"469\":2,\"470\":1,\"473\":1,\"477\":1,\"481\":2,\"482\":1,\"483\":1,\"492\":2,\"493\":1,\"496\":1,\"500\":1,\"504\":2,\"505\":1,\"506\":1,\"518\":2,\"519\":1,\"522\":1,\"526\":1,\"530\":2,\"531\":1,\"532\":1,\"536\":1,\"544\":2,\"545\":1,\"547\":1,\"552\":1,\"556\":1,\"560\":2,\"561\":1,\"562\":1,\"564\":7,\"574\":2,\"575\":1,\"577\":1,\"582\":1,\"586\":1,\"590\":2,\"591\":1,\"592\":1,\"594\":7,\"604\":2,\"605\":1,\"607\":1,\"612\":1,\"616\":1,\"620\":2,\"621\":1,\"622\":1,\"624\":7,\"631\":1,\"640\":1,\"650\":2,\"651\":1,\"653\":1,\"658\":1,\"662\":1,\"666\":2,\"667\":1,\"668\":1,\"670\":7,\"677\":1,\"686\":1,\"696\":2,\"697\":1,\"699\":1,\"704\":1,\"708\":1,\"712\":2,\"713\":1,\"714\":1,\"716\":7,\"723\":1,\"732\":1,\"742\":2,\"743\":1,\"745\":1,\"750\":1,\"754\":1,\"758\":2,\"759\":1,\"760\":1,\"762\":7,\"769\":1,\"778\":1,\"788\":2,\"789\":1,\"791\":1,\"796\":1,\"800\":1,\"804\":2,\"805\":1,\"806\":1,\"808\":7,\"815\":1,\"824\":1,\"835\":1,\"837\":1,\"842\":1,\"846\":1,\"850\":2,\"851\":1,\"852\":1,\"854\":7,\"861\":1,\"870\":1,\"881\":1,\"883\":1,\"888\":1,\"892\":1,\"896\":1,\"897\":1,\"898\":1,\"902\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"913\":7,\"920\":1,\"930\":1,\"932\":1,\"934\":1,\"936\":1,\"937\":1,\"939\":1,\"948\":1,\"949\":2,\"950\":1,\"957\":1,\"963\":1,\"964\":2,\"965\":1,\"970\":1,\"975\":1,\"976\":1,\"979\":1,\"988\":1,\"996\":1,\"997\":1,\"1008\":1,\"1009\":2,\"1010\":1,\"1013\":1,\"1015\":1,\"1024\":1,\"1037\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1049\":1,\"1056\":1,\"1059\":1,\"1060\":2,\"1061\":1,\"1064\":1,\"1066\":1,\"1068\":1,\"1070\":1,\"1072\":1,\"1074\":1,\"1075\":1,\"1081\":1,\"1089\":1,\"1090\":1,\"1101\":1,\"1102\":2,\"1103\":1,\"1106\":1,\"1108\":1,\"1117\":1,\"1131\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1143\":1,\"1145\":1,\"1147\":1,\"1149\":1,\"1150\":1,\"1152\":1,\"1157\":1,\"1158\":2,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":2,\"1175\":1,\"1180\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1195\":1,\"1198\":1,\"1199\":1,\"1211\":1,\"1212\":2,\"1213\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":2,\"1229\":1,\"1232\":1,\"1234\":1,\"1236\":1,\"1238\":1,\"1240\":1,\"1242\":1,\"1243\":1,\"1246\":1,\"1252\":1,\"1253\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":2,\"1281\":1,\"1284\":1,\"1286\":1,\"1294\":1,\"1296\":1,\"1298\":1,\"1300\":1,\"1301\":1,\"1303\":1,\"1308\":1,\"1309\":2,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":2,\"1326\":1,\"1331\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1346\":1,\"1349\":1,\"1350\":1,\"1355\":1,\"1362\":1,\"1365\":1,\"1366\":2,\"1367\":1,\"1370\":1,\"1372\":1,\"1374\":1,\"1376\":1,\"1378\":1,\"1380\":1,\"1381\":1,\"1384\":1,\"1388\":1,\"1391\":1,\"1392\":1,\"1403\":1,\"1404\":2,\"1405\":1,\"1408\":1,\"1410\":1,\"1419\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":2,\"1453\":1,\"1456\":1,\"1458\":1,\"1466\":1,\"1468\":1,\"1470\":1,\"1472\":1,\"1473\":1,\"1475\":1,\"1481\":1,\"1482\":2,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":2,\"1498\":1,\"1503\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1521\":1,\"1525\":1,\"1526\":1,\"1531\":1,\"1538\":1,\"1541\":1,\"1542\":2,\"1543\":1,\"1546\":1,\"1548\":1,\"1550\":1,\"1552\":1,\"1554\":1,\"1556\":1,\"1557\":1,\"1560\":1,\"1567\":1,\"1568\":1,\"1579\":1,\"1580\":2,\"1581\":1,\"1584\":1,\"1586\":1,\"1595\":1,\"1609\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":2,\"1630\":1,\"1633\":1,\"1635\":1,\"1643\":1,\"1645\":1,\"1647\":1,\"1649\":1,\"1650\":1,\"1652\":1,\"1658\":1,\"1659\":2,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":2,\"1675\":1,\"1680\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1698\":1,\"1702\":1,\"1703\":1,\"1708\":1,\"1715\":1,\"1718\":1,\"1719\":2,\"1720\":1,\"1723\":1,\"1725\":1,\"1727\":1,\"1729\":1,\"1731\":1,\"1733\":1,\"1734\":1,\"1737\":1,\"1744\":1,\"1745\":1,\"1756\":1,\"1757\":2,\"1758\":1,\"1761\":1,\"1763\":1,\"1772\":1,\"1786\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":2,\"1807\":1,\"1810\":1,\"1812\":1,\"1820\":1,\"1822\":1,\"1824\":1,\"1826\":1,\"1827\":1,\"1829\":1,\"1835\":1,\"1836\":2,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":2,\"1852\":1,\"1857\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1875\":1,\"1879\":1,\"1880\":1,\"1885\":1,\"1892\":1,\"1895\":1,\"1896\":2,\"1897\":1,\"1900\":1,\"1902\":1,\"1904\":1,\"1906\":1,\"1908\":1,\"1910\":1,\"1911\":1,\"1914\":1,\"1921\":1,\"1922\":1,\"1933\":1,\"1934\":2,\"1935\":1,\"1938\":1,\"1940\":1,\"1949\":1,\"1963\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":2,\"1984\":1,\"1987\":1,\"1989\":1,\"1997\":1,\"1999\":1,\"2001\":1,\"2003\":1,\"2004\":1,\"2006\":1,\"2012\":1,\"2013\":2,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":2,\"2029\":1,\"2034\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2052\":1,\"2056\":1,\"2057\":1,\"2062\":1,\"2069\":1,\"2072\":1,\"2073\":2,\"2074\":1,\"2077\":1,\"2079\":1,\"2081\":1,\"2083\":1,\"2085\":1,\"2087\":1,\"2088\":1,\"2091\":1,\"2098\":1,\"2099\":1,\"2110\":1,\"2111\":2,\"2112\":1,\"2115\":1,\"2117\":1,\"2126\":1,\"2140\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":2,\"2161\":1,\"2164\":1,\"2166\":1,\"2174\":1,\"2176\":1,\"2178\":1,\"2180\":1,\"2181\":1,\"2183\":1,\"2189\":1,\"2190\":2,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":2,\"2206\":1,\"2211\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2229\":1,\"2233\":1,\"2234\":1,\"2239\":1,\"2246\":1,\"2249\":1,\"2250\":2,\"2251\":1,\"2254\":1,\"2256\":1,\"2258\":1,\"2260\":1,\"2262\":1,\"2264\":1,\"2265\":1,\"2268\":1,\"2275\":1,\"2276\":1,\"2287\":1,\"2288\":2,\"2289\":1,\"2292\":1,\"2294\":1,\"2303\":1,\"2317\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2327\":1,\"2346\":1,\"2347\":2,\"2348\":1,\"2351\":1,\"2353\":1,\"2361\":1,\"2363\":1,\"2365\":1,\"2367\":1,\"2368\":1,\"2370\":1,\"2379\":1,\"2380\":2,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":2,\"2396\":1,\"2401\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2419\":1,\"2427\":1,\"2428\":1,\"2431\":1,\"2444\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2454\":1,\"2461\":1,\"2464\":1,\"2465\":2,\"2466\":1,\"2469\":1,\"2471\":1,\"2473\":1,\"2475\":1,\"2477\":1,\"2479\":1,\"2480\":1,\"2486\":1,\"2494\":1,\"2495\":1,\"2506\":1,\"2507\":2,\"2508\":1,\"2511\":1,\"2513\":1,\"2522\":1,\"2536\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2546\":1,\"2565\":1,\"2566\":2,\"2567\":1,\"2570\":1,\"2572\":1,\"2580\":1,\"2582\":1,\"2584\":1,\"2586\":1,\"2587\":1,\"2589\":1,\"2598\":1,\"2599\":2,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":2,\"2615\":1,\"2620\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2638\":1,\"2646\":1,\"2647\":1,\"2650\":1,\"2663\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2673\":1,\"2680\":1,\"2683\":1,\"2684\":2,\"2685\":1,\"2688\":1,\"2690\":1,\"2692\":1,\"2694\":1,\"2696\":1,\"2698\":1,\"2699\":1,\"2705\":1,\"2713\":1,\"2714\":1,\"2725\":1,\"2726\":2,\"2727\":1,\"2730\":1,\"2732\":1,\"2741\":1,\"2755\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2765\":1,\"2784\":1,\"2785\":2,\"2786\":1,\"2789\":1,\"2791\":1,\"2799\":1,\"2801\":1,\"2803\":1,\"2805\":1,\"2806\":1,\"2808\":1,\"2817\":1,\"2818\":2,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":2,\"2834\":1,\"2839\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2857\":1,\"2865\":1,\"2866\":1,\"2869\":1,\"2882\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2892\":1,\"2899\":1,\"2902\":1,\"2903\":2,\"2904\":1,\"2907\":1,\"2909\":1,\"2911\":1,\"2913\":1,\"2915\":1,\"2917\":1,\"2918\":1,\"2924\":1,\"2932\":1,\"2933\":1,\"2944\":1,\"2945\":2,\"2946\":1,\"2949\":1,\"2951\":1,\"2960\":1,\"2974\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2984\":1,\"3003\":1,\"3004\":2,\"3005\":1,\"3008\":1,\"3010\":1,\"3018\":1,\"3020\":1,\"3022\":1,\"3024\":1,\"3025\":1,\"3027\":1,\"3036\":1,\"3037\":2,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":2,\"3053\":1,\"3058\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3076\":1,\"3084\":1,\"3085\":1,\"3088\":1,\"3101\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3111\":1,\"3118\":1,\"3121\":1,\"3122\":2,\"3123\":1,\"3126\":1,\"3128\":1,\"3130\":1,\"3132\":1,\"3134\":1,\"3136\":1,\"3137\":1,\"3143\":1,\"3151\":1,\"3152\":1,\"3163\":1,\"3164\":2,\"3165\":1,\"3168\":1,\"3170\":1,\"3179\":1,\"3193\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3203\":1,\"3213\":1,\"3215\":1,\"3217\":1,\"3219\":1,\"3220\":1,\"3222\":1,\"3231\":1,\"3232\":2,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":2,\"3248\":1,\"3253\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3271\":1,\"3279\":1,\"3280\":1,\"3291\":1,\"3292\":2,\"3293\":1,\"3296\":1,\"3298\":1,\"3307\":1,\"3320\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3332\":1,\"3339\":1,\"3342\":1,\"3343\":2,\"3344\":1,\"3347\":1,\"3349\":1,\"3351\":1,\"3353\":1,\"3355\":1,\"3357\":1,\"3358\":1,\"3364\":1,\"3372\":1,\"3373\":1,\"3384\":1,\"3385\":2,\"3386\":1,\"3389\":1,\"3391\":1,\"3400\":1,\"3414\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"used\",{\"1\":{\"0\":1,\"32\":1,\"33\":1,\"88\":1,\"89\":1,\"90\":1,\"93\":1,\"94\":3,\"95\":2,\"96\":2,\"98\":1,\"99\":4,\"104\":1,\"105\":1,\"106\":1,\"107\":1,\"109\":1,\"110\":1,\"112\":3,\"113\":3,\"117\":1,\"130\":1,\"138\":1,\"152\":2,\"153\":1,\"165\":1,\"167\":2,\"168\":1,\"169\":4,\"173\":1,\"174\":1,\"177\":1,\"208\":1,\"212\":1,\"231\":1,\"232\":1,\"238\":1,\"240\":1,\"253\":1,\"261\":1,\"263\":1,\"265\":1,\"266\":1,\"275\":1,\"276\":2,\"288\":2,\"289\":1,\"290\":2,\"299\":2,\"300\":1,\"301\":2,\"320\":1,\"329\":1,\"331\":2,\"332\":6,\"334\":3,\"338\":1,\"341\":2,\"346\":1,\"347\":4,\"348\":2,\"356\":2,\"357\":3,\"358\":1,\"384\":1,\"408\":1,\"412\":1,\"413\":1,\"416\":1,\"427\":1,\"439\":1,\"441\":2,\"442\":1,\"443\":1,\"452\":1,\"453\":2,\"454\":1,\"455\":2,\"460\":1,\"470\":1,\"478\":1,\"480\":2,\"481\":1,\"482\":1,\"493\":1,\"501\":1,\"503\":2,\"504\":1,\"505\":1,\"519\":1,\"527\":1,\"529\":2,\"530\":1,\"531\":1,\"545\":1,\"557\":1,\"559\":2,\"560\":1,\"561\":1,\"575\":1,\"587\":1,\"589\":2,\"590\":1,\"591\":1,\"605\":1,\"617\":1,\"619\":2,\"620\":1,\"621\":1,\"632\":1,\"636\":1,\"637\":1,\"640\":1,\"651\":1,\"663\":1,\"665\":2,\"666\":1,\"667\":1,\"678\":1,\"682\":1,\"683\":1,\"686\":1,\"697\":1,\"709\":1,\"711\":2,\"712\":1,\"713\":1,\"724\":1,\"728\":1,\"729\":1,\"732\":1,\"743\":1,\"755\":1,\"757\":2,\"758\":1,\"759\":1,\"770\":1,\"774\":1,\"775\":1,\"778\":1,\"789\":1,\"801\":1,\"803\":2,\"804\":1,\"805\":1,\"816\":1,\"820\":1,\"821\":1,\"824\":1,\"835\":1,\"847\":1,\"849\":2,\"850\":1,\"851\":1,\"862\":1,\"866\":1,\"867\":1,\"870\":1,\"881\":1,\"893\":1,\"895\":2,\"896\":1,\"897\":1,\"906\":1,\"907\":2,\"908\":1,\"909\":2,\"914\":1,\"920\":1,\"922\":1,\"934\":1,\"963\":1,\"1026\":3,\"1038\":1,\"1039\":2,\"1043\":1,\"1044\":1,\"1049\":1,\"1051\":1,\"1056\":1,\"1057\":1,\"1070\":1,\"1082\":1,\"1120\":3,\"1132\":1,\"1133\":2,\"1137\":1,\"1138\":1,\"1147\":1,\"1169\":1,\"1173\":1,\"1238\":1,\"1247\":1,\"1262\":1,\"1263\":2,\"1298\":1,\"1320\":1,\"1324\":1,\"1357\":1,\"1362\":1,\"1363\":1,\"1376\":1,\"1385\":1,\"1422\":3,\"1433\":1,\"1434\":2,\"1470\":1,\"1496\":1,\"1533\":1,\"1538\":1,\"1539\":1,\"1552\":1,\"1561\":1,\"1598\":3,\"1610\":1,\"1611\":2,\"1647\":1,\"1673\":1,\"1710\":1,\"1715\":1,\"1716\":1,\"1729\":1,\"1738\":1,\"1775\":3,\"1787\":1,\"1788\":2,\"1824\":1,\"1850\":1,\"1887\":1,\"1892\":1,\"1893\":1,\"1906\":1,\"1915\":1,\"1952\":3,\"1964\":1,\"1965\":2,\"2001\":1,\"2027\":1,\"2064\":1,\"2069\":1,\"2070\":1,\"2083\":1,\"2092\":1,\"2129\":3,\"2141\":1,\"2142\":2,\"2178\":1,\"2204\":1,\"2241\":1,\"2246\":1,\"2247\":1,\"2260\":1,\"2269\":1,\"2306\":3,\"2318\":1,\"2319\":2,\"2327\":1,\"2329\":1,\"2365\":1,\"2394\":1,\"2433\":3,\"2445\":1,\"2446\":2,\"2454\":1,\"2456\":1,\"2461\":1,\"2462\":1,\"2475\":1,\"2487\":1,\"2525\":3,\"2537\":1,\"2538\":2,\"2546\":1,\"2548\":1,\"2584\":1,\"2613\":1,\"2652\":3,\"2664\":1,\"2665\":2,\"2673\":1,\"2675\":1,\"2680\":1,\"2681\":1,\"2694\":1,\"2706\":1,\"2744\":3,\"2756\":1,\"2757\":2,\"2765\":1,\"2767\":1,\"2803\":1,\"2832\":1,\"2871\":3,\"2883\":1,\"2884\":2,\"2892\":1,\"2894\":1,\"2899\":1,\"2900\":1,\"2913\":1,\"2925\":1,\"2963\":3,\"2975\":1,\"2976\":2,\"2984\":1,\"2986\":1,\"3022\":1,\"3051\":1,\"3090\":3,\"3102\":1,\"3103\":2,\"3111\":1,\"3113\":1,\"3118\":1,\"3119\":1,\"3132\":1,\"3144\":1,\"3182\":3,\"3194\":1,\"3195\":2,\"3203\":1,\"3205\":1,\"3217\":1,\"3246\":1,\"3309\":3,\"3321\":1,\"3322\":2,\"3326\":1,\"3327\":1,\"3332\":1,\"3334\":1,\"3339\":1,\"3340\":1,\"3353\":1,\"3365\":1,\"3403\":3,\"3415\":1,\"3416\":2,\"3420\":1,\"3421\":1}}],[\"17\",{\"1\":{\"283\":2,\"294\":2,\"411\":1,\"635\":1,\"681\":1,\"727\":1,\"773\":1,\"819\":1,\"865\":1}}],[\"172\",{\"1\":{\"269\":1,\"327\":9,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1}}],[\"173\",{\"1\":{\"160\":1}}],[\"15s\",{\"1\":{\"536\":1,\"537\":1}}],[\"15\",{\"1\":{\"159\":2,\"457\":4,\"458\":3,\"911\":4,\"912\":3}}],[\"150\",{\"1\":{\"95\":1,\"97\":1}}],[\"18\",{\"1\":{\"135\":1,\"457\":2,\"911\":2}}],[\"1x\",{\"1\":{\"110\":1,\"113\":1,\"165\":1,\"168\":1,\"284\":1,\"295\":1,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"113549\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"11\",{\"0\":{\"396\":1},\"1\":{\"133\":1,\"134\":3,\"135\":1,\"304\":2,\"319\":1,\"341\":1,\"394\":1,\"396\":2,\"457\":7,\"911\":7}}],[\"118\",{\"1\":{\"26\":1}}],[\"111\",{\"1\":{\"26\":1}}],[\"1\",{\"0\":{\"42\":1,\"44\":1,\"46\":2,\"48\":1,\"50\":1,\"52\":2,\"54\":1,\"56\":1,\"58\":1,\"60\":2,\"62\":1,\"64\":1,\"66\":1,\"308\":1,\"311\":1,\"320\":1,\"321\":2,\"326\":2,\"328\":1,\"329\":1,\"339\":2,\"340\":2,\"359\":2,\"360\":2,\"361\":1,\"362\":1,\"385\":2,\"386\":2,\"387\":1,\"388\":1,\"434\":1,\"460\":1,\"473\":1,\"496\":2,\"509\":1,\"522\":1,\"535\":2,\"552\":1,\"565\":1,\"582\":2,\"595\":1,\"612\":1,\"625\":2,\"658\":1,\"671\":1,\"704\":1,\"717\":1,\"750\":2,\"763\":1,\"796\":1,\"809\":2,\"842\":1,\"855\":1,\"888\":1,\"914\":1},\"1\":{\"20\":18,\"42\":3,\"43\":1,\"44\":2,\"46\":4,\"47\":1,\"48\":3,\"49\":1,\"50\":3,\"51\":1,\"52\":4,\"53\":1,\"54\":3,\"55\":1,\"56\":3,\"57\":1,\"58\":3,\"59\":1,\"60\":4,\"61\":1,\"62\":4,\"63\":1,\"64\":3,\"65\":1,\"66\":3,\"67\":1,\"98\":1,\"138\":1,\"139\":2,\"157\":1,\"159\":10,\"160\":13,\"162\":3,\"170\":3,\"171\":1,\"209\":2,\"234\":2,\"269\":1,\"303\":2,\"304\":2,\"306\":2,\"307\":2,\"308\":1,\"309\":6,\"310\":14,\"311\":2,\"312\":5,\"313\":3,\"314\":2,\"315\":3,\"316\":2,\"320\":1,\"321\":4,\"325\":3,\"326\":3,\"327\":11,\"328\":3,\"337\":1,\"338\":6,\"339\":3,\"342\":3,\"343\":3,\"347\":4,\"349\":2,\"352\":4,\"353\":3,\"356\":1,\"357\":2,\"367\":3,\"368\":3,\"377\":3,\"378\":3,\"383\":4,\"393\":3,\"398\":3,\"400\":3,\"403\":3,\"423\":1,\"425\":1,\"428\":3,\"431\":8,\"432\":1,\"433\":7,\"442\":2,\"443\":2,\"444\":4,\"457\":11,\"458\":6,\"459\":3,\"460\":2,\"461\":6,\"462\":8,\"466\":1,\"468\":1,\"471\":3,\"481\":2,\"482\":2,\"483\":2,\"485\":2,\"489\":1,\"491\":2,\"494\":3,\"504\":4,\"505\":4,\"506\":2,\"508\":2,\"509\":3,\"510\":10,\"511\":15,\"515\":1,\"517\":1,\"520\":3,\"530\":2,\"531\":2,\"532\":2,\"534\":2,\"535\":3,\"536\":8,\"537\":13,\"541\":1,\"543\":1,\"546\":3,\"560\":2,\"561\":2,\"562\":2,\"564\":3,\"565\":7,\"566\":6,\"567\":8,\"571\":1,\"573\":2,\"576\":3,\"590\":4,\"591\":4,\"592\":2,\"594\":3,\"595\":8,\"596\":10,\"597\":15,\"601\":1,\"603\":2,\"606\":3,\"620\":2,\"621\":2,\"622\":2,\"624\":3,\"625\":8,\"626\":8,\"627\":9,\"647\":1,\"649\":1,\"652\":3,\"666\":2,\"667\":2,\"668\":2,\"670\":3,\"671\":7,\"672\":6,\"673\":8,\"693\":1,\"695\":1,\"698\":3,\"712\":2,\"713\":2,\"714\":2,\"716\":3,\"717\":7,\"718\":6,\"719\":8,\"739\":1,\"741\":2,\"744\":3,\"758\":4,\"759\":4,\"760\":4,\"762\":3,\"763\":8,\"764\":10,\"765\":15,\"785\":1,\"787\":1,\"790\":3,\"793\":18,\"794\":1,\"795\":7,\"804\":2,\"805\":2,\"806\":4,\"808\":3,\"809\":8,\"810\":8,\"811\":9,\"831\":1,\"833\":1,\"836\":3,\"839\":18,\"840\":1,\"841\":7,\"850\":2,\"851\":2,\"852\":4,\"854\":3,\"855\":2,\"856\":6,\"857\":8,\"877\":1,\"879\":1,\"882\":3,\"885\":8,\"886\":1,\"887\":7,\"896\":2,\"897\":2,\"898\":4,\"911\":11,\"912\":6,\"913\":3,\"914\":2,\"915\":6,\"916\":8,\"923\":3,\"960\":2,\"986\":2,\"990\":1,\"999\":1,\"1021\":1,\"1027\":1,\"1031\":1,\"1044\":7,\"1052\":3,\"1092\":1,\"1114\":1,\"1121\":1,\"1125\":1,\"1138\":7,\"1170\":2,\"1193\":2,\"1202\":1,\"1224\":1,\"1256\":1,\"1270\":1,\"1292\":1,\"1321\":2,\"1344\":2,\"1358\":3,\"1394\":1,\"1416\":1,\"1423\":2,\"1427\":1,\"1442\":1,\"1464\":1,\"1493\":2,\"1519\":2,\"1523\":1,\"1534\":3,\"1570\":1,\"1592\":1,\"1599\":1,\"1603\":1,\"1619\":1,\"1641\":1,\"1670\":2,\"1696\":2,\"1700\":1,\"1711\":3,\"1747\":1,\"1769\":1,\"1776\":1,\"1780\":1,\"1796\":1,\"1818\":1,\"1847\":2,\"1873\":2,\"1877\":1,\"1888\":3,\"1924\":1,\"1946\":1,\"1953\":2,\"1957\":1,\"1973\":1,\"1995\":1,\"2024\":2,\"2050\":2,\"2054\":1,\"2065\":3,\"2101\":1,\"2123\":1,\"2130\":1,\"2134\":1,\"2150\":1,\"2172\":1,\"2201\":2,\"2227\":2,\"2231\":1,\"2242\":3,\"2278\":1,\"2300\":1,\"2307\":1,\"2311\":1,\"2330\":3,\"2337\":1,\"2359\":1,\"2391\":2,\"2417\":2,\"2421\":1,\"2434\":1,\"2438\":1,\"2457\":3,\"2497\":1,\"2519\":1,\"2526\":1,\"2530\":1,\"2549\":3,\"2556\":1,\"2578\":1,\"2610\":2,\"2636\":2,\"2640\":1,\"2653\":2,\"2657\":1,\"2676\":3,\"2716\":1,\"2738\":1,\"2745\":2,\"2749\":1,\"2768\":3,\"2775\":1,\"2797\":1,\"2829\":2,\"2855\":2,\"2859\":1,\"2872\":1,\"2876\":1,\"2895\":3,\"2935\":1,\"2957\":1,\"2964\":1,\"2968\":1,\"2987\":3,\"2994\":1,\"3016\":1,\"3048\":2,\"3074\":2,\"3078\":1,\"3091\":1,\"3095\":1,\"3114\":3,\"3154\":1,\"3176\":1,\"3183\":1,\"3187\":1,\"3206\":3,\"3243\":2,\"3269\":2,\"3273\":1,\"3282\":1,\"3304\":1,\"3310\":1,\"3314\":1,\"3327\":7,\"3335\":3,\"3375\":1,\"3397\":1,\"3404\":1,\"3408\":1,\"3421\":7}}],[\"128\",{\"1\":{\"920\":2,\"1049\":2,\"1355\":2,\"1531\":2,\"1708\":2,\"1885\":2,\"2062\":2,\"2239\":2,\"2327\":2,\"2454\":2,\"2546\":2,\"2673\":2,\"2765\":2,\"2892\":2,\"2984\":2,\"3111\":2,\"3203\":2,\"3332\":2}}],[\"127\",{\"1\":{\"303\":1,\"306\":1,\"309\":1,\"312\":1,\"315\":1,\"327\":7,\"400\":3,\"999\":1,\"1021\":1,\"1092\":1,\"1114\":1,\"1202\":1,\"1224\":1,\"1270\":1,\"1292\":1,\"1394\":1,\"1416\":1,\"1442\":1,\"1464\":1,\"1570\":1,\"1592\":1,\"1619\":1,\"1641\":1,\"1747\":1,\"1769\":1,\"1796\":1,\"1818\":1,\"1924\":1,\"1946\":1,\"1973\":1,\"1995\":1,\"2101\":1,\"2123\":1,\"2150\":1,\"2172\":1,\"2278\":1,\"2300\":1,\"2337\":1,\"2359\":1,\"2497\":1,\"2519\":1,\"2556\":1,\"2578\":1,\"2716\":1,\"2738\":1,\"2775\":1,\"2797\":1,\"2935\":1,\"2957\":1,\"2994\":1,\"3016\":1,\"3154\":1,\"3176\":1,\"3282\":1,\"3304\":1,\"3375\":1,\"3397\":1}}],[\"120\",{\"1\":{\"159\":2}}],[\"126\",{\"1\":{\"26\":1}}],[\"12\",{\"1\":{\"14\":2}}],[\"16gb\",{\"1\":{\"319\":1,\"394\":1}}],[\"168\",{\"1\":{\"170\":2}}],[\"16\",{\"1\":{\"14\":2,\"159\":20,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"403\":1,\"442\":2,\"443\":2,\"457\":1,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"530\":2,\"531\":2,\"560\":2,\"561\":2,\"590\":2,\"591\":2,\"620\":2,\"621\":2,\"666\":2,\"667\":2,\"712\":2,\"713\":2,\"758\":2,\"759\":2,\"804\":2,\"805\":2,\"850\":2,\"851\":2,\"896\":2,\"897\":2,\"911\":1}}],[\"149\",{\"1\":{\"26\":1}}],[\"142\",{\"1\":{\"26\":1}}],[\"141\",{\"1\":{\"26\":1}}],[\"14\",{\"1\":{\"14\":3,\"41\":4,\"457\":2,\"793\":1,\"839\":1,\"911\":2}}],[\"137\",{\"1\":{\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2}}],[\"134\",{\"1\":{\"26\":1}}],[\"133\",{\"1\":{\"26\":1}}],[\"13\",{\"1\":{\"14\":1,\"327\":1,\"457\":5,\"911\":5}}],[\"100\",{\"1\":{\"372\":2}}],[\"10000\",{\"1\":{\"248\":1,\"1022\":1,\"1063\":1,\"1115\":1,\"1225\":1,\"1231\":1,\"1293\":1,\"1369\":1,\"1417\":1,\"1465\":1,\"1545\":1,\"1593\":1,\"1642\":1,\"1722\":1,\"1770\":1,\"1819\":1,\"1899\":1,\"1947\":1,\"1996\":1,\"2076\":1,\"2124\":1,\"2173\":1,\"2253\":1,\"2301\":1,\"2360\":1,\"2468\":1,\"2520\":1,\"2579\":1,\"2687\":1,\"2739\":1,\"2798\":1,\"2906\":1,\"2958\":1,\"3017\":1,\"3125\":1,\"3177\":1,\"3305\":1,\"3346\":1,\"3398\":1}}],[\"10s\",{\"1\":{\"327\":1,\"536\":1,\"537\":1}}],[\"10\",{\"1\":{\"1\":1,\"14\":3,\"26\":10,\"137\":1,\"457\":2,\"911\":2,\"983\":1,\"1516\":1,\"1693\":1,\"1870\":1,\"2047\":1,\"2224\":1,\"2414\":1,\"2633\":1,\"2852\":1,\"3071\":1,\"3266\":1}}],[\"192\",{\"1\":{\"170\":2}}],[\"19\",{\"1\":{\"26\":1,\"129\":5,\"458\":3,\"912\":3}}],[\"1993\",{\"1\":{\"1\":1}}],[\"1931\",{\"1\":{\"1\":1}}],[\"v1\",{\"1\":{\"431\":14,\"433\":1,\"537\":6,\"793\":14,\"795\":1,\"839\":14,\"841\":1,\"885\":14,\"887\":1}}],[\"vs\",{\"0\":{\"357\":1}}],[\"v0\",{\"1\":{\"290\":7,\"301\":2}}],[\"v25\",{\"1\":{\"304\":1,\"307\":1,\"310\":1}}],[\"v2\",{\"1\":{\"283\":1,\"294\":1}}],[\"vcpu\",{\"1\":{\"282\":2,\"293\":2,\"436\":2,\"475\":2,\"498\":2,\"524\":2,\"554\":2,\"584\":2,\"614\":2,\"660\":2,\"706\":2,\"752\":2,\"798\":2,\"844\":2,\"890\":2}}],[\"vm\",{\"1\":{\"282\":2,\"293\":2,\"436\":2,\"475\":2,\"498\":2,\"524\":2,\"554\":2,\"584\":2,\"614\":2,\"660\":2,\"706\":2,\"752\":2,\"798\":2,\"844\":2,\"890\":2}}],[\"vms\",{\"0\":{\"137\":1},\"1\":{\"137\":2,\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"vectors\",{\"1\":{\"99\":1,\"169\":1}}],[\"versatile\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"versiongpg\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"version>\",{\"1\":{\"163\":1}}],[\"version=\",{\"1\":{\"159\":3,\"160\":1}}],[\"versioning\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"versions\",{\"1\":{\"33\":1,\"102\":1,\"141\":1,\"142\":2,\"171\":1,\"304\":2}}],[\"version\",{\"0\":{\"30\":1,\"140\":1,\"141\":1,\"142\":1,\"348\":1,\"357\":1},\"1\":{\"30\":1,\"33\":3,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"74\":1,\"99\":1,\"131\":1,\"141\":3,\"142\":1,\"154\":1,\"163\":2,\"169\":1,\"280\":1,\"290\":7,\"291\":1,\"301\":2,\"303\":1,\"304\":8,\"306\":1,\"307\":8,\"309\":1,\"310\":8,\"311\":1,\"312\":1,\"313\":5,\"314\":1,\"315\":1,\"316\":5,\"327\":1,\"332\":1,\"348\":2,\"357\":2,\"363\":1,\"364\":1,\"389\":1,\"390\":1,\"395\":1,\"396\":1,\"422\":1,\"432\":1,\"437\":2,\"459\":1,\"461\":2,\"462\":6,\"465\":1,\"469\":3,\"473\":1,\"476\":2,\"488\":1,\"492\":3,\"496\":1,\"499\":2,\"510\":2,\"511\":6,\"514\":1,\"518\":3,\"522\":1,\"525\":2,\"536\":2,\"537\":7,\"540\":1,\"544\":3,\"555\":2,\"564\":1,\"566\":2,\"567\":6,\"570\":1,\"574\":3,\"585\":2,\"594\":1,\"596\":2,\"597\":6,\"600\":1,\"604\":3,\"615\":2,\"624\":1,\"626\":2,\"627\":6,\"646\":1,\"650\":3,\"661\":2,\"670\":1,\"672\":2,\"673\":6,\"692\":1,\"696\":3,\"707\":2,\"716\":1,\"718\":2,\"719\":6,\"738\":1,\"742\":3,\"753\":2,\"762\":1,\"764\":2,\"765\":6,\"784\":1,\"788\":3,\"794\":1,\"799\":2,\"808\":1,\"810\":2,\"811\":6,\"830\":1,\"840\":1,\"845\":2,\"854\":1,\"856\":2,\"857\":6,\"876\":1,\"886\":1,\"891\":2,\"913\":1,\"915\":2,\"916\":6}}],[\"versionen\",{\"1\":{\"18\":1}}],[\"verification\",{\"0\":{\"336\":1,\"350\":1,\"365\":1,\"375\":1,\"391\":1},\"1\":{\"428\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"836\":1,\"882\":1}}],[\"verify\",{\"0\":{\"1045\":1,\"1139\":1,\"1438\":1,\"1615\":1,\"1792\":1,\"1969\":1,\"2146\":1,\"2323\":1,\"2450\":1,\"2542\":1,\"2669\":1,\"2761\":1,\"2888\":1,\"2980\":1,\"3107\":1,\"3199\":1,\"3328\":1,\"3422\":1},\"1\":{\"33\":1,\"37\":1,\"38\":1,\"141\":1,\"142\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"304\":8,\"307\":8,\"310\":8,\"313\":7,\"316\":7,\"331\":1,\"337\":1,\"338\":5,\"351\":1,\"352\":4,\"366\":1,\"367\":7,\"376\":1,\"377\":5,\"392\":1,\"393\":10,\"433\":1,\"442\":1,\"443\":2,\"462\":7,\"481\":1,\"482\":2,\"504\":1,\"505\":2,\"511\":7,\"530\":1,\"531\":2,\"537\":7,\"560\":1,\"561\":2,\"567\":7,\"590\":1,\"591\":2,\"597\":7,\"620\":1,\"621\":2,\"627\":7,\"666\":1,\"667\":2,\"673\":7,\"712\":1,\"713\":2,\"719\":7,\"758\":1,\"759\":2,\"765\":7,\"795\":1,\"804\":1,\"805\":2,\"811\":7,\"841\":1,\"850\":1,\"851\":2,\"857\":7,\"887\":1,\"896\":1,\"897\":2,\"916\":7,\"1024\":1,\"1117\":1,\"1419\":1,\"1595\":1,\"1772\":1,\"1949\":1,\"2126\":1,\"2303\":1,\"2431\":1,\"2522\":1,\"2650\":1,\"2741\":1,\"2869\":1,\"2960\":1,\"3088\":1,\"3179\":1,\"3307\":1,\"3400\":1}}],[\"verein\",{\"1\":{\"289\":2,\"300\":2,\"457\":2,\"481\":2,\"504\":2,\"530\":2,\"560\":2,\"590\":2,\"620\":2,\"666\":2,\"712\":2,\"758\":2,\"804\":2,\"850\":2,\"911\":2,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"verbose\",{\"0\":{\"195\":1,\"204\":1,\"250\":1,\"953\":1,\"956\":1,\"1065\":1,\"1162\":1,\"1165\":1,\"1233\":1,\"1313\":1,\"1316\":1,\"1371\":1,\"1486\":1,\"1489\":1,\"1547\":1,\"1663\":1,\"1666\":1,\"1724\":1,\"1840\":1,\"1843\":1,\"1901\":1,\"2017\":1,\"2020\":1,\"2078\":1,\"2194\":1,\"2197\":1,\"2255\":1,\"2384\":1,\"2387\":1,\"2470\":1,\"2603\":1,\"2606\":1,\"2689\":1,\"2822\":1,\"2825\":1,\"2908\":1,\"3041\":1,\"3044\":1,\"3127\":1,\"3236\":1,\"3239\":1,\"3348\":1},\"1\":{\"195\":2,\"204\":2,\"250\":2,\"953\":2,\"956\":2,\"1065\":2,\"1162\":2,\"1165\":2,\"1233\":2,\"1313\":2,\"1316\":2,\"1371\":2,\"1486\":2,\"1489\":2,\"1547\":2,\"1663\":2,\"1666\":2,\"1724\":2,\"1840\":2,\"1843\":2,\"1901\":2,\"2017\":2,\"2020\":2,\"2078\":2,\"2194\":2,\"2197\":2,\"2255\":2,\"2384\":2,\"2387\":2,\"2470\":2,\"2603\":2,\"2606\":2,\"2689\":2,\"2822\":2,\"2825\":2,\"2908\":2,\"3041\":2,\"3044\":2,\"3127\":2,\"3236\":2,\"3239\":2,\"3348\":2}}],[\"verwendet\",{\"1\":{\"17\":2}}],[\"verwenden\",{\"1\":{\"16\":1}}],[\"verfügung\",{\"1\":{\"17\":1}}],[\"very\",{\"1\":{\"1\":1,\"33\":1,\"35\":1,\"395\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"653\":1,\"669\":1,\"699\":1,\"715\":1,\"745\":1,\"761\":1,\"791\":1,\"807\":1,\"837\":1,\"853\":1,\"883\":1,\"899\":1}}],[\"vulnerabilities\",{\"1\":{\"35\":2,\"36\":1,\"39\":1}}],[\"vulnerability\",{\"0\":{\"34\":1,\"37\":1},\"1\":{\"36\":1,\"37\":4,\"38\":3}}],[\"v\",{\"0\":{\"31\":1},\"1\":{\"110\":1,\"112\":3,\"113\":3,\"121\":1,\"136\":1,\"137\":1,\"165\":1,\"167\":3,\"168\":3,\"284\":3,\"295\":3,\"438\":2,\"457\":1,\"458\":2,\"460\":1,\"477\":2,\"500\":2,\"526\":2,\"556\":2,\"586\":2,\"616\":2,\"662\":2,\"708\":2,\"754\":2,\"800\":2,\"846\":2,\"892\":2,\"911\":1,\"912\":2,\"914\":1}}],[\"view\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"viele\",{\"1\":{\"14\":1}}],[\"virtual\",{\"0\":{\"282\":1,\"293\":1,\"436\":1,\"475\":1,\"498\":1,\"524\":1,\"554\":1,\"584\":1,\"614\":1,\"660\":1,\"706\":1,\"752\":1,\"798\":1,\"844\":1,\"890\":1},\"1\":{\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2}}],[\"virtualbox\",{\"1\":{\"137\":1}}],[\"via\",{\"1\":{\"71\":1,\"85\":1,\"90\":3,\"109\":1,\"110\":2,\"112\":3,\"113\":3,\"130\":1,\"134\":1,\"135\":1,\"141\":1,\"165\":2,\"167\":3,\"168\":3,\"186\":1,\"196\":1,\"197\":1,\"198\":1,\"212\":1,\"213\":1,\"219\":1,\"228\":1,\"229\":1,\"277\":1,\"284\":3,\"285\":2,\"295\":3,\"296\":2,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"332\":1,\"333\":1,\"335\":1,\"337\":1,\"338\":2,\"347\":1,\"351\":1,\"361\":2,\"362\":1,\"366\":1,\"373\":1,\"376\":1,\"387\":2,\"388\":1,\"390\":1,\"392\":1,\"419\":1,\"429\":1,\"438\":2,\"439\":2,\"457\":1,\"458\":2,\"462\":1,\"477\":2,\"478\":2,\"500\":2,\"501\":2,\"511\":1,\"526\":2,\"527\":2,\"536\":1,\"537\":1,\"556\":2,\"557\":2,\"567\":1,\"577\":1,\"586\":2,\"587\":2,\"597\":1,\"607\":1,\"616\":2,\"617\":2,\"627\":1,\"643\":1,\"653\":1,\"662\":2,\"663\":2,\"673\":1,\"689\":1,\"699\":1,\"708\":2,\"709\":2,\"719\":1,\"735\":1,\"745\":1,\"754\":2,\"755\":2,\"765\":1,\"781\":1,\"791\":1,\"800\":2,\"801\":2,\"811\":1,\"827\":1,\"837\":1,\"846\":2,\"847\":2,\"857\":1,\"873\":1,\"883\":1,\"892\":2,\"893\":2,\"911\":1,\"912\":2,\"916\":1,\"920\":2,\"921\":1,\"923\":2,\"926\":1,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"963\":1,\"964\":1,\"970\":1,\"979\":1,\"980\":1,\"1024\":2,\"1025\":2,\"1040\":1,\"1049\":3,\"1050\":1,\"1052\":2,\"1055\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1083\":1,\"1117\":2,\"1118\":2,\"1134\":1,\"1156\":1,\"1173\":1,\"1174\":1,\"1180\":1,\"1189\":1,\"1190\":1,\"1264\":1,\"1307\":1,\"1324\":1,\"1325\":1,\"1331\":1,\"1340\":1,\"1341\":1,\"1355\":3,\"1356\":1,\"1358\":2,\"1361\":1,\"1386\":1,\"1419\":2,\"1420\":2,\"1435\":1,\"1479\":1,\"1480\":1,\"1496\":1,\"1497\":1,\"1503\":1,\"1512\":1,\"1513\":1,\"1531\":3,\"1532\":1,\"1534\":2,\"1537\":1,\"1562\":1,\"1595\":2,\"1596\":2,\"1612\":1,\"1656\":1,\"1657\":1,\"1673\":1,\"1674\":1,\"1680\":1,\"1689\":1,\"1690\":1,\"1708\":3,\"1709\":1,\"1711\":2,\"1714\":1,\"1739\":1,\"1772\":2,\"1773\":2,\"1789\":1,\"1833\":1,\"1834\":1,\"1850\":1,\"1851\":1,\"1857\":1,\"1866\":1,\"1867\":1,\"1885\":3,\"1886\":1,\"1888\":2,\"1891\":1,\"1916\":1,\"1949\":2,\"1950\":2,\"1966\":1,\"2010\":1,\"2011\":1,\"2027\":1,\"2028\":1,\"2034\":1,\"2043\":1,\"2044\":1,\"2062\":3,\"2063\":1,\"2065\":2,\"2068\":1,\"2093\":1,\"2126\":2,\"2127\":2,\"2143\":1,\"2187\":1,\"2188\":1,\"2204\":1,\"2205\":1,\"2211\":1,\"2220\":1,\"2221\":1,\"2239\":3,\"2240\":1,\"2242\":2,\"2245\":1,\"2270\":1,\"2303\":2,\"2304\":2,\"2320\":1,\"2327\":2,\"2328\":1,\"2330\":2,\"2333\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2394\":1,\"2395\":1,\"2401\":1,\"2410\":1,\"2411\":1,\"2431\":2,\"2432\":2,\"2447\":1,\"2454\":3,\"2455\":1,\"2457\":2,\"2460\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2488\":1,\"2522\":2,\"2523\":2,\"2539\":1,\"2546\":2,\"2547\":1,\"2549\":2,\"2552\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2613\":1,\"2614\":1,\"2620\":1,\"2629\":1,\"2630\":1,\"2650\":2,\"2651\":2,\"2666\":1,\"2673\":3,\"2674\":1,\"2676\":2,\"2679\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2707\":1,\"2741\":2,\"2742\":2,\"2758\":1,\"2765\":2,\"2766\":1,\"2768\":2,\"2771\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2832\":1,\"2833\":1,\"2839\":1,\"2848\":1,\"2849\":1,\"2869\":2,\"2870\":2,\"2885\":1,\"2892\":3,\"2893\":1,\"2895\":2,\"2898\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2926\":1,\"2960\":2,\"2961\":2,\"2977\":1,\"2984\":2,\"2985\":1,\"2987\":2,\"2990\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3051\":1,\"3052\":1,\"3058\":1,\"3067\":1,\"3068\":1,\"3088\":2,\"3089\":2,\"3104\":1,\"3111\":3,\"3112\":1,\"3114\":2,\"3117\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3145\":1,\"3179\":2,\"3180\":2,\"3196\":1,\"3203\":2,\"3204\":1,\"3206\":2,\"3209\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3246\":1,\"3247\":1,\"3253\":1,\"3262\":1,\"3263\":1,\"3307\":2,\"3308\":2,\"3323\":1,\"3332\":3,\"3333\":1,\"3335\":2,\"3338\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3366\":1,\"3400\":2,\"3401\":2,\"3417\":1}}],[\"visiting\",{\"1\":{\"93\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"visit\",{\"1\":{\"12\":1,\"13\":1,\"305\":1,\"415\":1,\"417\":1,\"422\":1,\"430\":1,\"445\":1,\"484\":1,\"507\":1,\"533\":1,\"563\":1,\"593\":1,\"623\":1,\"639\":1,\"641\":1,\"646\":1,\"669\":1,\"685\":1,\"687\":1,\"692\":1,\"715\":1,\"731\":1,\"733\":1,\"738\":1,\"761\":1,\"777\":1,\"779\":1,\"784\":1,\"792\":1,\"807\":1,\"823\":1,\"825\":1,\"830\":1,\"838\":1,\"853\":1,\"869\":1,\"871\":1,\"876\":1,\"884\":1,\"899\":1}}],[\"volumes\",{\"1\":{\"327\":9,\"461\":1,\"462\":1,\"915\":1,\"916\":1}}],[\"volume\",{\"1\":{\"136\":1,\"327\":1}}],[\"vocabulary\",{\"1\":{\"95\":1}}],[\"vom\",{\"1\":{\"16\":1}}],[\"vorhanden\",{\"1\":{\"16\":1}}],[\"voraussetzungen\",{\"1\":{\"15\":1}}],[\"vorstellung\",{\"1\":{\"14\":2}}],[\"vorstellungen\",{\"1\":{\"14\":1}}],[\"vorläufiger\",{\"1\":{\"14\":1}}],[\"vor\",{\"1\":{\"14\":1,\"15\":1,\"17\":1}}],[\"vorgestellten\",{\"1\":{\"14\":1}}],[\"vorgestellt\",{\"1\":{\"14\":1}}],[\"vorbereitung\",{\"0\":{\"15\":1},\"1\":{\"14\":1,\"15\":1}}],[\"von\",{\"1\":{\"14\":1,\"41\":1}}],[\"varying\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"variableslocal\",{\"0\":{\"946\":1,\"1480\":1,\"1657\":1,\"1834\":1,\"2011\":1,\"2188\":1,\"2377\":1,\"2596\":1,\"2815\":1,\"3034\":1,\"3229\":1},\"1\":{\"946\":1,\"1480\":1,\"1657\":1,\"1834\":1,\"2011\":1,\"2188\":1,\"2377\":1,\"2596\":1,\"2815\":1,\"3034\":1,\"3229\":1}}],[\"variables\",{\"0\":{\"186\":1,\"346\":1,\"373\":1,\"447\":1,\"901\":1,\"945\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1656\":1,\"1833\":1,\"2010\":1,\"2187\":1,\"2376\":1,\"2595\":1,\"2814\":1,\"3033\":1,\"3228\":1},\"1\":{\"139\":1,\"186\":2,\"289\":3,\"290\":2,\"300\":3,\"301\":2,\"304\":2,\"324\":1,\"338\":1,\"345\":1,\"346\":3,\"362\":1,\"369\":1,\"372\":1,\"373\":3,\"374\":1,\"388\":1,\"442\":3,\"443\":2,\"446\":3,\"448\":1,\"451\":1,\"452\":2,\"454\":2,\"460\":1,\"461\":1,\"462\":1,\"481\":3,\"482\":2,\"504\":3,\"505\":2,\"530\":3,\"531\":2,\"560\":3,\"561\":2,\"590\":3,\"591\":2,\"620\":3,\"621\":2,\"666\":3,\"667\":2,\"712\":3,\"713\":2,\"758\":3,\"759\":2,\"804\":3,\"805\":2,\"850\":3,\"851\":2,\"896\":3,\"897\":2,\"900\":3,\"902\":1,\"905\":1,\"906\":2,\"908\":2,\"914\":1,\"915\":1,\"916\":1,\"945\":2,\"946\":1,\"1156\":2,\"1307\":2,\"1479\":2,\"1480\":1,\"1656\":2,\"1657\":1,\"1833\":2,\"1834\":1,\"2010\":2,\"2011\":1,\"2187\":2,\"2188\":1,\"2376\":2,\"2377\":1,\"2595\":2,\"2596\":1,\"2814\":2,\"2815\":1,\"3033\":2,\"3034\":1,\"3228\":2,\"3229\":1}}],[\"variable\",{\"1\":{\"138\":2,\"159\":2,\"160\":1,\"341\":2,\"346\":3,\"349\":4,\"352\":3,\"364\":1,\"372\":1,\"373\":4,\"374\":2,\"431\":1,\"446\":1,\"447\":2,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"481\":1,\"793\":1,\"839\":1,\"885\":1,\"900\":1,\"901\":2,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"various\",{\"1\":{\"5\":1,\"120\":2,\"396\":1}}],[\"var\",{\"1\":{\"136\":1,\"327\":1}}],[\"valuable\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"valued\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"valuecoding>\",{\"1\":{\"363\":2,\"389\":4}}],[\"valueidentifier>\",{\"1\":{\"363\":2,\"389\":2}}],[\"value>\",{\"1\":{\"160\":1}}],[\"value=\",{\"1\":{\"159\":317,\"160\":36,\"348\":2,\"363\":10,\"389\":14}}],[\"values\",{\"0\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1},\"1\":{\"126\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"338\":1,\"345\":1,\"346\":1,\"347\":1,\"348\":1,\"390\":2,\"442\":1,\"443\":1,\"446\":1,\"452\":3,\"454\":3,\"460\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"900\":1,\"906\":3,\"908\":3,\"914\":1,\"921\":1,\"923\":2,\"926\":1,\"994\":1,\"1043\":1,\"1044\":1,\"1050\":1,\"1052\":2,\"1055\":1,\"1087\":1,\"1137\":1,\"1138\":1,\"1356\":1,\"1358\":2,\"1361\":1,\"1532\":1,\"1534\":2,\"1537\":1,\"1709\":1,\"1711\":2,\"1714\":1,\"1886\":1,\"1888\":2,\"1891\":1,\"2063\":1,\"2065\":2,\"2068\":1,\"2240\":1,\"2242\":2,\"2245\":1,\"2328\":1,\"2330\":2,\"2333\":1,\"2425\":1,\"2455\":1,\"2457\":2,\"2460\":1,\"2492\":1,\"2547\":1,\"2549\":2,\"2552\":1,\"2644\":1,\"2674\":1,\"2676\":2,\"2679\":1,\"2711\":1,\"2766\":1,\"2768\":2,\"2771\":1,\"2863\":1,\"2893\":1,\"2895\":2,\"2898\":1,\"2930\":1,\"2985\":1,\"2987\":2,\"2990\":1,\"3082\":1,\"3112\":1,\"3114\":2,\"3117\":1,\"3149\":1,\"3204\":1,\"3206\":2,\"3209\":1,\"3277\":1,\"3326\":1,\"3327\":1,\"3333\":1,\"3335\":2,\"3338\":1,\"3370\":1,\"3420\":1,\"3421\":1}}],[\"valueset\",{\"1\":{\"97\":1,\"347\":2,\"348\":1,\"349\":3,\"361\":2,\"362\":2,\"387\":2,\"388\":2}}],[\"value\",{\"0\":{\"208\":1,\"263\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1},\"1\":{\"38\":1,\"152\":1,\"153\":1,\"174\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"208\":2,\"231\":1,\"232\":1,\"238\":1,\"247\":1,\"248\":1,\"263\":2,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"304\":2,\"307\":1,\"327\":6,\"346\":2,\"348\":1,\"349\":5,\"352\":2,\"359\":1,\"360\":1,\"361\":1,\"362\":3,\"364\":2,\"372\":1,\"385\":1,\"386\":1,\"387\":1,\"388\":3,\"390\":1,\"393\":1,\"442\":1,\"446\":1,\"452\":2,\"453\":3,\"454\":2,\"455\":4,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"900\":1,\"906\":2,\"907\":3,\"908\":2,\"909\":4,\"920\":2,\"921\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"990\":1,\"1043\":1,\"1049\":2,\"1050\":1,\"1062\":1,\"1063\":1,\"1082\":2,\"1137\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1169\":2,\"1230\":1,\"1231\":1,\"1247\":2,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1320\":2,\"1355\":2,\"1356\":1,\"1368\":1,\"1369\":1,\"1385\":2,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1523\":1,\"1531\":2,\"1532\":1,\"1544\":1,\"1545\":1,\"1561\":2,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1700\":1,\"1708\":2,\"1709\":1,\"1721\":1,\"1722\":1,\"1738\":2,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1877\":1,\"1885\":2,\"1886\":1,\"1898\":1,\"1899\":1,\"1915\":2,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2054\":1,\"2062\":2,\"2063\":1,\"2075\":1,\"2076\":1,\"2092\":2,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2231\":1,\"2239\":2,\"2240\":1,\"2252\":1,\"2253\":1,\"2269\":2,\"2327\":2,\"2328\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2421\":1,\"2454\":2,\"2455\":1,\"2467\":1,\"2468\":1,\"2487\":2,\"2546\":2,\"2547\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2640\":1,\"2673\":2,\"2674\":1,\"2686\":1,\"2687\":1,\"2706\":2,\"2765\":2,\"2766\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2859\":1,\"2892\":2,\"2893\":1,\"2905\":1,\"2906\":1,\"2925\":2,\"2984\":2,\"2985\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3078\":1,\"3111\":2,\"3112\":1,\"3124\":1,\"3125\":1,\"3144\":2,\"3203\":2,\"3204\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3273\":1,\"3326\":1,\"3332\":2,\"3333\":1,\"3345\":1,\"3346\":1,\"3365\":2,\"3420\":1}}],[\"valid\",{\"1\":{\"110\":1,\"165\":1,\"429\":1,\"457\":2,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1,\"911\":2}}],[\"validating\",{\"1\":{\"285\":1,\"296\":1,\"452\":1,\"453\":2,\"454\":1,\"455\":2,\"906\":1,\"907\":2,\"908\":1,\"909\":2}}],[\"validation\",{\"1\":{\"1\":1,\"26\":1,\"457\":2,\"911\":2,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"validate\",{\"1\":{\"99\":1,\"169\":1,\"205\":1,\"228\":1,\"249\":1,\"275\":1,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1038\":1,\"1064\":1,\"1106\":1,\"1108\":1,\"1132\":1,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1262\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1433\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1610\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1787\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1964\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2141\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2318\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2445\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2537\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2664\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2756\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2883\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"2975\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3102\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3194\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3321\":1,\"3347\":1,\"3389\":1,\"3391\":1,\"3415\":1}}],[\"validated\",{\"1\":{\"5\":1,\"95\":1,\"286\":1,\"297\":1}}],[\"hrp\",{\"1\":{\"327\":65,\"379\":1,\"390\":5,\"393\":9,\"400\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"hdd\",{\"1\":{\"282\":2,\"293\":2,\"436\":2,\"475\":2,\"498\":2,\"524\":2,\"554\":2,\"584\":2,\"614\":2,\"660\":2,\"706\":2,\"752\":2,\"798\":2,\"844\":2,\"890\":2}}],[\"html\",{\"1\":{\"146\":2,\"159\":1}}],[\"httpd\",{\"1\":{\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"http\",{\"0\":{\"271\":1,\"273\":1,\"1033\":1,\"1035\":1,\"1127\":1,\"1129\":1,\"1258\":1,\"1260\":1,\"1429\":1,\"1431\":1,\"1605\":1,\"1607\":1,\"1782\":1,\"1784\":1,\"1959\":1,\"1961\":1,\"2136\":1,\"2138\":1,\"2313\":1,\"2315\":1,\"2440\":1,\"2442\":1,\"2532\":1,\"2534\":1,\"2659\":1,\"2661\":1,\"2751\":1,\"2753\":1,\"2878\":1,\"2880\":1,\"2970\":1,\"2972\":1,\"3097\":1,\"3099\":1,\"3189\":1,\"3191\":1,\"3316\":1,\"3318\":1,\"3410\":1,\"3412\":1},\"1\":{\"90\":1,\"99\":1,\"139\":1,\"162\":4,\"169\":1,\"170\":1,\"191\":1,\"197\":1,\"200\":1,\"245\":1,\"261\":1,\"271\":1,\"273\":1,\"285\":2,\"296\":2,\"338\":1,\"348\":1,\"349\":2,\"357\":1,\"358\":2,\"361\":5,\"362\":3,\"363\":8,\"364\":1,\"384\":2,\"387\":5,\"388\":3,\"389\":10,\"393\":1,\"398\":4,\"439\":2,\"478\":2,\"501\":2,\"527\":2,\"557\":2,\"587\":2,\"617\":2,\"663\":2,\"709\":2,\"755\":2,\"801\":2,\"847\":2,\"893\":2,\"997\":2,\"1001\":1,\"1033\":1,\"1035\":1,\"1056\":1,\"1057\":2,\"1090\":2,\"1094\":1,\"1127\":1,\"1129\":1,\"1199\":2,\"1204\":1,\"1253\":2,\"1258\":1,\"1260\":1,\"1272\":1,\"1350\":2,\"1362\":1,\"1363\":2,\"1392\":2,\"1396\":1,\"1429\":1,\"1431\":1,\"1444\":1,\"1526\":2,\"1538\":1,\"1539\":2,\"1568\":2,\"1572\":1,\"1605\":1,\"1607\":1,\"1621\":1,\"1703\":2,\"1715\":1,\"1716\":2,\"1745\":2,\"1749\":1,\"1782\":1,\"1784\":1,\"1798\":1,\"1880\":2,\"1892\":1,\"1893\":2,\"1922\":2,\"1926\":1,\"1959\":1,\"1961\":1,\"1975\":1,\"2057\":2,\"2069\":1,\"2070\":2,\"2099\":2,\"2103\":1,\"2136\":1,\"2138\":1,\"2152\":1,\"2234\":2,\"2246\":1,\"2247\":2,\"2276\":2,\"2280\":1,\"2313\":1,\"2315\":1,\"2339\":1,\"2428\":2,\"2440\":1,\"2442\":1,\"2461\":1,\"2462\":2,\"2495\":2,\"2499\":1,\"2532\":1,\"2534\":1,\"2558\":1,\"2647\":2,\"2659\":1,\"2661\":1,\"2680\":1,\"2681\":2,\"2714\":2,\"2718\":1,\"2751\":1,\"2753\":1,\"2777\":1,\"2866\":2,\"2878\":1,\"2880\":1,\"2899\":1,\"2900\":2,\"2933\":2,\"2937\":1,\"2970\":1,\"2972\":1,\"2996\":1,\"3085\":2,\"3097\":1,\"3099\":1,\"3118\":1,\"3119\":2,\"3152\":2,\"3156\":1,\"3189\":1,\"3191\":1,\"3280\":2,\"3284\":1,\"3316\":1,\"3318\":1,\"3339\":1,\"3340\":2,\"3373\":2,\"3377\":1,\"3410\":1,\"3412\":1}}],[\"https\",{\"0\":{\"270\":1,\"1032\":1,\"1126\":1,\"1257\":1,\"1428\":1,\"1604\":1,\"1781\":1,\"1958\":1,\"2135\":1,\"2312\":1,\"2439\":1,\"2531\":1,\"2658\":1,\"2750\":1,\"2877\":1,\"2969\":1,\"3096\":1,\"3188\":1,\"3315\":1,\"3409\":1},\"1\":{\"14\":1,\"17\":1,\"41\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"90\":1,\"94\":1,\"99\":2,\"116\":2,\"134\":2,\"135\":2,\"139\":1,\"169\":2,\"187\":1,\"205\":1,\"207\":1,\"241\":1,\"249\":1,\"260\":1,\"283\":6,\"285\":5,\"289\":7,\"290\":15,\"294\":6,\"296\":5,\"300\":7,\"301\":10,\"303\":8,\"304\":4,\"307\":3,\"310\":2,\"313\":2,\"316\":2,\"327\":6,\"338\":3,\"367\":3,\"393\":3,\"428\":1,\"433\":1,\"437\":4,\"439\":5,\"442\":5,\"443\":3,\"457\":56,\"458\":3,\"460\":1,\"462\":2,\"471\":1,\"476\":4,\"478\":5,\"481\":4,\"482\":3,\"494\":1,\"499\":4,\"501\":5,\"504\":4,\"505\":3,\"511\":2,\"520\":1,\"525\":4,\"527\":5,\"530\":4,\"531\":3,\"537\":2,\"546\":1,\"549\":2,\"550\":2,\"551\":1,\"555\":4,\"557\":5,\"560\":4,\"561\":3,\"567\":2,\"576\":1,\"579\":2,\"580\":2,\"581\":1,\"585\":4,\"587\":5,\"590\":4,\"591\":3,\"597\":2,\"606\":1,\"609\":2,\"610\":3,\"611\":1,\"615\":4,\"617\":5,\"620\":4,\"621\":3,\"627\":2,\"652\":1,\"655\":2,\"656\":3,\"657\":1,\"661\":4,\"663\":5,\"666\":4,\"667\":3,\"673\":2,\"698\":1,\"701\":2,\"702\":3,\"703\":1,\"707\":4,\"709\":5,\"712\":4,\"713\":3,\"719\":2,\"744\":1,\"747\":2,\"748\":4,\"749\":1,\"753\":4,\"755\":5,\"758\":4,\"759\":3,\"765\":2,\"790\":1,\"795\":1,\"799\":4,\"801\":5,\"804\":4,\"805\":3,\"811\":2,\"836\":1,\"841\":1,\"845\":4,\"847\":5,\"850\":4,\"851\":3,\"857\":2,\"882\":1,\"887\":1,\"891\":4,\"893\":5,\"896\":5,\"897\":3,\"911\":56,\"912\":3,\"914\":1,\"916\":2,\"948\":1,\"957\":1,\"959\":1,\"991\":2,\"997\":1,\"1008\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1027\":1,\"1059\":1,\"1064\":1,\"1080\":1,\"1090\":1,\"1101\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1121\":1,\"1157\":1,\"1166\":1,\"1168\":1,\"1199\":1,\"1211\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1227\":1,\"1232\":1,\"1245\":1,\"1253\":1,\"1279\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1308\":1,\"1317\":1,\"1319\":1,\"1350\":1,\"1365\":1,\"1370\":1,\"1383\":1,\"1392\":1,\"1403\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1423\":1,\"1451\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1481\":1,\"1490\":1,\"1492\":1,\"1526\":1,\"1541\":1,\"1546\":1,\"1559\":1,\"1568\":1,\"1579\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1599\":1,\"1628\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1658\":1,\"1667\":1,\"1669\":1,\"1703\":1,\"1718\":1,\"1723\":1,\"1736\":1,\"1745\":1,\"1756\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1776\":1,\"1805\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1835\":1,\"1844\":1,\"1846\":1,\"1880\":1,\"1895\":1,\"1900\":1,\"1913\":1,\"1922\":1,\"1933\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1953\":1,\"1982\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"2012\":1,\"2021\":1,\"2023\":1,\"2057\":1,\"2072\":1,\"2077\":1,\"2090\":1,\"2099\":1,\"2110\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2130\":1,\"2159\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2189\":1,\"2198\":1,\"2200\":1,\"2234\":1,\"2249\":1,\"2254\":1,\"2267\":1,\"2276\":1,\"2287\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2307\":1,\"2346\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2379\":1,\"2388\":1,\"2390\":1,\"2422\":2,\"2428\":1,\"2434\":1,\"2464\":1,\"2469\":1,\"2485\":1,\"2495\":1,\"2506\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2526\":1,\"2565\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2598\":1,\"2607\":1,\"2609\":1,\"2641\":2,\"2647\":1,\"2653\":1,\"2683\":1,\"2688\":1,\"2704\":1,\"2714\":1,\"2725\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2745\":1,\"2784\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2817\":1,\"2826\":1,\"2828\":1,\"2860\":2,\"2866\":1,\"2872\":1,\"2902\":1,\"2907\":1,\"2923\":1,\"2933\":1,\"2944\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2964\":1,\"3003\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3036\":1,\"3045\":1,\"3047\":1,\"3079\":2,\"3085\":1,\"3091\":1,\"3121\":1,\"3126\":1,\"3142\":1,\"3152\":1,\"3163\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3183\":1,\"3231\":1,\"3240\":1,\"3242\":1,\"3274\":2,\"3280\":1,\"3291\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3310\":1,\"3342\":1,\"3347\":1,\"3363\":1,\"3373\":1,\"3384\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3404\":1}}],[\"hyper\",{\"1\":{\"137\":1}}],[\"hl7\",{\"0\":{\"95\":1},\"1\":{\"93\":1,\"95\":1,\"116\":1,\"117\":1,\"127\":1}}],[\"hub\",{\"1\":{\"91\":1,\"130\":1,\"285\":4,\"286\":2,\"296\":4,\"297\":2}}],[\"hund\",{\"1\":{\"1\":1,\"26\":10,\"83\":1,\"318\":1}}],[\"h\",{\"1\":{\"26\":11,\"105\":1,\"318\":1}}],[\"hhn\",{\"1\":{\"16\":1,\"81\":1,\"82\":1}}],[\"hs\",{\"1\":{\"12\":1,\"16\":2,\"22\":1,\"37\":1,\"40\":1,\"71\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"429\":1,\"442\":1,\"445\":1,\"471\":2,\"472\":1,\"481\":1,\"482\":1,\"484\":1,\"494\":2,\"495\":1,\"504\":1,\"505\":1,\"507\":1,\"520\":2,\"521\":1,\"530\":1,\"531\":1,\"533\":1,\"546\":2,\"547\":1,\"560\":1,\"561\":1,\"563\":1,\"577\":1,\"590\":1,\"593\":1,\"607\":1,\"620\":1,\"623\":1,\"653\":1,\"666\":1,\"669\":1,\"699\":1,\"712\":1,\"715\":1,\"745\":1,\"758\":1,\"761\":1,\"791\":1,\"804\":1,\"807\":1,\"837\":1,\"850\":1,\"853\":1,\"883\":1,\"896\":1,\"899\":1}}],[\"he\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"hex\",{\"1\":{\"265\":1,\"266\":1,\"289\":3,\"300\":3,\"442\":1,\"481\":2,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"hellohrpmessage\",{\"1\":{\"390\":1}}],[\"hellohrp\",{\"1\":{\"390\":3,\"393\":4}}],[\"hellocosmessage\",{\"1\":{\"364\":2,\"390\":1}}],[\"hellocos\",{\"1\":{\"354\":1,\"364\":5,\"367\":4,\"374\":2,\"377\":3,\"390\":4,\"393\":3}}],[\"hellodictask\",{\"1\":{\"390\":1}}],[\"hellodic\",{\"1\":{\"335\":5,\"338\":5,\"342\":3,\"344\":1,\"349\":4,\"352\":6,\"354\":1,\"364\":3,\"367\":6,\"369\":1,\"374\":4,\"377\":6,\"390\":1,\"393\":8}}],[\"hello\",{\"1\":{\"170\":1,\"335\":1,\"338\":1,\"349\":1,\"364\":3,\"367\":1,\"390\":5,\"393\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"helpful\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"help\",{\"1\":{\"419\":5,\"422\":1,\"643\":5,\"646\":1,\"689\":5,\"692\":1,\"735\":5,\"738\":1,\"781\":5,\"784\":1,\"827\":5,\"830\":1,\"873\":5,\"876\":1}}],[\"helping\",{\"1\":{\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"helper\",{\"1\":{\"102\":1}}],[\"helps\",{\"1\":{\"36\":1,\"88\":1,\"405\":1,\"415\":1,\"417\":1,\"629\":1,\"639\":1,\"641\":1,\"675\":1,\"685\":1,\"687\":1,\"721\":1,\"731\":1,\"733\":1,\"767\":1,\"777\":1,\"779\":1,\"813\":1,\"823\":1,\"825\":1,\"859\":1,\"869\":1,\"871\":1}}],[\"hear\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"heap\",{\"1\":{\"341\":1}}],[\"headless\",{\"1\":{\"341\":1}}],[\"head\",{\"1\":{\"285\":2,\"296\":2,\"417\":1,\"439\":2,\"478\":2,\"501\":2,\"527\":2,\"557\":2,\"587\":2,\"617\":2,\"641\":1,\"663\":2,\"687\":1,\"709\":2,\"733\":1,\"755\":2,\"779\":1,\"801\":2,\"825\":1,\"847\":2,\"871\":1,\"893\":2}}],[\"header\",{\"0\":{\"1001\":1,\"1094\":1,\"1204\":1,\"1272\":1,\"1396\":1,\"1444\":1,\"1572\":1,\"1621\":1,\"1749\":1,\"1798\":1,\"1926\":1,\"1975\":1,\"2103\":1,\"2152\":1,\"2280\":1,\"2339\":1,\"2499\":1,\"2558\":1,\"2718\":1,\"2777\":1,\"2937\":1,\"2996\":1,\"3156\":1,\"3284\":1,\"3377\":1},\"1\":{\"159\":6,\"261\":1,\"1001\":2,\"1094\":2,\"1204\":2,\"1272\":2,\"1396\":2,\"1444\":2,\"1572\":2,\"1621\":2,\"1749\":2,\"1798\":2,\"1926\":2,\"1975\":2,\"2103\":2,\"2152\":2,\"2280\":2,\"2339\":2,\"2499\":2,\"2558\":2,\"2718\":2,\"2777\":2,\"2937\":2,\"2996\":2,\"3156\":2,\"3284\":2,\"3377\":2}}],[\"healthcheck\",{\"1\":{\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"327\":1,\"536\":3,\"537\":3}}],[\"healthcare\",{\"1\":{\"26\":1,\"29\":1,\"116\":1,\"117\":2}}],[\"health\",{\"1\":{\"26\":10,\"77\":2,\"79\":1,\"81\":1,\"95\":1}}],[\"heterogeny\",{\"1\":{\"98\":1}}],[\"heterogeneous\",{\"1\":{\"98\":1}}],[\"heidelberg\",{\"0\":{\"78\":1,\"82\":1},\"1\":{\"78\":1,\"81\":1,\"82\":1}}],[\"heidt\",{\"1\":{\"26\":2}}],[\"heinze\",{\"1\":{\"26\":2}}],[\"heilbronn\",{\"0\":{\"77\":1,\"82\":1},\"1\":{\"12\":1,\"16\":3,\"22\":1,\"37\":1,\"40\":1,\"71\":1,\"77\":1,\"81\":1,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"427\":1,\"429\":1,\"442\":1,\"445\":1,\"470\":1,\"471\":2,\"472\":1,\"481\":1,\"482\":1,\"484\":1,\"493\":1,\"494\":2,\"495\":1,\"504\":1,\"505\":1,\"507\":1,\"519\":1,\"520\":2,\"521\":1,\"530\":1,\"531\":1,\"533\":1,\"545\":1,\"546\":2,\"547\":1,\"560\":1,\"561\":1,\"563\":1,\"575\":1,\"577\":1,\"590\":1,\"593\":1,\"605\":1,\"607\":1,\"620\":1,\"623\":1,\"651\":1,\"653\":1,\"666\":1,\"669\":1,\"697\":1,\"699\":1,\"712\":1,\"715\":1,\"743\":1,\"745\":1,\"758\":1,\"761\":1,\"789\":1,\"791\":1,\"804\":1,\"807\":1,\"835\":1,\"837\":1,\"850\":1,\"853\":1,\"881\":1,\"883\":1,\"896\":1,\"899\":1}}],[\"her\",{\"1\":{\"98\":1}}],[\"herzlich\",{\"1\":{\"14\":1}}],[\"here\",{\"0\":{\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1},\"1\":{\"12\":1,\"30\":1,\"37\":1,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"74\":1,\"86\":1,\"88\":1,\"91\":2,\"92\":1,\"93\":2,\"110\":1,\"156\":1,\"157\":1,\"173\":1,\"240\":1,\"285\":1,\"289\":2,\"296\":1,\"300\":2,\"395\":2,\"397\":2,\"399\":3,\"401\":2,\"402\":1,\"415\":1,\"418\":1,\"422\":1,\"430\":1,\"431\":1,\"432\":1,\"439\":1,\"465\":1,\"469\":1,\"470\":1,\"471\":2,\"478\":1,\"488\":1,\"492\":1,\"493\":1,\"494\":2,\"501\":1,\"514\":1,\"518\":1,\"519\":1,\"520\":2,\"527\":1,\"540\":1,\"545\":1,\"547\":2,\"557\":1,\"570\":1,\"587\":1,\"600\":1,\"617\":1,\"639\":1,\"642\":1,\"646\":1,\"663\":1,\"685\":1,\"688\":1,\"692\":1,\"709\":1,\"731\":1,\"734\":1,\"738\":1,\"755\":1,\"777\":1,\"780\":1,\"784\":1,\"792\":1,\"793\":1,\"794\":1,\"801\":1,\"823\":1,\"826\":1,\"830\":1,\"838\":1,\"839\":1,\"840\":1,\"847\":1,\"869\":1,\"872\":1,\"876\":1,\"884\":1,\"885\":1,\"886\":1,\"893\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"hesitate\",{\"1\":{\"12\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"hit\",{\"1\":{\"290\":1,\"301\":1}}],[\"hints\",{\"1\":{\"137\":2}}],[\"hier\",{\"1\":{\"17\":1,\"41\":1}}],[\"higher\",{\"1\":{\"432\":1,\"794\":1,\"840\":1,\"886\":1}}],[\"highest\",{\"1\":{\"109\":1}}],[\"highlight\",{\"1\":{\"429\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"highly\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"highmedorg\",{\"1\":{\"304\":6,\"307\":6,\"335\":1,\"338\":4,\"344\":1,\"349\":1,\"352\":5,\"354\":2,\"364\":5,\"367\":10,\"369\":1,\"374\":5,\"377\":9,\"390\":5,\"393\":15}}],[\"highmed\",{\"0\":{\"82\":1,\"174\":1,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":2,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1},\"1\":{\"26\":4,\"29\":2,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"82\":2,\"98\":1,\"116\":2,\"134\":6,\"135\":2,\"138\":1,\"152\":3,\"153\":3,\"156\":1,\"159\":1,\"160\":1,\"162\":4,\"163\":1,\"171\":1,\"174\":2,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":2,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":3,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":2,\"213\":4,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":3,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":2,\"229\":2,\"230\":1,\"231\":2,\"232\":2,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":2,\"241\":1,\"242\":3,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":2,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"280\":2,\"289\":23,\"290\":46,\"291\":3,\"300\":16,\"301\":16,\"303\":31,\"304\":25,\"306\":5,\"307\":20,\"309\":5,\"310\":8,\"312\":5,\"313\":3,\"315\":5,\"316\":3,\"327\":96,\"332\":3,\"333\":1,\"338\":2,\"341\":2,\"342\":1,\"346\":1,\"348\":1,\"349\":2,\"352\":1,\"358\":2,\"361\":5,\"362\":5,\"363\":7,\"364\":1,\"367\":2,\"377\":1,\"384\":2,\"387\":5,\"388\":5,\"389\":9,\"393\":3,\"434\":1,\"459\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"564\":1,\"582\":1,\"594\":1,\"612\":1,\"624\":1,\"658\":1,\"670\":1,\"704\":1,\"716\":1,\"750\":1,\"762\":1,\"796\":1,\"808\":1,\"842\":1,\"854\":1,\"888\":1,\"913\":1}}],[\"high\",{\"1\":{\"9\":1,\"33\":1}}],[\"history\",{\"1\":{\"1049\":1,\"1055\":1,\"1057\":3,\"1355\":1,\"1361\":1,\"1363\":3,\"1531\":1,\"1537\":1,\"1539\":3,\"1708\":1,\"1714\":1,\"1716\":3,\"1885\":1,\"1891\":1,\"1893\":3,\"2062\":1,\"2068\":1,\"2070\":3,\"2239\":1,\"2245\":1,\"2247\":3,\"2454\":1,\"2460\":1,\"2462\":3,\"2673\":1,\"2679\":1,\"2681\":3,\"2892\":1,\"2898\":1,\"2900\":3,\"3111\":1,\"3117\":1,\"3119\":3,\"3332\":1,\"3338\":1,\"3340\":3}}],[\"his\",{\"1\":{\"1\":1,\"98\":1}}],[\"hold\",{\"1\":{\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"holds\",{\"1\":{\"127\":1}}],[\"hochschule\",{\"1\":{\"289\":1,\"300\":1}}],[\"home\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"homepage\",{\"1\":{\"37\":1,\"83\":1,\"208\":1,\"263\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"hotfix\",{\"1\":{\"408\":1,\"409\":1,\"632\":1,\"633\":1,\"678\":1,\"679\":1,\"724\":1,\"725\":1,\"770\":1,\"771\":1,\"816\":1,\"817\":1,\"862\":1,\"863\":1}}],[\"hot\",{\"1\":{\"157\":1,\"158\":2}}],[\"hosts\",{\"1\":{\"400\":3}}],[\"hostname\",{\"1\":{\"216\":1,\"269\":1,\"967\":1,\"1031\":1,\"1125\":1,\"1177\":1,\"1256\":1,\"1328\":1,\"1427\":1,\"1500\":1,\"1603\":1,\"1677\":1,\"1780\":1,\"1854\":1,\"1957\":1,\"2031\":1,\"2134\":1,\"2208\":1,\"2311\":1,\"2398\":1,\"2438\":1,\"2530\":1,\"2617\":1,\"2657\":1,\"2749\":1,\"2836\":1,\"2876\":1,\"2968\":1,\"3055\":1,\"3095\":1,\"3187\":1,\"3250\":1,\"3314\":1,\"3408\":1}}],[\"host\",{\"0\":{\"216\":1,\"400\":1,\"967\":1,\"999\":1,\"1021\":1,\"1092\":1,\"1114\":1,\"1177\":1,\"1202\":1,\"1224\":1,\"1270\":1,\"1292\":1,\"1328\":1,\"1394\":1,\"1416\":1,\"1442\":1,\"1464\":1,\"1500\":1,\"1570\":1,\"1592\":1,\"1619\":1,\"1641\":1,\"1677\":1,\"1747\":1,\"1769\":1,\"1796\":1,\"1818\":1,\"1854\":1,\"1924\":1,\"1946\":1,\"1973\":1,\"1995\":1,\"2031\":1,\"2101\":1,\"2123\":1,\"2150\":1,\"2172\":1,\"2208\":1,\"2278\":1,\"2300\":1,\"2337\":1,\"2359\":1,\"2398\":1,\"2497\":1,\"2519\":1,\"2556\":1,\"2578\":1,\"2617\":1,\"2716\":1,\"2738\":1,\"2775\":1,\"2797\":1,\"2836\":1,\"2935\":1,\"2957\":1,\"2994\":1,\"3016\":1,\"3055\":1,\"3154\":1,\"3176\":1,\"3250\":1,\"3282\":1,\"3304\":1,\"3375\":1,\"3397\":1},\"1\":{\"137\":2,\"216\":1,\"967\":1,\"999\":2,\"1021\":2,\"1092\":2,\"1114\":2,\"1177\":1,\"1202\":2,\"1224\":2,\"1270\":2,\"1292\":2,\"1328\":1,\"1394\":2,\"1416\":2,\"1442\":2,\"1464\":2,\"1500\":1,\"1570\":2,\"1592\":2,\"1619\":2,\"1641\":2,\"1677\":1,\"1747\":2,\"1769\":2,\"1796\":2,\"1818\":2,\"1854\":1,\"1924\":2,\"1946\":2,\"1973\":2,\"1995\":2,\"2031\":1,\"2101\":2,\"2123\":2,\"2150\":2,\"2172\":2,\"2208\":1,\"2278\":2,\"2300\":2,\"2337\":2,\"2359\":2,\"2398\":1,\"2497\":2,\"2519\":2,\"2556\":2,\"2578\":2,\"2617\":1,\"2716\":2,\"2738\":2,\"2775\":2,\"2797\":2,\"2836\":1,\"2935\":2,\"2957\":2,\"2994\":2,\"3016\":2,\"3055\":1,\"3154\":2,\"3176\":2,\"3250\":1,\"3282\":2,\"3304\":2,\"3375\":2,\"3397\":2}}],[\"hospital\",{\"1\":{\"208\":1,\"263\":1,\"428\":2,\"576\":2,\"606\":2,\"652\":2,\"698\":2,\"744\":2,\"790\":2,\"836\":2,\"882\":2,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"hospitalizations\",{\"1\":{\"126\":1}}],[\"hospitals\",{\"1\":{\"5\":1,\"11\":1,\"98\":2,\"129\":2}}],[\"hours\",{\"1\":{\"38\":1}}],[\"hoffmann\",{\"1\":{\"26\":1}}],[\"however\",{\"1\":{\"102\":1,\"127\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"how\",{\"0\":{\"13\":1,\"37\":1},\"1\":{\"5\":1,\"12\":2,\"13\":1,\"37\":1,\"93\":1,\"120\":1,\"162\":1,\"290\":3,\"301\":3,\"318\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"329\":1,\"340\":1,\"344\":1,\"354\":1,\"369\":1,\"373\":1,\"379\":1,\"381\":1,\"398\":1,\"415\":2,\"422\":2,\"423\":1,\"434\":1,\"442\":1,\"460\":1,\"465\":1,\"466\":1,\"470\":1,\"473\":1,\"481\":1,\"488\":1,\"489\":1,\"493\":1,\"496\":1,\"504\":1,\"514\":1,\"515\":1,\"519\":1,\"522\":1,\"530\":1,\"540\":1,\"541\":1,\"545\":1,\"552\":1,\"560\":1,\"570\":1,\"571\":1,\"582\":1,\"590\":1,\"600\":1,\"601\":1,\"612\":1,\"620\":1,\"639\":2,\"646\":2,\"647\":1,\"658\":1,\"666\":1,\"685\":2,\"692\":2,\"693\":1,\"704\":1,\"712\":1,\"731\":2,\"738\":2,\"739\":1,\"750\":1,\"758\":1,\"777\":2,\"784\":2,\"785\":1,\"796\":1,\"804\":1,\"823\":2,\"830\":2,\"831\":1,\"842\":1,\"850\":1,\"869\":2,\"876\":2,\"877\":1,\"888\":1,\"896\":1,\"914\":1}}],[\"harica\",{\"1\":{\"457\":8,\"460\":1,\"911\":8,\"914\":1,\"1044\":4,\"1138\":4,\"3327\":4,\"3421\":4}}],[\"hardware\",{\"0\":{\"403\":1},\"1\":{\"403\":1}}],[\"harden\",{\"1\":{\"33\":1}}],[\"having\",{\"1\":{\"346\":1,\"349\":1}}],[\"have\",{\"1\":{\"1\":1,\"12\":1,\"37\":2,\"40\":1,\"75\":1,\"85\":1,\"89\":1,\"97\":1,\"98\":2,\"116\":1,\"117\":1,\"126\":1,\"127\":1,\"129\":1,\"134\":1,\"135\":1,\"154\":1,\"217\":1,\"218\":1,\"262\":1,\"286\":1,\"297\":1,\"338\":1,\"348\":1,\"352\":1,\"367\":1,\"393\":1,\"411\":1,\"417\":1,\"419\":2,\"427\":1,\"429\":3,\"444\":1,\"445\":1,\"459\":2,\"460\":1,\"470\":1,\"472\":4,\"481\":1,\"483\":1,\"484\":1,\"493\":1,\"495\":4,\"506\":1,\"507\":1,\"519\":1,\"521\":4,\"532\":1,\"533\":1,\"537\":1,\"545\":1,\"547\":4,\"562\":1,\"563\":1,\"564\":2,\"575\":1,\"577\":3,\"592\":1,\"593\":1,\"594\":2,\"605\":1,\"607\":3,\"622\":1,\"623\":1,\"624\":2,\"635\":1,\"641\":1,\"643\":2,\"651\":1,\"653\":3,\"668\":1,\"669\":1,\"670\":2,\"681\":1,\"687\":1,\"689\":2,\"697\":1,\"699\":3,\"714\":1,\"715\":1,\"716\":2,\"727\":1,\"733\":1,\"735\":2,\"743\":1,\"745\":3,\"760\":1,\"761\":1,\"762\":2,\"773\":1,\"779\":1,\"781\":2,\"789\":1,\"791\":3,\"806\":1,\"807\":1,\"808\":2,\"819\":1,\"825\":1,\"827\":2,\"835\":1,\"837\":3,\"852\":1,\"853\":1,\"854\":2,\"865\":1,\"871\":1,\"873\":2,\"881\":1,\"883\":3,\"898\":1,\"899\":1,\"913\":2,\"914\":1,\"968\":1,\"969\":1,\"1081\":1,\"1178\":1,\"1179\":1,\"1246\":1,\"1329\":1,\"1330\":1,\"1384\":1,\"1501\":1,\"1502\":1,\"1560\":1,\"1678\":1,\"1679\":1,\"1737\":1,\"1855\":1,\"1856\":1,\"1914\":1,\"2032\":1,\"2033\":1,\"2091\":1,\"2209\":1,\"2210\":1,\"2268\":1,\"2399\":1,\"2400\":1,\"2486\":1,\"2618\":1,\"2619\":1,\"2705\":1,\"2837\":1,\"2838\":1,\"2924\":1,\"3056\":1,\"3057\":1,\"3143\":1,\"3251\":1,\"3252\":1,\"3364\":1}}],[\"haproxy\",{\"1\":{\"100\":1,\"170\":2}}],[\"happen\",{\"1\":{\"89\":1}}],[\"hapi\",{\"1\":{\"17\":1,\"304\":2,\"307\":2,\"310\":2}}],[\"hash=sha512\",{\"1\":{\"289\":1,\"300\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":1,\"1049\":1,\"1083\":1,\"1355\":1,\"1386\":1,\"1531\":1,\"1562\":1,\"1708\":1,\"1739\":1,\"1885\":1,\"1916\":1,\"2062\":1,\"2093\":1,\"2239\":1,\"2270\":1,\"2327\":1,\"2454\":1,\"2488\":1,\"2546\":1,\"2673\":1,\"2707\":1,\"2765\":1,\"2892\":1,\"2926\":1,\"2984\":1,\"3111\":1,\"3145\":1,\"3203\":1,\"3332\":1,\"3366\":1}}],[\"hash\",{\"1\":{\"289\":4,\"300\":4,\"442\":2,\"481\":3,\"504\":2,\"530\":2,\"560\":2,\"590\":2,\"620\":2,\"666\":2,\"712\":2,\"758\":2,\"804\":2,\"850\":2,\"896\":2}}],[\"has\",{\"1\":{\"88\":2,\"90\":2,\"98\":1,\"138\":2,\"152\":1,\"153\":1,\"154\":3,\"333\":1,\"358\":1,\"384\":1,\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1,\"1056\":2,\"1362\":2,\"1538\":2,\"1715\":2,\"1892\":2,\"2069\":2,\"2246\":2,\"2461\":2,\"2680\":2,\"2899\":2,\"3118\":2,\"3339\":2}}],[\"had\",{\"1\":{\"37\":1}}],[\"hamacher\",{\"1\":{\"26\":1}}],[\"hampf\",{\"1\":{\"26\":2}}],[\"haarbrandt\",{\"1\":{\"26\":1}}],[\"haben\",{\"1\":{\"16\":1,\"22\":1}}],[\"hand\",{\"1\":{\"97\":2}}],[\"handle\",{\"1\":{\"381\":1,\"395\":1}}],[\"handled\",{\"1\":{\"32\":1,\"110\":1,\"165\":1,\"383\":1}}],[\"handling\",{\"1\":{\"26\":1}}],[\"handshake\",{\"1\":{\"276\":1,\"1039\":1,\"1133\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3416\":1}}],[\"hands\",{\"1\":{\"14\":2,\"28\":1,\"116\":1,\"117\":1,\"119\":1}}],[\"hansen\",{\"1\":{\"1\":3}}],[\"hackathons\",{\"1\":{\"14\":1,\"17\":1}}],[\"hackathon\",{\"0\":{\"14\":1},\"1\":{\"14\":2,\"15\":1,\"16\":1,\"18\":1,\"22\":1,\"286\":1,\"297\":1}}],[\"hauke\",{\"1\":{\"1\":1,\"83\":1}}],[\"n9bcmtjugv3y\",{\"1\":{\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"n\",{\"1\":{\"383\":2}}],[\"null\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"numbers\",{\"1\":{\"311\":1,\"314\":1,\"341\":1}}],[\"number\",{\"1\":{\"159\":2,\"209\":2,\"217\":1,\"234\":2,\"450\":1,\"460\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"904\":1,\"914\":1,\"915\":1,\"916\":1,\"960\":2,\"968\":1,\"986\":2,\"990\":2,\"1026\":1,\"1120\":1,\"1170\":2,\"1178\":1,\"1193\":2,\"1321\":2,\"1329\":1,\"1344\":2,\"1422\":1,\"1493\":2,\"1501\":1,\"1519\":2,\"1523\":2,\"1598\":1,\"1670\":2,\"1678\":1,\"1696\":2,\"1700\":2,\"1775\":1,\"1847\":2,\"1855\":1,\"1873\":2,\"1877\":2,\"1952\":1,\"2024\":2,\"2032\":1,\"2050\":2,\"2054\":2,\"2129\":1,\"2201\":2,\"2209\":1,\"2227\":2,\"2231\":2,\"2306\":1,\"2391\":2,\"2399\":1,\"2417\":2,\"2421\":2,\"2433\":1,\"2525\":1,\"2610\":2,\"2618\":1,\"2636\":2,\"2640\":2,\"2652\":1,\"2744\":1,\"2829\":2,\"2837\":1,\"2855\":2,\"2859\":2,\"2871\":1,\"2963\":1,\"3048\":2,\"3056\":1,\"3074\":2,\"3078\":2,\"3090\":1,\"3182\":1,\"3243\":2,\"3251\":1,\"3269\":2,\"3273\":2,\"3309\":1,\"3403\":1}}],[\"number>\",{\"1\":{\"158\":2,\"409\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1}}],[\"num\",{\"0\":{\"551\":1,\"581\":1,\"611\":1,\"657\":1,\"703\":1,\"749\":1},\"1\":{\"81\":1,\"129\":2,\"130\":1,\"171\":1,\"280\":1,\"286\":1,\"290\":6,\"297\":1,\"300\":2,\"301\":7,\"303\":2,\"304\":4,\"307\":4,\"310\":1,\"431\":1,\"434\":1,\"473\":2,\"496\":2,\"522\":2,\"551\":2,\"552\":1,\"581\":2,\"582\":1,\"611\":2,\"612\":1,\"657\":2,\"658\":1,\"703\":2,\"704\":1,\"749\":2,\"750\":1,\"793\":1,\"796\":1,\"839\":1,\"842\":1,\"885\":1,\"888\":1}}],[\"nationwide\",{\"1\":{\"129\":1}}],[\"naming\",{\"0\":{\"158\":1,\"409\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1}}],[\"namingsystem\",{\"1\":{\"97\":1}}],[\"names\",{\"1\":{\"159\":1,\"160\":1,\"233\":1,\"237\":1,\"276\":1,\"452\":1,\"454\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"906\":1,\"908\":1,\"913\":2,\"924\":1,\"985\":1,\"989\":1,\"1039\":1,\"1053\":1,\"1133\":1,\"1192\":1,\"1196\":1,\"1263\":1,\"1343\":1,\"1347\":1,\"1359\":1,\"1434\":1,\"1518\":1,\"1522\":1,\"1535\":1,\"1611\":1,\"1695\":1,\"1699\":1,\"1712\":1,\"1788\":1,\"1872\":1,\"1876\":1,\"1889\":1,\"1965\":1,\"2049\":1,\"2053\":1,\"2066\":1,\"2142\":1,\"2226\":1,\"2230\":1,\"2243\":1,\"2319\":1,\"2331\":1,\"2416\":1,\"2420\":1,\"2446\":1,\"2458\":1,\"2538\":1,\"2550\":1,\"2635\":1,\"2639\":1,\"2665\":1,\"2677\":1,\"2757\":1,\"2769\":1,\"2854\":1,\"2858\":1,\"2884\":1,\"2896\":1,\"2976\":1,\"2988\":1,\"3073\":1,\"3077\":1,\"3103\":1,\"3115\":1,\"3195\":1,\"3207\":1,\"3268\":1,\"3272\":1,\"3322\":1,\"3336\":1,\"3416\":1}}],[\"name=\",{\"1\":{\"159\":1,\"160\":47}}],[\"name>\",{\"1\":{\"158\":2,\"162\":1,\"409\":1,\"448\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1,\"902\":1}}],[\"name\",{\"0\":{\"270\":1,\"359\":1,\"385\":1,\"1032\":1,\"1126\":1,\"1257\":1,\"1428\":1,\"1604\":1,\"1781\":1,\"1958\":1,\"2135\":1,\"2312\":1,\"2439\":1,\"2531\":1,\"2658\":1,\"2750\":1,\"2877\":1,\"2969\":1,\"3096\":1,\"3188\":1,\"3315\":1,\"3409\":1},\"1\":{\"95\":1,\"99\":2,\"112\":2,\"113\":1,\"139\":1,\"152\":3,\"153\":3,\"167\":2,\"168\":1,\"169\":2,\"170\":1,\"176\":1,\"178\":1,\"180\":1,\"181\":1,\"183\":1,\"252\":1,\"254\":1,\"256\":1,\"258\":1,\"259\":1,\"284\":2,\"289\":4,\"295\":2,\"300\":4,\"327\":1,\"332\":2,\"334\":1,\"346\":1,\"347\":2,\"356\":1,\"359\":1,\"363\":2,\"364\":5,\"373\":2,\"385\":1,\"389\":2,\"409\":1,\"433\":2,\"438\":2,\"442\":1,\"446\":1,\"477\":2,\"481\":1,\"500\":2,\"504\":1,\"526\":2,\"530\":1,\"556\":2,\"560\":1,\"586\":2,\"590\":1,\"616\":2,\"620\":1,\"633\":1,\"662\":2,\"666\":1,\"679\":1,\"708\":2,\"712\":1,\"725\":1,\"754\":2,\"758\":1,\"771\":1,\"795\":2,\"800\":2,\"804\":1,\"817\":1,\"841\":2,\"846\":2,\"850\":1,\"863\":1,\"887\":2,\"892\":2,\"896\":1,\"900\":1,\"920\":1,\"923\":2,\"935\":1,\"938\":1,\"1001\":1,\"1014\":1,\"1044\":2,\"1049\":1,\"1052\":2,\"1071\":1,\"1073\":1,\"1094\":1,\"1107\":1,\"1138\":2,\"1146\":1,\"1148\":1,\"1150\":1,\"1151\":1,\"1153\":1,\"1204\":1,\"1217\":1,\"1237\":1,\"1239\":1,\"1241\":1,\"1243\":1,\"1244\":1,\"1272\":1,\"1285\":1,\"1297\":1,\"1299\":1,\"1301\":1,\"1302\":1,\"1304\":1,\"1358\":2,\"1375\":1,\"1377\":1,\"1379\":1,\"1381\":1,\"1382\":1,\"1396\":1,\"1409\":1,\"1444\":1,\"1457\":1,\"1469\":1,\"1471\":1,\"1473\":1,\"1474\":1,\"1476\":1,\"1534\":2,\"1551\":1,\"1553\":1,\"1555\":1,\"1557\":1,\"1558\":1,\"1572\":1,\"1585\":1,\"1621\":1,\"1634\":1,\"1646\":1,\"1648\":1,\"1650\":1,\"1651\":1,\"1653\":1,\"1711\":2,\"1728\":1,\"1730\":1,\"1732\":1,\"1734\":1,\"1735\":1,\"1749\":1,\"1762\":1,\"1798\":1,\"1811\":1,\"1823\":1,\"1825\":1,\"1827\":1,\"1828\":1,\"1830\":1,\"1888\":2,\"1905\":1,\"1907\":1,\"1909\":1,\"1911\":1,\"1912\":1,\"1926\":1,\"1939\":1,\"1975\":1,\"1988\":1,\"2000\":1,\"2002\":1,\"2004\":1,\"2005\":1,\"2007\":1,\"2065\":2,\"2082\":1,\"2084\":1,\"2086\":1,\"2088\":1,\"2089\":1,\"2103\":1,\"2116\":1,\"2152\":1,\"2165\":1,\"2177\":1,\"2179\":1,\"2181\":1,\"2182\":1,\"2184\":1,\"2242\":2,\"2259\":1,\"2261\":1,\"2263\":1,\"2265\":1,\"2266\":1,\"2280\":1,\"2293\":1,\"2327\":1,\"2330\":2,\"2339\":1,\"2352\":1,\"2364\":1,\"2366\":1,\"2369\":1,\"2454\":1,\"2457\":2,\"2474\":1,\"2476\":1,\"2478\":1,\"2499\":1,\"2512\":1,\"2546\":1,\"2549\":2,\"2558\":1,\"2571\":1,\"2583\":1,\"2585\":1,\"2588\":1,\"2673\":1,\"2676\":2,\"2693\":1,\"2695\":1,\"2697\":1,\"2718\":1,\"2731\":1,\"2765\":1,\"2768\":2,\"2777\":1,\"2790\":1,\"2802\":1,\"2804\":1,\"2807\":1,\"2892\":1,\"2895\":2,\"2912\":1,\"2914\":1,\"2916\":1,\"2937\":1,\"2950\":1,\"2984\":1,\"2987\":2,\"2996\":1,\"3009\":1,\"3021\":1,\"3023\":1,\"3026\":1,\"3111\":1,\"3114\":2,\"3131\":1,\"3133\":1,\"3135\":1,\"3156\":1,\"3169\":1,\"3203\":1,\"3206\":2,\"3218\":1,\"3221\":1,\"3284\":1,\"3297\":1,\"3327\":2,\"3332\":1,\"3335\":2,\"3354\":1,\"3356\":1,\"3377\":1,\"3390\":1,\"3421\":2}}],[\"named\",{\"1\":{\"1\":1}}],[\"nginx\",{\"1\":{\"100\":1,\"170\":2,\"327\":5,\"331\":1}}],[\"noproxy\",{\"0\":{\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1},\"1\":{\"995\":1,\"997\":1,\"1088\":1,\"1090\":1,\"1197\":1,\"1199\":1,\"1251\":1,\"1253\":1,\"1348\":1,\"1350\":1,\"1390\":1,\"1392\":1,\"1524\":1,\"1526\":1,\"1566\":1,\"1568\":1,\"1701\":1,\"1703\":1,\"1743\":1,\"1745\":1,\"1878\":1,\"1880\":1,\"1920\":1,\"1922\":1,\"2055\":1,\"2057\":1,\"2097\":1,\"2099\":1,\"2232\":1,\"2234\":1,\"2274\":1,\"2276\":1,\"2426\":1,\"2428\":1,\"2493\":1,\"2495\":1,\"2645\":1,\"2647\":1,\"2712\":1,\"2714\":1,\"2864\":1,\"2866\":1,\"2931\":1,\"2933\":1,\"3083\":1,\"3085\":1,\"3150\":1,\"3152\":1,\"3278\":1,\"3280\":1,\"3371\":1,\"3373\":1}}],[\"nov\",{\"1\":{\"457\":2,\"911\":2}}],[\"none\",{\"1\":{\"428\":2,\"471\":2,\"494\":2,\"520\":2,\"546\":2,\"576\":2,\"606\":2,\"652\":2,\"698\":2,\"744\":2,\"790\":2,\"836\":2,\"882\":2}}],[\"non\",{\"1\":{\"303\":2,\"304\":2,\"307\":2,\"310\":1,\"361\":3,\"387\":3,\"452\":2,\"453\":1,\"454\":2,\"455\":1,\"906\":2,\"907\":1,\"908\":2,\"909\":1}}],[\"noreplication\",{\"1\":{\"134\":1}}],[\"norwegian\",{\"1\":{\"1\":1}}],[\"nosuperuser\",{\"1\":{\"134\":1}}],[\"nodes\",{\"1\":{\"91\":2}}],[\"node\",{\"1\":{\"91\":3}}],[\"noticed\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"notice\",{\"1\":{\"290\":1,\"301\":1,\"408\":1,\"419\":1,\"632\":1,\"643\":1,\"678\":1,\"689\":1,\"724\":1,\"735\":1,\"770\":1,\"781\":1,\"816\":1,\"827\":1,\"862\":1,\"873\":1}}],[\"notifications\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"notation\",{\"1\":{\"96\":1,\"346\":1,\"372\":1}}],[\"noted\",{\"1\":{\"347\":1}}],[\"note\",{\"1\":{\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"173\":1,\"240\":1,\"352\":1,\"452\":2,\"453\":1,\"454\":2,\"455\":1,\"460\":1,\"906\":2,\"907\":1,\"908\":2,\"909\":1,\"914\":1}}],[\"notes\",{\"1\":{\"20\":2,\"43\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"141\":3,\"142\":3,\"290\":1,\"301\":1,\"304\":2,\"307\":2,\"310\":2}}],[\"not\",{\"1\":{\"37\":3,\"39\":2,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"89\":1,\"90\":2,\"97\":2,\"99\":2,\"100\":1,\"117\":1,\"146\":1,\"154\":1,\"159\":101,\"169\":2,\"170\":1,\"173\":1,\"218\":1,\"237\":1,\"240\":1,\"280\":1,\"283\":1,\"285\":1,\"286\":1,\"288\":1,\"289\":3,\"290\":3,\"291\":1,\"294\":1,\"296\":1,\"297\":1,\"299\":1,\"300\":3,\"301\":3,\"311\":1,\"314\":1,\"333\":1,\"348\":1,\"413\":2,\"414\":1,\"416\":1,\"417\":1,\"439\":1,\"441\":1,\"442\":2,\"443\":2,\"444\":1,\"456\":1,\"457\":27,\"458\":3,\"459\":4,\"460\":1,\"461\":1,\"462\":1,\"478\":1,\"480\":1,\"481\":2,\"482\":2,\"483\":1,\"485\":4,\"501\":1,\"503\":1,\"504\":2,\"505\":2,\"506\":1,\"508\":4,\"527\":1,\"529\":1,\"530\":2,\"531\":2,\"532\":1,\"534\":4,\"537\":1,\"557\":1,\"559\":1,\"560\":2,\"561\":2,\"562\":1,\"564\":4,\"587\":1,\"589\":1,\"590\":2,\"591\":2,\"592\":1,\"594\":4,\"617\":1,\"619\":1,\"620\":2,\"621\":2,\"622\":1,\"624\":4,\"637\":2,\"638\":1,\"640\":1,\"641\":1,\"663\":1,\"665\":1,\"666\":2,\"667\":2,\"668\":1,\"670\":4,\"683\":2,\"684\":1,\"686\":1,\"687\":1,\"709\":1,\"711\":1,\"712\":2,\"713\":2,\"714\":1,\"716\":4,\"729\":2,\"730\":1,\"732\":1,\"733\":1,\"755\":1,\"757\":1,\"758\":2,\"759\":2,\"760\":1,\"762\":4,\"775\":2,\"776\":1,\"778\":1,\"779\":1,\"801\":1,\"803\":1,\"804\":2,\"805\":2,\"806\":1,\"808\":4,\"821\":2,\"822\":1,\"824\":1,\"825\":1,\"847\":1,\"849\":1,\"850\":2,\"851\":2,\"852\":1,\"854\":4,\"867\":2,\"868\":1,\"870\":1,\"871\":1,\"893\":1,\"895\":1,\"896\":2,\"897\":2,\"898\":1,\"910\":1,\"911\":27,\"912\":3,\"913\":4,\"914\":1,\"915\":1,\"916\":1,\"920\":1,\"927\":1,\"969\":1,\"989\":1,\"997\":1,\"1026\":1,\"1043\":1,\"1044\":1,\"1090\":1,\"1120\":1,\"1137\":1,\"1138\":1,\"1179\":1,\"1196\":1,\"1199\":1,\"1253\":1,\"1330\":1,\"1347\":1,\"1350\":1,\"1392\":1,\"1422\":1,\"1502\":1,\"1522\":1,\"1526\":1,\"1568\":1,\"1598\":1,\"1679\":1,\"1699\":1,\"1703\":1,\"1745\":1,\"1775\":1,\"1856\":1,\"1876\":1,\"1880\":1,\"1922\":1,\"1952\":1,\"2033\":1,\"2053\":1,\"2057\":1,\"2099\":1,\"2129\":1,\"2210\":1,\"2230\":1,\"2234\":1,\"2276\":1,\"2306\":1,\"2327\":1,\"2334\":1,\"2400\":1,\"2420\":1,\"2428\":1,\"2433\":1,\"2495\":1,\"2525\":1,\"2546\":1,\"2553\":1,\"2619\":1,\"2639\":1,\"2647\":1,\"2652\":1,\"2714\":1,\"2744\":1,\"2765\":1,\"2772\":1,\"2838\":1,\"2858\":1,\"2866\":1,\"2871\":1,\"2933\":1,\"2963\":1,\"2984\":1,\"2991\":1,\"3057\":1,\"3077\":1,\"3085\":1,\"3090\":1,\"3152\":1,\"3182\":1,\"3203\":1,\"3210\":1,\"3252\":1,\"3272\":1,\"3280\":1,\"3309\":1,\"3326\":1,\"3327\":1,\"3373\":1,\"3403\":1,\"3420\":1,\"3421\":1,\"3423\":1}}],[\"now\",{\"1\":{\"20\":1,\"97\":1,\"98\":1,\"338\":1,\"367\":1,\"393\":1,\"405\":1,\"434\":1,\"460\":1,\"473\":1,\"496\":1,\"522\":1,\"536\":1,\"552\":1,\"582\":1,\"612\":1,\"629\":1,\"658\":1,\"675\":1,\"704\":1,\"721\":1,\"750\":1,\"767\":1,\"796\":1,\"813\":1,\"842\":1,\"859\":1,\"888\":1,\"914\":1}}],[\"noch\",{\"1\":{\"18\":1}}],[\"no\",{\"1\":{\"1\":1,\"26\":1,\"90\":1,\"159\":1,\"174\":1,\"176\":1,\"178\":1,\"180\":1,\"181\":1,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"189\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"206\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":1,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":1,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":1,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"243\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"250\":1,\"252\":1,\"254\":1,\"256\":1,\"258\":1,\"259\":1,\"261\":1,\"262\":1,\"264\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"276\":1,\"277\":2,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"325\":1,\"327\":8,\"337\":1,\"348\":1,\"351\":1,\"366\":1,\"376\":1,\"379\":1,\"381\":1,\"390\":1,\"392\":1,\"416\":4,\"438\":1,\"442\":1,\"443\":1,\"457\":2,\"477\":1,\"481\":1,\"482\":1,\"500\":1,\"504\":1,\"505\":1,\"526\":1,\"530\":1,\"531\":1,\"556\":1,\"560\":1,\"561\":1,\"586\":1,\"590\":1,\"591\":1,\"616\":1,\"620\":1,\"621\":1,\"640\":4,\"662\":1,\"666\":1,\"667\":1,\"686\":4,\"708\":1,\"712\":1,\"713\":1,\"732\":4,\"754\":1,\"758\":1,\"759\":1,\"778\":4,\"800\":1,\"804\":1,\"805\":1,\"824\":4,\"846\":1,\"850\":1,\"851\":1,\"870\":4,\"892\":1,\"896\":1,\"897\":1,\"911\":2,\"920\":1,\"930\":1,\"931\":1,\"933\":1,\"935\":1,\"937\":1,\"938\":1,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"950\":1,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":1,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":1,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":1,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":3,\"996\":1,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":2,\"1038\":1,\"1039\":1,\"1040\":2,\"1043\":1,\"1044\":1,\"1045\":1,\"1049\":1,\"1061\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1069\":1,\"1071\":1,\"1073\":1,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1081\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":3,\"1089\":1,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":2,\"1132\":1,\"1133\":1,\"1134\":2,\"1137\":1,\"1138\":1,\"1139\":1,\"1143\":1,\"1144\":1,\"1146\":1,\"1148\":1,\"1150\":1,\"1151\":1,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1159\":1,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1167\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":1,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":3,\"1198\":1,\"1199\":1,\"1200\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1237\":1,\"1239\":1,\"1241\":1,\"1243\":1,\"1244\":1,\"1246\":1,\"1248\":1,\"1250\":1,\"1251\":3,\"1252\":1,\"1253\":1,\"1254\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1263\":1,\"1264\":2,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1294\":1,\"1295\":1,\"1297\":1,\"1299\":1,\"1301\":1,\"1302\":1,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1310\":1,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1318\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":1,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":3,\"1349\":1,\"1350\":1,\"1351\":1,\"1355\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1375\":1,\"1377\":1,\"1379\":1,\"1381\":1,\"1382\":1,\"1384\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":3,\"1391\":1,\"1392\":1,\"1393\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1434\":1,\"1435\":2,\"1438\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1466\":1,\"1467\":1,\"1469\":1,\"1471\":1,\"1473\":1,\"1474\":1,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1483\":1,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1491\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":1,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":3,\"1525\":1,\"1526\":1,\"1527\":1,\"1531\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1551\":1,\"1553\":1,\"1555\":1,\"1557\":1,\"1558\":1,\"1560\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":3,\"1567\":1,\"1568\":1,\"1569\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":2,\"1611\":1,\"1612\":2,\"1615\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1643\":1,\"1644\":1,\"1646\":1,\"1648\":1,\"1650\":1,\"1651\":1,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1660\":1,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1668\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":1,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":3,\"1702\":1,\"1703\":1,\"1704\":1,\"1708\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1728\":1,\"1730\":1,\"1732\":1,\"1734\":1,\"1735\":1,\"1737\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":3,\"1744\":1,\"1745\":1,\"1746\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":2,\"1788\":1,\"1789\":2,\"1792\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1820\":1,\"1821\":1,\"1823\":1,\"1825\":1,\"1827\":1,\"1828\":1,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1837\":1,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1845\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":1,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":3,\"1879\":1,\"1880\":1,\"1881\":1,\"1885\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1905\":1,\"1907\":1,\"1909\":1,\"1911\":1,\"1912\":1,\"1914\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":3,\"1921\":1,\"1922\":1,\"1923\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":2,\"1965\":1,\"1966\":2,\"1969\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1997\":1,\"1998\":1,\"2000\":1,\"2002\":1,\"2004\":1,\"2005\":1,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2014\":1,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2022\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":1,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":3,\"2056\":1,\"2057\":1,\"2058\":1,\"2062\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2082\":1,\"2084\":1,\"2086\":1,\"2088\":1,\"2089\":1,\"2091\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":3,\"2098\":1,\"2099\":1,\"2100\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":2,\"2142\":1,\"2143\":2,\"2146\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2174\":1,\"2175\":1,\"2177\":1,\"2179\":1,\"2181\":1,\"2182\":1,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2191\":1,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2199\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":1,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":3,\"2233\":1,\"2234\":1,\"2235\":1,\"2239\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2259\":1,\"2261\":1,\"2263\":1,\"2265\":1,\"2266\":1,\"2268\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":3,\"2275\":1,\"2276\":1,\"2277\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":2,\"2319\":1,\"2320\":2,\"2323\":1,\"2327\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2361\":1,\"2362\":1,\"2364\":1,\"2366\":1,\"2368\":1,\"2369\":1,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2389\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":1,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":3,\"2427\":1,\"2428\":1,\"2429\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":2,\"2446\":1,\"2447\":2,\"2450\":1,\"2454\":1,\"2466\":1,\"2467\":1,\"2468\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2474\":1,\"2476\":1,\"2478\":1,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2486\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":3,\"2494\":1,\"2495\":1,\"2496\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":2,\"2538\":1,\"2539\":2,\"2542\":1,\"2546\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2580\":1,\"2581\":1,\"2583\":1,\"2585\":1,\"2587\":1,\"2588\":1,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2608\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":1,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":3,\"2646\":1,\"2647\":1,\"2648\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":2,\"2665\":1,\"2666\":2,\"2669\":1,\"2673\":1,\"2685\":1,\"2686\":1,\"2687\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2693\":1,\"2695\":1,\"2697\":1,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2705\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":3,\"2713\":1,\"2714\":1,\"2715\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":2,\"2757\":1,\"2758\":2,\"2761\":1,\"2765\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2799\":1,\"2800\":1,\"2802\":1,\"2804\":1,\"2806\":1,\"2807\":1,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2827\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":1,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":3,\"2865\":1,\"2866\":1,\"2867\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":2,\"2884\":1,\"2885\":2,\"2888\":1,\"2892\":1,\"2904\":1,\"2905\":1,\"2906\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2912\":1,\"2914\":1,\"2916\":1,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2924\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":3,\"2932\":1,\"2933\":1,\"2934\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":2,\"2976\":1,\"2977\":2,\"2980\":1,\"2984\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3018\":1,\"3019\":1,\"3021\":1,\"3023\":1,\"3025\":1,\"3026\":1,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3046\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":1,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":3,\"3084\":1,\"3085\":1,\"3086\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":2,\"3103\":1,\"3104\":2,\"3107\":1,\"3111\":1,\"3123\":1,\"3124\":1,\"3125\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3131\":1,\"3133\":1,\"3135\":1,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3143\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":3,\"3151\":1,\"3152\":1,\"3153\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":2,\"3195\":1,\"3196\":2,\"3199\":1,\"3203\":1,\"3213\":1,\"3214\":1,\"3216\":1,\"3218\":1,\"3220\":1,\"3221\":1,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":1,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":3,\"3279\":1,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":2,\"3321\":1,\"3322\":1,\"3323\":2,\"3326\":1,\"3327\":1,\"3328\":1,\"3332\":1,\"3344\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3352\":1,\"3354\":1,\"3356\":1,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3364\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":3,\"3372\":1,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":2,\"3415\":1,\"3416\":1,\"3417\":2,\"3420\":1,\"3421\":1,\"3422\":1}}],[\"nested\",{\"1\":{\"159\":1}}],[\"next\",{\"1\":{\"103\":1,\"109\":1,\"141\":2,\"159\":11,\"160\":1}}],[\"never\",{\"1\":{\"91\":1,\"159\":12,\"381\":3}}],[\"neben\",{\"1\":{\"16\":1}}],[\"net\",{\"1\":{\"285\":1,\"296\":1,\"439\":1,\"458\":3,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"912\":3}}],[\"netzwerkfreigaben\",{\"0\":{\"16\":1}}],[\"networking\",{\"1\":{\"177\":1,\"253\":1,\"934\":1,\"1070\":1,\"1147\":1,\"1238\":1,\"1298\":1,\"1376\":1,\"1470\":1,\"1552\":1,\"1647\":1,\"1729\":1,\"1824\":1,\"1906\":1,\"2001\":1,\"2083\":1,\"2178\":1,\"2260\":1,\"2365\":1,\"2475\":1,\"2584\":1,\"2694\":1,\"2803\":1,\"2913\":1,\"3022\":1,\"3132\":1,\"3217\":1,\"3353\":1}}],[\"networks\",{\"1\":{\"26\":1,\"327\":9,\"461\":1,\"473\":1,\"496\":1,\"522\":1,\"915\":1}}],[\"network\",{\"0\":{\"92\":1,\"99\":1,\"129\":1,\"169\":1,\"285\":2,\"296\":2,\"439\":2,\"478\":2,\"501\":2,\"527\":2,\"557\":2,\"587\":2,\"617\":2,\"663\":2,\"709\":2,\"755\":2,\"801\":2,\"847\":2,\"893\":2},\"1\":{\"0\":1,\"32\":1,\"81\":1,\"88\":1,\"90\":2,\"92\":1,\"95\":1,\"99\":2,\"100\":1,\"109\":1,\"112\":2,\"113\":2,\"124\":1,\"129\":1,\"136\":4,\"164\":1,\"167\":2,\"168\":2,\"169\":2,\"170\":1,\"285\":4,\"296\":4,\"434\":1,\"439\":2,\"445\":1,\"473\":2,\"478\":2,\"484\":1,\"496\":2,\"501\":2,\"507\":1,\"522\":2,\"527\":2,\"533\":1,\"552\":1,\"557\":2,\"563\":1,\"582\":1,\"587\":2,\"593\":1,\"612\":1,\"617\":2,\"623\":1,\"658\":1,\"663\":2,\"669\":1,\"704\":1,\"709\":2,\"715\":1,\"750\":1,\"755\":2,\"761\":1,\"796\":1,\"801\":2,\"807\":1,\"842\":1,\"847\":2,\"853\":1,\"888\":1,\"893\":2,\"899\":1}}],[\"neuen\",{\"1\":{\"14\":2}}],[\"needed\",{\"0\":{\"148\":1},\"1\":{\"38\":1,\"85\":1,\"97\":1,\"100\":1,\"110\":1,\"138\":1,\"165\":1,\"170\":1,\"277\":1,\"284\":1,\"290\":1,\"295\":1,\"319\":1,\"331\":1,\"338\":1,\"348\":1,\"352\":1,\"367\":1,\"377\":1,\"390\":1,\"393\":1,\"394\":1,\"438\":1,\"461\":1,\"462\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1,\"915\":1,\"916\":1,\"1040\":1,\"1134\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1,\"3323\":1,\"3417\":1}}],[\"need\",{\"0\":{\"119\":1},\"1\":{\"12\":1,\"85\":2,\"97\":2,\"117\":1,\"119\":1,\"127\":1,\"154\":1,\"162\":1,\"283\":1,\"290\":2,\"294\":1,\"301\":2,\"332\":1,\"338\":2,\"348\":1,\"352\":1,\"356\":1,\"358\":1,\"361\":2,\"362\":1,\"367\":1,\"377\":1,\"383\":1,\"384\":1,\"387\":2,\"388\":1,\"393\":1,\"398\":1,\"415\":1,\"437\":1,\"443\":1,\"476\":1,\"482\":1,\"499\":1,\"505\":1,\"525\":1,\"531\":1,\"555\":1,\"561\":1,\"585\":1,\"591\":1,\"615\":1,\"621\":1,\"639\":1,\"661\":1,\"667\":1,\"685\":1,\"707\":1,\"713\":1,\"731\":1,\"753\":1,\"759\":1,\"777\":1,\"799\":1,\"805\":1,\"823\":1,\"845\":1,\"851\":1,\"869\":1,\"891\":1,\"897\":1}}],[\"needs\",{\"1\":{\"12\":1,\"99\":1,\"152\":2,\"153\":2,\"162\":1,\"169\":1,\"285\":1,\"296\":1,\"332\":2,\"334\":1,\"356\":1,\"357\":2,\"358\":1,\"361\":2,\"362\":1,\"383\":2,\"384\":1,\"387\":2,\"388\":1,\"398\":1,\"417\":1,\"427\":1,\"439\":1,\"470\":1,\"478\":1,\"493\":1,\"501\":1,\"519\":1,\"527\":1,\"545\":1,\"557\":1,\"575\":1,\"587\":1,\"605\":1,\"617\":1,\"641\":1,\"651\":1,\"663\":1,\"687\":1,\"697\":1,\"709\":1,\"733\":1,\"743\":1,\"755\":1,\"779\":1,\"789\":1,\"801\":1,\"825\":1,\"835\":1,\"847\":1,\"871\":1,\"881\":1,\"893\":1,\"1024\":1,\"1117\":1,\"1419\":1,\"1595\":1,\"1772\":1,\"1949\":1,\"2126\":1,\"2303\":1,\"2431\":1,\"2522\":1,\"2650\":1,\"2741\":1,\"2869\":1,\"2960\":1,\"3088\":1,\"3179\":1,\"3307\":1,\"3400\":1}}],[\"newly\",{\"1\":{\"460\":1,\"914\":1}}],[\"new\",{\"0\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"140\":1,\"141\":1,\"142\":1,\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1},\"1\":{\"5\":1,\"42\":2,\"43\":1,\"44\":2,\"45\":1,\"46\":2,\"47\":1,\"48\":2,\"49\":1,\"50\":2,\"51\":1,\"52\":2,\"53\":1,\"54\":2,\"55\":1,\"56\":2,\"57\":1,\"58\":2,\"59\":1,\"60\":2,\"61\":1,\"62\":2,\"63\":1,\"64\":2,\"65\":1,\"66\":2,\"67\":1,\"81\":2,\"82\":1,\"90\":1,\"117\":2,\"131\":1,\"141\":1,\"142\":1,\"143\":3,\"144\":1,\"145\":4,\"146\":1,\"147\":4,\"149\":1,\"150\":5,\"151\":2,\"152\":2,\"153\":2,\"154\":3,\"157\":4,\"159\":22,\"160\":4,\"290\":1,\"301\":1,\"304\":4,\"307\":4,\"310\":4,\"338\":1,\"349\":9,\"356\":1,\"364\":2,\"367\":1,\"393\":1,\"415\":1,\"417\":1,\"419\":1,\"421\":1,\"438\":1,\"443\":1,\"457\":2,\"459\":14,\"460\":1,\"464\":1,\"477\":1,\"482\":1,\"485\":4,\"487\":1,\"500\":1,\"505\":1,\"508\":4,\"513\":1,\"526\":1,\"531\":1,\"534\":4,\"536\":2,\"537\":4,\"539\":1,\"556\":1,\"561\":1,\"564\":14,\"569\":1,\"586\":1,\"591\":1,\"594\":14,\"599\":1,\"616\":1,\"621\":1,\"624\":14,\"639\":1,\"641\":1,\"643\":1,\"645\":1,\"662\":1,\"667\":1,\"670\":14,\"685\":1,\"687\":1,\"689\":1,\"691\":1,\"708\":1,\"713\":1,\"716\":14,\"731\":1,\"733\":1,\"735\":1,\"737\":1,\"754\":1,\"759\":1,\"762\":14,\"777\":1,\"779\":1,\"781\":1,\"783\":1,\"800\":1,\"805\":1,\"808\":14,\"823\":1,\"825\":1,\"827\":1,\"829\":1,\"846\":1,\"851\":1,\"854\":14,\"869\":1,\"871\":1,\"873\":1,\"875\":1,\"892\":1,\"897\":1,\"911\":2,\"913\":14,\"914\":1,\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"necessary\",{\"1\":{\"0\":1,\"32\":1,\"94\":1,\"127\":1,\"128\":1,\"289\":1,\"300\":1,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"g02\",{\"1\":{\"457\":1,\"911\":1,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"gmt\",{\"1\":{\"457\":27,\"458\":3,\"911\":27,\"912\":3}}],[\"gmds2022\",{\"0\":{\"114\":1}}],[\"gmds\",{\"0\":{\"28\":1,\"29\":1},\"1\":{\"121\":1,\"318\":1}}],[\"gaps\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"gateway\",{\"1\":{\"371\":1,\"374\":1,\"381\":1,\"390\":2}}],[\"gateways\",{\"0\":{\"324\":1,\"325\":1,\"368\":1,\"369\":1,\"371\":1,\"378\":1,\"379\":1},\"1\":{\"324\":1,\"369\":1,\"371\":1}}],[\"gain\",{\"1\":{\"93\":1,\"116\":2,\"117\":1,\"120\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"ghcr\",{\"1\":{\"303\":4,\"304\":4,\"306\":4,\"307\":4,\"309\":4,\"310\":4,\"312\":4,\"313\":2,\"315\":4,\"316\":2,\"327\":6,\"341\":2,\"449\":1,\"461\":4,\"462\":2,\"510\":4,\"511\":2,\"536\":4,\"537\":2,\"566\":4,\"567\":2,\"596\":4,\"597\":2,\"626\":4,\"627\":2,\"672\":4,\"673\":2,\"718\":4,\"719\":2,\"764\":4,\"765\":2,\"810\":4,\"811\":2,\"856\":4,\"857\":2,\"903\":1,\"915\":4,\"916\":2,\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"gz\",{\"1\":{\"289\":6,\"290\":6,\"300\":6,\"301\":6,\"303\":12,\"442\":2,\"443\":2,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"530\":2,\"531\":2,\"560\":2,\"561\":2,\"590\":2,\"591\":2,\"620\":2,\"621\":2,\"666\":2,\"667\":2,\"712\":2,\"713\":2,\"758\":2,\"759\":2,\"804\":2,\"805\":2,\"850\":2,\"851\":2,\"896\":2,\"897\":2}}],[\"gpg\",{\"1\":{\"283\":4,\"294\":4,\"413\":1,\"437\":4,\"476\":4,\"499\":4,\"525\":4,\"555\":4,\"585\":4,\"615\":4,\"637\":1,\"661\":4,\"683\":1,\"707\":4,\"729\":1,\"753\":4,\"775\":1,\"799\":4,\"821\":1,\"845\":4,\"867\":1,\"891\":4}}],[\"gnupg\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"gb\",{\"1\":{\"282\":4,\"293\":4,\"403\":1,\"436\":4,\"475\":4,\"498\":4,\"524\":4,\"554\":4,\"584\":4,\"614\":4,\"660\":4,\"706\":4,\"752\":4,\"798\":4,\"844\":4,\"890\":4}}],[\"gid\",{\"1\":{\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"442\":2,\"443\":2,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"530\":2,\"531\":2,\"560\":2,\"561\":2,\"590\":2,\"591\":2,\"620\":2,\"621\":2,\"666\":2,\"667\":2,\"712\":2,\"713\":2,\"758\":2,\"759\":2,\"804\":2,\"805\":2,\"850\":2,\"851\":2,\"896\":2,\"897\":2}}],[\"given\",{\"1\":{\"261\":1,\"334\":1,\"357\":1,\"358\":1,\"384\":1}}],[\"git\",{\"0\":{\"157\":1,\"395\":1},\"1\":{\"74\":1,\"141\":3,\"142\":3,\"157\":1,\"319\":1,\"394\":1,\"395\":2,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"github\",{\"0\":{\"161\":1,\"162\":1,\"398\":1},\"1\":{\"17\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"73\":2,\"74\":1,\"75\":1,\"83\":8,\"116\":1,\"130\":1,\"143\":1,\"156\":1,\"162\":6,\"163\":2,\"283\":1,\"289\":4,\"290\":11,\"294\":1,\"300\":4,\"301\":6,\"303\":8,\"398\":5,\"407\":1,\"417\":2,\"419\":3,\"433\":1,\"549\":2,\"550\":2,\"551\":1,\"579\":2,\"580\":2,\"581\":1,\"609\":2,\"610\":3,\"611\":1,\"631\":1,\"641\":2,\"643\":3,\"655\":2,\"656\":3,\"657\":1,\"677\":1,\"687\":2,\"689\":3,\"701\":2,\"702\":3,\"703\":1,\"723\":1,\"733\":2,\"735\":3,\"747\":2,\"748\":4,\"749\":1,\"769\":1,\"779\":2,\"781\":3,\"795\":1,\"815\":1,\"825\":2,\"827\":3,\"841\":1,\"861\":1,\"871\":2,\"873\":3,\"887\":1}}],[\"gth\",{\"1\":{\"130\":1,\"429\":1,\"445\":1,\"471\":1,\"472\":1,\"484\":1,\"494\":1,\"495\":1,\"507\":1,\"520\":1,\"521\":1,\"533\":1,\"546\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"653\":1,\"669\":1,\"699\":1,\"715\":1,\"745\":1,\"761\":1,\"791\":1,\"807\":1,\"837\":1,\"853\":1,\"883\":1,\"899\":1}}],[\"géant\",{\"1\":{\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"284\":1,\"295\":1,\"438\":2,\"460\":1,\"477\":2,\"500\":2,\"526\":2,\"556\":2,\"586\":2,\"616\":2,\"662\":2,\"708\":2,\"754\":2,\"800\":2,\"846\":2,\"892\":2,\"914\":1}}],[\"g2\",{\"1\":{\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"284\":1,\"295\":1,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"globalroot\",{\"1\":{\"457\":1,\"911\":1}}],[\"global\",{\"1\":{\"110\":2,\"112\":1,\"113\":1,\"165\":2,\"167\":1,\"168\":1,\"284\":1,\"289\":1,\"295\":1,\"300\":1,\"438\":1,\"457\":1,\"477\":1,\"481\":1,\"500\":1,\"504\":1,\"526\":1,\"530\":1,\"556\":1,\"560\":1,\"586\":1,\"590\":1,\"616\":1,\"620\":1,\"662\":1,\"666\":1,\"708\":1,\"712\":1,\"754\":1,\"758\":1,\"800\":1,\"804\":1,\"846\":1,\"850\":1,\"892\":1,\"911\":1,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"guardian\",{\"1\":{\"159\":1}}],[\"guarantee\",{\"1\":{\"109\":1}}],[\"guidance\",{\"1\":{\"5\":1,\"116\":1,\"117\":1}}],[\"guidelines\",{\"1\":{\"416\":1,\"419\":1,\"640\":1,\"643\":1,\"686\":1,\"689\":1,\"732\":1,\"735\":1,\"778\":1,\"781\":1,\"824\":1,\"827\":1,\"870\":1,\"873\":1}}],[\"guide\",{\"1\":{\"4\":1,\"69\":1,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"280\":2,\"283\":1,\"291\":2,\"294\":1,\"302\":1,\"305\":3,\"308\":1,\"395\":2,\"397\":2,\"399\":2,\"401\":4,\"402\":2,\"419\":3,\"428\":1,\"432\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"546\":1,\"555\":1,\"576\":1,\"585\":1,\"606\":1,\"615\":1,\"643\":3,\"652\":1,\"661\":1,\"689\":3,\"698\":1,\"707\":1,\"735\":3,\"744\":1,\"753\":1,\"781\":3,\"790\":1,\"794\":1,\"799\":1,\"827\":3,\"836\":1,\"840\":1,\"845\":1,\"873\":3,\"882\":1,\"886\":1,\"891\":1,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"gdpr\",{\"1\":{\"109\":1}}],[\"g\",{\"1\":{\"78\":1,\"85\":1,\"88\":1,\"99\":2,\"109\":1,\"139\":2,\"163\":1,\"169\":2,\"289\":6,\"290\":2,\"300\":7,\"301\":2,\"372\":1,\"401\":1,\"402\":1,\"428\":2,\"434\":1,\"439\":1,\"442\":4,\"443\":1,\"459\":2,\"471\":2,\"473\":2,\"478\":1,\"481\":5,\"482\":2,\"485\":2,\"494\":2,\"496\":2,\"501\":1,\"504\":4,\"505\":2,\"508\":2,\"520\":2,\"522\":2,\"527\":1,\"530\":4,\"531\":2,\"534\":2,\"546\":2,\"552\":1,\"557\":1,\"560\":4,\"561\":2,\"564\":2,\"576\":2,\"582\":1,\"587\":1,\"590\":4,\"591\":1,\"594\":2,\"606\":2,\"612\":1,\"617\":1,\"620\":4,\"621\":1,\"624\":2,\"652\":2,\"658\":1,\"663\":1,\"666\":4,\"667\":1,\"670\":2,\"698\":2,\"704\":1,\"709\":1,\"712\":4,\"713\":1,\"716\":2,\"744\":2,\"750\":1,\"755\":1,\"758\":4,\"759\":1,\"762\":2,\"790\":2,\"796\":1,\"801\":1,\"804\":4,\"805\":1,\"808\":2,\"836\":2,\"842\":1,\"847\":1,\"850\":4,\"851\":1,\"854\":2,\"882\":2,\"888\":1,\"893\":1,\"896\":4,\"897\":1,\"913\":2,\"1043\":1,\"1137\":1,\"3326\":1,\"3420\":1}}],[\"google\",{\"1\":{\"139\":1}}],[\"goodbyedicmessage\",{\"1\":{\"390\":1}}],[\"goodbydic\",{\"1\":{\"390\":1,\"393\":3}}],[\"good\",{\"1\":{\"39\":1}}],[\"go\",{\"1\":{\"93\":1,\"338\":2,\"367\":2,\"393\":2}}],[\"goal\",{\"0\":{\"85\":1},\"1\":{\"344\":1}}],[\"goals\",{\"1\":{\"82\":1}}],[\"gothenburg\",{\"1\":{\"1\":1}}],[\"grizzly\",{\"1\":{\"444\":4,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":4,\"806\":4,\"852\":4,\"898\":4}}],[\"grateful\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"graphical\",{\"1\":{\"402\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"granted\",{\"1\":{\"99\":1,\"169\":1}}],[\"greatly\",{\"1\":{\"417\":1,\"418\":1,\"641\":1,\"642\":1,\"687\":1,\"688\":1,\"733\":1,\"734\":1,\"779\":1,\"780\":1,\"825\":1,\"826\":1,\"871\":1,\"872\":1}}],[\"greater\",{\"1\":{\"372\":1}}],[\"great\",{\"1\":{\"97\":2,\"127\":1}}],[\"green\",{\"1\":{\"88\":1,\"429\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"growth\",{\"1\":{\"405\":1,\"419\":1,\"629\":1,\"643\":1,\"675\":1,\"689\":1,\"721\":1,\"735\":1,\"767\":1,\"781\":1,\"813\":1,\"827\":1,\"859\":1,\"873\":1}}],[\"growing\",{\"1\":{\"72\":1}}],[\"groupadd\",{\"1\":{\"442\":1,\"443\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"groupid>\",{\"1\":{\"163\":1}}],[\"grouping\",{\"1\":{\"159\":1}}],[\"grouped\",{\"1\":{\"159\":1}}],[\"group\",{\"0\":{\"118\":1,\"178\":1,\"181\":1,\"254\":1,\"256\":1,\"924\":1,\"935\":1,\"938\":1,\"1053\":1,\"1071\":1,\"1073\":1,\"1148\":1,\"1151\":1,\"1239\":1,\"1241\":1,\"1299\":1,\"1302\":1,\"1359\":1,\"1377\":1,\"1379\":1,\"1471\":1,\"1474\":1,\"1535\":1,\"1553\":1,\"1555\":1,\"1648\":1,\"1651\":1,\"1712\":1,\"1730\":1,\"1732\":1,\"1825\":1,\"1828\":1,\"1889\":1,\"1907\":1,\"1909\":1,\"2002\":1,\"2005\":1,\"2066\":1,\"2084\":1,\"2086\":1,\"2179\":1,\"2182\":1,\"2243\":1,\"2261\":1,\"2263\":1,\"2331\":1,\"2366\":1,\"2369\":1,\"2458\":1,\"2476\":1,\"2478\":1,\"2550\":1,\"2585\":1,\"2588\":1,\"2677\":1,\"2695\":1,\"2697\":1,\"2769\":1,\"2804\":1,\"2807\":1,\"2896\":1,\"2914\":1,\"2916\":1,\"2988\":1,\"3023\":1,\"3026\":1,\"3115\":1,\"3133\":1,\"3135\":1,\"3207\":1,\"3218\":1,\"3221\":1,\"3336\":1,\"3354\":1,\"3356\":1},\"1\":{\"97\":1,\"178\":2,\"181\":2,\"254\":2,\"256\":2,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"327\":12,\"433\":1,\"442\":5,\"443\":3,\"481\":5,\"482\":3,\"504\":5,\"505\":3,\"530\":5,\"531\":3,\"560\":5,\"561\":3,\"590\":5,\"591\":3,\"620\":5,\"621\":3,\"666\":5,\"667\":3,\"712\":5,\"713\":3,\"758\":5,\"759\":3,\"795\":1,\"804\":5,\"805\":3,\"841\":1,\"850\":5,\"851\":3,\"887\":1,\"896\":5,\"897\":3,\"921\":1,\"924\":3,\"928\":2,\"935\":2,\"938\":2,\"1050\":1,\"1053\":3,\"1057\":2,\"1071\":2,\"1073\":2,\"1148\":2,\"1151\":2,\"1239\":2,\"1241\":2,\"1299\":2,\"1302\":2,\"1356\":1,\"1359\":3,\"1363\":2,\"1377\":2,\"1379\":2,\"1471\":2,\"1474\":2,\"1532\":1,\"1535\":3,\"1539\":2,\"1553\":2,\"1555\":2,\"1648\":2,\"1651\":2,\"1709\":1,\"1712\":3,\"1716\":2,\"1730\":2,\"1732\":2,\"1825\":2,\"1828\":2,\"1886\":1,\"1889\":3,\"1893\":2,\"1907\":2,\"1909\":2,\"2002\":2,\"2005\":2,\"2063\":1,\"2066\":3,\"2070\":2,\"2084\":2,\"2086\":2,\"2179\":2,\"2182\":2,\"2240\":1,\"2243\":3,\"2247\":2,\"2261\":2,\"2263\":2,\"2328\":1,\"2331\":3,\"2335\":2,\"2366\":2,\"2369\":2,\"2455\":1,\"2458\":3,\"2462\":2,\"2476\":2,\"2478\":2,\"2547\":1,\"2550\":3,\"2554\":2,\"2585\":2,\"2588\":2,\"2674\":1,\"2677\":3,\"2681\":2,\"2695\":2,\"2697\":2,\"2766\":1,\"2769\":3,\"2773\":2,\"2804\":2,\"2807\":2,\"2893\":1,\"2896\":3,\"2900\":2,\"2914\":2,\"2916\":2,\"2985\":1,\"2988\":3,\"2992\":2,\"3023\":2,\"3026\":2,\"3112\":1,\"3115\":3,\"3119\":2,\"3133\":2,\"3135\":2,\"3204\":1,\"3207\":3,\"3211\":2,\"3218\":2,\"3221\":2,\"3333\":1,\"3336\":3,\"3340\":2,\"3354\":2,\"3356\":2}}],[\"groups\",{\"1\":{\"85\":1,\"159\":1}}],[\"gruendner\",{\"1\":{\"26\":1}}],[\"gründner\",{\"1\":{\"14\":1}}],[\"grüße\",{\"1\":{\"14\":1}}],[\"geant\",{\"1\":{\"457\":10,\"911\":10,\"1044\":10,\"1138\":10,\"3327\":10,\"3421\":10}}],[\"gecco\",{\"1\":{\"130\":1,\"285\":6,\"286\":2,\"290\":1,\"296\":6,\"297\":2,\"301\":1}}],[\"gecko\",{\"0\":{\"77\":1},\"1\":{\"12\":1,\"16\":2,\"22\":1,\"71\":1,\"77\":1,\"82\":1,\"427\":1,\"429\":1,\"445\":1,\"470\":1,\"471\":1,\"472\":1,\"484\":1,\"493\":1,\"494\":1,\"495\":1,\"507\":1,\"519\":1,\"520\":1,\"521\":1,\"533\":1,\"545\":1,\"546\":1,\"547\":1,\"563\":1,\"575\":1,\"577\":1,\"593\":1,\"605\":1,\"607\":1,\"623\":1,\"651\":1,\"653\":1,\"669\":1,\"697\":1,\"699\":1,\"715\":1,\"743\":1,\"745\":1,\"761\":1,\"789\":1,\"791\":1,\"807\":1,\"835\":1,\"837\":1,\"853\":1,\"881\":1,\"883\":1,\"899\":1}}],[\"gesundheit\",{\"1\":{\"126\":1}}],[\"gespeichert\",{\"1\":{\"17\":1}}],[\"gets\",{\"1\":{\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"getsub\",{\"1\":{\"196\":1}}],[\"getadditionalinputparameters\",{\"1\":{\"390\":1}}],[\"getvariable\",{\"1\":{\"373\":1}}],[\"getversion\",{\"1\":{\"348\":1}}],[\"getreleasedate\",{\"1\":{\"348\":1}}],[\"getter\",{\"1\":{\"159\":1}}],[\"getting\",{\"0\":{\"12\":1},\"1\":{\"13\":1,\"419\":4,\"643\":4,\"689\":4,\"735\":4,\"781\":4,\"827\":4,\"873\":4}}],[\"get\",{\"0\":{\"75\":1},\"1\":{\"74\":1,\"283\":4,\"294\":4,\"410\":1,\"422\":1,\"427\":1,\"437\":4,\"470\":1,\"476\":4,\"493\":1,\"499\":4,\"519\":1,\"525\":4,\"545\":1,\"555\":4,\"575\":1,\"585\":4,\"605\":1,\"615\":4,\"634\":1,\"646\":1,\"651\":1,\"661\":4,\"680\":1,\"692\":1,\"697\":1,\"707\":4,\"726\":1,\"738\":1,\"743\":1,\"753\":4,\"772\":1,\"784\":1,\"789\":1,\"799\":4,\"818\":1,\"830\":1,\"835\":1,\"845\":4,\"864\":1,\"876\":1,\"881\":1,\"891\":4}}],[\"generates\",{\"1\":{\"346\":1}}],[\"generate\",{\"1\":{\"162\":1,\"289\":4,\"290\":3,\"300\":4,\"301\":3,\"331\":1,\"398\":1,\"442\":4,\"443\":3,\"481\":4,\"482\":3,\"504\":4,\"505\":3,\"530\":4,\"531\":3,\"560\":4,\"561\":3,\"590\":4,\"591\":3,\"620\":4,\"621\":3,\"666\":4,\"667\":3,\"712\":4,\"713\":3,\"758\":4,\"759\":3,\"804\":4,\"805\":3,\"850\":4,\"851\":3,\"896\":4,\"897\":3}}],[\"generated\",{\"1\":{\"134\":1,\"135\":1,\"145\":2,\"146\":1,\"154\":1,\"162\":1,\"338\":4,\"367\":1,\"393\":1,\"398\":1}}],[\"generator\",{\"1\":{\"134\":2,\"135\":2,\"138\":1,\"331\":1,\"338\":3,\"346\":2,\"367\":1,\"393\":1}}],[\"general\",{\"0\":{\"99\":1,\"164\":1,\"169\":1,\"406\":1,\"630\":1,\"676\":1,\"722\":1,\"768\":1,\"814\":1,\"860\":1},\"1\":{\"30\":1,\"31\":1,\"36\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"164\":1,\"329\":1,\"926\":1,\"1055\":1,\"1361\":1,\"1537\":1,\"1714\":1,\"1891\":1,\"2068\":1,\"2245\":1,\"2333\":1,\"2460\":1,\"2552\":1,\"2679\":1,\"2771\":1,\"2898\":1,\"2990\":1,\"3117\":1,\"3209\":1,\"3338\":1}}],[\"gender\",{\"1\":{\"95\":1}}],[\"genutzt\",{\"1\":{\"17\":1}}],[\"gerne\",{\"1\":{\"22\":1}}],[\"germany\",{\"1\":{\"129\":1}}],[\"german\",{\"1\":{\"0\":1,\"5\":1,\"6\":1,\"11\":1,\"26\":1,\"98\":2,\"116\":1,\"117\":1,\"120\":1,\"126\":1,\"419\":1,\"473\":1,\"485\":1,\"496\":1,\"508\":1,\"522\":1,\"534\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"gemeinsame\",{\"1\":{\"14\":1,\"41\":1}}],[\"wget\",{\"1\":{\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":4,\"433\":2,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"795\":2,\"804\":1,\"805\":1,\"841\":2,\"850\":1,\"851\":1,\"887\":2,\"896\":1,\"897\":1}}],[\"ws\",{\"0\":{\"272\":1,\"274\":1,\"1034\":1,\"1036\":1,\"1128\":1,\"1130\":1,\"1259\":1,\"1261\":1,\"1430\":1,\"1432\":1,\"1606\":1,\"1608\":1,\"1783\":1,\"1785\":1,\"1960\":1,\"1962\":1,\"2137\":1,\"2139\":1,\"2314\":1,\"2316\":1,\"2441\":1,\"2443\":1,\"2533\":1,\"2535\":1,\"2660\":1,\"2662\":1,\"2752\":1,\"2754\":1,\"2879\":1,\"2881\":1,\"2971\":1,\"2973\":1,\"3098\":1,\"3100\":1,\"3190\":1,\"3192\":1,\"3317\":1,\"3319\":1,\"3411\":1,\"3413\":1},\"1\":{\"272\":1,\"274\":1,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"1034\":1,\"1036\":1,\"1128\":1,\"1130\":1,\"1259\":1,\"1261\":1,\"1430\":1,\"1432\":1,\"1606\":1,\"1608\":1,\"1783\":1,\"1785\":1,\"1960\":1,\"1962\":1,\"2137\":1,\"2139\":1,\"2314\":1,\"2316\":1,\"2441\":1,\"2443\":1,\"2533\":1,\"2535\":1,\"2660\":1,\"2662\":1,\"2752\":1,\"2754\":1,\"2879\":1,\"2881\":1,\"2971\":1,\"2973\":1,\"3098\":1,\"3100\":1,\"3190\":1,\"3192\":1,\"3317\":1,\"3319\":1,\"3411\":1,\"3413\":1}}],[\"wss\",{\"1\":{\"90\":1,\"109\":1,\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"483\":2,\"501\":1,\"506\":2,\"527\":1,\"532\":2,\"557\":1,\"562\":2,\"587\":1,\"592\":2,\"617\":1,\"622\":2,\"663\":1,\"668\":2,\"709\":1,\"714\":2,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"w3\",{\"1\":{\"162\":1,\"398\":1}}],[\"wrapped\",{\"1\":{\"159\":1}}],[\"wrap\",{\"1\":{\"159\":5,\"160\":14}}],[\"written\",{\"1\":{\"341\":1,\"346\":1,\"348\":1,\"396\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"writing\",{\"0\":{\"155\":1},\"1\":{\"143\":1,\"348\":1}}],[\"write\",{\"1\":{\"73\":1,\"141\":1,\"142\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"348\":1,\"373\":2,\"374\":1,\"414\":1,\"429\":1,\"442\":2,\"443\":1,\"445\":1,\"470\":1,\"472\":1,\"481\":2,\"482\":1,\"484\":1,\"493\":1,\"495\":1,\"504\":2,\"505\":1,\"507\":1,\"519\":1,\"521\":1,\"530\":2,\"531\":1,\"533\":1,\"547\":1,\"560\":2,\"561\":1,\"563\":1,\"577\":1,\"590\":2,\"591\":1,\"593\":1,\"607\":1,\"620\":2,\"621\":1,\"623\":1,\"638\":1,\"653\":1,\"666\":2,\"667\":1,\"669\":1,\"684\":1,\"699\":1,\"712\":2,\"713\":1,\"715\":1,\"730\":1,\"745\":1,\"758\":2,\"759\":1,\"761\":1,\"776\":1,\"791\":1,\"804\":2,\"805\":1,\"807\":1,\"822\":1,\"837\":1,\"850\":2,\"851\":1,\"853\":1,\"868\":1,\"883\":1,\"896\":2,\"897\":1,\"899\":1}}],[\"wwwnetzwerk\",{\"1\":{\"304\":8,\"307\":2}}],[\"www\",{\"1\":{\"116\":1,\"139\":1,\"162\":1,\"398\":1,\"456\":2,\"458\":3,\"910\":2,\"912\":3}}],[\"wait\",{\"1\":{\"381\":1,\"931\":1,\"1067\":1,\"1144\":1,\"1235\":1,\"1295\":1,\"1373\":1,\"1467\":1,\"1549\":1,\"1644\":1,\"1726\":1,\"1821\":1,\"1903\":1,\"1998\":1,\"2080\":1,\"2175\":1,\"2257\":1,\"2362\":1,\"2472\":1,\"2581\":1,\"2691\":1,\"2800\":1,\"2910\":1,\"3019\":1,\"3129\":1,\"3214\":1,\"3350\":1}}],[\"waiting\",{\"1\":{\"325\":1,\"379\":1,\"381\":2,\"383\":2,\"393\":1}}],[\"waits\",{\"1\":{\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1}}],[\"warn\",{\"1\":{\"217\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\"warnning\",{\"1\":{\"186\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1}}],[\"warning\",{\"1\":{\"136\":1,\"283\":1,\"294\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"walks\",{\"1\":{\"144\":1}}],[\"was\",{\"1\":{\"98\":1,\"117\":1,\"129\":2,\"290\":3,\"301\":3,\"318\":1,\"337\":1,\"338\":7,\"351\":1,\"352\":2,\"366\":1,\"367\":9,\"376\":1,\"377\":1,\"392\":1,\"393\":10,\"443\":3,\"482\":3,\"505\":3,\"531\":3,\"561\":3,\"591\":3,\"621\":3,\"667\":3,\"713\":3,\"759\":3,\"805\":3,\"851\":3,\"897\":3}}],[\"ways\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"way\",{\"1\":{\"85\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"wants\",{\"1\":{\"338\":1}}],[\"want\",{\"1\":{\"13\":1,\"37\":1,\"85\":1,\"86\":1,\"93\":1,\"154\":1,\"414\":1,\"415\":1,\"417\":1,\"459\":1,\"481\":1,\"509\":1,\"535\":1,\"564\":1,\"565\":1,\"594\":1,\"624\":1,\"638\":1,\"639\":1,\"641\":1,\"670\":1,\"684\":1,\"685\":1,\"687\":1,\"716\":1,\"730\":1,\"731\":1,\"733\":1,\"762\":1,\"776\":1,\"777\":1,\"779\":1,\"808\":1,\"822\":1,\"823\":1,\"825\":1,\"854\":1,\"868\":1,\"869\":1,\"871\":1,\"913\":1}}],[\"whether\",{\"1\":{\"261\":1,\"349\":1,\"371\":1,\"372\":1,\"374\":1,\"377\":1,\"417\":1,\"418\":1,\"641\":1,\"642\":1,\"687\":1,\"688\":1,\"733\":1,\"734\":1,\"779\":1,\"780\":1,\"825\":1,\"826\":1,\"871\":1,\"872\":1}}],[\"where\",{\"1\":{\"237\":1,\"346\":1,\"472\":1,\"495\":1,\"521\":1,\"537\":1,\"547\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"when\",{\"1\":{\"36\":1,\"90\":1,\"97\":2,\"113\":1,\"117\":1,\"120\":1,\"154\":1,\"159\":1,\"168\":1,\"186\":1,\"264\":1,\"289\":1,\"300\":1,\"333\":2,\"356\":1,\"397\":1,\"413\":1,\"429\":1,\"453\":1,\"455\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"565\":1,\"577\":1,\"595\":1,\"607\":1,\"625\":1,\"637\":1,\"653\":1,\"671\":1,\"683\":1,\"699\":1,\"717\":1,\"729\":1,\"745\":1,\"763\":1,\"775\":1,\"791\":1,\"809\":1,\"821\":1,\"837\":1,\"867\":1,\"883\":1,\"907\":1,\"909\":1,\"945\":1,\"946\":1,\"991\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1026\":1,\"1045\":1,\"1049\":1,\"1084\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1120\":1,\"1139\":1,\"1156\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1248\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1307\":1,\"1355\":1,\"1387\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1422\":1,\"1438\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1479\":1,\"1480\":1,\"1531\":1,\"1563\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1598\":1,\"1615\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1656\":1,\"1657\":1,\"1708\":1,\"1740\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1775\":1,\"1792\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1833\":1,\"1834\":1,\"1885\":1,\"1917\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1952\":1,\"1969\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"2010\":1,\"2011\":1,\"2062\":1,\"2094\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2129\":1,\"2146\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2187\":1,\"2188\":1,\"2239\":1,\"2271\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2306\":1,\"2323\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2376\":1,\"2377\":1,\"2422\":1,\"2433\":1,\"2450\":1,\"2454\":1,\"2489\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2525\":1,\"2542\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2595\":1,\"2596\":1,\"2641\":1,\"2652\":1,\"2669\":1,\"2673\":1,\"2708\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2744\":1,\"2761\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2814\":1,\"2815\":1,\"2860\":1,\"2871\":1,\"2888\":1,\"2892\":1,\"2927\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2963\":1,\"2980\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3033\":1,\"3034\":1,\"3079\":1,\"3090\":1,\"3107\":1,\"3111\":1,\"3146\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3182\":1,\"3199\":1,\"3228\":1,\"3229\":1,\"3274\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3309\":1,\"3328\":1,\"3332\":1,\"3367\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3403\":1,\"3422\":1}}],[\"why\",{\"0\":{\"97\":1},\"1\":{\"97\":1}}],[\"what\",{\"0\":{\"119\":1,\"120\":1},\"1\":{\"75\":1,\"85\":1,\"97\":2,\"332\":4,\"333\":3,\"334\":5,\"356\":1,\"357\":3,\"358\":1,\"364\":1,\"384\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"who\",{\"1\":{\"39\":1,\"72\":1,\"97\":1,\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"white\",{\"1\":{\"159\":1,\"356\":1}}],[\"which\",{\"1\":{\"10\":1,\"33\":2,\"82\":1,\"88\":1,\"90\":2,\"91\":2,\"94\":1,\"95\":4,\"109\":1,\"120\":1,\"130\":1,\"138\":1,\"152\":1,\"153\":1,\"154\":1,\"190\":1,\"192\":1,\"196\":1,\"198\":1,\"199\":1,\"201\":1,\"244\":1,\"246\":1,\"261\":1,\"341\":1,\"347\":1,\"356\":2,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"while\",{\"1\":{\"9\":1,\"112\":2,\"113\":1,\"117\":1,\"159\":7,\"160\":1,\"167\":2,\"168\":1,\"338\":1,\"348\":1,\"367\":1,\"393\":1}}],[\"w\",{\"1\":{\"26\":1}}],[\"während\",{\"1\":{\"16\":1,\"17\":1}}],[\"would\",{\"1\":{\"72\":1,\"73\":1,\"95\":1,\"381\":2}}],[\"worry\",{\"1\":{\"97\":1}}],[\"works\",{\"1\":{\"356\":1}}],[\"workflow\",{\"0\":{\"157\":1,\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1},\"1\":{\"397\":1}}],[\"workflows\",{\"1\":{\"94\":1}}],[\"working\",{\"1\":{\"116\":1,\"117\":1}}],[\"work\",{\"1\":{\"13\":2,\"38\":2,\"94\":1,\"97\":3,\"129\":1,\"338\":1,\"415\":1,\"418\":1,\"419\":1,\"422\":1,\"423\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"639\":1,\"642\":1,\"643\":1,\"646\":1,\"647\":1,\"685\":1,\"688\":1,\"689\":1,\"692\":1,\"693\":1,\"731\":1,\"734\":1,\"735\":1,\"738\":1,\"739\":1,\"777\":1,\"780\":1,\"781\":1,\"784\":1,\"785\":1,\"823\":1,\"826\":1,\"827\":1,\"830\":1,\"831\":1,\"869\":1,\"872\":1,\"873\":1,\"876\":1,\"877\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1}}],[\"worlds\",{\"1\":{\"357\":1}}],[\"world\",{\"1\":{\"5\":1,\"11\":1,\"117\":3,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"won\",{\"1\":{\"1\":1}}],[\"wildcard\",{\"1\":{\"159\":2}}],[\"willingness\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"will\",{\"0\":{\"2\":1,\"87\":1,\"120\":1},\"1\":{\"38\":5,\"71\":1,\"81\":1,\"82\":3,\"99\":2,\"103\":1,\"116\":5,\"117\":7,\"120\":1,\"139\":2,\"152\":1,\"153\":1,\"157\":4,\"169\":2,\"276\":1,\"288\":2,\"289\":2,\"290\":3,\"299\":2,\"300\":2,\"301\":3,\"303\":1,\"322\":1,\"324\":1,\"325\":1,\"329\":1,\"334\":1,\"341\":1,\"344\":1,\"347\":1,\"348\":1,\"354\":1,\"369\":1,\"379\":2,\"393\":1,\"407\":1,\"408\":1,\"414\":1,\"419\":1,\"427\":2,\"429\":1,\"434\":1,\"441\":2,\"442\":2,\"443\":2,\"444\":2,\"446\":1,\"447\":2,\"456\":1,\"457\":3,\"459\":5,\"470\":2,\"472\":2,\"473\":1,\"480\":2,\"481\":2,\"482\":2,\"483\":2,\"485\":2,\"493\":2,\"495\":2,\"496\":1,\"503\":2,\"504\":2,\"505\":2,\"506\":2,\"508\":2,\"519\":2,\"521\":2,\"522\":1,\"529\":2,\"530\":2,\"531\":2,\"532\":2,\"534\":2,\"545\":2,\"547\":2,\"552\":1,\"559\":2,\"560\":2,\"561\":2,\"562\":2,\"564\":5,\"575\":2,\"577\":1,\"582\":1,\"589\":2,\"590\":2,\"591\":2,\"592\":2,\"594\":5,\"605\":2,\"607\":1,\"612\":1,\"619\":2,\"620\":2,\"621\":2,\"622\":2,\"624\":5,\"631\":1,\"632\":1,\"638\":1,\"643\":1,\"651\":2,\"653\":1,\"658\":1,\"665\":2,\"666\":2,\"667\":2,\"668\":2,\"670\":5,\"677\":1,\"678\":1,\"684\":1,\"689\":1,\"697\":2,\"699\":1,\"704\":1,\"711\":2,\"712\":2,\"713\":2,\"714\":2,\"716\":5,\"723\":1,\"724\":1,\"730\":1,\"735\":1,\"743\":2,\"745\":1,\"750\":1,\"757\":2,\"758\":2,\"759\":2,\"760\":2,\"762\":5,\"769\":1,\"770\":1,\"776\":1,\"781\":1,\"789\":2,\"791\":1,\"796\":1,\"803\":2,\"804\":2,\"805\":2,\"806\":2,\"808\":5,\"815\":1,\"816\":1,\"822\":1,\"827\":1,\"835\":2,\"837\":1,\"842\":1,\"849\":2,\"850\":2,\"851\":2,\"852\":2,\"854\":5,\"861\":1,\"862\":1,\"868\":1,\"873\":1,\"881\":2,\"883\":1,\"888\":1,\"895\":2,\"896\":2,\"897\":2,\"898\":2,\"900\":1,\"901\":2,\"910\":1,\"911\":3,\"913\":5,\"920\":1,\"923\":2,\"995\":1,\"1039\":1,\"1049\":1,\"1052\":2,\"1088\":1,\"1133\":1,\"1197\":1,\"1251\":1,\"1263\":1,\"1348\":1,\"1355\":1,\"1358\":2,\"1390\":1,\"1434\":1,\"1524\":1,\"1531\":1,\"1534\":2,\"1566\":1,\"1611\":1,\"1701\":1,\"1708\":1,\"1711\":2,\"1743\":1,\"1788\":1,\"1878\":1,\"1885\":1,\"1888\":2,\"1920\":1,\"1965\":1,\"2055\":1,\"2062\":1,\"2065\":2,\"2097\":1,\"2142\":1,\"2232\":1,\"2239\":1,\"2242\":2,\"2274\":1,\"2319\":1,\"2327\":1,\"2330\":2,\"2426\":1,\"2446\":1,\"2454\":1,\"2457\":2,\"2493\":1,\"2538\":1,\"2546\":1,\"2549\":2,\"2645\":1,\"2665\":1,\"2673\":1,\"2676\":2,\"2712\":1,\"2757\":1,\"2765\":1,\"2768\":2,\"2864\":1,\"2884\":1,\"2892\":1,\"2895\":2,\"2931\":1,\"2976\":1,\"2984\":1,\"2987\":2,\"3083\":1,\"3103\":1,\"3111\":1,\"3114\":2,\"3150\":1,\"3195\":1,\"3203\":1,\"3206\":2,\"3278\":1,\"3322\":1,\"3332\":1,\"3335\":2,\"3371\":1,\"3416\":1}}],[\"windows\",{\"1\":{\"135\":1,\"137\":2,\"395\":1,\"400\":2}}],[\"wiki\",{\"1\":{\"17\":1,\"99\":1,\"144\":1,\"169\":1,\"289\":4,\"290\":4,\"300\":4,\"301\":4,\"303\":8,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1}}],[\"wir\",{\"1\":{\"14\":1,\"16\":3,\"17\":1}}],[\"wird\",{\"1\":{\"14\":1,\"17\":1,\"41\":1}}],[\"wie\",{\"1\":{\"14\":1}}],[\"wide\",{\"1\":{\"9\":1}}],[\"withsubpackages=\",{\"1\":{\"160\":8}}],[\"without\",{\"0\":{\"134\":1},\"1\":{\"1\":1,\"26\":1,\"37\":1,\"285\":2,\"290\":1,\"296\":2,\"301\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"374\":1,\"393\":1,\"415\":1,\"439\":2,\"443\":1,\"462\":2,\"478\":2,\"482\":1,\"501\":2,\"505\":1,\"511\":2,\"527\":2,\"531\":1,\"537\":2,\"557\":2,\"561\":1,\"567\":2,\"587\":2,\"591\":1,\"597\":2,\"617\":2,\"621\":1,\"627\":2,\"639\":1,\"663\":2,\"667\":1,\"673\":2,\"685\":1,\"709\":2,\"713\":1,\"719\":2,\"731\":1,\"755\":2,\"759\":1,\"765\":2,\"777\":1,\"801\":2,\"805\":1,\"811\":2,\"823\":1,\"847\":2,\"851\":1,\"857\":2,\"869\":1,\"893\":2,\"897\":1,\"916\":2,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"within\",{\"1\":{\"0\":1,\"38\":1,\"93\":2,\"94\":1,\"95\":1,\"98\":2,\"110\":1,\"129\":1,\"152\":1,\"160\":1,\"165\":1,\"290\":1,\"301\":1,\"329\":1,\"334\":1,\"335\":1,\"341\":1,\"356\":1,\"372\":1,\"383\":1,\"924\":1,\"1053\":1,\"1056\":2,\"1359\":1,\"1362\":2,\"1535\":1,\"1538\":2,\"1712\":1,\"1715\":2,\"1889\":1,\"1892\":2,\"2066\":1,\"2069\":2,\"2243\":1,\"2246\":2,\"2331\":1,\"2458\":1,\"2461\":2,\"2550\":1,\"2677\":1,\"2680\":2,\"2769\":1,\"2896\":1,\"2899\":2,\"2988\":1,\"3115\":1,\"3118\":2,\"3207\":1,\"3336\":1,\"3339\":2}}],[\"with\",{\"0\":{\"9\":1,\"12\":1,\"135\":1,\"383\":1},\"1\":{\"0\":1,\"8\":1,\"32\":1,\"37\":1,\"39\":1,\"42\":1,\"43\":1,\"44\":1,\"45\":1,\"46\":1,\"47\":1,\"48\":1,\"49\":1,\"50\":1,\"51\":1,\"52\":1,\"53\":1,\"54\":1,\"55\":1,\"56\":1,\"57\":1,\"58\":1,\"59\":1,\"60\":1,\"61\":1,\"62\":1,\"63\":1,\"64\":1,\"65\":1,\"66\":1,\"67\":1,\"74\":1,\"75\":1,\"81\":3,\"82\":3,\"85\":1,\"88\":1,\"90\":4,\"91\":1,\"95\":1,\"97\":3,\"98\":3,\"99\":2,\"102\":1,\"103\":1,\"105\":1,\"109\":1,\"116\":4,\"117\":2,\"118\":2,\"119\":1,\"126\":1,\"128\":1,\"134\":4,\"137\":4,\"141\":1,\"142\":2,\"152\":1,\"153\":1,\"154\":1,\"156\":1,\"159\":1,\"162\":2,\"163\":1,\"169\":2,\"187\":1,\"193\":1,\"202\":1,\"205\":1,\"209\":1,\"210\":1,\"212\":1,\"224\":1,\"228\":1,\"234\":1,\"235\":1,\"241\":1,\"249\":1,\"261\":1,\"270\":1,\"286\":1,\"289\":2,\"290\":3,\"297\":1,\"300\":2,\"301\":3,\"303\":2,\"304\":18,\"306\":2,\"307\":18,\"309\":2,\"310\":7,\"312\":2,\"313\":5,\"315\":2,\"316\":5,\"319\":1,\"329\":1,\"332\":1,\"338\":5,\"342\":1,\"345\":1,\"348\":2,\"349\":4,\"352\":3,\"354\":1,\"356\":1,\"357\":1,\"358\":2,\"361\":4,\"362\":2,\"363\":2,\"364\":3,\"367\":2,\"377\":2,\"379\":1,\"381\":1,\"383\":2,\"384\":2,\"387\":4,\"388\":2,\"389\":2,\"390\":1,\"393\":2,\"394\":1,\"395\":1,\"398\":3,\"399\":1,\"407\":1,\"413\":1,\"414\":1,\"415\":1,\"416\":1,\"417\":2,\"419\":1,\"429\":1,\"437\":1,\"438\":1,\"442\":2,\"443\":2,\"444\":1,\"446\":3,\"447\":1,\"451\":1,\"456\":1,\"459\":1,\"460\":1,\"461\":2,\"462\":4,\"470\":1,\"476\":1,\"477\":1,\"481\":1,\"482\":2,\"483\":1,\"493\":1,\"499\":1,\"500\":1,\"504\":1,\"505\":2,\"506\":1,\"510\":2,\"511\":4,\"519\":1,\"525\":1,\"526\":1,\"530\":1,\"531\":2,\"532\":1,\"536\":2,\"537\":7,\"555\":1,\"556\":1,\"560\":1,\"561\":2,\"562\":1,\"564\":1,\"566\":2,\"567\":4,\"577\":1,\"585\":1,\"586\":1,\"590\":1,\"591\":2,\"592\":1,\"594\":1,\"596\":2,\"597\":4,\"607\":1,\"615\":1,\"616\":1,\"620\":1,\"621\":2,\"622\":1,\"624\":1,\"626\":2,\"627\":4,\"631\":1,\"637\":1,\"638\":1,\"639\":1,\"640\":1,\"641\":2,\"643\":1,\"653\":1,\"661\":1,\"662\":1,\"666\":1,\"667\":2,\"668\":1,\"670\":1,\"672\":2,\"673\":4,\"677\":1,\"683\":1,\"684\":1,\"685\":1,\"686\":1,\"687\":2,\"689\":1,\"699\":1,\"707\":1,\"708\":1,\"712\":1,\"713\":2,\"714\":1,\"716\":1,\"718\":2,\"719\":4,\"723\":1,\"729\":1,\"730\":1,\"731\":1,\"732\":1,\"733\":2,\"735\":1,\"745\":1,\"753\":1,\"754\":1,\"758\":1,\"759\":2,\"760\":1,\"762\":1,\"764\":2,\"765\":4,\"769\":1,\"775\":1,\"776\":1,\"777\":1,\"778\":1,\"779\":2,\"781\":1,\"791\":1,\"799\":1,\"800\":1,\"804\":1,\"805\":2,\"806\":1,\"808\":1,\"810\":2,\"811\":4,\"815\":1,\"821\":1,\"822\":1,\"823\":1,\"824\":1,\"825\":2,\"827\":1,\"837\":1,\"845\":1,\"846\":1,\"850\":1,\"851\":2,\"852\":1,\"854\":1,\"856\":2,\"857\":4,\"861\":1,\"867\":1,\"868\":1,\"869\":1,\"870\":1,\"871\":2,\"873\":1,\"883\":1,\"891\":1,\"892\":1,\"896\":2,\"897\":2,\"898\":1,\"900\":3,\"901\":1,\"905\":1,\"910\":1,\"913\":1,\"914\":1,\"915\":2,\"916\":4,\"920\":2,\"924\":1,\"948\":1,\"951\":1,\"954\":1,\"957\":1,\"960\":1,\"961\":1,\"963\":1,\"975\":1,\"979\":1,\"986\":1,\"987\":1,\"1001\":1,\"1008\":1,\"1013\":1,\"1015\":1,\"1026\":1,\"1032\":1,\"1043\":2,\"1044\":1,\"1049\":3,\"1053\":1,\"1056\":1,\"1059\":1,\"1064\":1,\"1094\":1,\"1101\":1,\"1106\":1,\"1108\":1,\"1120\":1,\"1126\":1,\"1137\":2,\"1138\":1,\"1157\":1,\"1160\":1,\"1163\":1,\"1166\":1,\"1170\":1,\"1171\":1,\"1173\":1,\"1185\":1,\"1189\":1,\"1193\":1,\"1194\":1,\"1204\":1,\"1211\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1232\":1,\"1257\":1,\"1272\":1,\"1279\":1,\"1284\":1,\"1286\":1,\"1308\":1,\"1311\":1,\"1314\":1,\"1317\":1,\"1321\":1,\"1322\":1,\"1324\":1,\"1336\":1,\"1340\":1,\"1344\":1,\"1345\":1,\"1355\":3,\"1359\":1,\"1362\":1,\"1365\":1,\"1370\":1,\"1396\":1,\"1403\":1,\"1408\":1,\"1410\":1,\"1422\":1,\"1428\":1,\"1444\":1,\"1451\":1,\"1456\":1,\"1458\":1,\"1481\":1,\"1484\":1,\"1487\":1,\"1490\":1,\"1493\":1,\"1494\":1,\"1496\":1,\"1508\":1,\"1512\":1,\"1519\":1,\"1520\":1,\"1531\":3,\"1535\":1,\"1538\":1,\"1541\":1,\"1546\":1,\"1572\":1,\"1579\":1,\"1584\":1,\"1586\":1,\"1598\":1,\"1604\":1,\"1621\":1,\"1628\":1,\"1633\":1,\"1635\":1,\"1658\":1,\"1661\":1,\"1664\":1,\"1667\":1,\"1670\":1,\"1671\":1,\"1673\":1,\"1685\":1,\"1689\":1,\"1696\":1,\"1697\":1,\"1708\":3,\"1712\":1,\"1715\":1,\"1718\":1,\"1723\":1,\"1749\":1,\"1756\":1,\"1761\":1,\"1763\":1,\"1775\":1,\"1781\":1,\"1798\":1,\"1805\":1,\"1810\":1,\"1812\":1,\"1835\":1,\"1838\":1,\"1841\":1,\"1844\":1,\"1847\":1,\"1848\":1,\"1850\":1,\"1862\":1,\"1866\":1,\"1873\":1,\"1874\":1,\"1885\":3,\"1889\":1,\"1892\":1,\"1895\":1,\"1900\":1,\"1926\":1,\"1933\":1,\"1938\":1,\"1940\":1,\"1952\":1,\"1958\":1,\"1975\":1,\"1982\":1,\"1987\":1,\"1989\":1,\"2012\":1,\"2015\":1,\"2018\":1,\"2021\":1,\"2024\":1,\"2025\":1,\"2027\":1,\"2039\":1,\"2043\":1,\"2050\":1,\"2051\":1,\"2062\":3,\"2066\":1,\"2069\":1,\"2072\":1,\"2077\":1,\"2103\":1,\"2110\":1,\"2115\":1,\"2117\":1,\"2129\":1,\"2135\":1,\"2152\":1,\"2159\":1,\"2164\":1,\"2166\":1,\"2189\":1,\"2192\":1,\"2195\":1,\"2198\":1,\"2201\":1,\"2202\":1,\"2204\":1,\"2216\":1,\"2220\":1,\"2227\":1,\"2228\":1,\"2239\":3,\"2243\":1,\"2246\":1,\"2249\":1,\"2254\":1,\"2280\":1,\"2287\":1,\"2292\":1,\"2294\":1,\"2306\":1,\"2312\":1,\"2327\":2,\"2331\":1,\"2339\":1,\"2346\":1,\"2351\":1,\"2353\":1,\"2379\":1,\"2382\":1,\"2385\":1,\"2388\":1,\"2391\":1,\"2392\":1,\"2394\":1,\"2406\":1,\"2410\":1,\"2417\":1,\"2418\":1,\"2433\":1,\"2439\":1,\"2454\":3,\"2458\":1,\"2461\":1,\"2464\":1,\"2469\":1,\"2499\":1,\"2506\":1,\"2511\":1,\"2513\":1,\"2525\":1,\"2531\":1,\"2546\":2,\"2550\":1,\"2558\":1,\"2565\":1,\"2570\":1,\"2572\":1,\"2598\":1,\"2601\":1,\"2604\":1,\"2607\":1,\"2610\":1,\"2611\":1,\"2613\":1,\"2625\":1,\"2629\":1,\"2636\":1,\"2637\":1,\"2652\":1,\"2658\":1,\"2673\":3,\"2677\":1,\"2680\":1,\"2683\":1,\"2688\":1,\"2718\":1,\"2725\":1,\"2730\":1,\"2732\":1,\"2744\":1,\"2750\":1,\"2765\":2,\"2769\":1,\"2777\":1,\"2784\":1,\"2789\":1,\"2791\":1,\"2817\":1,\"2820\":1,\"2823\":1,\"2826\":1,\"2829\":1,\"2830\":1,\"2832\":1,\"2844\":1,\"2848\":1,\"2855\":1,\"2856\":1,\"2871\":1,\"2877\":1,\"2892\":3,\"2896\":1,\"2899\":1,\"2902\":1,\"2907\":1,\"2937\":1,\"2944\":1,\"2949\":1,\"2951\":1,\"2963\":1,\"2969\":1,\"2984\":2,\"2988\":1,\"2996\":1,\"3003\":1,\"3008\":1,\"3010\":1,\"3036\":1,\"3039\":1,\"3042\":1,\"3045\":1,\"3048\":1,\"3049\":1,\"3051\":1,\"3063\":1,\"3067\":1,\"3074\":1,\"3075\":1,\"3090\":1,\"3096\":1,\"3111\":3,\"3115\":1,\"3118\":1,\"3121\":1,\"3126\":1,\"3156\":1,\"3163\":1,\"3168\":1,\"3170\":1,\"3182\":1,\"3188\":1,\"3203\":2,\"3207\":1,\"3231\":1,\"3234\":1,\"3237\":1,\"3240\":1,\"3243\":1,\"3244\":1,\"3246\":1,\"3258\":1,\"3262\":1,\"3269\":1,\"3270\":1,\"3284\":1,\"3291\":1,\"3296\":1,\"3298\":1,\"3309\":1,\"3315\":1,\"3326\":2,\"3327\":1,\"3332\":3,\"3336\":1,\"3339\":1,\"3342\":1,\"3347\":1,\"3377\":1,\"3384\":1,\"3389\":1,\"3391\":1,\"3403\":1,\"3409\":1,\"3420\":2,\"3421\":1}}],[\"were\",{\"1\":{\"93\":1,\"372\":1}}],[\"werden\",{\"1\":{\"14\":1,\"16\":1,\"17\":5}}],[\"welcome\",{\"1\":{\"72\":1,\"75\":1,\"417\":2,\"419\":1,\"641\":2,\"643\":1,\"687\":2,\"689\":1,\"733\":2,\"735\":1,\"779\":2,\"781\":1,\"825\":2,\"827\":1,\"871\":2,\"873\":1}}],[\"well\",{\"1\":{\"1\":2,\"81\":1,\"85\":1,\"99\":1,\"116\":2,\"118\":1,\"120\":1,\"128\":1,\"169\":1,\"285\":1,\"288\":1,\"296\":1,\"299\":1,\"325\":1,\"331\":2,\"379\":1,\"415\":3,\"441\":1,\"450\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"480\":1,\"503\":1,\"529\":1,\"559\":1,\"589\":1,\"619\":1,\"639\":3,\"665\":1,\"685\":3,\"711\":1,\"731\":3,\"757\":1,\"777\":3,\"803\":1,\"823\":3,\"849\":1,\"869\":3,\"895\":1,\"904\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"1117\":1,\"1419\":1,\"1595\":1,\"1772\":1,\"1949\":1,\"2126\":1,\"2303\":1,\"2522\":1,\"2741\":1,\"2960\":1,\"3179\":1,\"3400\":1}}],[\"webuser\",{\"1\":{\"481\":1}}],[\"webbrowser\",{\"1\":{\"134\":4,\"135\":4,\"138\":2,\"338\":4,\"367\":2,\"393\":2,\"470\":1,\"493\":1,\"519\":1,\"545\":1}}],[\"webpage\",{\"1\":{\"114\":1,\"122\":1}}],[\"website\",{\"1\":{\"126\":1,\"147\":1,\"428\":1,\"445\":1,\"472\":1,\"484\":1,\"494\":1,\"495\":1,\"507\":1,\"520\":1,\"521\":1,\"533\":1,\"546\":1,\"547\":1,\"563\":1,\"576\":1,\"593\":1,\"606\":1,\"623\":1,\"652\":1,\"669\":1,\"698\":1,\"715\":1,\"744\":1,\"761\":1,\"790\":1,\"807\":1,\"836\":1,\"853\":1,\"882\":1,\"899\":1}}],[\"websites\",{\"1\":{\"93\":1}}],[\"webserver\",{\"1\":{\"110\":1,\"165\":1}}],[\"webservicerequest\",{\"0\":{\"947\":1,\"1079\":1,\"2378\":1,\"2484\":1,\"2597\":1,\"2703\":1,\"2816\":1,\"2922\":1,\"3035\":1,\"3141\":1,\"3230\":1,\"3362\":1},\"1\":{\"947\":1,\"1079\":1,\"2378\":1,\"2484\":1,\"2597\":1,\"2703\":1,\"2816\":1,\"2922\":1,\"3035\":1,\"3141\":1,\"3230\":1,\"3362\":1}}],[\"webserviceconfig\",{\"1\":{\"150\":1}}],[\"webservices\",{\"1\":{\"99\":1,\"169\":1,\"947\":1,\"1079\":1,\"2378\":1,\"2484\":1,\"2597\":1,\"2703\":1,\"2816\":1,\"2922\":1,\"3035\":1,\"3141\":1,\"3230\":1,\"3362\":1}}],[\"webservice\",{\"0\":{\"150\":1,\"174\":1,\"231\":1,\"232\":1,\"238\":1},\"1\":{\"90\":3,\"146\":1,\"150\":5,\"152\":1,\"153\":1,\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"338\":1,\"367\":1,\"393\":1}}],[\"websockets\",{\"1\":{\"90\":1}}],[\"websocket\",{\"0\":{\"196\":2,\"197\":1,\"198\":1},\"1\":{\"90\":2,\"196\":3,\"197\":2,\"198\":2,\"209\":1,\"210\":1,\"290\":1,\"301\":1,\"443\":1,\"444\":2,\"482\":1,\"483\":2,\"505\":1,\"506\":2,\"531\":1,\"532\":2,\"561\":1,\"562\":2,\"591\":1,\"592\":2,\"621\":1,\"622\":2,\"667\":1,\"668\":2,\"713\":1,\"714\":2,\"759\":1,\"760\":2,\"805\":1,\"806\":2,\"851\":1,\"852\":2,\"897\":1,\"898\":2,\"960\":1,\"961\":1,\"1055\":1,\"1170\":1,\"1171\":1,\"1321\":1,\"1322\":1,\"1361\":1,\"1493\":1,\"1494\":1,\"1537\":1,\"1670\":1,\"1671\":1,\"1714\":1,\"1847\":1,\"1848\":1,\"1891\":1,\"2024\":1,\"2025\":1,\"2068\":1,\"2201\":1,\"2202\":1,\"2245\":1,\"2391\":1,\"2392\":1,\"2460\":1,\"2610\":1,\"2611\":1,\"2679\":1,\"2829\":1,\"2830\":1,\"2898\":1,\"3048\":1,\"3049\":1,\"3117\":1,\"3243\":1,\"3244\":1,\"3338\":1}}],[\"web\",{\"0\":{\"457\":1,\"911\":1},\"1\":{\"43\":2,\"45\":2,\"47\":2,\"49\":2,\"51\":2,\"53\":2,\"55\":2,\"57\":2,\"59\":2,\"61\":2,\"63\":2,\"65\":2,\"67\":2,\"95\":1,\"109\":1,\"112\":2,\"113\":1,\"119\":1,\"167\":2,\"168\":1,\"284\":1,\"295\":1,\"400\":1,\"427\":1,\"429\":1,\"438\":5,\"477\":5,\"500\":5,\"526\":5,\"536\":1,\"556\":5,\"575\":1,\"577\":1,\"586\":5,\"605\":1,\"607\":1,\"616\":5,\"651\":1,\"653\":1,\"662\":5,\"697\":1,\"699\":1,\"708\":5,\"743\":1,\"745\":1,\"754\":5,\"789\":1,\"791\":1,\"800\":5,\"835\":1,\"837\":1,\"846\":5,\"881\":1,\"883\":1,\"892\":5,\"991\":1,\"1020\":1,\"1049\":1,\"1113\":1,\"1223\":1,\"1291\":1,\"1355\":1,\"1415\":1,\"1463\":1,\"1531\":1,\"1591\":1,\"1640\":1,\"1708\":1,\"1768\":1,\"1817\":1,\"1885\":1,\"1945\":1,\"1994\":1,\"2062\":1,\"2122\":1,\"2171\":1,\"2239\":1,\"2299\":1,\"2358\":1,\"2422\":1,\"2454\":1,\"2518\":1,\"2577\":1,\"2641\":1,\"2673\":1,\"2737\":1,\"2796\":1,\"2860\":1,\"2892\":1,\"2956\":1,\"3015\":1,\"3079\":1,\"3111\":1,\"3175\":1,\"3274\":1,\"3303\":1,\"3332\":1,\"3396\":1}}],[\"weboberfläche\",{\"1\":{\"16\":1}}],[\"wettstein\",{\"1\":{\"26\":6,\"83\":1,\"318\":1}}],[\"weitere\",{\"0\":{\"21\":1},\"1\":{\"14\":1,\"16\":2,\"17\":1}}],[\"weiter\",{\"1\":{\"14\":1}}],[\"we\",{\"0\":{\"2\":1,\"87\":1,\"97\":1},\"1\":{\"1\":1,\"12\":1,\"33\":3,\"35\":3,\"36\":1,\"37\":2,\"38\":5,\"39\":1,\"40\":1,\"71\":1,\"72\":1,\"83\":1,\"85\":5,\"93\":3,\"94\":1,\"97\":7,\"103\":1,\"157\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"322\":1,\"324\":1,\"325\":1,\"329\":1,\"333\":1,\"334\":1,\"338\":1,\"341\":1,\"344\":1,\"348\":1,\"352\":1,\"354\":1,\"367\":1,\"369\":1,\"373\":1,\"377\":1,\"379\":2,\"381\":1,\"393\":1,\"397\":1,\"399\":1,\"401\":1,\"402\":1,\"404\":1,\"415\":2,\"417\":3,\"418\":1,\"419\":4,\"422\":3,\"423\":2,\"427\":1,\"429\":1,\"434\":1,\"444\":1,\"459\":1,\"461\":1,\"462\":1,\"465\":3,\"466\":2,\"470\":1,\"473\":1,\"483\":1,\"488\":3,\"489\":2,\"493\":1,\"496\":1,\"506\":1,\"510\":1,\"511\":1,\"514\":3,\"515\":2,\"519\":1,\"522\":1,\"532\":1,\"536\":1,\"537\":3,\"540\":3,\"541\":2,\"545\":1,\"547\":1,\"552\":1,\"562\":1,\"564\":1,\"566\":1,\"567\":1,\"570\":3,\"571\":2,\"575\":1,\"577\":1,\"582\":1,\"592\":1,\"594\":1,\"596\":1,\"597\":1,\"600\":3,\"601\":2,\"605\":1,\"607\":1,\"612\":1,\"622\":1,\"624\":1,\"626\":1,\"627\":1,\"628\":1,\"639\":2,\"641\":3,\"642\":1,\"643\":4,\"646\":3,\"647\":2,\"651\":1,\"653\":1,\"658\":1,\"668\":1,\"670\":1,\"672\":1,\"673\":1,\"674\":1,\"685\":2,\"687\":3,\"688\":1,\"689\":4,\"692\":3,\"693\":2,\"697\":1,\"699\":1,\"704\":1,\"714\":1,\"716\":1,\"718\":1,\"719\":1,\"720\":1,\"731\":2,\"733\":3,\"734\":1,\"735\":4,\"738\":3,\"739\":2,\"743\":1,\"745\":1,\"750\":1,\"760\":1,\"762\":1,\"764\":1,\"765\":1,\"766\":1,\"777\":2,\"779\":3,\"780\":1,\"781\":4,\"784\":3,\"785\":2,\"789\":1,\"791\":1,\"796\":1,\"806\":1,\"808\":1,\"810\":1,\"811\":1,\"812\":1,\"823\":2,\"825\":3,\"826\":1,\"827\":4,\"830\":3,\"831\":2,\"835\":1,\"837\":1,\"842\":1,\"852\":1,\"854\":1,\"856\":1,\"857\":1,\"858\":1,\"869\":2,\"871\":3,\"872\":1,\"873\":4,\"876\":3,\"877\":2,\"881\":1,\"883\":1,\"888\":1,\"898\":1,\"913\":1,\"915\":1,\"916\":1}}],[\"l54\",{\"1\":{\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l59\",{\"1\":{\"481\":1,\"504\":1,\"530\":1,\"560\":1}}],[\"l56\",{\"1\":{\"289\":1,\"300\":1}}],[\"l89\",{\"1\":{\"482\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1}}],[\"l84\",{\"1\":{\"443\":1,\"897\":1}}],[\"l83\",{\"1\":{\"443\":1,\"897\":1}}],[\"l40\",{\"1\":{\"482\":1,\"505\":1,\"531\":1,\"561\":1}}],[\"l44\",{\"1\":{\"481\":1,\"504\":1,\"530\":1,\"560\":1}}],[\"l47\",{\"1\":{\"442\":1,\"896\":1}}],[\"l41\",{\"1\":{\"290\":1}}],[\"l98\",{\"1\":{\"505\":1,\"531\":1,\"561\":1}}],[\"l97\",{\"1\":{\"505\":1,\"531\":1,\"561\":1}}],[\"l90\",{\"1\":{\"482\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1}}],[\"l93\",{\"1\":{\"301\":1}}],[\"l92\",{\"1\":{\"301\":1}}],[\"l99\",{\"1\":{\"290\":1}}],[\"l35\",{\"1\":{\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1}}],[\"l32\",{\"1\":{\"443\":1,\"897\":1}}],[\"l34\",{\"1\":{\"442\":1,\"896\":1}}],[\"l38\",{\"1\":{\"301\":1}}],[\"l39\",{\"1\":{\"289\":1,\"300\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l142\",{\"1\":{\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l141\",{\"1\":{\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l147\",{\"1\":{\"504\":1,\"530\":1,\"560\":1}}],[\"l146\",{\"1\":{\"504\":1,\"530\":1,\"560\":1}}],[\"l149\",{\"1\":{\"481\":1}}],[\"l18\",{\"1\":{\"482\":1,\"505\":1,\"531\":1,\"561\":1}}],[\"l115\",{\"1\":{\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l114\",{\"1\":{\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1}}],[\"l110\",{\"1\":{\"442\":1,\"896\":1}}],[\"l150\",{\"1\":{\"481\":1}}],[\"l12\",{\"1\":{\"443\":1,\"897\":1}}],[\"l109\",{\"1\":{\"442\":1,\"896\":1}}],[\"l103\",{\"1\":{\"300\":1}}],[\"l100\",{\"1\":{\"290\":1}}],[\"l102\",{\"1\":{\"289\":1,\"300\":1}}],[\"l101\",{\"1\":{\"289\":1}}],[\"l138\",{\"1\":{\"300\":1}}],[\"l13\",{\"1\":{\"290\":1,\"301\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1}}],[\"l137\",{\"1\":{\"289\":1,\"300\":1}}],[\"l136\",{\"1\":{\"289\":1}}],[\"l\",{\"1\":{\"283\":1,\"294\":1}}],[\"lbrace\",{\"1\":{\"160\":1}}],[\"lsb\",{\"1\":{\"283\":2,\"294\":2,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"ls\",{\"1\":{\"136\":1}}],[\"large\",{\"1\":{\"395\":1}}],[\"latter\",{\"1\":{\"354\":1}}],[\"latest\",{\"1\":{\"33\":5,\"74\":1,\"157\":1,\"283\":3,\"294\":3,\"304\":9,\"307\":9,\"419\":1,\"437\":2,\"444\":1,\"476\":2,\"483\":1,\"499\":2,\"506\":1,\"525\":2,\"532\":1,\"555\":2,\"562\":1,\"585\":2,\"592\":1,\"615\":2,\"622\":1,\"643\":1,\"661\":2,\"668\":1,\"689\":1,\"707\":2,\"714\":1,\"735\":1,\"753\":2,\"760\":1,\"781\":1,\"799\":2,\"806\":1,\"827\":1,\"845\":2,\"852\":1,\"873\":1,\"891\":2,\"898\":1}}],[\"later\",{\"1\":{\"13\":1,\"157\":1,\"290\":7,\"301\":2,\"304\":2,\"347\":1}}],[\"layout\",{\"1\":{\"160\":1}}],[\"lambda\",{\"1\":{\"159\":5}}],[\"laptop\",{\"1\":{\"119\":1}}],[\"label\",{\"1\":{\"159\":1}}],[\"labeled\",{\"1\":{\"159\":2}}],[\"laboratory\",{\"1\":{\"126\":1}}],[\"lab\",{\"1\":{\"116\":1,\"117\":1}}],[\"lanes\",{\"1\":{\"103\":1}}],[\"language=\",{\"1\":{\"160\":1}}],[\"language\",{\"1\":{\"96\":1,\"396\":1}}],[\"last\",{\"1\":{\"99\":1,\"117\":1,\"169\":1,\"304\":4,\"327\":6,\"431\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"limited\",{\"1\":{\"458\":6,\"912\":6,\"1044\":2,\"1049\":1,\"1138\":2,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3327\":2,\"3332\":1,\"3421\":2}}],[\"libraries\",{\"1\":{\"143\":1}}],[\"library\",{\"1\":{\"97\":1}}],[\"lib\",{\"1\":{\"136\":1,\"327\":1}}],[\"linxux\",{\"1\":{\"290\":1,\"301\":1}}],[\"link\",{\"1\":{\"357\":1,\"433\":1,\"795\":1,\"841\":1,\"887\":1}}],[\"linked\",{\"1\":{\"356\":1}}],[\"links\",{\"1\":{\"141\":1,\"142\":1}}],[\"linkage\",{\"1\":{\"0\":1,\"26\":1,\"29\":1,\"32\":1,\"99\":1,\"117\":1,\"169\":1}}],[\"linesplit\",{\"1\":{\"159\":1}}],[\"lines\",{\"1\":{\"159\":31,\"160\":3,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"442\":1,\"443\":1,\"481\":2,\"482\":1,\"504\":2,\"505\":1,\"530\":2,\"531\":1,\"560\":2,\"561\":1,\"590\":2,\"591\":1,\"620\":2,\"621\":1,\"666\":2,\"667\":1,\"712\":2,\"713\":1,\"758\":2,\"759\":1,\"804\":2,\"805\":1,\"850\":2,\"851\":1,\"896\":1,\"897\":1}}],[\"line\",{\"1\":{\"139\":1,\"159\":66,\"160\":7,\"341\":1,\"342\":1,\"356\":1,\"405\":1,\"446\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1,\"900\":1}}],[\"linux\",{\"1\":{\"135\":1,\"283\":2,\"294\":2,\"395\":1,\"400\":1,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"liquibase\",{\"0\":{\"175\":2,\"176\":1,\"251\":2,\"252\":1,\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1},\"1\":{\"134\":5,\"175\":3,\"176\":2,\"251\":3,\"252\":2,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"327\":24,\"442\":1,\"443\":1,\"461\":3,\"462\":3,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"915\":3,\"916\":3,\"930\":2,\"931\":2,\"932\":3,\"933\":2,\"1066\":2,\"1067\":2,\"1068\":3,\"1069\":2,\"1143\":2,\"1144\":2,\"1145\":3,\"1146\":2,\"1234\":2,\"1235\":2,\"1236\":3,\"1237\":2,\"1294\":2,\"1295\":2,\"1296\":3,\"1297\":2,\"1372\":2,\"1373\":2,\"1374\":3,\"1375\":2,\"1466\":2,\"1467\":2,\"1468\":3,\"1469\":2,\"1548\":2,\"1549\":2,\"1550\":3,\"1551\":2,\"1643\":2,\"1644\":2,\"1645\":3,\"1646\":2,\"1725\":2,\"1726\":2,\"1727\":3,\"1728\":2,\"1820\":2,\"1821\":2,\"1822\":3,\"1823\":2,\"1902\":2,\"1903\":2,\"1904\":3,\"1905\":2,\"1997\":2,\"1998\":2,\"1999\":3,\"2000\":2,\"2079\":2,\"2080\":2,\"2081\":3,\"2082\":2,\"2174\":2,\"2175\":2,\"2176\":3,\"2177\":2,\"2256\":2,\"2257\":2,\"2258\":3,\"2259\":2,\"2361\":2,\"2362\":2,\"2363\":3,\"2364\":2,\"2471\":2,\"2472\":2,\"2473\":3,\"2474\":2,\"2580\":2,\"2581\":2,\"2582\":3,\"2583\":2,\"2690\":2,\"2691\":2,\"2692\":3,\"2693\":2,\"2799\":2,\"2800\":2,\"2801\":3,\"2802\":2,\"2909\":2,\"2910\":2,\"2911\":3,\"2912\":2,\"3018\":2,\"3019\":2,\"3020\":3,\"3021\":2,\"3128\":2,\"3129\":2,\"3130\":3,\"3131\":2,\"3213\":2,\"3214\":2,\"3215\":3,\"3216\":2,\"3349\":2,\"3350\":2,\"3351\":3,\"3352\":2}}],[\"life\",{\"0\":{\"79\":1},\"1\":{\"79\":1}}],[\"like\",{\"1\":{\"72\":1,\"73\":1,\"85\":1,\"94\":2,\"145\":1,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"290\":1,\"301\":1,\"319\":2,\"381\":1,\"394\":2,\"414\":1,\"443\":1,\"459\":1,\"481\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"564\":1,\"591\":1,\"594\":1,\"621\":1,\"624\":1,\"638\":1,\"667\":1,\"670\":1,\"684\":1,\"713\":1,\"716\":1,\"730\":1,\"759\":1,\"762\":1,\"776\":1,\"805\":1,\"808\":1,\"822\":1,\"851\":1,\"854\":1,\"868\":1,\"897\":1,\"913\":1}}],[\"listing\",{\"1\":{\"373\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"list\",{\"0\":{\"86\":1,\"426\":1,\"456\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"834\":1,\"880\":1,\"910\":1},\"1\":{\"33\":1,\"85\":6,\"86\":1,\"99\":1,\"104\":1,\"106\":2,\"109\":1,\"110\":1,\"150\":1,\"160\":3,\"165\":1,\"169\":1,\"208\":1,\"221\":1,\"226\":1,\"227\":1,\"233\":3,\"237\":2,\"261\":2,\"262\":3,\"263\":1,\"265\":2,\"266\":2,\"283\":2,\"289\":2,\"290\":3,\"294\":2,\"300\":2,\"304\":2,\"307\":2,\"425\":1,\"427\":4,\"429\":2,\"431\":1,\"437\":2,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"468\":1,\"469\":1,\"470\":5,\"472\":1,\"476\":2,\"481\":1,\"491\":1,\"492\":1,\"493\":5,\"495\":1,\"499\":2,\"517\":1,\"518\":1,\"519\":5,\"521\":1,\"525\":2,\"537\":2,\"543\":1,\"544\":1,\"545\":4,\"547\":4,\"549\":1,\"555\":2,\"573\":1,\"574\":1,\"575\":4,\"577\":2,\"579\":1,\"585\":2,\"603\":1,\"604\":1,\"605\":4,\"607\":2,\"609\":1,\"615\":2,\"649\":1,\"650\":1,\"651\":4,\"653\":2,\"655\":1,\"661\":2,\"695\":1,\"696\":1,\"697\":4,\"699\":2,\"701\":1,\"707\":2,\"741\":1,\"742\":1,\"743\":4,\"745\":2,\"747\":1,\"753\":2,\"787\":1,\"788\":1,\"789\":4,\"791\":2,\"793\":1,\"799\":2,\"833\":1,\"835\":4,\"837\":2,\"839\":1,\"845\":2,\"879\":1,\"881\":4,\"883\":2,\"885\":1,\"891\":2,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"920\":1,\"921\":1,\"972\":1,\"977\":1,\"978\":1,\"985\":3,\"989\":2,\"995\":2,\"997\":1,\"1043\":1,\"1044\":1,\"1049\":1,\"1050\":1,\"1081\":3,\"1082\":1,\"1088\":2,\"1090\":1,\"1137\":1,\"1138\":1,\"1169\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":3,\"1196\":2,\"1197\":2,\"1199\":1,\"1246\":3,\"1247\":1,\"1251\":2,\"1253\":1,\"1320\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":3,\"1347\":2,\"1348\":2,\"1350\":1,\"1355\":1,\"1356\":1,\"1384\":3,\"1385\":1,\"1390\":2,\"1392\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":3,\"1522\":2,\"1524\":2,\"1526\":1,\"1531\":1,\"1532\":1,\"1560\":3,\"1561\":1,\"1566\":2,\"1568\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":3,\"1699\":2,\"1701\":2,\"1703\":1,\"1708\":1,\"1709\":1,\"1737\":3,\"1738\":1,\"1743\":2,\"1745\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":3,\"1876\":2,\"1878\":2,\"1880\":1,\"1885\":1,\"1886\":1,\"1914\":3,\"1915\":1,\"1920\":2,\"1922\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":3,\"2053\":2,\"2055\":2,\"2057\":1,\"2062\":1,\"2063\":1,\"2091\":3,\"2092\":1,\"2097\":2,\"2099\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":3,\"2230\":2,\"2232\":2,\"2234\":1,\"2239\":1,\"2240\":1,\"2268\":3,\"2269\":1,\"2274\":2,\"2276\":1,\"2327\":1,\"2328\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":3,\"2420\":2,\"2426\":2,\"2428\":1,\"2454\":1,\"2455\":1,\"2486\":3,\"2487\":1,\"2493\":2,\"2495\":1,\"2546\":1,\"2547\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":3,\"2639\":2,\"2645\":2,\"2647\":1,\"2673\":1,\"2674\":1,\"2705\":3,\"2706\":1,\"2712\":2,\"2714\":1,\"2765\":1,\"2766\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":3,\"2858\":2,\"2864\":2,\"2866\":1,\"2892\":1,\"2893\":1,\"2924\":3,\"2925\":1,\"2931\":2,\"2933\":1,\"2984\":1,\"2985\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":3,\"3077\":2,\"3083\":2,\"3085\":1,\"3111\":1,\"3112\":1,\"3143\":3,\"3144\":1,\"3150\":2,\"3152\":1,\"3203\":1,\"3204\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":3,\"3272\":2,\"3278\":2,\"3280\":1,\"3326\":1,\"3327\":1,\"3332\":1,\"3333\":1,\"3364\":3,\"3365\":1,\"3371\":2,\"3373\":1,\"3420\":1,\"3421\":1}}],[\"lists\",{\"0\":{\"84\":1},\"1\":{\"24\":1,\"109\":2,\"410\":1,\"426\":1,\"429\":1,\"469\":1,\"472\":1,\"492\":1,\"495\":1,\"518\":1,\"521\":1,\"544\":1,\"547\":1,\"574\":1,\"577\":1,\"604\":1,\"607\":1,\"634\":1,\"650\":1,\"653\":1,\"680\":1,\"696\":1,\"699\":1,\"726\":1,\"742\":1,\"745\":1,\"772\":1,\"788\":1,\"791\":1,\"818\":1,\"834\":1,\"837\":1,\"864\":1,\"880\":1,\"883\":1}}],[\"listed\",{\"1\":{\"173\":1,\"240\":1,\"285\":1,\"289\":1,\"296\":1,\"300\":1,\"408\":1,\"439\":1,\"450\":1,\"456\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"632\":1,\"663\":1,\"678\":1,\"709\":1,\"724\":1,\"755\":1,\"770\":1,\"801\":1,\"816\":1,\"847\":1,\"862\":1,\"893\":1,\"904\":1,\"910\":1}}],[\"listen\",{\"1\":{\"170\":1}}],[\"liste\",{\"1\":{\"16\":1}}],[\"liegt\",{\"1\":{\"14\":1}}],[\"liebe\",{\"1\":{\"14\":1}}],[\"let\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"letters\",{\"1\":{\"89\":1}}],[\"less\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"lessons\",{\"1\":{\"117\":1}}],[\"lead\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"leading\",{\"1\":{\"159\":1,\"333\":1,\"335\":1,\"349\":1,\"374\":1}}],[\"leaked\",{\"1\":{\"186\":1,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"least\",{\"1\":{\"162\":1,\"226\":1,\"358\":1,\"384\":1,\"398\":1,\"977\":1,\"1187\":1,\"1338\":1,\"1510\":1,\"1687\":1,\"1864\":1,\"2041\":1,\"2218\":1,\"2408\":1,\"2627\":1,\"2846\":1,\"3065\":1,\"3260\":1}}],[\"learned\",{\"1\":{\"117\":1}}],[\"learn\",{\"0\":{\"68\":1,\"120\":1},\"1\":{\"12\":1,\"120\":1,\"318\":1,\"419\":1,\"430\":1,\"460\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"792\":1,\"827\":1,\"838\":1,\"873\":1,\"884\":1,\"914\":1}}],[\"length\",{\"1\":{\"159\":2}}],[\"legacy\",{\"1\":{\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"legal\",{\"0\":{\"39\":1},\"1\":{\"39\":1,\"94\":1}}],[\"legislation\",{\"1\":{\"98\":1}}],[\"left\",{\"1\":{\"91\":2}}],[\"leipzig\",{\"0\":{\"79\":1},\"1\":{\"79\":1,\"81\":1}}],[\"leiten\",{\"1\":{\"14\":1}}],[\"levels\",{\"1\":{\"94\":2,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"level\",{\"1\":{\"33\":1,\"94\":6,\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2,\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1}}],[\"leverage\",{\"1\":{\"12\":1,\"127\":1}}],[\"leveraging\",{\"1\":{\"5\":1}}],[\"lockwaittime\",{\"0\":{\"931\":1,\"1067\":1,\"1144\":1,\"1235\":1,\"1295\":1,\"1373\":1,\"1467\":1,\"1549\":1,\"1644\":1,\"1726\":1,\"1821\":1,\"1903\":1,\"1998\":1,\"2080\":1,\"2175\":1,\"2257\":1,\"2362\":1,\"2472\":1,\"2581\":1,\"2691\":1,\"2800\":1,\"2910\":1,\"3019\":1,\"3129\":1,\"3214\":1,\"3350\":1},\"1\":{\"931\":1,\"1067\":1,\"1144\":1,\"1235\":1,\"1295\":1,\"1373\":1,\"1467\":1,\"1549\":1,\"1644\":1,\"1726\":1,\"1821\":1,\"1903\":1,\"1998\":1,\"2080\":1,\"2175\":1,\"2257\":1,\"2362\":1,\"2472\":1,\"2581\":1,\"2691\":1,\"2800\":1,\"2910\":1,\"3019\":1,\"3129\":1,\"3214\":1,\"3350\":1}}],[\"lock\",{\"1\":{\"930\":1,\"931\":1,\"1066\":1,\"1067\":1,\"1143\":1,\"1144\":1,\"1234\":1,\"1235\":1,\"1294\":1,\"1295\":1,\"1372\":1,\"1373\":1,\"1466\":1,\"1467\":1,\"1548\":1,\"1549\":1,\"1643\":1,\"1644\":1,\"1725\":1,\"1726\":1,\"1820\":1,\"1821\":1,\"1902\":1,\"1903\":1,\"1997\":1,\"1998\":1,\"2079\":1,\"2080\":1,\"2174\":1,\"2175\":1,\"2256\":1,\"2257\":1,\"2361\":1,\"2362\":1,\"2471\":1,\"2472\":1,\"2580\":1,\"2581\":1,\"2690\":1,\"2691\":1,\"2799\":1,\"2800\":1,\"2909\":1,\"2910\":1,\"3018\":1,\"3019\":1,\"3128\":1,\"3129\":1,\"3213\":1,\"3214\":1,\"3349\":1,\"3350\":1}}],[\"location\",{\"1\":{\"191\":1,\"197\":1,\"200\":1,\"218\":2,\"245\":1,\"338\":5,\"342\":2,\"352\":2,\"367\":4,\"377\":3,\"393\":6,\"446\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"900\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"969\":2,\"1179\":2,\"1330\":2,\"1502\":2,\"1679\":2,\"1856\":2,\"2033\":2,\"2210\":2,\"2400\":2,\"2619\":2,\"2838\":2,\"3057\":2,\"3252\":2}}],[\"locations\",{\"1\":{\"98\":1,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1}}],[\"located\",{\"1\":{\"88\":2,\"90\":1,\"331\":1,\"338\":1,\"367\":1,\"393\":1,\"400\":1}}],[\"localhost\",{\"1\":{\"134\":3,\"135\":2,\"215\":1,\"221\":1,\"226\":1,\"227\":1,\"966\":1,\"972\":1,\"977\":1,\"978\":1,\"991\":1,\"1176\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1327\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1499\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1676\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1853\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"2030\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2207\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2397\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2422\":1,\"2616\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2641\":1,\"2835\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2860\":1,\"3054\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3079\":1,\"3249\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3274\":1}}],[\"local\",{\"0\":{\"135\":1,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"951\":1,\"952\":1,\"953\":1,\"1160\":1,\"1161\":1,\"1162\":1,\"1311\":1,\"1312\":1,\"1313\":1,\"1484\":1,\"1485\":1,\"1486\":1,\"1661\":1,\"1662\":1,\"1663\":1,\"1838\":1,\"1839\":1,\"1840\":1,\"2015\":1,\"2016\":1,\"2017\":1,\"2192\":1,\"2193\":1,\"2194\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3234\":1,\"3235\":1,\"3236\":1},\"1\":{\"0\":3,\"32\":3,\"43\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"88\":1,\"90\":1,\"112\":3,\"113\":3,\"159\":3,\"162\":1,\"167\":3,\"168\":3,\"187\":2,\"188\":1,\"189\":1,\"190\":2,\"191\":1,\"192\":1,\"193\":2,\"194\":2,\"195\":2,\"196\":2,\"197\":1,\"198\":1,\"205\":1,\"207\":1,\"208\":1,\"214\":1,\"234\":1,\"235\":1,\"241\":1,\"242\":1,\"243\":1,\"262\":1,\"263\":1,\"265\":1,\"266\":1,\"283\":2,\"285\":7,\"290\":1,\"294\":2,\"296\":7,\"304\":2,\"307\":2,\"335\":1,\"356\":1,\"361\":9,\"362\":4,\"363\":2,\"387\":9,\"388\":4,\"389\":1,\"398\":1,\"416\":1,\"439\":7,\"452\":1,\"453\":1,\"454\":1,\"455\":3,\"460\":1,\"478\":7,\"501\":7,\"527\":7,\"557\":7,\"587\":7,\"617\":7,\"640\":1,\"663\":7,\"686\":1,\"709\":7,\"732\":1,\"755\":7,\"778\":1,\"801\":7,\"824\":1,\"847\":7,\"870\":1,\"893\":7,\"906\":1,\"907\":1,\"908\":1,\"909\":3,\"914\":1,\"920\":2,\"946\":1,\"948\":2,\"949\":1,\"950\":1,\"951\":2,\"952\":2,\"953\":2,\"957\":1,\"959\":1,\"965\":1,\"986\":1,\"987\":1,\"1015\":1,\"1024\":1,\"1049\":2,\"1059\":1,\"1060\":1,\"1061\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1108\":1,\"1117\":1,\"1157\":2,\"1158\":1,\"1159\":1,\"1160\":2,\"1161\":2,\"1162\":2,\"1166\":1,\"1168\":1,\"1169\":1,\"1175\":1,\"1193\":1,\"1194\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1246\":1,\"1247\":1,\"1286\":1,\"1308\":2,\"1309\":1,\"1310\":1,\"1311\":2,\"1312\":2,\"1313\":2,\"1317\":1,\"1319\":1,\"1320\":1,\"1326\":1,\"1344\":1,\"1345\":1,\"1355\":2,\"1365\":1,\"1366\":1,\"1367\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1410\":1,\"1419\":1,\"1458\":1,\"1480\":1,\"1481\":2,\"1482\":1,\"1483\":1,\"1484\":2,\"1485\":2,\"1486\":2,\"1490\":1,\"1492\":1,\"1498\":1,\"1519\":1,\"1520\":1,\"1531\":2,\"1541\":1,\"1542\":1,\"1543\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1586\":1,\"1595\":1,\"1635\":1,\"1657\":1,\"1658\":2,\"1659\":1,\"1660\":1,\"1661\":2,\"1662\":2,\"1663\":2,\"1667\":1,\"1669\":1,\"1675\":1,\"1696\":1,\"1697\":1,\"1708\":2,\"1718\":1,\"1719\":1,\"1720\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1763\":1,\"1772\":1,\"1812\":1,\"1834\":1,\"1835\":2,\"1836\":1,\"1837\":1,\"1838\":2,\"1839\":2,\"1840\":2,\"1844\":1,\"1846\":1,\"1852\":1,\"1873\":1,\"1874\":1,\"1885\":2,\"1895\":1,\"1896\":1,\"1897\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1940\":1,\"1949\":1,\"1989\":1,\"2011\":1,\"2012\":2,\"2013\":1,\"2014\":1,\"2015\":2,\"2016\":2,\"2017\":2,\"2021\":1,\"2023\":1,\"2029\":1,\"2050\":1,\"2051\":1,\"2062\":2,\"2072\":1,\"2073\":1,\"2074\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2117\":1,\"2126\":1,\"2166\":1,\"2188\":1,\"2189\":2,\"2190\":1,\"2191\":1,\"2192\":2,\"2193\":2,\"2194\":2,\"2198\":1,\"2200\":1,\"2206\":1,\"2227\":1,\"2228\":1,\"2239\":2,\"2249\":1,\"2250\":1,\"2251\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2294\":1,\"2303\":1,\"2327\":2,\"2353\":1,\"2377\":1,\"2379\":2,\"2380\":1,\"2381\":1,\"2382\":2,\"2383\":2,\"2384\":2,\"2388\":1,\"2390\":1,\"2396\":1,\"2417\":1,\"2418\":1,\"2431\":1,\"2454\":2,\"2464\":1,\"2465\":1,\"2466\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2513\":1,\"2522\":1,\"2546\":2,\"2572\":1,\"2596\":1,\"2598\":2,\"2599\":1,\"2600\":1,\"2601\":2,\"2602\":2,\"2603\":2,\"2607\":1,\"2609\":1,\"2615\":1,\"2636\":1,\"2637\":1,\"2650\":1,\"2673\":2,\"2683\":1,\"2684\":1,\"2685\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2732\":1,\"2741\":1,\"2765\":2,\"2791\":1,\"2815\":1,\"2817\":2,\"2818\":1,\"2819\":1,\"2820\":2,\"2821\":2,\"2822\":2,\"2826\":1,\"2828\":1,\"2834\":1,\"2855\":1,\"2856\":1,\"2869\":1,\"2892\":2,\"2902\":1,\"2903\":1,\"2904\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2951\":1,\"2960\":1,\"2984\":2,\"3010\":1,\"3034\":1,\"3036\":2,\"3037\":1,\"3038\":1,\"3039\":2,\"3040\":2,\"3041\":2,\"3045\":1,\"3047\":1,\"3053\":1,\"3074\":1,\"3075\":1,\"3088\":1,\"3111\":2,\"3121\":1,\"3122\":1,\"3123\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3170\":1,\"3179\":1,\"3203\":2,\"3229\":1,\"3231\":2,\"3232\":1,\"3233\":1,\"3234\":2,\"3235\":2,\"3236\":2,\"3240\":1,\"3242\":1,\"3248\":1,\"3269\":1,\"3270\":1,\"3298\":1,\"3307\":1,\"3332\":2,\"3342\":1,\"3343\":1,\"3344\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3391\":1,\"3400\":1}}],[\"love\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"lowercase\",{\"1\":{\"289\":3,\"300\":3,\"442\":1,\"481\":2,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1}}],[\"loops\",{\"1\":{\"159\":1}}],[\"loop\",{\"1\":{\"159\":2,\"379\":1}}],[\"lookup\",{\"1\":{\"341\":1}}],[\"looks\",{\"1\":{\"321\":1,\"340\":1}}],[\"look\",{\"1\":{\"97\":1,\"103\":1,\"162\":1,\"163\":2,\"322\":1,\"325\":1,\"329\":1,\"334\":1,\"341\":1,\"344\":1,\"348\":1,\"379\":1,\"381\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"looking\",{\"1\":{\"12\":1,\"118\":1}}],[\"loader\",{\"1\":{\"152\":1,\"153\":1}}],[\"loaded\",{\"1\":{\"152\":1,\"153\":1,\"262\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"logout\",{\"0\":{\"1003\":1,\"1004\":1,\"1096\":1,\"1097\":1,\"1206\":1,\"1207\":1,\"1274\":1,\"1275\":1,\"1398\":1,\"1399\":1,\"1446\":1,\"1447\":1,\"1574\":1,\"1575\":1,\"1623\":1,\"1624\":1,\"1751\":1,\"1752\":1,\"1800\":1,\"1801\":1,\"1928\":1,\"1929\":1,\"1977\":1,\"1978\":1,\"2105\":1,\"2106\":1,\"2154\":1,\"2155\":1,\"2282\":1,\"2283\":1,\"2341\":1,\"2342\":1,\"2501\":1,\"2502\":1,\"2560\":1,\"2561\":1,\"2720\":1,\"2721\":1,\"2779\":1,\"2780\":1,\"2939\":1,\"2940\":1,\"2998\":1,\"2999\":1,\"3158\":1,\"3159\":1,\"3286\":1,\"3287\":1,\"3379\":1,\"3380\":1},\"1\":{\"1003\":3,\"1004\":3,\"1024\":1,\"1025\":5,\"1027\":1,\"1096\":3,\"1097\":3,\"1117\":1,\"1118\":5,\"1121\":1,\"1206\":3,\"1207\":3,\"1274\":3,\"1275\":3,\"1398\":3,\"1399\":3,\"1419\":1,\"1420\":5,\"1423\":1,\"1446\":3,\"1447\":3,\"1574\":3,\"1575\":3,\"1595\":1,\"1596\":5,\"1599\":1,\"1623\":3,\"1624\":3,\"1751\":3,\"1752\":3,\"1772\":1,\"1773\":5,\"1776\":1,\"1800\":3,\"1801\":3,\"1928\":3,\"1929\":3,\"1949\":1,\"1950\":5,\"1953\":1,\"1977\":3,\"1978\":3,\"2105\":3,\"2106\":3,\"2126\":1,\"2127\":5,\"2130\":1,\"2154\":3,\"2155\":3,\"2282\":3,\"2283\":3,\"2303\":1,\"2304\":5,\"2307\":1,\"2341\":3,\"2342\":3,\"2431\":1,\"2432\":5,\"2434\":1,\"2501\":3,\"2502\":3,\"2522\":1,\"2523\":5,\"2526\":1,\"2560\":3,\"2561\":3,\"2650\":1,\"2651\":5,\"2653\":1,\"2720\":3,\"2721\":3,\"2741\":1,\"2742\":5,\"2745\":1,\"2779\":3,\"2780\":3,\"2869\":1,\"2870\":5,\"2872\":1,\"2939\":3,\"2940\":3,\"2960\":1,\"2961\":5,\"2964\":1,\"2998\":3,\"2999\":3,\"3088\":1,\"3089\":5,\"3091\":1,\"3158\":3,\"3159\":3,\"3179\":1,\"3180\":5,\"3183\":1,\"3286\":3,\"3287\":3,\"3307\":1,\"3308\":5,\"3310\":1,\"3379\":3,\"3380\":3,\"3400\":1,\"3401\":5,\"3404\":1}}],[\"logbuildinfo\",{\"1\":{\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2}}],[\"logs\",{\"0\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1},\"1\":{\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"335\":1,\"419\":1,\"442\":1,\"443\":1,\"444\":5,\"461\":1,\"462\":1,\"481\":1,\"482\":1,\"483\":5,\"504\":1,\"505\":1,\"506\":5,\"510\":1,\"511\":1,\"530\":1,\"531\":1,\"532\":5,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"562\":5,\"566\":1,\"567\":1,\"590\":1,\"591\":1,\"592\":5,\"596\":1,\"597\":1,\"620\":1,\"621\":1,\"622\":5,\"626\":1,\"627\":1,\"643\":1,\"666\":1,\"667\":1,\"668\":5,\"672\":1,\"673\":1,\"689\":1,\"712\":1,\"713\":1,\"714\":5,\"718\":1,\"719\":1,\"735\":1,\"758\":1,\"759\":1,\"760\":5,\"764\":1,\"765\":1,\"781\":1,\"804\":1,\"805\":1,\"806\":5,\"810\":1,\"811\":1,\"827\":1,\"850\":1,\"851\":1,\"852\":5,\"856\":1,\"857\":1,\"873\":1,\"896\":1,\"897\":1,\"898\":5,\"915\":1,\"916\":1}}],[\"logged\",{\"1\":{\"222\":1,\"973\":1,\"1183\":1,\"1334\":1,\"1506\":1,\"1683\":1,\"1860\":1,\"2037\":1,\"2214\":1,\"2404\":1,\"2623\":1,\"2842\":1,\"3061\":1,\"3256\":1}}],[\"logging\",{\"1\":{\"186\":1,\"195\":1,\"204\":1,\"250\":1,\"349\":1,\"352\":2,\"941\":1,\"942\":1,\"945\":2,\"946\":2,\"947\":1,\"953\":1,\"956\":1,\"1065\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1233\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1371\":1,\"1479\":2,\"1480\":2,\"1486\":1,\"1489\":1,\"1547\":1,\"1656\":2,\"1657\":2,\"1663\":1,\"1666\":1,\"1724\":1,\"1833\":2,\"1834\":2,\"1840\":1,\"1843\":1,\"1901\":1,\"2010\":2,\"2011\":2,\"2017\":1,\"2020\":1,\"2078\":1,\"2187\":2,\"2188\":2,\"2194\":1,\"2197\":1,\"2255\":1,\"2372\":1,\"2373\":1,\"2376\":2,\"2377\":2,\"2378\":1,\"2384\":1,\"2387\":1,\"2470\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":2,\"2596\":2,\"2597\":1,\"2603\":1,\"2606\":1,\"2689\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":2,\"2815\":2,\"2816\":1,\"2822\":1,\"2825\":1,\"2908\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":2,\"3034\":2,\"3035\":1,\"3041\":1,\"3044\":1,\"3127\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3228\":2,\"3229\":2,\"3230\":1,\"3236\":1,\"3239\":1,\"3348\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"loging\",{\"1\":{\"186\":1,\"1156\":1,\"1307\":1}}],[\"login\",{\"1\":{\"134\":1}}],[\"logic\",{\"1\":{\"98\":1}}],[\"log\",{\"0\":{\"184\":1,\"185\":1,\"186\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1},\"1\":{\"106\":2,\"107\":2,\"184\":2,\"185\":2,\"186\":2,\"217\":3,\"218\":6,\"289\":2,\"290\":4,\"300\":2,\"301\":4,\"304\":6,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"327\":12,\"335\":1,\"338\":1,\"349\":2,\"352\":2,\"416\":2,\"442\":2,\"443\":2,\"444\":8,\"462\":2,\"481\":2,\"482\":2,\"483\":8,\"504\":2,\"505\":2,\"506\":8,\"511\":2,\"530\":2,\"531\":2,\"532\":8,\"537\":2,\"560\":2,\"561\":2,\"562\":8,\"567\":2,\"590\":2,\"591\":2,\"592\":8,\"597\":2,\"620\":2,\"621\":2,\"622\":8,\"627\":2,\"640\":2,\"666\":2,\"667\":2,\"668\":8,\"673\":2,\"686\":2,\"712\":2,\"713\":2,\"714\":8,\"719\":2,\"732\":2,\"758\":2,\"759\":2,\"760\":8,\"765\":2,\"778\":2,\"804\":2,\"805\":2,\"806\":8,\"811\":2,\"824\":2,\"850\":2,\"851\":2,\"852\":8,\"857\":2,\"870\":2,\"896\":2,\"897\":2,\"898\":8,\"916\":2,\"941\":2,\"942\":2,\"943\":2,\"944\":2,\"945\":2,\"946\":2,\"947\":2,\"968\":3,\"969\":6,\"1077\":2,\"1078\":2,\"1079\":2,\"1154\":2,\"1155\":2,\"1156\":2,\"1178\":3,\"1179\":6,\"1305\":2,\"1306\":2,\"1307\":2,\"1329\":3,\"1330\":6,\"1477\":2,\"1478\":2,\"1479\":2,\"1480\":2,\"1501\":3,\"1502\":6,\"1654\":2,\"1655\":2,\"1656\":2,\"1657\":2,\"1678\":3,\"1679\":6,\"1831\":2,\"1832\":2,\"1833\":2,\"1834\":2,\"1855\":3,\"1856\":6,\"2008\":2,\"2009\":2,\"2010\":2,\"2011\":2,\"2032\":3,\"2033\":6,\"2185\":2,\"2186\":2,\"2187\":2,\"2188\":2,\"2209\":3,\"2210\":6,\"2372\":2,\"2373\":2,\"2374\":2,\"2375\":2,\"2376\":2,\"2377\":2,\"2378\":2,\"2399\":3,\"2400\":6,\"2482\":2,\"2483\":2,\"2484\":2,\"2591\":2,\"2592\":2,\"2593\":2,\"2594\":2,\"2595\":2,\"2596\":2,\"2597\":2,\"2618\":3,\"2619\":6,\"2701\":2,\"2702\":2,\"2703\":2,\"2810\":2,\"2811\":2,\"2812\":2,\"2813\":2,\"2814\":2,\"2815\":2,\"2816\":2,\"2837\":3,\"2838\":6,\"2920\":2,\"2921\":2,\"2922\":2,\"3029\":2,\"3030\":2,\"3031\":2,\"3032\":2,\"3033\":2,\"3034\":2,\"3035\":2,\"3056\":3,\"3057\":6,\"3139\":2,\"3140\":2,\"3141\":2,\"3224\":2,\"3225\":2,\"3226\":2,\"3227\":2,\"3228\":2,\"3229\":2,\"3230\":2,\"3251\":3,\"3252\":6,\"3360\":2,\"3361\":2,\"3362\":2}}],[\"cgi\",{\"1\":{\"458\":3,\"912\":3}}],[\"cn\",{\"0\":{\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1},\"1\":{\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"cmd\",{\"1\":{\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"327\":1,\"536\":1,\"537\":1}}],[\"cpu\",{\"1\":{\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"cp\",{\"1\":{\"303\":2,\"304\":3,\"306\":2,\"307\":3,\"309\":2,\"310\":3,\"312\":2,\"313\":2,\"315\":2,\"316\":2,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":2,\"537\":2,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"cd\",{\"1\":{\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":4,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"cda\",{\"1\":{\"94\":1}}],[\"cs\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"curly\",{\"1\":{\"372\":1}}],[\"curl\",{\"1\":{\"283\":3,\"294\":3,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"currentuser\",{\"0\":{\"941\":1,\"1077\":1,\"2372\":1,\"2482\":1,\"2591\":1,\"2701\":1,\"2810\":1,\"2920\":1,\"3029\":1,\"3139\":1,\"3224\":1,\"3360\":1},\"1\":{\"941\":1,\"1077\":1,\"2372\":1,\"2482\":1,\"2591\":1,\"2701\":1,\"2810\":1,\"2920\":1,\"3029\":1,\"3139\":1,\"3224\":1,\"3360\":1}}],[\"currently\",{\"1\":{\"110\":1,\"152\":1,\"153\":1,\"165\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"470\":1,\"473\":1,\"488\":1,\"489\":1,\"493\":1,\"496\":1,\"514\":1,\"515\":1,\"519\":1,\"522\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1,\"927\":1,\"941\":1,\"1077\":1,\"2334\":1,\"2372\":1,\"2482\":1,\"2553\":1,\"2591\":1,\"2701\":1,\"2772\":1,\"2810\":1,\"2920\":1,\"2991\":1,\"3029\":1,\"3139\":1,\"3210\":1,\"3224\":1,\"3360\":1}}],[\"current\",{\"1\":{\"105\":1,\"333\":1,\"373\":1,\"437\":2,\"469\":1,\"476\":2,\"492\":1,\"499\":2,\"518\":1,\"525\":2,\"544\":1,\"555\":2,\"574\":1,\"585\":2,\"604\":1,\"615\":2,\"650\":1,\"661\":2,\"696\":1,\"707\":2,\"742\":1,\"753\":2,\"788\":1,\"799\":2,\"845\":2,\"891\":2}}],[\"cc\",{\"1\":{\"227\":2,\"978\":2,\"1188\":2,\"1339\":2,\"1511\":2,\"1688\":2,\"1865\":2,\"2042\":2,\"2219\":2,\"2409\":2,\"2628\":2,\"2847\":2,\"3066\":2,\"3261\":2}}],[\"cycle\",{\"1\":{\"141\":2,\"157\":1}}],[\"cves\",{\"1\":{\"141\":1,\"142\":1}}],[\"cvd\",{\"1\":{\"36\":1}}],[\"cff\",{\"1\":{\"141\":1,\"142\":1}}],[\"citation\",{\"1\":{\"141\":1,\"142\":1}}],[\"ctrl\",{\"1\":{\"289\":1,\"290\":3,\"300\":1,\"301\":3,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"ct\",{\"1\":{\"94\":1}}],[\"choose\",{\"1\":{\"429\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"choice\",{\"1\":{\"396\":1}}],[\"chown\",{\"1\":{\"289\":4,\"290\":4,\"300\":4,\"301\":4,\"304\":3,\"307\":3,\"433\":2,\"442\":8,\"443\":2,\"481\":7,\"482\":2,\"504\":7,\"505\":2,\"530\":7,\"531\":2,\"560\":7,\"561\":2,\"590\":7,\"591\":2,\"620\":7,\"621\":2,\"666\":7,\"667\":2,\"712\":7,\"713\":2,\"758\":7,\"759\":2,\"795\":2,\"804\":7,\"805\":2,\"841\":2,\"850\":7,\"851\":2,\"887\":2,\"896\":8,\"897\":2}}],[\"chmod\",{\"1\":{\"283\":1,\"289\":4,\"290\":4,\"294\":1,\"300\":4,\"301\":4,\"304\":3,\"307\":3,\"433\":2,\"442\":8,\"443\":2,\"481\":7,\"482\":2,\"504\":7,\"505\":2,\"530\":7,\"531\":2,\"560\":7,\"561\":2,\"590\":7,\"591\":2,\"620\":7,\"621\":2,\"666\":7,\"667\":2,\"712\":7,\"713\":2,\"758\":7,\"759\":2,\"795\":2,\"804\":7,\"805\":2,\"841\":2,\"850\":7,\"851\":2,\"887\":2,\"896\":8,\"897\":2}}],[\"chunk\",{\"1\":{\"159\":1}}],[\"checkout\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"checks\",{\"1\":{\"372\":1}}],[\"check\",{\"1\":{\"99\":1,\"106\":1,\"141\":2,\"142\":2,\"169\":1,\"174\":1,\"290\":3,\"301\":3,\"338\":2,\"352\":2,\"367\":2,\"393\":2,\"443\":3,\"444\":1,\"482\":3,\"483\":1,\"505\":3,\"506\":1,\"531\":3,\"532\":1,\"561\":3,\"562\":1,\"591\":3,\"592\":1,\"621\":3,\"622\":1,\"667\":3,\"668\":1,\"713\":3,\"714\":1,\"759\":3,\"760\":1,\"805\":3,\"806\":1,\"851\":3,\"852\":1,\"897\":3,\"898\":1,\"1142\":1,\"1226\":1}}],[\"christoph\",{\"1\":{\"83\":1}}],[\"christian\",{\"1\":{\"83\":1}}],[\"characters\",{\"1\":{\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"442\":3,\"443\":3,\"481\":3,\"482\":3,\"504\":3,\"505\":3,\"530\":3,\"531\":3,\"560\":3,\"561\":3,\"590\":3,\"591\":3,\"620\":3,\"621\":3,\"666\":3,\"667\":3,\"712\":3,\"713\":3,\"758\":3,\"759\":3,\"804\":3,\"805\":3,\"850\":3,\"851\":3,\"896\":3,\"897\":3}}],[\"character\",{\"1\":{\"160\":1,\"920\":1,\"1037\":2,\"1049\":1,\"1131\":2,\"1355\":1,\"1388\":1,\"1531\":1,\"1609\":2,\"1708\":1,\"1786\":2,\"1885\":1,\"1963\":2,\"2062\":1,\"2140\":2,\"2239\":1,\"2317\":2,\"2327\":1,\"2444\":2,\"2454\":1,\"2536\":2,\"2546\":1,\"2663\":2,\"2673\":1,\"2755\":2,\"2765\":1,\"2882\":2,\"2892\":1,\"2974\":2,\"2984\":1,\"3101\":2,\"3111\":1,\"3193\":2,\"3203\":1,\"3320\":2,\"3332\":1,\"3414\":2}}],[\"char\",{\"1\":{\"159\":1}}],[\"changing\",{\"0\":{\"154\":1},\"1\":{\"143\":1}}],[\"changed\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"changes\",{\"1\":{\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"311\":1,\"314\":1,\"352\":1,\"414\":2,\"415\":5,\"417\":3,\"419\":4,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"638\":2,\"639\":5,\"641\":3,\"643\":4,\"670\":1,\"684\":2,\"685\":5,\"687\":3,\"689\":4,\"716\":1,\"730\":2,\"731\":5,\"733\":3,\"735\":4,\"762\":1,\"776\":2,\"777\":5,\"779\":3,\"781\":4,\"808\":1,\"822\":2,\"823\":5,\"825\":3,\"827\":4,\"854\":1,\"868\":2,\"869\":5,\"871\":3,\"873\":4,\"913\":1,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"changelog\",{\"1\":{\"145\":4}}],[\"change\",{\"1\":{\"141\":1,\"142\":1,\"145\":2,\"146\":1,\"147\":2,\"149\":1,\"150\":4,\"151\":2,\"174\":1,\"177\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"231\":1,\"232\":1,\"236\":1,\"238\":1,\"247\":1,\"248\":1,\"253\":1,\"262\":1,\"286\":1,\"297\":1,\"304\":2,\"307\":2,\"310\":2,\"311\":1,\"314\":1,\"390\":1,\"414\":1,\"442\":2,\"459\":1,\"481\":2,\"504\":2,\"530\":2,\"560\":2,\"564\":1,\"590\":2,\"594\":1,\"620\":2,\"624\":1,\"638\":1,\"666\":2,\"670\":1,\"684\":1,\"712\":2,\"716\":1,\"730\":1,\"758\":2,\"762\":1,\"776\":1,\"804\":2,\"808\":1,\"822\":1,\"850\":2,\"854\":1,\"868\":1,\"896\":2,\"913\":1,\"931\":1,\"934\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"988\":1,\"1062\":1,\"1063\":1,\"1067\":1,\"1070\":1,\"1081\":1,\"1144\":1,\"1147\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1195\":1,\"1230\":1,\"1231\":1,\"1235\":1,\"1238\":1,\"1246\":1,\"1295\":1,\"1298\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1346\":1,\"1368\":1,\"1369\":1,\"1373\":1,\"1376\":1,\"1384\":1,\"1467\":1,\"1470\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1521\":1,\"1544\":1,\"1545\":1,\"1549\":1,\"1552\":1,\"1560\":1,\"1644\":1,\"1647\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1698\":1,\"1721\":1,\"1722\":1,\"1726\":1,\"1729\":1,\"1737\":1,\"1821\":1,\"1824\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1875\":1,\"1898\":1,\"1899\":1,\"1903\":1,\"1906\":1,\"1914\":1,\"1998\":1,\"2001\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2052\":1,\"2075\":1,\"2076\":1,\"2080\":1,\"2083\":1,\"2091\":1,\"2175\":1,\"2178\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2229\":1,\"2252\":1,\"2253\":1,\"2257\":1,\"2260\":1,\"2268\":1,\"2362\":1,\"2365\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2419\":1,\"2467\":1,\"2468\":1,\"2472\":1,\"2475\":1,\"2486\":1,\"2581\":1,\"2584\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2638\":1,\"2686\":1,\"2687\":1,\"2691\":1,\"2694\":1,\"2705\":1,\"2800\":1,\"2803\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2857\":1,\"2905\":1,\"2906\":1,\"2910\":1,\"2913\":1,\"2924\":1,\"3019\":1,\"3022\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3076\":1,\"3124\":1,\"3125\":1,\"3129\":1,\"3132\":1,\"3143\":1,\"3214\":1,\"3217\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3271\":1,\"3345\":1,\"3346\":1,\"3350\":1,\"3353\":1,\"3364\":1}}],[\"channel\",{\"0\":{\"1003\":1,\"1004\":1,\"1096\":1,\"1097\":1,\"1206\":1,\"1207\":1,\"1274\":1,\"1275\":1,\"1398\":1,\"1399\":1,\"1446\":1,\"1447\":1,\"1574\":1,\"1575\":1,\"1623\":1,\"1624\":1,\"1751\":1,\"1752\":1,\"1800\":1,\"1801\":1,\"1928\":1,\"1929\":1,\"1977\":1,\"1978\":1,\"2105\":1,\"2106\":1,\"2154\":1,\"2155\":1,\"2282\":1,\"2283\":1,\"2341\":1,\"2342\":1,\"2501\":1,\"2502\":1,\"2560\":1,\"2561\":1,\"2720\":1,\"2721\":1,\"2779\":1,\"2780\":1,\"2939\":1,\"2940\":1,\"2998\":1,\"2999\":1,\"3158\":1,\"3159\":1,\"3286\":1,\"3287\":1,\"3379\":1,\"3380\":1},\"1\":{\"22\":1,\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1,\"1003\":3,\"1004\":3,\"1024\":1,\"1025\":4,\"1027\":1,\"1096\":3,\"1097\":3,\"1117\":1,\"1118\":4,\"1121\":1,\"1206\":3,\"1207\":3,\"1274\":3,\"1275\":3,\"1398\":3,\"1399\":3,\"1419\":1,\"1420\":4,\"1423\":1,\"1446\":3,\"1447\":3,\"1574\":3,\"1575\":3,\"1595\":1,\"1596\":4,\"1599\":1,\"1623\":3,\"1624\":3,\"1751\":3,\"1752\":3,\"1772\":1,\"1773\":4,\"1776\":1,\"1800\":3,\"1801\":3,\"1928\":3,\"1929\":3,\"1949\":1,\"1950\":4,\"1953\":1,\"1977\":3,\"1978\":3,\"2105\":3,\"2106\":3,\"2126\":1,\"2127\":4,\"2130\":1,\"2154\":3,\"2155\":3,\"2282\":3,\"2283\":3,\"2303\":1,\"2304\":4,\"2307\":1,\"2341\":3,\"2342\":3,\"2431\":1,\"2432\":4,\"2434\":1,\"2501\":3,\"2502\":3,\"2522\":1,\"2523\":4,\"2526\":1,\"2560\":3,\"2561\":3,\"2650\":1,\"2651\":4,\"2653\":1,\"2720\":3,\"2721\":3,\"2741\":1,\"2742\":4,\"2745\":1,\"2779\":3,\"2780\":3,\"2869\":1,\"2870\":4,\"2872\":1,\"2939\":3,\"2940\":3,\"2960\":1,\"2961\":4,\"2964\":1,\"2998\":3,\"2999\":3,\"3088\":1,\"3089\":4,\"3091\":1,\"3158\":3,\"3159\":3,\"3179\":1,\"3180\":4,\"3183\":1,\"3286\":3,\"3287\":3,\"3307\":1,\"3308\":4,\"3310\":1,\"3379\":3,\"3380\":3,\"3400\":1,\"3401\":4,\"3404\":1}}],[\"challenges\",{\"1\":{\"120\":1,\"127\":1}}],[\"chapter\",{\"1\":{\"103\":1,\"109\":1,\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1}}],[\"chat\",{\"1\":{\"73\":1}}],[\"chains\",{\"1\":{\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"1015\":2,\"1038\":1,\"1108\":2,\"1132\":1,\"3298\":2,\"3321\":1,\"3391\":2,\"3415\":1}}],[\"chain\",{\"0\":{\"277\":1,\"1017\":1,\"1040\":1,\"1110\":1,\"1134\":1,\"1220\":1,\"1264\":1,\"1288\":1,\"1412\":1,\"1435\":1,\"1460\":1,\"1588\":1,\"1612\":1,\"1637\":1,\"1765\":1,\"1789\":1,\"1814\":1,\"1942\":1,\"1966\":1,\"1991\":1,\"2119\":1,\"2143\":1,\"2168\":1,\"2296\":1,\"2320\":1,\"2355\":1,\"2447\":1,\"2515\":1,\"2539\":1,\"2574\":1,\"2666\":1,\"2734\":1,\"2758\":1,\"2793\":1,\"2885\":1,\"2953\":1,\"2977\":1,\"3012\":1,\"3104\":1,\"3172\":1,\"3196\":1,\"3300\":1,\"3323\":1,\"3393\":1,\"3417\":1},\"1\":{\"37\":1,\"40\":1,\"160\":1,\"224\":1,\"275\":1,\"277\":4,\"289\":3,\"300\":3,\"441\":2,\"442\":2,\"461\":3,\"481\":3,\"504\":3,\"530\":3,\"560\":3,\"590\":3,\"620\":3,\"666\":3,\"712\":3,\"758\":3,\"804\":3,\"850\":3,\"895\":2,\"896\":2,\"915\":3,\"975\":1,\"1017\":2,\"1038\":1,\"1040\":4,\"1041\":2,\"1110\":2,\"1132\":1,\"1134\":4,\"1135\":2,\"1185\":1,\"1220\":2,\"1262\":1,\"1264\":4,\"1288\":2,\"1336\":1,\"1412\":2,\"1433\":1,\"1435\":4,\"1460\":2,\"1508\":1,\"1588\":2,\"1610\":1,\"1612\":4,\"1637\":2,\"1685\":1,\"1765\":2,\"1787\":1,\"1789\":4,\"1814\":2,\"1862\":1,\"1942\":2,\"1964\":1,\"1966\":4,\"1991\":2,\"2039\":1,\"2119\":2,\"2141\":1,\"2143\":4,\"2168\":2,\"2216\":1,\"2296\":2,\"2318\":1,\"2320\":4,\"2355\":2,\"2406\":1,\"2445\":1,\"2447\":4,\"2515\":2,\"2537\":1,\"2539\":4,\"2574\":2,\"2625\":1,\"2664\":1,\"2666\":4,\"2734\":2,\"2756\":1,\"2758\":4,\"2793\":2,\"2844\":1,\"2883\":1,\"2885\":4,\"2953\":2,\"2975\":1,\"2977\":4,\"3012\":2,\"3063\":1,\"3102\":1,\"3104\":4,\"3172\":2,\"3194\":1,\"3196\":4,\"3258\":1,\"3300\":2,\"3321\":1,\"3323\":4,\"3324\":2,\"3393\":2,\"3415\":1,\"3417\":4,\"3418\":2}}],[\"clearer\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"clear\",{\"1\":{\"159\":2,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"clean\",{\"1\":{\"136\":1,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"claims\",{\"1\":{\"924\":1,\"1053\":1,\"1359\":1,\"1535\":1,\"1712\":1,\"1889\":1,\"2066\":1,\"2243\":1,\"2331\":1,\"2458\":1,\"2550\":1,\"2677\":1,\"2769\":1,\"2896\":1,\"2988\":1,\"3115\":1,\"3207\":1,\"3336\":1}}],[\"clause\",{\"1\":{\"159\":5}}],[\"classes\",{\"1\":{\"332\":1,\"390\":1}}],[\"class\",{\"0\":{\"174\":1,\"231\":1,\"232\":1,\"238\":1},\"1\":{\"139\":1,\"147\":5,\"149\":1,\"150\":3,\"151\":2,\"152\":2,\"153\":2,\"159\":1,\"160\":2,\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"329\":1,\"332\":9,\"333\":2,\"335\":3,\"338\":3,\"342\":3,\"346\":2,\"349\":7,\"352\":2,\"364\":5,\"367\":1,\"373\":1,\"374\":1,\"377\":1,\"393\":1,\"457\":3,\"911\":3,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"closing\",{\"1\":{\"159\":25}}],[\"closer\",{\"1\":{\"334\":1}}],[\"close\",{\"1\":{\"82\":1,\"289\":1,\"290\":3,\"300\":1,\"301\":3,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"cli\",{\"1\":{\"283\":1,\"294\":1,\"395\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"clientcert\",{\"1\":{\"1001\":1,\"1094\":1,\"1204\":1,\"1272\":1,\"1396\":1,\"1444\":1,\"1572\":1,\"1621\":1,\"1749\":1,\"1798\":1,\"1926\":1,\"1975\":1,\"2103\":1,\"2152\":1,\"2280\":1,\"2339\":1,\"2499\":1,\"2558\":1,\"2718\":1,\"2777\":1,\"2937\":1,\"2996\":1,\"3156\":1,\"3284\":1,\"3377\":1}}],[\"clientendpoint\",{\"1\":{\"444\":2,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":2,\"806\":2,\"852\":2,\"898\":2}}],[\"clients\",{\"0\":{\"152\":1,\"153\":1},\"1\":{\"335\":1,\"1015\":1,\"1108\":1,\"1218\":1,\"1286\":1,\"1410\":1,\"1458\":1,\"1586\":1,\"1635\":1,\"1763\":1,\"1812\":1,\"1940\":1,\"1989\":1,\"2117\":1,\"2166\":1,\"2294\":1,\"2353\":1,\"2513\":1,\"2572\":1,\"2732\":1,\"2791\":1,\"2951\":1,\"3010\":1,\"3170\":1,\"3298\":1,\"3391\":1}}],[\"client\",{\"0\":{\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":2,\"241\":1,\"242\":1,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"284\":1,\"295\":1,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1,\"948\":1,\"949\":1,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":2,\"1001\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1015\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1059\":1,\"1060\":1,\"1061\":2,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1094\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1108\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1204\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":2,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1272\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1286\":1,\"1308\":1,\"1309\":1,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1365\":1,\"1366\":1,\"1367\":2,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1396\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1410\":1,\"1438\":1,\"1444\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1458\":1,\"1481\":1,\"1482\":1,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1541\":1,\"1542\":1,\"1543\":2,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1572\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1586\":1,\"1615\":1,\"1621\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1635\":1,\"1658\":1,\"1659\":1,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1718\":1,\"1719\":1,\"1720\":2,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1749\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1763\":1,\"1792\":1,\"1798\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1812\":1,\"1835\":1,\"1836\":1,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1895\":1,\"1896\":1,\"1897\":2,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1926\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1940\":1,\"1969\":1,\"1975\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1989\":1,\"2012\":1,\"2013\":1,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2072\":1,\"2073\":1,\"2074\":2,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2103\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2117\":1,\"2146\":1,\"2152\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2166\":1,\"2189\":1,\"2190\":1,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2249\":1,\"2250\":1,\"2251\":2,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2280\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2294\":1,\"2323\":1,\"2339\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2353\":1,\"2379\":1,\"2380\":1,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2450\":1,\"2464\":1,\"2465\":1,\"2466\":2,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2499\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2513\":1,\"2542\":1,\"2558\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2572\":1,\"2598\":1,\"2599\":1,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2669\":1,\"2683\":1,\"2684\":1,\"2685\":2,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2718\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2732\":1,\"2761\":1,\"2777\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2791\":1,\"2817\":1,\"2818\":1,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2888\":1,\"2902\":1,\"2903\":1,\"2904\":2,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2937\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2951\":1,\"2980\":1,\"2996\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3010\":1,\"3036\":1,\"3037\":1,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3107\":1,\"3121\":1,\"3122\":1,\"3123\":2,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3156\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3170\":1,\"3199\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3284\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3298\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3342\":1,\"3343\":1,\"3344\":2,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3377\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3391\":1,\"3420\":1,\"3421\":1,\"3422\":1},\"1\":{\"32\":1,\"99\":4,\"110\":3,\"113\":4,\"134\":1,\"135\":1,\"138\":5,\"143\":2,\"146\":1,\"152\":13,\"153\":12,\"165\":2,\"168\":3,\"169\":4,\"170\":1,\"174\":3,\"187\":3,\"188\":5,\"189\":4,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":2,\"212\":3,\"213\":5,\"214\":4,\"231\":3,\"232\":3,\"238\":3,\"241\":3,\"242\":5,\"243\":4,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":2,\"250\":1,\"265\":3,\"266\":3,\"275\":1,\"276\":2,\"284\":2,\"288\":9,\"289\":19,\"290\":10,\"295\":2,\"299\":9,\"300\":19,\"301\":10,\"304\":7,\"307\":7,\"310\":7,\"313\":1,\"316\":1,\"327\":91,\"338\":6,\"367\":1,\"393\":1,\"427\":3,\"429\":1,\"438\":4,\"441\":9,\"442\":11,\"443\":10,\"447\":3,\"449\":4,\"450\":2,\"452\":5,\"453\":5,\"454\":5,\"455\":5,\"456\":1,\"457\":12,\"458\":2,\"459\":1,\"461\":10,\"462\":11,\"470\":4,\"477\":4,\"480\":9,\"481\":14,\"482\":10,\"493\":4,\"500\":4,\"503\":9,\"504\":11,\"505\":10,\"511\":1,\"519\":4,\"526\":4,\"529\":9,\"530\":11,\"531\":10,\"536\":1,\"537\":2,\"545\":4,\"556\":4,\"559\":9,\"560\":11,\"561\":10,\"564\":1,\"567\":1,\"575\":3,\"577\":1,\"586\":4,\"589\":9,\"590\":11,\"591\":10,\"594\":1,\"597\":1,\"605\":3,\"607\":1,\"616\":4,\"619\":9,\"620\":11,\"621\":10,\"624\":1,\"627\":1,\"651\":3,\"653\":1,\"662\":4,\"665\":9,\"666\":11,\"667\":10,\"670\":1,\"673\":1,\"697\":3,\"699\":1,\"708\":4,\"711\":9,\"712\":11,\"713\":10,\"716\":1,\"719\":1,\"743\":3,\"745\":1,\"754\":4,\"757\":9,\"758\":11,\"759\":10,\"762\":1,\"765\":1,\"789\":3,\"791\":1,\"800\":4,\"803\":9,\"804\":11,\"805\":10,\"808\":1,\"811\":1,\"835\":3,\"837\":1,\"846\":4,\"849\":9,\"850\":11,\"851\":10,\"854\":1,\"857\":1,\"881\":3,\"883\":1,\"892\":4,\"895\":9,\"896\":11,\"897\":10,\"901\":3,\"903\":4,\"904\":2,\"906\":5,\"907\":5,\"908\":5,\"909\":5,\"910\":1,\"911\":12,\"912\":2,\"913\":1,\"915\":10,\"916\":11,\"920\":4,\"923\":1,\"928\":2,\"948\":3,\"949\":5,\"950\":4,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":2,\"963\":3,\"964\":5,\"965\":4,\"1001\":2,\"1002\":2,\"1003\":1,\"1006\":2,\"1007\":2,\"1008\":3,\"1009\":5,\"1010\":4,\"1011\":2,\"1012\":2,\"1013\":1,\"1015\":4,\"1024\":3,\"1025\":2,\"1026\":1,\"1027\":3,\"1038\":2,\"1039\":3,\"1043\":2,\"1044\":2,\"1049\":4,\"1052\":1,\"1057\":2,\"1059\":3,\"1060\":5,\"1061\":4,\"1062\":1,\"1063\":1,\"1064\":2,\"1065\":1,\"1083\":1,\"1094\":2,\"1095\":2,\"1096\":1,\"1099\":2,\"1100\":2,\"1101\":3,\"1102\":5,\"1103\":4,\"1104\":2,\"1105\":2,\"1106\":1,\"1108\":4,\"1117\":3,\"1118\":2,\"1120\":1,\"1121\":3,\"1132\":2,\"1133\":3,\"1137\":2,\"1138\":2,\"1157\":3,\"1158\":5,\"1159\":4,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1173\":3,\"1174\":5,\"1175\":4,\"1204\":2,\"1205\":2,\"1206\":1,\"1209\":2,\"1210\":2,\"1211\":3,\"1212\":5,\"1213\":4,\"1214\":2,\"1215\":2,\"1216\":1,\"1218\":3,\"1227\":3,\"1228\":5,\"1229\":4,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1262\":1,\"1263\":2,\"1272\":2,\"1273\":2,\"1274\":1,\"1277\":2,\"1278\":2,\"1279\":3,\"1280\":5,\"1281\":4,\"1282\":2,\"1283\":2,\"1284\":1,\"1286\":3,\"1308\":3,\"1309\":5,\"1310\":4,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1324\":3,\"1325\":5,\"1326\":4,\"1355\":4,\"1358\":1,\"1363\":2,\"1365\":3,\"1366\":5,\"1367\":4,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1386\":1,\"1396\":2,\"1397\":2,\"1398\":1,\"1401\":2,\"1402\":2,\"1403\":3,\"1404\":5,\"1405\":4,\"1406\":2,\"1407\":2,\"1408\":1,\"1410\":3,\"1419\":3,\"1420\":2,\"1422\":1,\"1423\":3,\"1433\":1,\"1434\":2,\"1444\":2,\"1445\":2,\"1446\":1,\"1449\":2,\"1450\":2,\"1451\":3,\"1452\":5,\"1453\":4,\"1454\":2,\"1455\":2,\"1456\":1,\"1458\":3,\"1481\":3,\"1482\":5,\"1483\":4,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1496\":3,\"1497\":5,\"1498\":4,\"1531\":4,\"1534\":1,\"1539\":2,\"1541\":3,\"1542\":5,\"1543\":4,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1562\":1,\"1572\":2,\"1573\":2,\"1574\":1,\"1577\":2,\"1578\":2,\"1579\":3,\"1580\":5,\"1581\":4,\"1582\":2,\"1583\":2,\"1584\":1,\"1586\":3,\"1595\":3,\"1596\":2,\"1598\":1,\"1599\":3,\"1610\":1,\"1611\":2,\"1621\":2,\"1622\":2,\"1623\":1,\"1626\":2,\"1627\":2,\"1628\":3,\"1629\":5,\"1630\":4,\"1631\":2,\"1632\":2,\"1633\":1,\"1635\":3,\"1658\":3,\"1659\":5,\"1660\":4,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":2,\"1673\":3,\"1674\":5,\"1675\":4,\"1708\":4,\"1711\":1,\"1716\":2,\"1718\":3,\"1719\":5,\"1720\":4,\"1721\":1,\"1722\":1,\"1723\":2,\"1724\":1,\"1739\":1,\"1749\":2,\"1750\":2,\"1751\":1,\"1754\":2,\"1755\":2,\"1756\":3,\"1757\":5,\"1758\":4,\"1759\":2,\"1760\":2,\"1761\":1,\"1763\":3,\"1772\":3,\"1773\":2,\"1775\":1,\"1776\":3,\"1787\":1,\"1788\":2,\"1798\":2,\"1799\":2,\"1800\":1,\"1803\":2,\"1804\":2,\"1805\":3,\"1806\":5,\"1807\":4,\"1808\":2,\"1809\":2,\"1810\":1,\"1812\":3,\"1835\":3,\"1836\":5,\"1837\":4,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":2,\"1850\":3,\"1851\":5,\"1852\":4,\"1885\":4,\"1888\":1,\"1893\":2,\"1895\":3,\"1896\":5,\"1897\":4,\"1898\":1,\"1899\":1,\"1900\":2,\"1901\":1,\"1916\":1,\"1926\":2,\"1927\":2,\"1928\":1,\"1931\":2,\"1932\":2,\"1933\":3,\"1934\":5,\"1935\":4,\"1936\":2,\"1937\":2,\"1938\":1,\"1940\":3,\"1949\":3,\"1950\":2,\"1952\":1,\"1953\":3,\"1964\":1,\"1965\":2,\"1975\":2,\"1976\":2,\"1977\":1,\"1980\":2,\"1981\":2,\"1982\":3,\"1983\":5,\"1984\":4,\"1985\":2,\"1986\":2,\"1987\":1,\"1989\":3,\"2012\":3,\"2013\":5,\"2014\":4,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":2,\"2027\":3,\"2028\":5,\"2029\":4,\"2062\":4,\"2065\":1,\"2070\":2,\"2072\":3,\"2073\":5,\"2074\":4,\"2075\":1,\"2076\":1,\"2077\":2,\"2078\":1,\"2093\":1,\"2103\":2,\"2104\":2,\"2105\":1,\"2108\":2,\"2109\":2,\"2110\":3,\"2111\":5,\"2112\":4,\"2113\":2,\"2114\":2,\"2115\":1,\"2117\":3,\"2126\":3,\"2127\":2,\"2129\":1,\"2130\":3,\"2141\":1,\"2142\":2,\"2152\":2,\"2153\":2,\"2154\":1,\"2157\":2,\"2158\":2,\"2159\":3,\"2160\":5,\"2161\":4,\"2162\":2,\"2163\":2,\"2164\":1,\"2166\":3,\"2189\":3,\"2190\":5,\"2191\":4,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":2,\"2204\":3,\"2205\":5,\"2206\":4,\"2239\":4,\"2242\":1,\"2247\":2,\"2249\":3,\"2250\":5,\"2251\":4,\"2252\":1,\"2253\":1,\"2254\":2,\"2255\":1,\"2270\":1,\"2280\":2,\"2281\":2,\"2282\":1,\"2285\":2,\"2286\":2,\"2287\":3,\"2288\":5,\"2289\":4,\"2290\":2,\"2291\":2,\"2292\":1,\"2294\":3,\"2303\":3,\"2304\":2,\"2306\":1,\"2307\":3,\"2318\":1,\"2319\":2,\"2327\":4,\"2330\":1,\"2335\":2,\"2339\":2,\"2340\":2,\"2341\":1,\"2344\":2,\"2345\":2,\"2346\":3,\"2347\":5,\"2348\":4,\"2349\":2,\"2350\":2,\"2351\":1,\"2353\":3,\"2379\":3,\"2380\":5,\"2381\":4,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":2,\"2394\":3,\"2395\":5,\"2396\":4,\"2431\":3,\"2432\":2,\"2433\":1,\"2434\":3,\"2445\":1,\"2446\":2,\"2454\":4,\"2457\":1,\"2462\":2,\"2464\":3,\"2465\":5,\"2466\":4,\"2467\":1,\"2468\":1,\"2469\":2,\"2470\":1,\"2488\":1,\"2499\":2,\"2500\":2,\"2501\":1,\"2504\":2,\"2505\":2,\"2506\":3,\"2507\":5,\"2508\":4,\"2509\":2,\"2510\":2,\"2511\":1,\"2513\":3,\"2522\":3,\"2523\":2,\"2525\":1,\"2526\":3,\"2537\":1,\"2538\":2,\"2546\":4,\"2549\":1,\"2554\":2,\"2558\":2,\"2559\":2,\"2560\":1,\"2563\":2,\"2564\":2,\"2565\":3,\"2566\":5,\"2567\":4,\"2568\":2,\"2569\":2,\"2570\":1,\"2572\":3,\"2598\":3,\"2599\":5,\"2600\":4,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":2,\"2613\":3,\"2614\":5,\"2615\":4,\"2650\":3,\"2651\":2,\"2652\":1,\"2653\":3,\"2664\":1,\"2665\":2,\"2673\":4,\"2676\":1,\"2681\":2,\"2683\":3,\"2684\":5,\"2685\":4,\"2686\":1,\"2687\":1,\"2688\":2,\"2689\":1,\"2707\":1,\"2718\":2,\"2719\":2,\"2720\":1,\"2723\":2,\"2724\":2,\"2725\":3,\"2726\":5,\"2727\":4,\"2728\":2,\"2729\":2,\"2730\":1,\"2732\":3,\"2741\":3,\"2742\":2,\"2744\":1,\"2745\":3,\"2756\":1,\"2757\":2,\"2765\":4,\"2768\":1,\"2773\":2,\"2777\":2,\"2778\":2,\"2779\":1,\"2782\":2,\"2783\":2,\"2784\":3,\"2785\":5,\"2786\":4,\"2787\":2,\"2788\":2,\"2789\":1,\"2791\":3,\"2817\":3,\"2818\":5,\"2819\":4,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":2,\"2832\":3,\"2833\":5,\"2834\":4,\"2869\":3,\"2870\":2,\"2871\":1,\"2872\":3,\"2883\":1,\"2884\":2,\"2892\":4,\"2895\":1,\"2900\":2,\"2902\":3,\"2903\":5,\"2904\":4,\"2905\":1,\"2906\":1,\"2907\":2,\"2908\":1,\"2926\":1,\"2937\":2,\"2938\":2,\"2939\":1,\"2942\":2,\"2943\":2,\"2944\":3,\"2945\":5,\"2946\":4,\"2947\":2,\"2948\":2,\"2949\":1,\"2951\":3,\"2960\":3,\"2961\":2,\"2963\":1,\"2964\":3,\"2975\":1,\"2976\":2,\"2984\":4,\"2987\":1,\"2992\":2,\"2996\":2,\"2997\":2,\"2998\":1,\"3001\":2,\"3002\":2,\"3003\":3,\"3004\":5,\"3005\":4,\"3006\":2,\"3007\":2,\"3008\":1,\"3010\":3,\"3036\":3,\"3037\":5,\"3038\":4,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":2,\"3051\":3,\"3052\":5,\"3053\":4,\"3088\":3,\"3089\":2,\"3090\":1,\"3091\":3,\"3102\":1,\"3103\":2,\"3111\":4,\"3114\":1,\"3119\":2,\"3121\":3,\"3122\":5,\"3123\":4,\"3124\":1,\"3125\":1,\"3126\":2,\"3127\":1,\"3145\":1,\"3156\":2,\"3157\":2,\"3158\":1,\"3161\":2,\"3162\":2,\"3163\":3,\"3164\":5,\"3165\":4,\"3166\":2,\"3167\":2,\"3168\":1,\"3170\":3,\"3179\":3,\"3180\":2,\"3182\":1,\"3183\":3,\"3194\":1,\"3195\":2,\"3203\":4,\"3206\":1,\"3211\":2,\"3231\":3,\"3232\":5,\"3233\":4,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":2,\"3246\":3,\"3247\":5,\"3248\":4,\"3284\":2,\"3285\":2,\"3286\":1,\"3289\":2,\"3290\":2,\"3291\":3,\"3292\":5,\"3293\":4,\"3294\":2,\"3295\":2,\"3296\":1,\"3298\":4,\"3307\":3,\"3308\":2,\"3309\":1,\"3310\":3,\"3321\":2,\"3322\":3,\"3326\":2,\"3327\":2,\"3332\":4,\"3335\":1,\"3340\":2,\"3342\":3,\"3343\":5,\"3344\":4,\"3345\":1,\"3346\":1,\"3347\":2,\"3348\":1,\"3366\":1,\"3377\":2,\"3378\":2,\"3379\":1,\"3382\":2,\"3383\":2,\"3384\":3,\"3385\":5,\"3386\":4,\"3387\":2,\"3388\":2,\"3389\":1,\"3391\":4,\"3400\":3,\"3401\":2,\"3403\":1,\"3404\":3,\"3415\":2,\"3416\":3,\"3420\":2,\"3421\":2}}],[\"click\",{\"1\":{\"30\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"407\":2,\"547\":2,\"631\":2,\"677\":2,\"723\":2,\"769\":2,\"815\":2,\"861\":2}}],[\"clinical\",{\"0\":{\"11\":1},\"1\":{\"5\":1,\"11\":1,\"82\":1}}],[\"ce\",{\"1\":{\"283\":2,\"294\":2,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"certtool\",{\"1\":{\"289\":1,\"300\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":1,\"1049\":1,\"1083\":1,\"1355\":1,\"1386\":1,\"1531\":1,\"1562\":1,\"1708\":1,\"1739\":1,\"1885\":1,\"1916\":1,\"2062\":1,\"2093\":1,\"2239\":1,\"2270\":1,\"2327\":1,\"2454\":1,\"2488\":1,\"2546\":1,\"2673\":1,\"2707\":1,\"2765\":1,\"2892\":1,\"2926\":1,\"2984\":1,\"3111\":1,\"3145\":1,\"3203\":1,\"3332\":1,\"3366\":1}}],[\"certification\",{\"1\":{\"457\":3,\"911\":3}}],[\"certificate\",{\"0\":{\"111\":1,\"166\":1,\"187\":1,\"188\":1,\"189\":2,\"212\":1,\"213\":1,\"214\":2,\"241\":1,\"242\":1,\"243\":2,\"275\":1,\"277\":1,\"278\":1,\"279\":1,\"451\":1,\"456\":1,\"905\":1,\"910\":1,\"948\":1,\"949\":1,\"950\":2,\"957\":1,\"963\":1,\"964\":1,\"965\":2,\"979\":1,\"1001\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1013\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":2,\"1038\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":2,\"1064\":1,\"1094\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1106\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":2,\"1132\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1189\":1,\"1204\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1216\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":2,\"1227\":1,\"1228\":1,\"1229\":2,\"1232\":1,\"1262\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1272\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1284\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":2,\"1308\":1,\"1309\":1,\"1310\":2,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1340\":1,\"1365\":1,\"1366\":1,\"1367\":2,\"1370\":1,\"1396\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1408\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":2,\"1433\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1444\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1456\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":2,\"1481\":1,\"1482\":1,\"1483\":2,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1512\":1,\"1541\":1,\"1542\":1,\"1543\":2,\"1546\":1,\"1572\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1584\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":2,\"1610\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1621\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1633\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":2,\"1658\":1,\"1659\":1,\"1660\":2,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1689\":1,\"1718\":1,\"1719\":1,\"1720\":2,\"1723\":1,\"1749\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1761\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":2,\"1787\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1798\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1810\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":2,\"1835\":1,\"1836\":1,\"1837\":2,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1866\":1,\"1895\":1,\"1896\":1,\"1897\":2,\"1900\":1,\"1926\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1938\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":2,\"1964\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1975\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1987\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":2,\"2012\":1,\"2013\":1,\"2014\":2,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2043\":1,\"2072\":1,\"2073\":1,\"2074\":2,\"2077\":1,\"2103\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2115\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":2,\"2141\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2152\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2164\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":2,\"2189\":1,\"2190\":1,\"2191\":2,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2220\":1,\"2249\":1,\"2250\":1,\"2251\":2,\"2254\":1,\"2280\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2292\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":2,\"2318\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2339\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2351\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":2,\"2379\":1,\"2380\":1,\"2381\":2,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2410\":1,\"2445\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":2,\"2469\":1,\"2499\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2511\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":2,\"2537\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2558\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2570\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":2,\"2598\":1,\"2599\":1,\"2600\":2,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2629\":1,\"2664\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":2,\"2688\":1,\"2718\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2730\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":2,\"2756\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2777\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2789\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":2,\"2817\":1,\"2818\":1,\"2819\":2,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2848\":1,\"2883\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":2,\"2907\":1,\"2937\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2949\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":2,\"2975\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2996\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3008\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":2,\"3036\":1,\"3037\":1,\"3038\":2,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3067\":1,\"3102\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":2,\"3126\":1,\"3156\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3168\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":2,\"3194\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3262\":1,\"3284\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3296\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":2,\"3321\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":2,\"3347\":1,\"3377\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3389\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":2,\"3415\":1,\"3417\":1,\"3418\":1,\"3419\":1},\"1\":{\"37\":1,\"40\":1,\"99\":1,\"110\":5,\"112\":1,\"113\":1,\"134\":5,\"135\":5,\"138\":6,\"152\":1,\"165\":5,\"167\":2,\"168\":3,\"169\":1,\"187\":3,\"188\":5,\"189\":4,\"212\":3,\"213\":5,\"214\":4,\"224\":3,\"225\":2,\"228\":1,\"241\":3,\"242\":5,\"243\":4,\"265\":2,\"266\":2,\"275\":3,\"276\":2,\"277\":7,\"278\":2,\"279\":2,\"284\":4,\"288\":21,\"289\":36,\"290\":13,\"295\":4,\"299\":21,\"300\":36,\"301\":13,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"327\":74,\"338\":12,\"367\":3,\"393\":3,\"427\":3,\"428\":2,\"429\":2,\"438\":4,\"441\":24,\"442\":22,\"443\":13,\"450\":1,\"452\":1,\"453\":3,\"454\":1,\"455\":4,\"457\":28,\"458\":3,\"459\":1,\"460\":2,\"461\":24,\"462\":13,\"470\":3,\"471\":1,\"472\":1,\"477\":4,\"480\":21,\"481\":29,\"482\":13,\"493\":3,\"494\":1,\"495\":1,\"500\":4,\"503\":21,\"504\":27,\"505\":13,\"511\":1,\"519\":3,\"520\":1,\"521\":1,\"526\":4,\"529\":21,\"530\":27,\"531\":13,\"537\":1,\"545\":3,\"546\":2,\"547\":1,\"556\":4,\"559\":21,\"560\":27,\"561\":13,\"564\":1,\"567\":1,\"575\":3,\"576\":2,\"577\":2,\"586\":4,\"589\":21,\"590\":27,\"591\":13,\"594\":1,\"597\":1,\"605\":3,\"606\":2,\"607\":2,\"616\":4,\"619\":21,\"620\":27,\"621\":13,\"624\":1,\"627\":1,\"651\":3,\"652\":2,\"653\":2,\"662\":4,\"665\":21,\"666\":27,\"667\":13,\"670\":1,\"673\":1,\"697\":3,\"698\":2,\"699\":2,\"708\":4,\"711\":21,\"712\":27,\"713\":13,\"716\":1,\"719\":1,\"743\":3,\"744\":2,\"745\":2,\"754\":4,\"757\":21,\"758\":27,\"759\":13,\"762\":1,\"765\":1,\"789\":3,\"790\":2,\"791\":2,\"800\":4,\"803\":21,\"804\":27,\"805\":13,\"808\":1,\"811\":1,\"835\":3,\"836\":2,\"837\":2,\"846\":4,\"849\":21,\"850\":27,\"851\":13,\"854\":1,\"857\":1,\"881\":3,\"882\":2,\"883\":2,\"892\":4,\"895\":24,\"896\":22,\"897\":13,\"904\":1,\"906\":1,\"907\":3,\"908\":1,\"909\":4,\"911\":28,\"912\":3,\"913\":1,\"914\":2,\"915\":24,\"916\":13,\"920\":6,\"922\":2,\"928\":1,\"948\":3,\"949\":5,\"950\":4,\"957\":1,\"963\":3,\"964\":5,\"965\":4,\"975\":3,\"976\":2,\"979\":2,\"1001\":2,\"1008\":3,\"1009\":5,\"1010\":4,\"1013\":1,\"1015\":1,\"1016\":2,\"1017\":2,\"1018\":2,\"1019\":2,\"1026\":1,\"1027\":1,\"1038\":1,\"1039\":2,\"1040\":8,\"1041\":6,\"1042\":2,\"1043\":2,\"1044\":2,\"1049\":5,\"1051\":2,\"1057\":1,\"1059\":3,\"1060\":5,\"1061\":4,\"1064\":1,\"1083\":2,\"1094\":2,\"1101\":3,\"1102\":5,\"1103\":4,\"1106\":1,\"1108\":1,\"1109\":2,\"1110\":2,\"1111\":2,\"1112\":2,\"1120\":1,\"1121\":1,\"1132\":1,\"1133\":2,\"1134\":8,\"1135\":6,\"1136\":2,\"1137\":2,\"1138\":2,\"1157\":3,\"1158\":5,\"1159\":4,\"1166\":1,\"1173\":3,\"1174\":5,\"1175\":4,\"1185\":3,\"1186\":2,\"1189\":2,\"1204\":2,\"1211\":3,\"1212\":5,\"1213\":4,\"1216\":1,\"1218\":1,\"1219\":2,\"1220\":2,\"1221\":2,\"1222\":2,\"1227\":3,\"1228\":5,\"1229\":4,\"1232\":1,\"1262\":3,\"1263\":2,\"1264\":7,\"1265\":2,\"1266\":2,\"1272\":2,\"1279\":3,\"1280\":5,\"1281\":4,\"1284\":1,\"1286\":1,\"1287\":2,\"1288\":2,\"1289\":2,\"1290\":2,\"1308\":3,\"1309\":5,\"1310\":4,\"1317\":1,\"1324\":3,\"1325\":5,\"1326\":4,\"1336\":3,\"1337\":2,\"1340\":2,\"1355\":5,\"1357\":2,\"1363\":1,\"1365\":3,\"1366\":5,\"1367\":4,\"1370\":1,\"1386\":2,\"1396\":2,\"1403\":3,\"1404\":5,\"1405\":4,\"1408\":1,\"1410\":1,\"1411\":2,\"1412\":2,\"1413\":2,\"1414\":2,\"1422\":1,\"1423\":1,\"1433\":3,\"1434\":2,\"1435\":7,\"1436\":2,\"1437\":2,\"1444\":2,\"1451\":3,\"1452\":5,\"1453\":4,\"1456\":1,\"1458\":1,\"1459\":2,\"1460\":2,\"1461\":2,\"1462\":2,\"1481\":3,\"1482\":5,\"1483\":4,\"1490\":1,\"1496\":3,\"1497\":5,\"1498\":4,\"1508\":3,\"1509\":2,\"1512\":2,\"1531\":5,\"1533\":2,\"1539\":1,\"1541\":3,\"1542\":5,\"1543\":4,\"1546\":1,\"1562\":2,\"1572\":2,\"1579\":3,\"1580\":5,\"1581\":4,\"1584\":1,\"1586\":1,\"1587\":2,\"1588\":2,\"1589\":2,\"1590\":2,\"1598\":1,\"1599\":1,\"1610\":3,\"1611\":2,\"1612\":7,\"1613\":2,\"1614\":2,\"1621\":2,\"1628\":3,\"1629\":5,\"1630\":4,\"1633\":1,\"1635\":1,\"1636\":2,\"1637\":2,\"1638\":2,\"1639\":2,\"1658\":3,\"1659\":5,\"1660\":4,\"1667\":1,\"1673\":3,\"1674\":5,\"1675\":4,\"1685\":3,\"1686\":2,\"1689\":2,\"1708\":5,\"1710\":2,\"1716\":1,\"1718\":3,\"1719\":5,\"1720\":4,\"1723\":1,\"1739\":2,\"1749\":2,\"1756\":3,\"1757\":5,\"1758\":4,\"1761\":1,\"1763\":1,\"1764\":2,\"1765\":2,\"1766\":2,\"1767\":2,\"1775\":1,\"1776\":1,\"1787\":3,\"1788\":2,\"1789\":7,\"1790\":2,\"1791\":2,\"1798\":2,\"1805\":3,\"1806\":5,\"1807\":4,\"1810\":1,\"1812\":1,\"1813\":2,\"1814\":2,\"1815\":2,\"1816\":2,\"1835\":3,\"1836\":5,\"1837\":4,\"1844\":1,\"1850\":3,\"1851\":5,\"1852\":4,\"1862\":3,\"1863\":2,\"1866\":2,\"1885\":5,\"1887\":2,\"1893\":1,\"1895\":3,\"1896\":5,\"1897\":4,\"1900\":1,\"1916\":2,\"1926\":2,\"1933\":3,\"1934\":5,\"1935\":4,\"1938\":1,\"1940\":1,\"1941\":2,\"1942\":2,\"1943\":2,\"1944\":2,\"1952\":1,\"1953\":1,\"1964\":3,\"1965\":2,\"1966\":7,\"1967\":2,\"1968\":2,\"1975\":2,\"1982\":3,\"1983\":5,\"1984\":4,\"1987\":1,\"1989\":1,\"1990\":2,\"1991\":2,\"1992\":2,\"1993\":2,\"2012\":3,\"2013\":5,\"2014\":4,\"2021\":1,\"2027\":3,\"2028\":5,\"2029\":4,\"2039\":3,\"2040\":2,\"2043\":2,\"2062\":5,\"2064\":2,\"2070\":1,\"2072\":3,\"2073\":5,\"2074\":4,\"2077\":1,\"2093\":2,\"2103\":2,\"2110\":3,\"2111\":5,\"2112\":4,\"2115\":1,\"2117\":1,\"2118\":2,\"2119\":2,\"2120\":2,\"2121\":2,\"2129\":1,\"2130\":1,\"2141\":3,\"2142\":2,\"2143\":7,\"2144\":2,\"2145\":2,\"2152\":2,\"2159\":3,\"2160\":5,\"2161\":4,\"2164\":1,\"2166\":1,\"2167\":2,\"2168\":2,\"2169\":2,\"2170\":2,\"2189\":3,\"2190\":5,\"2191\":4,\"2198\":1,\"2204\":3,\"2205\":5,\"2206\":4,\"2216\":3,\"2217\":2,\"2220\":2,\"2239\":5,\"2241\":2,\"2247\":1,\"2249\":3,\"2250\":5,\"2251\":4,\"2254\":1,\"2270\":2,\"2280\":2,\"2287\":3,\"2288\":5,\"2289\":4,\"2292\":1,\"2294\":1,\"2295\":2,\"2296\":2,\"2297\":2,\"2298\":2,\"2306\":1,\"2307\":1,\"2318\":3,\"2319\":2,\"2320\":7,\"2321\":2,\"2322\":2,\"2327\":6,\"2329\":2,\"2335\":1,\"2339\":2,\"2346\":3,\"2347\":5,\"2348\":4,\"2351\":1,\"2353\":1,\"2354\":2,\"2355\":2,\"2356\":2,\"2357\":2,\"2379\":3,\"2380\":5,\"2381\":4,\"2388\":1,\"2394\":3,\"2395\":5,\"2396\":4,\"2406\":3,\"2407\":2,\"2410\":2,\"2433\":1,\"2434\":1,\"2445\":3,\"2446\":2,\"2447\":7,\"2448\":2,\"2449\":2,\"2454\":5,\"2456\":2,\"2462\":1,\"2464\":3,\"2465\":5,\"2466\":4,\"2469\":1,\"2488\":2,\"2499\":2,\"2506\":3,\"2507\":5,\"2508\":4,\"2511\":1,\"2513\":1,\"2514\":2,\"2515\":2,\"2516\":2,\"2517\":2,\"2525\":1,\"2526\":1,\"2537\":3,\"2538\":2,\"2539\":7,\"2540\":2,\"2541\":2,\"2546\":6,\"2548\":2,\"2554\":1,\"2558\":2,\"2565\":3,\"2566\":5,\"2567\":4,\"2570\":1,\"2572\":1,\"2573\":2,\"2574\":2,\"2575\":2,\"2576\":2,\"2598\":3,\"2599\":5,\"2600\":4,\"2607\":1,\"2613\":3,\"2614\":5,\"2615\":4,\"2625\":3,\"2626\":2,\"2629\":2,\"2652\":1,\"2653\":1,\"2664\":3,\"2665\":2,\"2666\":7,\"2667\":2,\"2668\":2,\"2673\":5,\"2675\":2,\"2681\":1,\"2683\":3,\"2684\":5,\"2685\":4,\"2688\":1,\"2707\":2,\"2718\":2,\"2725\":3,\"2726\":5,\"2727\":4,\"2730\":1,\"2732\":1,\"2733\":2,\"2734\":2,\"2735\":2,\"2736\":2,\"2744\":1,\"2745\":1,\"2756\":3,\"2757\":2,\"2758\":7,\"2759\":2,\"2760\":2,\"2765\":6,\"2767\":2,\"2773\":1,\"2777\":2,\"2784\":3,\"2785\":5,\"2786\":4,\"2789\":1,\"2791\":1,\"2792\":2,\"2793\":2,\"2794\":2,\"2795\":2,\"2817\":3,\"2818\":5,\"2819\":4,\"2826\":1,\"2832\":3,\"2833\":5,\"2834\":4,\"2844\":3,\"2845\":2,\"2848\":2,\"2871\":1,\"2872\":1,\"2883\":3,\"2884\":2,\"2885\":7,\"2886\":2,\"2887\":2,\"2892\":5,\"2894\":2,\"2900\":1,\"2902\":3,\"2903\":5,\"2904\":4,\"2907\":1,\"2926\":2,\"2937\":2,\"2944\":3,\"2945\":5,\"2946\":4,\"2949\":1,\"2951\":1,\"2952\":2,\"2953\":2,\"2954\":2,\"2955\":2,\"2963\":1,\"2964\":1,\"2975\":3,\"2976\":2,\"2977\":7,\"2978\":2,\"2979\":2,\"2984\":6,\"2986\":2,\"2992\":1,\"2996\":2,\"3003\":3,\"3004\":5,\"3005\":4,\"3008\":1,\"3010\":1,\"3011\":2,\"3012\":2,\"3013\":2,\"3014\":2,\"3036\":3,\"3037\":5,\"3038\":4,\"3045\":1,\"3051\":3,\"3052\":5,\"3053\":4,\"3063\":3,\"3064\":2,\"3067\":2,\"3090\":1,\"3091\":1,\"3102\":3,\"3103\":2,\"3104\":7,\"3105\":2,\"3106\":2,\"3111\":5,\"3113\":2,\"3119\":1,\"3121\":3,\"3122\":5,\"3123\":4,\"3126\":1,\"3145\":2,\"3156\":2,\"3163\":3,\"3164\":5,\"3165\":4,\"3168\":1,\"3170\":1,\"3171\":2,\"3172\":2,\"3173\":2,\"3174\":2,\"3182\":1,\"3183\":1,\"3194\":3,\"3195\":2,\"3196\":7,\"3197\":2,\"3198\":2,\"3203\":6,\"3205\":2,\"3211\":1,\"3231\":3,\"3232\":5,\"3233\":4,\"3240\":1,\"3246\":3,\"3247\":5,\"3248\":4,\"3258\":3,\"3259\":2,\"3262\":2,\"3284\":2,\"3291\":3,\"3292\":5,\"3293\":4,\"3296\":1,\"3298\":1,\"3299\":2,\"3300\":2,\"3301\":2,\"3302\":2,\"3309\":1,\"3310\":1,\"3321\":1,\"3322\":2,\"3323\":8,\"3324\":6,\"3325\":2,\"3326\":2,\"3327\":2,\"3332\":5,\"3334\":2,\"3340\":1,\"3342\":3,\"3343\":5,\"3344\":4,\"3347\":1,\"3366\":2,\"3377\":2,\"3384\":3,\"3385\":5,\"3386\":4,\"3389\":1,\"3391\":1,\"3392\":2,\"3393\":2,\"3394\":2,\"3395\":2,\"3403\":1,\"3404\":1,\"3415\":1,\"3416\":2,\"3417\":8,\"3418\":6,\"3419\":2,\"3420\":2,\"3421\":2}}],[\"certificates\",{\"0\":{\"205\":1,\"228\":1,\"249\":1,\"284\":1,\"288\":1,\"295\":1,\"299\":1,\"438\":1,\"441\":1,\"450\":1,\"477\":1,\"480\":1,\"500\":1,\"503\":1,\"526\":1,\"529\":1,\"556\":1,\"559\":1,\"586\":1,\"589\":1,\"616\":1,\"619\":1,\"662\":1,\"665\":1,\"708\":1,\"711\":1,\"754\":1,\"757\":1,\"800\":1,\"803\":1,\"846\":1,\"849\":1,\"892\":1,\"895\":1,\"904\":1},\"1\":{\"32\":1,\"99\":2,\"110\":3,\"112\":1,\"113\":2,\"134\":1,\"135\":1,\"165\":2,\"169\":2,\"205\":4,\"228\":3,\"249\":4,\"265\":1,\"266\":1,\"275\":1,\"276\":1,\"277\":1,\"283\":1,\"284\":1,\"289\":1,\"290\":1,\"294\":1,\"295\":1,\"300\":1,\"301\":1,\"327\":20,\"331\":2,\"427\":1,\"437\":1,\"438\":3,\"442\":4,\"443\":1,\"450\":1,\"451\":2,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"456\":1,\"457\":13,\"458\":2,\"459\":2,\"460\":1,\"461\":3,\"462\":3,\"470\":1,\"476\":1,\"477\":3,\"481\":4,\"482\":1,\"493\":1,\"499\":1,\"500\":3,\"504\":3,\"505\":1,\"519\":1,\"525\":1,\"526\":3,\"530\":3,\"531\":1,\"545\":1,\"555\":1,\"556\":3,\"560\":3,\"561\":1,\"564\":2,\"575\":1,\"585\":1,\"586\":3,\"590\":3,\"591\":1,\"594\":2,\"605\":1,\"615\":1,\"616\":3,\"620\":3,\"621\":1,\"624\":2,\"651\":1,\"661\":1,\"662\":3,\"666\":3,\"667\":1,\"670\":2,\"697\":1,\"707\":1,\"708\":3,\"712\":3,\"713\":1,\"716\":2,\"743\":1,\"753\":1,\"754\":3,\"758\":3,\"759\":1,\"762\":2,\"789\":1,\"799\":1,\"800\":3,\"804\":3,\"805\":1,\"808\":2,\"835\":1,\"845\":1,\"846\":3,\"850\":3,\"851\":1,\"854\":2,\"881\":1,\"891\":1,\"892\":3,\"896\":4,\"897\":1,\"904\":1,\"905\":2,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"910\":1,\"911\":13,\"912\":2,\"913\":2,\"914\":1,\"915\":3,\"916\":3,\"920\":1,\"923\":1,\"928\":2,\"957\":3,\"979\":2,\"1013\":3,\"1015\":2,\"1024\":2,\"1026\":2,\"1038\":2,\"1039\":1,\"1040\":1,\"1041\":1,\"1049\":1,\"1052\":1,\"1057\":2,\"1064\":3,\"1106\":3,\"1108\":2,\"1117\":2,\"1120\":2,\"1132\":2,\"1133\":1,\"1134\":1,\"1135\":1,\"1166\":3,\"1189\":2,\"1216\":3,\"1218\":3,\"1232\":3,\"1262\":1,\"1263\":1,\"1264\":1,\"1284\":3,\"1286\":3,\"1317\":3,\"1340\":2,\"1355\":1,\"1358\":1,\"1363\":2,\"1370\":3,\"1408\":3,\"1410\":3,\"1419\":2,\"1422\":2,\"1433\":1,\"1434\":1,\"1435\":1,\"1456\":3,\"1458\":3,\"1490\":3,\"1512\":2,\"1531\":1,\"1534\":1,\"1539\":2,\"1546\":3,\"1584\":3,\"1586\":3,\"1595\":2,\"1598\":2,\"1610\":1,\"1611\":1,\"1612\":1,\"1633\":3,\"1635\":3,\"1667\":3,\"1689\":2,\"1708\":1,\"1711\":1,\"1716\":2,\"1723\":3,\"1761\":3,\"1763\":3,\"1772\":2,\"1775\":2,\"1787\":1,\"1788\":1,\"1789\":1,\"1810\":3,\"1812\":3,\"1844\":3,\"1866\":2,\"1885\":1,\"1888\":1,\"1893\":2,\"1900\":3,\"1938\":3,\"1940\":3,\"1949\":2,\"1952\":2,\"1964\":1,\"1965\":1,\"1966\":1,\"1987\":3,\"1989\":3,\"2021\":3,\"2043\":2,\"2062\":1,\"2065\":1,\"2070\":2,\"2077\":3,\"2115\":3,\"2117\":3,\"2126\":2,\"2129\":2,\"2141\":1,\"2142\":1,\"2143\":1,\"2164\":3,\"2166\":3,\"2198\":3,\"2220\":2,\"2239\":1,\"2242\":1,\"2247\":2,\"2254\":3,\"2292\":3,\"2294\":3,\"2303\":2,\"2306\":2,\"2318\":1,\"2319\":1,\"2320\":1,\"2327\":1,\"2330\":1,\"2335\":2,\"2351\":3,\"2353\":3,\"2388\":3,\"2410\":2,\"2431\":2,\"2433\":2,\"2445\":1,\"2446\":1,\"2447\":1,\"2454\":1,\"2457\":1,\"2462\":2,\"2469\":3,\"2511\":3,\"2513\":3,\"2522\":2,\"2525\":2,\"2537\":1,\"2538\":1,\"2539\":1,\"2546\":1,\"2549\":1,\"2554\":2,\"2570\":3,\"2572\":3,\"2607\":3,\"2629\":2,\"2650\":2,\"2652\":2,\"2664\":1,\"2665\":1,\"2666\":1,\"2673\":1,\"2676\":1,\"2681\":2,\"2688\":3,\"2730\":3,\"2732\":3,\"2741\":2,\"2744\":2,\"2756\":1,\"2757\":1,\"2758\":1,\"2765\":1,\"2768\":1,\"2773\":2,\"2789\":3,\"2791\":3,\"2826\":3,\"2848\":2,\"2869\":2,\"2871\":2,\"2883\":1,\"2884\":1,\"2885\":1,\"2892\":1,\"2895\":1,\"2900\":2,\"2907\":3,\"2949\":3,\"2951\":3,\"2960\":2,\"2963\":2,\"2975\":1,\"2976\":1,\"2977\":1,\"2984\":1,\"2987\":1,\"2992\":2,\"3008\":3,\"3010\":3,\"3045\":3,\"3067\":2,\"3088\":2,\"3090\":2,\"3102\":1,\"3103\":1,\"3104\":1,\"3111\":1,\"3114\":1,\"3119\":2,\"3126\":3,\"3168\":3,\"3170\":3,\"3179\":2,\"3182\":2,\"3194\":1,\"3195\":1,\"3196\":1,\"3203\":1,\"3206\":1,\"3211\":2,\"3240\":3,\"3262\":2,\"3296\":3,\"3298\":2,\"3307\":2,\"3309\":2,\"3321\":2,\"3322\":1,\"3323\":1,\"3324\":1,\"3332\":1,\"3335\":1,\"3340\":2,\"3347\":3,\"3389\":3,\"3391\":2,\"3400\":2,\"3403\":2,\"3415\":2,\"3416\":1,\"3417\":1,\"3418\":1}}],[\"certifiate\",{\"1\":{\"134\":1,\"135\":1}}],[\"cert\",{\"1\":{\"134\":2,\"135\":2,\"138\":1,\"338\":3,\"367\":1,\"393\":1,\"452\":2,\"453\":3,\"454\":2,\"455\":4,\"906\":2,\"907\":3,\"908\":2,\"909\":4,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1038\":1,\"1039\":1,\"1064\":1,\"1106\":1,\"1108\":1,\"1132\":1,\"1133\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3321\":1,\"3322\":1,\"3347\":1,\"3389\":1,\"3391\":1,\"3415\":1,\"3416\":1}}],[\"certain\",{\"1\":{\"109\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"centric\",{\"1\":{\"118\":1}}],[\"central\",{\"1\":{\"91\":2,\"127\":1,\"128\":2,\"130\":1}}],[\"centres\",{\"1\":{\"91\":1}}],[\"centre\",{\"1\":{\"88\":1}}],[\"centeric\",{\"1\":{\"98\":1}}],[\"center\",{\"1\":{\"78\":1,\"81\":1,\"117\":1,\"128\":1,\"130\":1}}],[\"centers\",{\"1\":{\"11\":1,\"81\":1,\"98\":1,\"127\":1}}],[\"c\",{\"0\":{\"1043\":1,\"1137\":1,\"3326\":1,\"3420\":1},\"1\":{\"26\":18,\"289\":1,\"290\":3,\"300\":1,\"301\":3,\"400\":1,\"442\":1,\"443\":1,\"452\":1,\"454\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"906\":1,\"908\":1,\"1043\":2,\"1137\":2,\"3326\":2,\"3420\":2}}],[\"crt\",{\"1\":{\"457\":56,\"458\":3,\"911\":56,\"912\":3}}],[\"crucial\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"criteria=task\",{\"1\":{\"211\":1,\"962\":1,\"1172\":1,\"1323\":1,\"1495\":1,\"1672\":1,\"1849\":1,\"2026\":1,\"2203\":1,\"2393\":1,\"2612\":1,\"2831\":1,\"3050\":1,\"3245\":1}}],[\"criteria=questionnaireresponse\",{\"1\":{\"206\":1,\"958\":1,\"1167\":1,\"1318\":1,\"1491\":1,\"1668\":1,\"1845\":1,\"2022\":1,\"2199\":1,\"2389\":1,\"2608\":1,\"2827\":1,\"3046\":1,\"3241\":1}}],[\"critical\",{\"1\":{\"10\":1,\"127\":1}}],[\"crisis\",{\"1\":{\"129\":1}}],[\"crp=central\",{\"1\":{\"98\":1}}],[\"crr\",{\"1\":{\"91\":1,\"130\":1,\"290\":4,\"301\":4,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"creating\",{\"1\":{\"81\":1,\"97\":1,\"99\":1,\"169\":1,\"356\":3}}],[\"createrole\",{\"1\":{\"134\":1}}],[\"createdb\",{\"1\":{\"134\":1}}],[\"created\",{\"1\":{\"90\":1,\"103\":1,\"147\":1,\"150\":1,\"304\":1,\"307\":1,\"310\":1,\"338\":5,\"347\":1,\"367\":4,\"393\":4,\"983\":1,\"1516\":1,\"1693\":1,\"1870\":1,\"2047\":1,\"2224\":1,\"2414\":1,\"2633\":1,\"2852\":1,\"3071\":1,\"3266\":1}}],[\"creates\",{\"1\":{\"89\":1,\"138\":1}}],[\"create\",{\"0\":{\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1},\"1\":{\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"86\":1,\"98\":2,\"134\":4,\"141\":3,\"142\":1,\"151\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"338\":1,\"342\":1,\"346\":1,\"349\":2,\"352\":2,\"364\":2,\"367\":2,\"377\":2,\"393\":2,\"414\":4,\"415\":1,\"417\":2,\"421\":1,\"422\":1,\"427\":1,\"442\":1,\"443\":1,\"461\":1,\"462\":1,\"464\":1,\"465\":1,\"470\":1,\"481\":1,\"482\":1,\"487\":1,\"488\":1,\"493\":1,\"504\":1,\"505\":1,\"510\":1,\"511\":1,\"513\":1,\"514\":1,\"519\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"539\":1,\"540\":1,\"545\":1,\"560\":1,\"561\":1,\"566\":1,\"567\":1,\"569\":1,\"570\":1,\"575\":1,\"590\":1,\"591\":1,\"596\":1,\"597\":1,\"599\":1,\"600\":1,\"605\":1,\"620\":1,\"621\":1,\"626\":1,\"627\":1,\"638\":4,\"639\":1,\"641\":2,\"645\":1,\"646\":1,\"651\":1,\"666\":1,\"667\":1,\"672\":1,\"673\":1,\"684\":4,\"685\":1,\"687\":2,\"691\":1,\"692\":1,\"697\":1,\"712\":1,\"713\":1,\"718\":1,\"719\":1,\"730\":4,\"731\":1,\"733\":2,\"737\":1,\"738\":1,\"743\":1,\"758\":1,\"759\":1,\"764\":1,\"765\":1,\"776\":4,\"777\":1,\"779\":2,\"783\":1,\"784\":1,\"789\":1,\"804\":1,\"805\":1,\"810\":1,\"811\":1,\"822\":4,\"823\":1,\"825\":2,\"829\":1,\"830\":1,\"835\":1,\"850\":1,\"851\":1,\"856\":1,\"857\":1,\"868\":4,\"869\":1,\"871\":2,\"875\":1,\"876\":1,\"881\":1,\"896\":1,\"897\":1,\"915\":1,\"916\":1,\"1055\":1,\"1057\":2,\"1361\":1,\"1363\":2,\"1537\":1,\"1539\":2,\"1714\":1,\"1716\":2,\"1891\":1,\"1893\":2,\"2068\":1,\"2070\":2,\"2245\":1,\"2247\":2,\"2460\":1,\"2462\":2,\"2679\":1,\"2681\":2,\"2898\":1,\"2900\":2,\"3117\":1,\"3119\":2,\"3338\":1,\"3340\":2}}],[\"cross\",{\"1\":{\"0\":1,\"8\":1,\"32\":1,\"82\":1,\"117\":1}}],[\"caching\",{\"1\":{\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1}}],[\"cache\",{\"0\":{\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1},\"1\":{\"304\":2,\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1}}],[\"caid=105487\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=105483\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=1167\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160144\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160140\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160134\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160137\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160138\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=160136\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=1390\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=713\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=712\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=23772\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=23770\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=22818\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=207658\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=207659\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=207660\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=207661\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=202188\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=202189\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=202184\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=202185\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=6068\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=390049\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=390048\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=390054\",{\"1\":{\"457\":1,\"911\":1}}],[\"caid=390050\",{\"1\":{\"457\":1,\"911\":1}}],[\"caution\",{\"1\":{\"338\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1}}],[\"cass\",{\"1\":{\"332\":1}}],[\"cas\",{\"0\":{\"457\":1,\"458\":1,\"911\":1,\"912\":1,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1064\":1,\"1106\":1,\"1108\":1,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3347\":1,\"3389\":1,\"3391\":1},\"1\":{\"327\":6,\"441\":1,\"450\":2,\"451\":1,\"452\":2,\"453\":7,\"454\":2,\"455\":9,\"456\":1,\"457\":3,\"459\":1,\"461\":2,\"462\":2,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"895\":1,\"904\":2,\"905\":1,\"906\":2,\"907\":7,\"908\":2,\"909\":9,\"910\":1,\"911\":3,\"913\":1,\"915\":2,\"916\":2,\"957\":2,\"979\":2,\"1013\":2,\"1015\":1,\"1026\":1,\"1027\":1,\"1039\":1,\"1064\":2,\"1106\":2,\"1108\":1,\"1120\":1,\"1121\":1,\"1133\":1,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1422\":1,\"1423\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1598\":1,\"1599\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1775\":1,\"1776\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1952\":1,\"1953\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2129\":1,\"2130\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2306\":1,\"2307\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2433\":1,\"2434\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2525\":1,\"2526\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2652\":1,\"2653\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2744\":1,\"2745\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2871\":1,\"2872\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"2963\":1,\"2964\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3090\":1,\"3091\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3182\":1,\"3183\":1,\"3240\":2,\"3262\":2,\"3296\":2,\"3298\":1,\"3309\":1,\"3310\":1,\"3322\":1,\"3347\":2,\"3389\":2,\"3391\":1,\"3403\":1,\"3404\":1,\"3416\":1}}],[\"cast\",{\"1\":{\"159\":3}}],[\"cases\",{\"0\":{\"123\":1},\"1\":{\"13\":1,\"81\":1,\"82\":1,\"85\":1,\"88\":1,\"116\":1,\"117\":1,\"159\":2,\"333\":1,\"390\":2,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"case\",{\"0\":{\"13\":1},\"1\":{\"1\":1,\"5\":1,\"12\":1,\"26\":2,\"102\":2,\"117\":1,\"159\":3,\"346\":1}}],[\"calculated\",{\"1\":{\"920\":1,\"1049\":1,\"1083\":1,\"1355\":1,\"1386\":1,\"1531\":1,\"1562\":1,\"1708\":1,\"1739\":1,\"1885\":1,\"1916\":1,\"2062\":1,\"2093\":1,\"2239\":1,\"2270\":1,\"2327\":1,\"2454\":1,\"2488\":1,\"2546\":1,\"2673\":1,\"2707\":1,\"2765\":1,\"2892\":1,\"2926\":1,\"2984\":1,\"3111\":1,\"3145\":1,\"3203\":1,\"3332\":1,\"3366\":1}}],[\"calculation\",{\"1\":{\"99\":1,\"169\":1}}],[\"calls\",{\"1\":{\"346\":1}}],[\"called\",{\"1\":{\"333\":1,\"920\":1,\"1004\":1,\"1049\":1,\"1097\":1,\"1207\":1,\"1275\":1,\"1355\":1,\"1399\":1,\"1447\":1,\"1531\":1,\"1575\":1,\"1624\":1,\"1708\":1,\"1752\":1,\"1801\":1,\"1885\":1,\"1929\":1,\"1978\":1,\"2062\":1,\"2106\":1,\"2155\":1,\"2239\":1,\"2283\":1,\"2327\":1,\"2342\":1,\"2454\":1,\"2502\":1,\"2546\":1,\"2561\":1,\"2673\":1,\"2721\":1,\"2765\":1,\"2780\":1,\"2892\":1,\"2940\":1,\"2984\":1,\"2999\":1,\"3111\":1,\"3159\":1,\"3203\":1,\"3287\":1,\"3332\":1,\"3380\":1}}],[\"call\",{\"1\":{\"159\":1,\"160\":2,\"333\":1}}],[\"categorizes\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"category\",{\"1\":{\"408\":1,\"415\":1,\"632\":1,\"639\":1,\"678\":1,\"685\":1,\"724\":1,\"731\":1,\"770\":1,\"777\":1,\"816\":1,\"823\":1,\"862\":1,\"869\":1}}],[\"catch\",{\"1\":{\"159\":5,\"160\":1,\"356\":1,\"359\":1,\"381\":1,\"385\":1,\"390\":3}}],[\"catalina\",{\"1\":{\"137\":1}}],[\"ca\",{\"0\":{\"275\":1,\"276\":1,\"1038\":1,\"1039\":1,\"1132\":1,\"1133\":1,\"1262\":1,\"1263\":1,\"1433\":1,\"1434\":1,\"1610\":1,\"1611\":1,\"1787\":1,\"1788\":1,\"1964\":1,\"1965\":1,\"2141\":1,\"2142\":1,\"2318\":1,\"2319\":1,\"2445\":1,\"2446\":1,\"2537\":1,\"2538\":1,\"2664\":1,\"2665\":1,\"2756\":1,\"2757\":1,\"2883\":1,\"2884\":1,\"2975\":1,\"2976\":1,\"3102\":1,\"3103\":1,\"3194\":1,\"3195\":1,\"3321\":1,\"3322\":1,\"3415\":1,\"3416\":1},\"1\":{\"134\":5,\"135\":5,\"160\":1,\"275\":2,\"276\":3,\"277\":1,\"283\":1,\"289\":1,\"294\":1,\"300\":1,\"338\":4,\"437\":1,\"442\":1,\"450\":1,\"452\":7,\"453\":4,\"454\":7,\"455\":5,\"457\":44,\"458\":9,\"459\":1,\"461\":13,\"462\":5,\"476\":1,\"481\":1,\"499\":1,\"504\":1,\"525\":1,\"530\":1,\"555\":1,\"560\":1,\"564\":1,\"585\":1,\"590\":1,\"594\":1,\"615\":1,\"620\":1,\"624\":1,\"661\":1,\"666\":1,\"670\":1,\"707\":1,\"712\":1,\"716\":1,\"753\":1,\"758\":1,\"762\":1,\"799\":1,\"804\":1,\"808\":1,\"845\":1,\"850\":1,\"854\":1,\"891\":1,\"896\":1,\"904\":1,\"906\":7,\"907\":4,\"908\":7,\"909\":5,\"911\":44,\"912\":9,\"913\":1,\"915\":13,\"916\":5,\"957\":1,\"979\":1,\"1013\":1,\"1015\":3,\"1027\":4,\"1038\":2,\"1039\":3,\"1040\":2,\"1041\":2,\"1044\":14,\"1064\":1,\"1106\":1,\"1108\":3,\"1121\":4,\"1132\":2,\"1133\":3,\"1134\":2,\"1135\":2,\"1138\":14,\"1262\":2,\"1263\":3,\"1264\":1,\"1423\":4,\"1433\":2,\"1434\":3,\"1435\":1,\"1599\":4,\"1610\":2,\"1611\":3,\"1612\":1,\"1776\":4,\"1787\":2,\"1788\":3,\"1789\":1,\"1953\":4,\"1964\":2,\"1965\":3,\"1966\":1,\"2130\":4,\"2141\":2,\"2142\":3,\"2143\":1,\"2307\":4,\"2318\":2,\"2319\":3,\"2320\":1,\"2434\":4,\"2445\":2,\"2446\":3,\"2447\":1,\"2526\":4,\"2537\":2,\"2538\":3,\"2539\":1,\"2653\":4,\"2664\":2,\"2665\":3,\"2666\":1,\"2745\":4,\"2756\":2,\"2757\":3,\"2758\":1,\"2872\":4,\"2883\":2,\"2884\":3,\"2885\":1,\"2964\":4,\"2975\":2,\"2976\":3,\"2977\":1,\"3091\":4,\"3102\":2,\"3103\":3,\"3104\":1,\"3183\":4,\"3194\":2,\"3195\":3,\"3196\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":3,\"3310\":4,\"3321\":2,\"3322\":3,\"3323\":2,\"3324\":2,\"3327\":14,\"3347\":1,\"3389\":1,\"3391\":3,\"3404\":4,\"3415\":2,\"3416\":3,\"3417\":2,\"3418\":2,\"3421\":14}}],[\"capabilities\",{\"1\":{\"117\":1}}],[\"camunda\",{\"0\":{\"178\":1,\"179\":2,\"180\":1,\"935\":1,\"936\":2,\"937\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3218\":1,\"3219\":2,\"3220\":1},\"1\":{\"103\":1,\"178\":3,\"179\":4,\"180\":3,\"290\":1,\"301\":1,\"319\":1,\"327\":27,\"332\":1,\"373\":1,\"382\":1,\"394\":1,\"402\":2,\"443\":1,\"462\":3,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"916\":3,\"935\":3,\"936\":4,\"937\":3,\"1148\":3,\"1149\":4,\"1150\":3,\"1299\":3,\"1300\":4,\"1301\":3,\"1471\":3,\"1472\":4,\"1473\":3,\"1648\":3,\"1649\":4,\"1650\":3,\"1825\":3,\"1826\":4,\"1827\":3,\"2002\":3,\"2003\":4,\"2004\":3,\"2179\":3,\"2180\":4,\"2181\":3,\"2366\":3,\"2367\":4,\"2368\":3,\"2585\":3,\"2586\":4,\"2587\":3,\"2804\":3,\"2805\":4,\"2806\":3,\"3023\":3,\"3024\":4,\"3025\":3,\"3218\":3,\"3219\":4,\"3220\":3}}],[\"canonical\",{\"1\":{\"357\":2,\"360\":1,\"386\":1}}],[\"candidate\",{\"0\":{\"142\":1}}],[\"can\",{\"1\":{\"8\":1,\"12\":1,\"35\":1,\"37\":3,\"40\":2,\"74\":2,\"85\":2,\"86\":1,\"88\":2,\"90\":1,\"91\":2,\"92\":1,\"93\":1,\"94\":3,\"95\":4,\"96\":3,\"97\":2,\"98\":3,\"100\":2,\"102\":1,\"103\":1,\"104\":1,\"109\":2,\"110\":1,\"120\":2,\"126\":2,\"130\":2,\"138\":1,\"139\":1,\"147\":1,\"152\":1,\"153\":1,\"154\":2,\"156\":1,\"170\":2,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"209\":1,\"233\":1,\"234\":1,\"244\":1,\"245\":1,\"246\":1,\"261\":1,\"265\":1,\"266\":1,\"277\":1,\"286\":1,\"289\":2,\"290\":2,\"297\":1,\"300\":2,\"301\":2,\"311\":1,\"314\":1,\"318\":1,\"323\":1,\"324\":2,\"334\":2,\"338\":4,\"341\":3,\"345\":1,\"346\":2,\"347\":1,\"348\":2,\"352\":2,\"354\":1,\"357\":2,\"358\":1,\"359\":1,\"360\":1,\"363\":1,\"367\":3,\"369\":2,\"371\":2,\"372\":1,\"373\":1,\"377\":1,\"381\":1,\"382\":1,\"384\":1,\"385\":1,\"386\":1,\"389\":1,\"393\":3,\"395\":1,\"397\":1,\"399\":1,\"400\":2,\"401\":2,\"402\":1,\"404\":1,\"407\":1,\"415\":2,\"417\":2,\"419\":2,\"422\":1,\"426\":1,\"427\":2,\"429\":1,\"430\":1,\"431\":1,\"432\":1,\"434\":1,\"442\":2,\"443\":1,\"444\":3,\"446\":1,\"451\":1,\"459\":3,\"460\":1,\"469\":1,\"470\":2,\"472\":1,\"473\":1,\"481\":4,\"482\":1,\"483\":3,\"492\":1,\"493\":2,\"495\":1,\"496\":1,\"504\":2,\"505\":1,\"506\":3,\"518\":1,\"519\":2,\"521\":1,\"522\":1,\"530\":2,\"531\":1,\"532\":3,\"536\":1,\"544\":1,\"545\":2,\"547\":1,\"548\":1,\"552\":1,\"560\":2,\"561\":1,\"562\":3,\"564\":3,\"574\":1,\"575\":2,\"577\":1,\"578\":1,\"582\":1,\"590\":2,\"591\":1,\"592\":3,\"594\":3,\"604\":1,\"605\":2,\"607\":1,\"608\":1,\"612\":1,\"620\":2,\"621\":1,\"622\":3,\"624\":3,\"628\":1,\"631\":1,\"639\":2,\"641\":2,\"643\":2,\"646\":1,\"650\":1,\"651\":2,\"653\":1,\"654\":1,\"658\":1,\"666\":2,\"667\":1,\"668\":3,\"670\":3,\"674\":1,\"677\":1,\"685\":2,\"687\":2,\"689\":2,\"692\":1,\"696\":1,\"697\":2,\"699\":1,\"700\":1,\"704\":1,\"712\":2,\"713\":1,\"714\":3,\"716\":3,\"720\":1,\"723\":1,\"731\":2,\"733\":2,\"735\":2,\"738\":1,\"742\":1,\"743\":2,\"745\":1,\"746\":1,\"750\":1,\"758\":2,\"759\":1,\"760\":3,\"762\":3,\"766\":1,\"769\":1,\"777\":2,\"779\":2,\"781\":2,\"784\":1,\"788\":1,\"789\":2,\"791\":1,\"792\":1,\"793\":1,\"794\":1,\"796\":1,\"804\":2,\"805\":1,\"806\":3,\"808\":3,\"812\":1,\"815\":1,\"823\":2,\"825\":2,\"827\":2,\"830\":1,\"834\":1,\"835\":2,\"837\":1,\"838\":1,\"839\":1,\"840\":1,\"842\":1,\"850\":2,\"851\":1,\"852\":3,\"854\":3,\"858\":1,\"861\":1,\"869\":2,\"871\":2,\"873\":2,\"876\":1,\"880\":1,\"881\":2,\"883\":1,\"884\":1,\"885\":1,\"886\":1,\"888\":1,\"896\":2,\"897\":1,\"898\":3,\"900\":1,\"905\":1,\"913\":3,\"914\":1,\"920\":5,\"921\":2,\"922\":1,\"923\":1,\"924\":1,\"925\":1,\"960\":1,\"985\":1,\"986\":1,\"1024\":2,\"1025\":2,\"1026\":1,\"1040\":1,\"1049\":5,\"1050\":2,\"1051\":1,\"1052\":1,\"1053\":1,\"1054\":1,\"1056\":3,\"1083\":1,\"1117\":2,\"1118\":2,\"1120\":1,\"1134\":1,\"1170\":1,\"1192\":1,\"1193\":1,\"1264\":1,\"1321\":1,\"1343\":1,\"1344\":1,\"1355\":4,\"1356\":2,\"1357\":1,\"1358\":1,\"1359\":1,\"1360\":1,\"1362\":3,\"1386\":1,\"1419\":2,\"1420\":2,\"1422\":1,\"1435\":1,\"1493\":1,\"1518\":1,\"1519\":1,\"1531\":4,\"1532\":2,\"1533\":1,\"1534\":1,\"1535\":1,\"1536\":1,\"1538\":3,\"1562\":1,\"1595\":2,\"1596\":2,\"1598\":1,\"1612\":1,\"1670\":1,\"1695\":1,\"1696\":1,\"1708\":4,\"1709\":2,\"1710\":1,\"1711\":1,\"1712\":1,\"1713\":1,\"1715\":3,\"1739\":1,\"1772\":2,\"1773\":2,\"1775\":1,\"1789\":1,\"1847\":1,\"1872\":1,\"1873\":1,\"1885\":4,\"1886\":2,\"1887\":1,\"1888\":1,\"1889\":1,\"1890\":1,\"1892\":3,\"1916\":1,\"1949\":2,\"1950\":2,\"1952\":1,\"1966\":1,\"2024\":1,\"2049\":1,\"2050\":1,\"2062\":4,\"2063\":2,\"2064\":1,\"2065\":1,\"2066\":1,\"2067\":1,\"2069\":3,\"2093\":1,\"2126\":2,\"2127\":2,\"2129\":1,\"2143\":1,\"2201\":1,\"2226\":1,\"2227\":1,\"2239\":4,\"2240\":2,\"2241\":1,\"2242\":1,\"2243\":1,\"2244\":1,\"2246\":3,\"2270\":1,\"2303\":2,\"2304\":2,\"2306\":1,\"2320\":1,\"2327\":5,\"2328\":2,\"2329\":1,\"2330\":1,\"2331\":1,\"2332\":1,\"2391\":1,\"2416\":1,\"2417\":1,\"2431\":2,\"2432\":2,\"2433\":1,\"2447\":1,\"2454\":5,\"2455\":2,\"2456\":1,\"2457\":1,\"2458\":1,\"2459\":1,\"2461\":3,\"2488\":1,\"2522\":2,\"2523\":2,\"2525\":1,\"2539\":1,\"2546\":5,\"2547\":2,\"2548\":1,\"2549\":1,\"2550\":1,\"2551\":1,\"2610\":1,\"2635\":1,\"2636\":1,\"2650\":2,\"2651\":2,\"2652\":1,\"2666\":1,\"2673\":5,\"2674\":2,\"2675\":1,\"2676\":1,\"2677\":1,\"2678\":1,\"2680\":3,\"2707\":1,\"2741\":2,\"2742\":2,\"2744\":1,\"2758\":1,\"2765\":5,\"2766\":2,\"2767\":1,\"2768\":1,\"2769\":1,\"2770\":1,\"2829\":1,\"2854\":1,\"2855\":1,\"2869\":2,\"2870\":2,\"2871\":1,\"2885\":1,\"2892\":5,\"2893\":2,\"2894\":1,\"2895\":1,\"2896\":1,\"2897\":1,\"2899\":3,\"2926\":1,\"2960\":2,\"2961\":2,\"2963\":1,\"2977\":1,\"2984\":5,\"2985\":2,\"2986\":1,\"2987\":1,\"2988\":1,\"2989\":1,\"3048\":1,\"3073\":1,\"3074\":1,\"3088\":2,\"3089\":2,\"3090\":1,\"3104\":1,\"3111\":5,\"3112\":2,\"3113\":1,\"3114\":1,\"3115\":1,\"3116\":1,\"3118\":3,\"3145\":1,\"3179\":2,\"3180\":2,\"3182\":1,\"3196\":1,\"3203\":5,\"3204\":2,\"3205\":1,\"3206\":1,\"3207\":1,\"3208\":1,\"3243\":1,\"3268\":1,\"3269\":1,\"3307\":2,\"3308\":2,\"3309\":1,\"3323\":1,\"3332\":5,\"3333\":2,\"3334\":1,\"3335\":1,\"3336\":1,\"3337\":1,\"3339\":3,\"3366\":1,\"3400\":2,\"3401\":2,\"3403\":1,\"3417\":1}}],[\"care\",{\"0\":{\"2\":1,\"87\":1},\"1\":{\"71\":1,\"82\":2,\"98\":2}}],[\"coding\",{\"1\":{\"349\":1,\"361\":1,\"362\":1,\"387\":1,\"388\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"codes\",{\"1\":{\"347\":1,\"1056\":2,\"1362\":2,\"1538\":2,\"1715\":2,\"1892\":2,\"2069\":2,\"2246\":2,\"2461\":2,\"2680\":2,\"2899\":2,\"3118\":2,\"3339\":2}}],[\"codestylesettings>\",{\"1\":{\"160\":1}}],[\"codesystem\",{\"1\":{\"97\":1,\"347\":2,\"348\":2,\"349\":5,\"363\":2,\"389\":4,\"393\":1,\"1056\":3,\"1057\":2,\"1362\":3,\"1363\":2,\"1538\":3,\"1539\":2,\"1715\":3,\"1716\":2,\"1892\":3,\"1893\":2,\"2069\":3,\"2070\":2,\"2246\":3,\"2247\":2,\"2461\":3,\"2462\":2,\"2680\":3,\"2681\":2,\"2899\":3,\"2900\":2,\"3118\":3,\"3119\":2,\"3339\":3,\"3340\":2}}],[\"codeformatterprofile\",{\"1\":{\"159\":1}}],[\"codex\",{\"1\":{\"129\":1,\"130\":1,\"171\":1,\"280\":1,\"286\":1,\"290\":8,\"297\":1,\"300\":8,\"301\":15,\"303\":8,\"304\":8,\"307\":8,\"310\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"551\":2,\"552\":1,\"581\":2,\"582\":1,\"611\":2,\"612\":1,\"657\":2,\"658\":1,\"703\":2,\"704\":1,\"749\":2,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"code\",{\"0\":{\"74\":1,\"143\":1,\"155\":1,\"156\":1,\"159\":1,\"160\":1,\"331\":1,\"404\":1,\"407\":1,\"628\":1,\"631\":1,\"674\":1,\"677\":1,\"720\":1,\"723\":1,\"766\":1,\"769\":1,\"812\":1,\"815\":1,\"858\":1,\"861\":1,\"1002\":1,\"1025\":1,\"1095\":1,\"1118\":1,\"1205\":1,\"1273\":1,\"1397\":1,\"1420\":1,\"1445\":1,\"1573\":1,\"1596\":1,\"1622\":1,\"1750\":1,\"1773\":1,\"1799\":1,\"1927\":1,\"1950\":1,\"1976\":1,\"2104\":1,\"2127\":1,\"2153\":1,\"2281\":1,\"2304\":1,\"2340\":1,\"2432\":1,\"2500\":1,\"2523\":1,\"2559\":1,\"2651\":1,\"2719\":1,\"2742\":1,\"2778\":1,\"2870\":1,\"2938\":1,\"2961\":1,\"2997\":1,\"3089\":1,\"3157\":1,\"3180\":1,\"3285\":1,\"3308\":1,\"3378\":1,\"3401\":1},\"1\":{\"31\":1,\"37\":1,\"74\":1,\"81\":3,\"82\":2,\"98\":1,\"102\":1,\"143\":1,\"156\":4,\"159\":3,\"160\":2,\"261\":1,\"329\":1,\"331\":2,\"332\":1,\"342\":1,\"349\":1,\"373\":1,\"404\":2,\"405\":1,\"407\":6,\"415\":1,\"419\":2,\"628\":2,\"629\":1,\"631\":6,\"639\":1,\"643\":2,\"674\":2,\"675\":1,\"677\":6,\"685\":1,\"689\":2,\"720\":2,\"721\":1,\"723\":6,\"731\":1,\"735\":2,\"766\":2,\"767\":1,\"769\":6,\"777\":1,\"781\":2,\"812\":2,\"813\":1,\"815\":6,\"823\":1,\"827\":2,\"858\":2,\"859\":1,\"861\":6,\"869\":1,\"873\":2,\"1002\":2,\"1003\":1,\"1006\":1,\"1007\":1,\"1024\":1,\"1025\":2,\"1027\":1,\"1043\":1,\"1044\":1,\"1056\":2,\"1095\":2,\"1096\":1,\"1099\":1,\"1100\":1,\"1117\":1,\"1118\":2,\"1121\":1,\"1137\":1,\"1138\":1,\"1205\":2,\"1206\":1,\"1209\":1,\"1210\":1,\"1273\":2,\"1274\":1,\"1277\":1,\"1278\":1,\"1362\":2,\"1397\":2,\"1398\":1,\"1401\":1,\"1402\":1,\"1419\":1,\"1420\":2,\"1423\":1,\"1445\":2,\"1446\":1,\"1449\":1,\"1450\":1,\"1538\":2,\"1573\":2,\"1574\":1,\"1577\":1,\"1578\":1,\"1595\":1,\"1596\":2,\"1599\":1,\"1622\":2,\"1623\":1,\"1626\":1,\"1627\":1,\"1715\":2,\"1750\":2,\"1751\":1,\"1754\":1,\"1755\":1,\"1772\":1,\"1773\":2,\"1776\":1,\"1799\":2,\"1800\":1,\"1803\":1,\"1804\":1,\"1892\":2,\"1927\":2,\"1928\":1,\"1931\":1,\"1932\":1,\"1949\":1,\"1950\":2,\"1953\":1,\"1976\":2,\"1977\":1,\"1980\":1,\"1981\":1,\"2069\":2,\"2104\":2,\"2105\":1,\"2108\":1,\"2109\":1,\"2126\":1,\"2127\":2,\"2130\":1,\"2153\":2,\"2154\":1,\"2157\":1,\"2158\":1,\"2246\":2,\"2281\":2,\"2282\":1,\"2285\":1,\"2286\":1,\"2303\":1,\"2304\":2,\"2307\":1,\"2340\":2,\"2341\":1,\"2344\":1,\"2345\":1,\"2431\":1,\"2432\":2,\"2434\":1,\"2461\":2,\"2500\":2,\"2501\":1,\"2504\":1,\"2505\":1,\"2522\":1,\"2523\":2,\"2526\":1,\"2559\":2,\"2560\":1,\"2563\":1,\"2564\":1,\"2650\":1,\"2651\":2,\"2653\":1,\"2680\":2,\"2719\":2,\"2720\":1,\"2723\":1,\"2724\":1,\"2741\":1,\"2742\":2,\"2745\":1,\"2778\":2,\"2779\":1,\"2782\":1,\"2783\":1,\"2869\":1,\"2870\":2,\"2872\":1,\"2899\":2,\"2938\":2,\"2939\":1,\"2942\":1,\"2943\":1,\"2960\":1,\"2961\":2,\"2964\":1,\"2997\":2,\"2998\":1,\"3001\":1,\"3002\":1,\"3088\":1,\"3089\":2,\"3091\":1,\"3118\":2,\"3157\":2,\"3158\":1,\"3161\":1,\"3162\":1,\"3179\":1,\"3180\":2,\"3183\":1,\"3285\":2,\"3286\":1,\"3289\":1,\"3290\":1,\"3307\":1,\"3308\":2,\"3310\":1,\"3326\":1,\"3327\":1,\"3339\":2,\"3378\":2,\"3379\":1,\"3382\":1,\"3383\":1,\"3400\":1,\"3401\":2,\"3404\":1,\"3420\":1,\"3421\":1}}],[\"cos|\",{\"1\":{\"364\":1}}],[\"cos\",{\"1\":{\"327\":65,\"354\":2,\"364\":3,\"367\":11,\"377\":4,\"393\":8,\"400\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"could\",{\"1\":{\"163\":1,\"338\":1,\"381\":1,\"413\":1,\"419\":1,\"637\":1,\"643\":1,\"683\":1,\"689\":1,\"729\":1,\"735\":1,\"775\":1,\"781\":1,\"821\":1,\"827\":1,\"867\":1,\"873\":1}}],[\"country\",{\"1\":{\"1043\":2,\"1137\":2,\"3326\":2,\"3420\":2}}],[\"counts\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"count\",{\"0\":{\"264\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1},\"1\":{\"159\":1,\"160\":2,\"264\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1}}],[\"color\",{\"1\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"colors\",{\"1\":{\"429\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"colon\",{\"1\":{\"159\":11}}],[\"columns\",{\"1\":{\"159\":3}}],[\"column\",{\"1\":{\"159\":3,\"160\":1}}],[\"collaborate\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"collaboration\",{\"1\":{\"356\":1,\"381\":1,\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"collaborative\",{\"1\":{\"79\":1}}],[\"collected\",{\"1\":{\"117\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"copy\",{\"1\":{\"145\":2,\"146\":1,\"147\":5,\"149\":1,\"150\":4,\"151\":2,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1,\"431\":1,\"459\":3,\"485\":1,\"508\":1,\"534\":1,\"564\":3,\"594\":3,\"624\":3,\"670\":3,\"716\":3,\"762\":3,\"793\":1,\"808\":3,\"839\":1,\"854\":3,\"885\":1,\"913\":3}}],[\"cohortsize\",{\"1\":{\"372\":2}}],[\"cohort\",{\"1\":{\"99\":2,\"127\":2,\"169\":2}}],[\"covered\",{\"1\":{\"116\":1,\"117\":1,\"333\":1,\"348\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"cover\",{\"1\":{\"95\":1,\"116\":1,\"117\":1}}],[\"covid\",{\"1\":{\"26\":1,\"129\":5}}],[\"cor\",{\"1\":{\"379\":1}}],[\"cors\",{\"0\":{\"261\":1},\"1\":{\"261\":2}}],[\"correlating\",{\"1\":{\"356\":1}}],[\"correlation\",{\"1\":{\"347\":1,\"356\":1,\"383\":1}}],[\"correlate\",{\"1\":{\"334\":1,\"383\":2}}],[\"corresponds\",{\"1\":{\"346\":2}}],[\"corresponding\",{\"1\":{\"97\":1,\"138\":1,\"188\":1,\"242\":1,\"289\":3,\"290\":2,\"300\":3,\"301\":2,\"356\":1,\"381\":1,\"383\":2,\"442\":3,\"443\":2,\"446\":1,\"481\":3,\"482\":2,\"504\":3,\"505\":2,\"530\":3,\"531\":2,\"560\":3,\"561\":2,\"590\":3,\"591\":2,\"620\":3,\"621\":2,\"666\":3,\"667\":2,\"712\":3,\"713\":2,\"758\":3,\"759\":2,\"804\":3,\"805\":2,\"850\":3,\"851\":2,\"896\":3,\"897\":2,\"900\":1,\"949\":1,\"1009\":1,\"1060\":1,\"1102\":1,\"1158\":1,\"1212\":1,\"1228\":1,\"1280\":1,\"1309\":1,\"1366\":1,\"1404\":1,\"1452\":1,\"1482\":1,\"1542\":1,\"1580\":1,\"1629\":1,\"1659\":1,\"1719\":1,\"1757\":1,\"1806\":1,\"1836\":1,\"1896\":1,\"1934\":1,\"1983\":1,\"2013\":1,\"2073\":1,\"2111\":1,\"2160\":1,\"2190\":1,\"2250\":1,\"2288\":1,\"2347\":1,\"2380\":1,\"2465\":1,\"2507\":1,\"2566\":1,\"2599\":1,\"2684\":1,\"2726\":1,\"2785\":1,\"2818\":1,\"2903\":1,\"2945\":1,\"3004\":1,\"3037\":1,\"3122\":1,\"3164\":1,\"3232\":1,\"3292\":1,\"3343\":1,\"3385\":1}}],[\"corresponging\",{\"1\":{\"213\":1,\"964\":1,\"1174\":1,\"1325\":1,\"1497\":1,\"1674\":1,\"1851\":1,\"2028\":1,\"2205\":1,\"2395\":1,\"2614\":1,\"2833\":1,\"3052\":1,\"3247\":1}}],[\"correct\",{\"1\":{\"94\":1}}],[\"cores\",{\"1\":{\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"corepoolsize\",{\"0\":{\"982\":1,\"1515\":1,\"1692\":1,\"1869\":1,\"2046\":1,\"2223\":1,\"2413\":1,\"2632\":1,\"2851\":1,\"3070\":1,\"3265\":1},\"1\":{\"982\":1,\"1515\":1,\"1692\":1,\"1869\":1,\"2046\":1,\"2223\":1,\"2413\":1,\"2632\":1,\"2851\":1,\"3070\":1,\"3265\":1}}],[\"core\",{\"1\":{\"12\":1,\"81\":2,\"128\":1,\"159\":317,\"982\":1,\"984\":1,\"1515\":1,\"1517\":1,\"1692\":1,\"1694\":1,\"1869\":1,\"1871\":1,\"2046\":1,\"2048\":1,\"2223\":1,\"2225\":1,\"2413\":1,\"2415\":1,\"2632\":1,\"2634\":1,\"2851\":1,\"2853\":1,\"3070\":1,\"3072\":1,\"3265\":1,\"3267\":1}}],[\"combined\",{\"1\":{\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"combination\",{\"1\":{\"97\":1}}],[\"comprehensive\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"compile\",{\"1\":{\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"comply\",{\"1\":{\"358\":1,\"384\":1}}],[\"compliant\",{\"1\":{\"109\":1,\"129\":1}}],[\"complex\",{\"1\":{\"127\":1,\"412\":1,\"415\":1,\"636\":1,\"639\":1,\"682\":1,\"685\":1,\"728\":1,\"731\":1,\"774\":1,\"777\":1,\"820\":1,\"823\":1,\"866\":1,\"869\":1}}],[\"complexity\",{\"1\":{\"26\":1}}],[\"complete\",{\"1\":{\"379\":1}}],[\"completes\",{\"1\":{\"105\":1}}],[\"completed\",{\"1\":{\"90\":2,\"97\":1}}],[\"compose\",{\"0\":{\"283\":1,\"294\":1,\"327\":1,\"399\":1,\"437\":1,\"449\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1,\"903\":1},\"1\":{\"135\":8,\"136\":1,\"177\":2,\"253\":2,\"283\":7,\"289\":5,\"290\":7,\"294\":7,\"300\":5,\"301\":7,\"302\":1,\"303\":3,\"304\":3,\"305\":1,\"306\":3,\"307\":3,\"308\":1,\"309\":3,\"310\":3,\"311\":1,\"312\":3,\"313\":3,\"314\":1,\"315\":3,\"316\":3,\"319\":1,\"331\":2,\"338\":2,\"341\":2,\"342\":2,\"349\":1,\"352\":3,\"367\":4,\"377\":3,\"393\":6,\"394\":1,\"399\":4,\"433\":2,\"437\":3,\"442\":4,\"443\":4,\"444\":1,\"460\":1,\"461\":3,\"462\":3,\"476\":3,\"481\":6,\"482\":4,\"483\":1,\"499\":3,\"504\":5,\"505\":4,\"506\":1,\"509\":1,\"510\":3,\"511\":3,\"525\":3,\"530\":5,\"531\":4,\"532\":1,\"535\":1,\"536\":3,\"537\":3,\"555\":3,\"560\":5,\"561\":4,\"562\":1,\"565\":1,\"566\":3,\"567\":3,\"585\":3,\"590\":5,\"591\":4,\"592\":1,\"595\":1,\"596\":3,\"597\":3,\"615\":3,\"620\":5,\"621\":4,\"622\":1,\"625\":1,\"626\":3,\"627\":3,\"661\":3,\"666\":5,\"667\":4,\"668\":1,\"671\":1,\"672\":3,\"673\":3,\"707\":3,\"712\":5,\"713\":4,\"714\":1,\"717\":1,\"718\":3,\"719\":3,\"753\":3,\"758\":5,\"759\":4,\"760\":1,\"763\":1,\"764\":3,\"765\":3,\"795\":2,\"799\":3,\"804\":5,\"805\":4,\"806\":1,\"809\":1,\"810\":3,\"811\":3,\"841\":2,\"845\":3,\"850\":5,\"851\":4,\"852\":1,\"855\":1,\"856\":3,\"857\":3,\"887\":2,\"891\":3,\"896\":4,\"897\":4,\"898\":1,\"914\":1,\"915\":3,\"916\":3,\"934\":2,\"1070\":2,\"1147\":2,\"1238\":2,\"1298\":2,\"1376\":2,\"1470\":2,\"1552\":2,\"1647\":2,\"1729\":2,\"1824\":2,\"1906\":2,\"2001\":2,\"2083\":2,\"2178\":2,\"2260\":2,\"2365\":2,\"2475\":2,\"2584\":2,\"2694\":2,\"2803\":2,\"2913\":2,\"3022\":2,\"3132\":2,\"3217\":2,\"3353\":2}}],[\"composed\",{\"1\":{\"104\":1}}],[\"components\",{\"0\":{\"332\":1},\"1\":{\"81\":2,\"94\":1,\"99\":1,\"117\":1,\"128\":1,\"169\":1}}],[\"component\",{\"1\":{\"10\":1}}],[\"compatable\",{\"1\":{\"431\":1,\"548\":1,\"578\":1,\"608\":1,\"654\":1,\"700\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"compatibility\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"compatible\",{\"1\":{\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"537\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"746\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"compact\",{\"1\":{\"159\":3}}],[\"compare\",{\"1\":{\"159\":9}}],[\"compared\",{\"1\":{\"88\":1}}],[\"companies\",{\"1\":{\"98\":1}}],[\"competencies\",{\"1\":{\"81\":2}}],[\"computedatasharing\",{\"1\":{\"304\":2,\"307\":2}}],[\"computefeasibility\",{\"1\":{\"304\":2,\"307\":2}}],[\"computer\",{\"1\":{\"77\":1,\"400\":1}}],[\"computation\",{\"1\":{\"26\":1}}],[\"com\",{\"1\":{\"17\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"116\":1,\"160\":1,\"162\":1,\"170\":2,\"208\":1,\"263\":1,\"283\":5,\"289\":4,\"290\":11,\"294\":5,\"300\":4,\"301\":6,\"303\":8,\"433\":1,\"437\":3,\"442\":3,\"443\":1,\"476\":3,\"499\":3,\"504\":2,\"505\":2,\"525\":3,\"530\":2,\"531\":2,\"549\":2,\"550\":2,\"551\":1,\"555\":3,\"560\":2,\"561\":2,\"579\":2,\"580\":2,\"581\":1,\"585\":3,\"590\":2,\"591\":1,\"609\":2,\"610\":3,\"611\":1,\"615\":3,\"620\":2,\"621\":1,\"655\":2,\"656\":3,\"657\":1,\"661\":3,\"666\":2,\"667\":1,\"701\":2,\"702\":3,\"703\":1,\"707\":3,\"712\":2,\"713\":1,\"747\":2,\"748\":4,\"749\":1,\"753\":3,\"758\":2,\"759\":1,\"795\":1,\"799\":3,\"804\":2,\"805\":1,\"841\":1,\"845\":3,\"850\":2,\"851\":1,\"887\":1,\"891\":3,\"896\":3,\"897\":1,\"995\":1,\"1014\":1,\"1082\":1,\"1088\":1,\"1107\":1,\"1169\":1,\"1197\":1,\"1217\":1,\"1247\":1,\"1251\":1,\"1285\":1,\"1320\":1,\"1348\":1,\"1385\":1,\"1390\":1,\"1409\":1,\"1457\":1,\"1524\":1,\"1561\":1,\"1566\":1,\"1585\":1,\"1634\":1,\"1701\":1,\"1738\":1,\"1743\":1,\"1762\":1,\"1811\":1,\"1878\":1,\"1915\":1,\"1920\":1,\"1939\":1,\"1988\":1,\"2055\":1,\"2092\":1,\"2097\":1,\"2116\":1,\"2165\":1,\"2232\":1,\"2269\":1,\"2274\":1,\"2293\":1,\"2352\":1,\"2426\":1,\"2487\":1,\"2493\":1,\"2512\":1,\"2571\":1,\"2645\":1,\"2706\":1,\"2712\":1,\"2731\":1,\"2790\":1,\"2864\":1,\"2925\":1,\"2931\":1,\"2950\":1,\"3009\":1,\"3083\":1,\"3144\":1,\"3150\":1,\"3169\":1,\"3278\":1,\"3297\":1,\"3365\":1,\"3371\":1,\"3390\":1}}],[\"come\",{\"1\":{\"13\":1}}],[\"comments\",{\"1\":{\"159\":7}}],[\"comment\",{\"1\":{\"159\":22,\"160\":1,\"414\":2,\"638\":2,\"684\":2,\"730\":2,\"776\":2,\"822\":2,\"868\":2}}],[\"comma\",{\"1\":{\"159\":38,\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"289\":2,\"300\":2,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"995\":1,\"1043\":1,\"1044\":1,\"1088\":1,\"1137\":1,\"1138\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2274\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2426\":1,\"2493\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2645\":1,\"2712\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2864\":1,\"2931\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3083\":1,\"3150\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3278\":1,\"3326\":1,\"3327\":1,\"3371\":1,\"3420\":1,\"3421\":1}}],[\"commands\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"395\":2,\"397\":2,\"399\":4,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"command\",{\"1\":{\"136\":1,\"139\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"303\":2,\"341\":1,\"442\":1,\"443\":2,\"481\":1,\"482\":2,\"504\":1,\"505\":2,\"530\":1,\"531\":2,\"560\":1,\"561\":2,\"590\":1,\"591\":2,\"620\":1,\"621\":2,\"666\":1,\"667\":2,\"712\":1,\"713\":2,\"758\":1,\"759\":2,\"804\":1,\"805\":2,\"850\":1,\"851\":2,\"896\":1,\"897\":2}}],[\"commonplace\",{\"1\":{\"117\":1}}],[\"common\",{\"0\":{\"457\":1,\"549\":1,\"579\":1,\"609\":1,\"655\":1,\"701\":1,\"747\":1,\"911\":1,\"1201\":1},\"1\":{\"81\":1,\"112\":1,\"113\":1,\"159\":10,\"167\":1,\"168\":1,\"284\":2,\"295\":2,\"434\":1,\"438\":2,\"473\":1,\"477\":2,\"496\":1,\"500\":2,\"522\":1,\"526\":2,\"536\":1,\"537\":1,\"552\":1,\"556\":2,\"582\":1,\"586\":2,\"612\":1,\"616\":2,\"658\":1,\"662\":2,\"704\":1,\"708\":2,\"750\":1,\"754\":2,\"796\":1,\"800\":2,\"842\":1,\"846\":2,\"888\":1,\"892\":2,\"1044\":2,\"1138\":2,\"1141\":1,\"1142\":1,\"1226\":1,\"3327\":2,\"3421\":2}}],[\"commitment\",{\"0\":{\"35\":1}}],[\"committed\",{\"1\":{\"12\":1}}],[\"committee\",{\"1\":{\"0\":1,\"32\":1}}],[\"communincation\",{\"1\":{\"130\":1}}],[\"communicate\",{\"1\":{\"90\":2,\"99\":1,\"109\":1,\"169\":1}}],[\"communication\",{\"1\":{\"0\":1,\"33\":1,\"38\":1,\"85\":1,\"88\":1,\"89\":1,\"94\":1,\"95\":1,\"96\":1,\"97\":1,\"98\":2,\"102\":1,\"109\":1,\"323\":1,\"354\":2,\"383\":2,\"427\":1,\"439\":4,\"470\":1,\"478\":4,\"493\":1,\"501\":4,\"519\":1,\"527\":4,\"545\":1,\"557\":4,\"575\":1,\"587\":4,\"605\":1,\"617\":4,\"651\":1,\"663\":4,\"697\":1,\"709\":4,\"743\":1,\"755\":4,\"789\":1,\"801\":4,\"835\":1,\"847\":4,\"881\":1,\"893\":4}}],[\"community\",{\"0\":{\"70\":1,\"72\":1,\"81\":1},\"1\":{\"0\":1,\"4\":1,\"12\":1,\"14\":7,\"22\":1,\"41\":1,\"69\":1,\"72\":1,\"75\":1,\"81\":3,\"98\":1,\"109\":1,\"404\":1,\"405\":2,\"417\":1,\"419\":3,\"628\":1,\"629\":2,\"641\":1,\"643\":3,\"674\":1,\"675\":2,\"687\":1,\"689\":3,\"720\":1,\"721\":2,\"733\":1,\"735\":3,\"766\":1,\"767\":2,\"779\":1,\"781\":3,\"812\":1,\"813\":2,\"825\":1,\"827\":3,\"858\":1,\"859\":2,\"871\":1,\"873\":3}}],[\"concern\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"concepts\",{\"1\":{\"116\":1,\"117\":1,\"120\":1,\"349\":1}}],[\"concept\",{\"1\":{\"0\":2,\"26\":2,\"29\":1,\"37\":1,\"82\":1,\"95\":1,\"98\":2,\"349\":2,\"426\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"834\":1,\"880\":1}}],[\"convention\",{\"1\":{\"208\":1,\"263\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"condition\",{\"0\":{\"372\":1},\"1\":{\"371\":2,\"372\":2,\"374\":1}}],[\"conditional\",{\"1\":{\"159\":6}}],[\"conditions\",{\"1\":{\"98\":2}}],[\"conduct\",{\"1\":{\"127\":1}}],[\"conducted\",{\"1\":{\"117\":1}}],[\"conducts\",{\"1\":{\"77\":1}}],[\"constructive\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"constructor\",{\"1\":{\"159\":13,\"349\":1}}],[\"constants\",{\"1\":{\"159\":1}}],[\"constant\",{\"1\":{\"159\":13}}],[\"console\",{\"1\":{\"338\":2,\"342\":2,\"352\":2,\"367\":4,\"377\":3,\"393\":5,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"consolidate\",{\"1\":{\"127\":1}}],[\"consolidation\",{\"1\":{\"117\":1}}],[\"consortia\",{\"1\":{\"85\":1,\"98\":1,\"117\":1}}],[\"consortium\",{\"0\":{\"82\":1},\"1\":{\"98\":1,\"348\":1,\"361\":6,\"362\":3,\"387\":6,\"388\":3,\"389\":6}}],[\"consider\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"considerations\",{\"1\":{\"120\":1}}],[\"considering\",{\"1\":{\"117\":1}}],[\"consisting\",{\"1\":{\"103\":1}}],[\"consists\",{\"1\":{\"85\":1,\"95\":1,\"99\":1,\"169\":1,\"331\":1}}],[\"consultation\",{\"1\":{\"81\":1}}],[\"consumer\",{\"1\":{\"77\":1}}],[\"consentclientstubfactory\",{\"1\":{\"174\":1}}],[\"consent\",{\"0\":{\"174\":1},\"1\":{\"0\":1,\"32\":1,\"94\":1,\"99\":1,\"169\":1,\"174\":4}}],[\"connecttimeout\",{\"0\":{\"1011\":1,\"1104\":1,\"1214\":1,\"1282\":1,\"1406\":1,\"1454\":1,\"1582\":1,\"1631\":1,\"1759\":1,\"1808\":1,\"1936\":1,\"1985\":1,\"2113\":1,\"2162\":1,\"2290\":1,\"2349\":1,\"2509\":1,\"2568\":1,\"2728\":1,\"2787\":1,\"2947\":1,\"3006\":1,\"3166\":1,\"3294\":1,\"3387\":1},\"1\":{\"1011\":1,\"1104\":1,\"1214\":1,\"1282\":1,\"1406\":1,\"1454\":1,\"1582\":1,\"1631\":1,\"1759\":1,\"1808\":1,\"1936\":1,\"1985\":1,\"2113\":1,\"2162\":1,\"2290\":1,\"2349\":1,\"2509\":1,\"2568\":1,\"2728\":1,\"2787\":1,\"2947\":1,\"3006\":1,\"3166\":1,\"3294\":1,\"3387\":1}}],[\"connector\",{\"1\":{\"999\":1,\"1000\":1,\"1021\":1,\"1022\":1,\"1092\":1,\"1093\":1,\"1114\":1,\"1115\":1,\"1202\":1,\"1203\":1,\"1224\":1,\"1225\":1,\"1270\":1,\"1271\":1,\"1292\":1,\"1293\":1,\"1394\":1,\"1395\":1,\"1416\":1,\"1417\":1,\"1442\":1,\"1443\":1,\"1464\":1,\"1465\":1,\"1570\":1,\"1571\":1,\"1592\":1,\"1593\":1,\"1619\":1,\"1620\":1,\"1641\":1,\"1642\":1,\"1747\":1,\"1748\":1,\"1769\":1,\"1770\":1,\"1796\":1,\"1797\":1,\"1818\":1,\"1819\":1,\"1924\":1,\"1925\":1,\"1946\":1,\"1947\":1,\"1973\":1,\"1974\":1,\"1995\":1,\"1996\":1,\"2101\":1,\"2102\":1,\"2123\":1,\"2124\":1,\"2150\":1,\"2151\":1,\"2172\":1,\"2173\":1,\"2278\":1,\"2279\":1,\"2300\":1,\"2301\":1,\"2337\":1,\"2338\":1,\"2359\":1,\"2360\":1,\"2497\":1,\"2498\":1,\"2519\":1,\"2520\":1,\"2556\":1,\"2557\":1,\"2578\":1,\"2579\":1,\"2716\":1,\"2717\":1,\"2738\":1,\"2739\":1,\"2775\":1,\"2776\":1,\"2797\":1,\"2798\":1,\"2935\":1,\"2936\":1,\"2957\":1,\"2958\":1,\"2994\":1,\"2995\":1,\"3016\":1,\"3017\":1,\"3154\":1,\"3155\":1,\"3176\":1,\"3177\":1,\"3282\":1,\"3283\":1,\"3304\":1,\"3305\":1,\"3375\":1,\"3376\":1,\"3397\":1,\"3398\":1}}],[\"connected\",{\"1\":{\"91\":3,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2}}],[\"connection\",{\"0\":{\"271\":1,\"272\":1,\"1033\":1,\"1034\":1,\"1127\":1,\"1128\":1,\"1258\":1,\"1259\":1,\"1429\":1,\"1430\":1,\"1605\":1,\"1606\":1,\"1782\":1,\"1783\":1,\"1959\":1,\"1960\":1,\"2136\":1,\"2137\":1,\"2313\":1,\"2314\":1,\"2440\":1,\"2441\":1,\"2532\":1,\"2533\":1,\"2659\":1,\"2660\":1,\"2751\":1,\"2752\":1,\"2878\":1,\"2879\":1,\"2970\":1,\"2971\":1,\"3097\":1,\"3098\":1,\"3189\":1,\"3190\":1,\"3316\":1,\"3317\":1,\"3410\":1,\"3411\":1},\"1\":{\"99\":1,\"100\":1,\"104\":1,\"105\":1,\"107\":1,\"109\":1,\"169\":1,\"170\":1,\"193\":1,\"202\":1,\"209\":1,\"210\":1,\"234\":1,\"235\":1,\"247\":1,\"271\":3,\"272\":3,\"273\":1,\"274\":1,\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"951\":1,\"954\":1,\"960\":1,\"961\":1,\"986\":1,\"987\":1,\"1026\":1,\"1033\":3,\"1034\":3,\"1035\":1,\"1036\":1,\"1062\":1,\"1120\":1,\"1127\":3,\"1128\":3,\"1129\":1,\"1130\":1,\"1160\":1,\"1163\":1,\"1170\":1,\"1171\":1,\"1193\":1,\"1194\":1,\"1230\":1,\"1258\":3,\"1259\":3,\"1260\":1,\"1261\":1,\"1311\":1,\"1314\":1,\"1321\":1,\"1322\":1,\"1344\":1,\"1345\":1,\"1368\":1,\"1422\":1,\"1429\":3,\"1430\":3,\"1431\":1,\"1432\":1,\"1484\":1,\"1487\":1,\"1493\":1,\"1494\":1,\"1519\":1,\"1520\":1,\"1544\":1,\"1598\":1,\"1605\":3,\"1606\":3,\"1607\":1,\"1608\":1,\"1661\":1,\"1664\":1,\"1670\":1,\"1671\":1,\"1696\":1,\"1697\":1,\"1721\":1,\"1775\":1,\"1782\":3,\"1783\":3,\"1784\":1,\"1785\":1,\"1838\":1,\"1841\":1,\"1847\":1,\"1848\":1,\"1873\":1,\"1874\":1,\"1898\":1,\"1952\":1,\"1959\":3,\"1960\":3,\"1961\":1,\"1962\":1,\"2015\":1,\"2018\":1,\"2024\":1,\"2025\":1,\"2050\":1,\"2051\":1,\"2075\":1,\"2129\":1,\"2136\":3,\"2137\":3,\"2138\":1,\"2139\":1,\"2192\":1,\"2195\":1,\"2201\":1,\"2202\":1,\"2227\":1,\"2228\":1,\"2252\":1,\"2306\":1,\"2313\":3,\"2314\":3,\"2315\":1,\"2316\":1,\"2382\":1,\"2385\":1,\"2391\":1,\"2392\":1,\"2417\":1,\"2418\":1,\"2433\":1,\"2440\":3,\"2441\":3,\"2442\":1,\"2443\":1,\"2467\":1,\"2525\":1,\"2532\":3,\"2533\":3,\"2534\":1,\"2535\":1,\"2601\":1,\"2604\":1,\"2610\":1,\"2611\":1,\"2636\":1,\"2637\":1,\"2652\":1,\"2659\":3,\"2660\":3,\"2661\":1,\"2662\":1,\"2686\":1,\"2744\":1,\"2751\":3,\"2752\":3,\"2753\":1,\"2754\":1,\"2820\":1,\"2823\":1,\"2829\":1,\"2830\":1,\"2855\":1,\"2856\":1,\"2871\":1,\"2878\":3,\"2879\":3,\"2880\":1,\"2881\":1,\"2905\":1,\"2963\":1,\"2970\":3,\"2971\":3,\"2972\":1,\"2973\":1,\"3039\":1,\"3042\":1,\"3048\":1,\"3049\":1,\"3074\":1,\"3075\":1,\"3090\":1,\"3097\":3,\"3098\":3,\"3099\":1,\"3100\":1,\"3124\":1,\"3182\":1,\"3189\":3,\"3190\":3,\"3191\":1,\"3192\":1,\"3234\":1,\"3237\":1,\"3243\":1,\"3244\":1,\"3269\":1,\"3270\":1,\"3309\":1,\"3316\":3,\"3317\":3,\"3318\":1,\"3319\":1,\"3345\":1,\"3403\":1,\"3410\":3,\"3411\":3,\"3412\":1,\"3413\":1}}],[\"connections\",{\"1\":{\"90\":2,\"99\":2,\"106\":1,\"109\":1,\"169\":2,\"187\":1,\"205\":1,\"241\":1,\"249\":1,\"285\":1,\"296\":1,\"439\":1,\"460\":2,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"914\":2,\"948\":1,\"957\":1,\"1008\":1,\"1013\":1,\"1015\":1,\"1059\":1,\"1064\":1,\"1101\":1,\"1106\":1,\"1108\":1,\"1157\":1,\"1166\":1,\"1211\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1232\":1,\"1279\":1,\"1284\":1,\"1286\":1,\"1308\":1,\"1317\":1,\"1365\":1,\"1370\":1,\"1403\":1,\"1408\":1,\"1410\":1,\"1451\":1,\"1456\":1,\"1458\":1,\"1481\":1,\"1490\":1,\"1541\":1,\"1546\":1,\"1579\":1,\"1584\":1,\"1586\":1,\"1628\":1,\"1633\":1,\"1635\":1,\"1658\":1,\"1667\":1,\"1718\":1,\"1723\":1,\"1756\":1,\"1761\":1,\"1763\":1,\"1805\":1,\"1810\":1,\"1812\":1,\"1835\":1,\"1844\":1,\"1895\":1,\"1900\":1,\"1933\":1,\"1938\":1,\"1940\":1,\"1982\":1,\"1987\":1,\"1989\":1,\"2012\":1,\"2021\":1,\"2072\":1,\"2077\":1,\"2110\":1,\"2115\":1,\"2117\":1,\"2159\":1,\"2164\":1,\"2166\":1,\"2189\":1,\"2198\":1,\"2249\":1,\"2254\":1,\"2287\":1,\"2292\":1,\"2294\":1,\"2346\":1,\"2351\":1,\"2353\":1,\"2379\":1,\"2388\":1,\"2464\":1,\"2469\":1,\"2506\":1,\"2511\":1,\"2513\":1,\"2565\":1,\"2570\":1,\"2572\":1,\"2598\":1,\"2607\":1,\"2683\":1,\"2688\":1,\"2725\":1,\"2730\":1,\"2732\":1,\"2784\":1,\"2789\":1,\"2791\":1,\"2817\":1,\"2826\":1,\"2902\":1,\"2907\":1,\"2944\":1,\"2949\":1,\"2951\":1,\"3003\":1,\"3008\":1,\"3010\":1,\"3036\":1,\"3045\":1,\"3121\":1,\"3126\":1,\"3163\":1,\"3168\":1,\"3170\":1,\"3231\":1,\"3240\":1,\"3291\":1,\"3296\":1,\"3298\":1,\"3342\":1,\"3347\":1,\"3384\":1,\"3389\":1,\"3391\":1}}],[\"connecting\",{\"1\":{\"81\":1}}],[\"connects\",{\"1\":{\"81\":1,\"95\":1,\"128\":1}}],[\"connect\",{\"0\":{\"193\":1,\"202\":1,\"247\":1,\"951\":1,\"954\":1,\"1023\":1,\"1062\":1,\"1116\":1,\"1160\":1,\"1163\":1,\"1230\":1,\"1311\":1,\"1314\":1,\"1368\":1,\"1418\":1,\"1484\":1,\"1487\":1,\"1544\":1,\"1594\":1,\"1661\":1,\"1664\":1,\"1721\":1,\"1771\":1,\"1838\":1,\"1841\":1,\"1898\":1,\"1948\":1,\"2015\":1,\"2018\":1,\"2075\":1,\"2125\":1,\"2192\":1,\"2195\":1,\"2252\":1,\"2302\":1,\"2382\":1,\"2385\":1,\"2430\":1,\"2467\":1,\"2521\":1,\"2601\":1,\"2604\":1,\"2649\":1,\"2686\":1,\"2740\":1,\"2820\":1,\"2823\":1,\"2868\":1,\"2905\":1,\"2959\":1,\"3039\":1,\"3042\":1,\"3087\":1,\"3124\":1,\"3178\":1,\"3234\":1,\"3237\":1,\"3306\":1,\"3345\":1,\"3399\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"139\":1,\"170\":1,\"174\":1,\"193\":1,\"202\":1,\"231\":1,\"232\":1,\"238\":1,\"247\":1,\"290\":1,\"301\":1,\"425\":2,\"443\":1,\"453\":1,\"455\":1,\"482\":1,\"491\":1,\"505\":1,\"517\":1,\"531\":1,\"543\":1,\"561\":1,\"573\":1,\"591\":1,\"603\":1,\"621\":1,\"649\":1,\"667\":1,\"695\":2,\"713\":1,\"741\":2,\"759\":1,\"787\":2,\"805\":1,\"833\":2,\"851\":1,\"879\":2,\"897\":1,\"907\":1,\"909\":1,\"918\":1,\"920\":5,\"923\":2,\"951\":1,\"954\":1,\"1011\":1,\"1024\":2,\"1025\":1,\"1026\":1,\"1047\":1,\"1049\":4,\"1052\":2,\"1062\":1,\"1104\":1,\"1117\":2,\"1118\":1,\"1120\":1,\"1160\":1,\"1163\":1,\"1214\":1,\"1230\":1,\"1282\":1,\"1311\":1,\"1314\":1,\"1353\":1,\"1355\":4,\"1358\":2,\"1368\":1,\"1406\":1,\"1419\":2,\"1420\":1,\"1422\":1,\"1454\":1,\"1484\":1,\"1487\":1,\"1529\":1,\"1531\":4,\"1534\":2,\"1544\":1,\"1582\":1,\"1595\":2,\"1596\":1,\"1598\":1,\"1631\":1,\"1661\":1,\"1664\":1,\"1706\":1,\"1708\":4,\"1711\":2,\"1721\":1,\"1759\":1,\"1772\":2,\"1773\":1,\"1775\":1,\"1808\":1,\"1838\":1,\"1841\":1,\"1883\":1,\"1885\":4,\"1888\":2,\"1898\":1,\"1936\":1,\"1949\":2,\"1950\":1,\"1952\":1,\"1985\":1,\"2015\":1,\"2018\":1,\"2060\":1,\"2062\":4,\"2065\":2,\"2075\":1,\"2113\":1,\"2126\":2,\"2127\":1,\"2129\":1,\"2162\":1,\"2192\":1,\"2195\":1,\"2237\":1,\"2239\":4,\"2242\":2,\"2252\":1,\"2290\":1,\"2303\":2,\"2304\":1,\"2306\":1,\"2325\":1,\"2327\":5,\"2330\":2,\"2349\":1,\"2382\":1,\"2385\":1,\"2431\":2,\"2432\":1,\"2433\":1,\"2452\":1,\"2454\":4,\"2457\":2,\"2467\":1,\"2509\":1,\"2522\":2,\"2523\":1,\"2525\":1,\"2544\":1,\"2546\":5,\"2549\":2,\"2568\":1,\"2601\":1,\"2604\":1,\"2650\":2,\"2651\":1,\"2652\":1,\"2671\":1,\"2673\":4,\"2676\":2,\"2686\":1,\"2728\":1,\"2741\":2,\"2742\":1,\"2744\":1,\"2763\":1,\"2765\":5,\"2768\":2,\"2787\":1,\"2820\":1,\"2823\":1,\"2869\":2,\"2870\":1,\"2871\":1,\"2890\":1,\"2892\":4,\"2895\":2,\"2905\":1,\"2947\":1,\"2960\":2,\"2961\":1,\"2963\":1,\"2982\":1,\"2984\":5,\"2987\":2,\"3006\":1,\"3039\":1,\"3042\":1,\"3088\":2,\"3089\":1,\"3090\":1,\"3109\":1,\"3111\":4,\"3114\":2,\"3124\":1,\"3166\":1,\"3179\":2,\"3180\":1,\"3182\":1,\"3201\":1,\"3203\":5,\"3206\":2,\"3234\":1,\"3237\":1,\"3294\":1,\"3307\":2,\"3308\":1,\"3309\":1,\"3330\":1,\"3332\":4,\"3335\":2,\"3345\":1,\"3387\":1,\"3400\":2,\"3401\":1,\"3403\":1}}],[\"conform\",{\"1\":{\"334\":1}}],[\"conformanceserviceimpl\",{\"1\":{\"150\":1}}],[\"conf\",{\"1\":{\"262\":1,\"303\":6,\"327\":10,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"confused\",{\"1\":{\"90\":1}}],[\"confident\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"confidential\",{\"1\":{\"186\":1,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"confidentiality\",{\"1\":{\"5\":1,\"10\":1,\"37\":1}}],[\"config\",{\"1\":{\"147\":2,\"149\":1,\"150\":1,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"302\":1,\"303\":1,\"304\":2,\"307\":2,\"327\":3,\"433\":1,\"442\":3,\"443\":3,\"481\":3,\"482\":3,\"504\":3,\"505\":3,\"530\":3,\"531\":3,\"536\":1,\"560\":3,\"561\":3,\"590\":3,\"591\":3,\"620\":3,\"621\":3,\"666\":3,\"667\":3,\"712\":3,\"713\":3,\"758\":3,\"759\":3,\"795\":1,\"804\":3,\"805\":3,\"841\":1,\"850\":3,\"851\":3,\"887\":1,\"896\":3,\"897\":3,\"992\":1,\"1045\":1,\"1085\":1,\"1139\":1,\"1249\":1,\"1388\":1,\"1438\":1,\"1564\":1,\"1615\":1,\"1741\":1,\"1792\":1,\"1918\":1,\"1969\":1,\"2095\":1,\"2146\":1,\"2272\":1,\"2323\":1,\"2423\":1,\"2450\":1,\"2490\":1,\"2542\":1,\"2642\":1,\"2669\":1,\"2709\":1,\"2761\":1,\"2861\":1,\"2888\":1,\"2928\":1,\"2980\":1,\"3080\":1,\"3107\":1,\"3147\":1,\"3199\":1,\"3275\":1,\"3328\":1,\"3368\":1,\"3422\":1}}],[\"configure\",{\"1\":{\"173\":1,\"175\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":1,\"219\":2,\"224\":1,\"225\":1,\"226\":1,\"228\":1,\"229\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"249\":1,\"251\":1,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"290\":3,\"301\":3,\"322\":1,\"341\":2,\"342\":1,\"344\":1,\"354\":1,\"364\":5,\"390\":3,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"459\":1,\"460\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"913\":1,\"914\":1,\"932\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"970\":2,\"975\":1,\"976\":1,\"977\":1,\"979\":1,\"980\":1,\"991\":1,\"996\":2,\"998\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1037\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1089\":2,\"1091\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1131\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1180\":2,\"1185\":1,\"1186\":1,\"1187\":1,\"1189\":1,\"1190\":1,\"1198\":2,\"1200\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1252\":2,\"1254\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1331\":2,\"1336\":1,\"1337\":1,\"1338\":1,\"1340\":1,\"1341\":1,\"1349\":2,\"1351\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1391\":2,\"1393\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1503\":2,\"1508\":1,\"1509\":1,\"1510\":1,\"1512\":1,\"1513\":1,\"1525\":2,\"1527\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1567\":2,\"1569\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1609\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1680\":2,\"1685\":1,\"1686\":1,\"1687\":1,\"1689\":1,\"1690\":1,\"1702\":2,\"1704\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1744\":2,\"1746\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1786\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1857\":2,\"1862\":1,\"1863\":1,\"1864\":1,\"1866\":1,\"1867\":1,\"1879\":2,\"1881\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1921\":2,\"1923\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1963\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2034\":2,\"2039\":1,\"2040\":1,\"2041\":1,\"2043\":1,\"2044\":1,\"2056\":2,\"2058\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2098\":2,\"2100\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2140\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2211\":2,\"2216\":1,\"2217\":1,\"2218\":1,\"2220\":1,\"2221\":1,\"2233\":2,\"2235\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2275\":2,\"2277\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2317\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2401\":2,\"2406\":1,\"2407\":1,\"2408\":1,\"2410\":1,\"2411\":1,\"2422\":1,\"2427\":2,\"2429\":1,\"2444\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2494\":2,\"2496\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2536\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2620\":2,\"2625\":1,\"2626\":1,\"2627\":1,\"2629\":1,\"2630\":1,\"2641\":1,\"2646\":2,\"2648\":1,\"2663\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2713\":2,\"2715\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2755\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2839\":2,\"2844\":1,\"2845\":1,\"2846\":1,\"2848\":1,\"2849\":1,\"2860\":1,\"2865\":2,\"2867\":1,\"2882\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2932\":2,\"2934\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2974\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3058\":2,\"3063\":1,\"3064\":1,\"3065\":1,\"3067\":1,\"3068\":1,\"3079\":1,\"3084\":2,\"3086\":1,\"3101\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3151\":2,\"3153\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3193\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3253\":2,\"3258\":1,\"3259\":1,\"3260\":1,\"3262\":1,\"3263\":1,\"3274\":1,\"3279\":2,\"3281\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3320\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3372\":2,\"3374\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3414\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"configured\",{\"1\":{\"90\":1,\"222\":1,\"223\":1,\"304\":3,\"307\":3,\"310\":1,\"331\":1,\"338\":1,\"345\":1,\"352\":1,\"358\":2,\"362\":1,\"367\":1,\"377\":1,\"383\":1,\"384\":2,\"388\":1,\"393\":1,\"438\":1,\"446\":1,\"450\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":2,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1,\"900\":1,\"904\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":2,\"920\":2,\"973\":1,\"974\":1,\"994\":1,\"1024\":1,\"1043\":1,\"1044\":1,\"1049\":3,\"1087\":1,\"1117\":1,\"1137\":1,\"1138\":1,\"1183\":1,\"1184\":1,\"1334\":1,\"1335\":1,\"1355\":3,\"1388\":1,\"1419\":1,\"1506\":1,\"1507\":1,\"1531\":3,\"1595\":1,\"1683\":1,\"1684\":1,\"1708\":3,\"1772\":1,\"1860\":1,\"1861\":1,\"1885\":3,\"1949\":1,\"2037\":1,\"2038\":1,\"2062\":3,\"2126\":1,\"2214\":1,\"2215\":1,\"2239\":3,\"2303\":1,\"2327\":2,\"2404\":1,\"2405\":1,\"2425\":1,\"2431\":1,\"2454\":3,\"2492\":1,\"2522\":1,\"2546\":2,\"2623\":1,\"2624\":1,\"2644\":1,\"2650\":1,\"2673\":3,\"2711\":1,\"2741\":1,\"2765\":2,\"2842\":1,\"2843\":1,\"2863\":1,\"2869\":1,\"2892\":3,\"2930\":1,\"2960\":1,\"2984\":2,\"3061\":1,\"3062\":1,\"3082\":1,\"3088\":1,\"3111\":3,\"3149\":1,\"3179\":1,\"3203\":2,\"3256\":1,\"3257\":1,\"3277\":1,\"3307\":1,\"3326\":1,\"3327\":1,\"3332\":3,\"3370\":1,\"3400\":1,\"3420\":1,\"3421\":1}}],[\"configuring\",{\"1\":{\"100\":1,\"170\":1,\"352\":1,\"431\":1,\"451\":1,\"793\":1,\"839\":1,\"885\":1,\"905\":1}}],[\"configurations\",{\"0\":{\"159\":1,\"160\":1},\"1\":{\"33\":1,\"100\":1,\"156\":2,\"170\":1,\"407\":1,\"433\":1,\"460\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"795\":1,\"815\":1,\"841\":1,\"861\":1,\"887\":1,\"914\":1}}],[\"configuration\",{\"0\":{\"173\":1,\"240\":1,\"268\":1,\"929\":1,\"1026\":1,\"1030\":1,\"1058\":1,\"1120\":1,\"1124\":1,\"1140\":1,\"1269\":1,\"1364\":1,\"1422\":1,\"1426\":1,\"1441\":1,\"1540\":1,\"1598\":1,\"1602\":1,\"1618\":1,\"1717\":1,\"1775\":1,\"1779\":1,\"1795\":1,\"1894\":1,\"1952\":1,\"1956\":1,\"1972\":1,\"2071\":1,\"2129\":1,\"2133\":1,\"2149\":1,\"2248\":1,\"2306\":1,\"2310\":1,\"2336\":1,\"2433\":1,\"2437\":1,\"2463\":1,\"2525\":1,\"2529\":1,\"2555\":1,\"2652\":1,\"2656\":1,\"2682\":1,\"2744\":1,\"2748\":1,\"2774\":1,\"2871\":1,\"2875\":1,\"2901\":1,\"2963\":1,\"2967\":1,\"2993\":1,\"3090\":1,\"3094\":1,\"3120\":1,\"3182\":1,\"3186\":1,\"3212\":1,\"3309\":1,\"3313\":1,\"3341\":1,\"3403\":1,\"3407\":1},\"1\":{\"33\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"138\":1,\"152\":1,\"153\":1,\"154\":1,\"162\":1,\"171\":3,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"332\":1,\"345\":2,\"346\":2,\"347\":1,\"398\":1,\"425\":4,\"434\":1,\"442\":2,\"443\":1,\"452\":1,\"454\":1,\"459\":6,\"460\":1,\"468\":1,\"473\":1,\"481\":2,\"482\":1,\"491\":3,\"496\":1,\"504\":2,\"505\":1,\"517\":3,\"522\":1,\"530\":2,\"531\":1,\"536\":2,\"543\":3,\"552\":1,\"560\":2,\"561\":1,\"564\":6,\"573\":3,\"582\":1,\"590\":2,\"591\":1,\"594\":6,\"603\":3,\"612\":1,\"620\":2,\"621\":1,\"624\":6,\"649\":3,\"658\":1,\"666\":2,\"667\":1,\"670\":6,\"695\":4,\"704\":1,\"712\":2,\"713\":1,\"716\":6,\"741\":4,\"750\":1,\"758\":2,\"759\":1,\"762\":6,\"787\":4,\"796\":1,\"804\":2,\"805\":1,\"808\":6,\"833\":4,\"842\":1,\"850\":2,\"851\":1,\"854\":6,\"879\":4,\"888\":1,\"896\":2,\"897\":1,\"906\":1,\"908\":1,\"913\":6,\"914\":1,\"918\":1,\"920\":5,\"1024\":1,\"1025\":1,\"1026\":3,\"1029\":1,\"1047\":1,\"1049\":6,\"1117\":1,\"1118\":1,\"1119\":1,\"1120\":3,\"1123\":1,\"1142\":1,\"1226\":1,\"1268\":1,\"1353\":1,\"1355\":6,\"1419\":1,\"1420\":1,\"1421\":1,\"1422\":3,\"1425\":1,\"1440\":1,\"1529\":1,\"1531\":6,\"1595\":1,\"1596\":1,\"1597\":1,\"1598\":3,\"1601\":1,\"1617\":1,\"1706\":1,\"1708\":6,\"1772\":1,\"1773\":1,\"1774\":1,\"1775\":3,\"1778\":1,\"1794\":1,\"1883\":1,\"1885\":6,\"1949\":1,\"1950\":1,\"1951\":1,\"1952\":3,\"1955\":1,\"1971\":1,\"2060\":1,\"2062\":6,\"2126\":1,\"2127\":1,\"2128\":1,\"2129\":3,\"2132\":1,\"2148\":1,\"2237\":1,\"2239\":6,\"2303\":1,\"2304\":1,\"2305\":1,\"2306\":3,\"2309\":1,\"2325\":1,\"2327\":5,\"2431\":1,\"2432\":1,\"2433\":3,\"2436\":1,\"2452\":1,\"2454\":6,\"2522\":1,\"2523\":1,\"2524\":1,\"2525\":3,\"2528\":1,\"2544\":1,\"2546\":5,\"2650\":1,\"2651\":1,\"2652\":3,\"2655\":1,\"2671\":1,\"2673\":6,\"2741\":1,\"2742\":1,\"2743\":1,\"2744\":3,\"2747\":1,\"2763\":1,\"2765\":5,\"2869\":1,\"2870\":1,\"2871\":3,\"2874\":1,\"2890\":1,\"2892\":6,\"2960\":1,\"2961\":1,\"2962\":1,\"2963\":3,\"2966\":1,\"2982\":1,\"2984\":5,\"3088\":1,\"3089\":1,\"3090\":3,\"3093\":1,\"3109\":1,\"3111\":6,\"3179\":1,\"3180\":1,\"3181\":1,\"3182\":3,\"3185\":1,\"3201\":1,\"3203\":5,\"3307\":1,\"3308\":1,\"3309\":3,\"3312\":1,\"3330\":1,\"3332\":6,\"3400\":1,\"3401\":1,\"3402\":1,\"3403\":3,\"3406\":1}}],[\"conference\",{\"0\":{\"28\":1,\"29\":1},\"1\":{\"318\":1}}],[\"continuous\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"continuation\",{\"1\":{\"159\":2,\"334\":1,\"357\":1}}],[\"continued\",{\"1\":{\"333\":1,\"356\":1}}],[\"continues\",{\"1\":{\"129\":1,\"333\":1,\"347\":1}}],[\"continue\",{\"1\":{\"97\":1,\"325\":1,\"333\":1,\"338\":2,\"342\":1,\"345\":1,\"352\":1,\"367\":1,\"377\":1,\"379\":1,\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"containing\",{\"1\":{\"152\":1,\"153\":1,\"154\":1,\"236\":1,\"262\":1,\"276\":1,\"451\":1,\"905\":1,\"988\":1,\"1039\":1,\"1081\":1,\"1133\":1,\"1195\":1,\"1246\":1,\"1263\":1,\"1346\":1,\"1384\":1,\"1434\":1,\"1521\":1,\"1560\":1,\"1611\":1,\"1698\":1,\"1737\":1,\"1788\":1,\"1875\":1,\"1914\":1,\"1965\":1,\"2052\":1,\"2091\":1,\"2142\":1,\"2229\":1,\"2268\":1,\"2319\":1,\"2419\":1,\"2446\":1,\"2486\":1,\"2538\":1,\"2638\":1,\"2665\":1,\"2705\":1,\"2757\":1,\"2857\":1,\"2884\":1,\"2924\":1,\"2976\":1,\"3076\":1,\"3103\":1,\"3143\":1,\"3195\":1,\"3271\":1,\"3322\":1,\"3364\":1,\"3416\":1}}],[\"contain\",{\"1\":{\"152\":1,\"153\":1,\"277\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"338\":1,\"358\":1,\"367\":1,\"384\":1,\"393\":1,\"459\":1,\"462\":2,\"511\":2,\"537\":2,\"564\":1,\"567\":2,\"594\":1,\"597\":2,\"624\":1,\"627\":2,\"670\":1,\"673\":2,\"716\":1,\"719\":2,\"762\":1,\"765\":2,\"808\":1,\"811\":2,\"854\":1,\"857\":2,\"913\":1,\"916\":2,\"1040\":1,\"1041\":1,\"1134\":1,\"1135\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1,\"3323\":1,\"3324\":1,\"3417\":1,\"3418\":1}}],[\"containerd\",{\"1\":{\"283\":1,\"294\":1,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"container\",{\"1\":{\"136\":1,\"269\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"304\":2,\"307\":2,\"310\":2,\"352\":1,\"442\":1,\"443\":1,\"448\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"902\":1,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1}}],[\"containers\",{\"1\":{\"135\":1,\"136\":1,\"302\":1,\"303\":1,\"304\":1,\"305\":1,\"306\":1,\"307\":1,\"308\":1,\"309\":1,\"310\":1,\"311\":1,\"312\":1,\"313\":1,\"314\":1,\"315\":1,\"316\":1,\"341\":2,\"408\":1,\"460\":1,\"461\":1,\"462\":1,\"509\":1,\"510\":1,\"511\":1,\"535\":1,\"536\":1,\"537\":1,\"565\":1,\"566\":1,\"567\":1,\"595\":1,\"596\":1,\"597\":1,\"625\":1,\"626\":1,\"627\":1,\"632\":1,\"671\":1,\"672\":1,\"673\":1,\"678\":1,\"717\":1,\"718\":1,\"719\":1,\"724\":1,\"763\":1,\"764\":1,\"765\":1,\"770\":1,\"809\":1,\"810\":1,\"811\":1,\"816\":1,\"855\":1,\"856\":1,\"857\":1,\"862\":1,\"914\":1,\"915\":1,\"916\":1}}],[\"contains\",{\"1\":{\"97\":1,\"138\":1,\"154\":1,\"277\":1,\"318\":1,\"331\":1,\"920\":1,\"1040\":1,\"1049\":1,\"1134\":1,\"1264\":1,\"1355\":1,\"1435\":1,\"1531\":1,\"1612\":1,\"1708\":1,\"1789\":1,\"1885\":1,\"1966\":1,\"2062\":1,\"2143\":1,\"2239\":1,\"2320\":1,\"2327\":1,\"2447\":1,\"2454\":1,\"2539\":1,\"2546\":1,\"2666\":1,\"2673\":1,\"2758\":1,\"2765\":1,\"2885\":1,\"2892\":1,\"2977\":1,\"2984\":1,\"3104\":1,\"3111\":1,\"3196\":1,\"3203\":1,\"3323\":1,\"3332\":1,\"3417\":1}}],[\"contact\",{\"0\":{\"70\":1},\"1\":{\"4\":1,\"13\":1,\"40\":1,\"69\":1,\"71\":1,\"417\":1,\"428\":1,\"429\":1,\"471\":1,\"472\":1,\"494\":1,\"495\":1,\"520\":1,\"521\":1,\"546\":1,\"547\":1,\"576\":1,\"577\":1,\"606\":1,\"607\":1,\"641\":1,\"652\":1,\"653\":1,\"687\":1,\"698\":1,\"699\":1,\"733\":1,\"744\":1,\"745\":1,\"779\":1,\"790\":1,\"791\":1,\"825\":1,\"836\":1,\"837\":1,\"871\":1,\"882\":1,\"883\":1}}],[\"content\",{\"1\":{\"99\":1,\"145\":2,\"146\":1,\"147\":5,\"149\":1,\"150\":4,\"169\":1,\"170\":1,\"289\":4,\"290\":4,\"300\":4,\"301\":4,\"442\":5,\"443\":4,\"446\":1,\"447\":1,\"481\":5,\"482\":4,\"504\":5,\"505\":4,\"530\":5,\"531\":4,\"560\":5,\"561\":4,\"590\":5,\"591\":4,\"620\":5,\"621\":4,\"666\":5,\"667\":4,\"712\":5,\"713\":4,\"758\":5,\"759\":4,\"804\":5,\"805\":4,\"850\":5,\"851\":4,\"896\":5,\"897\":4,\"900\":1,\"901\":1}}],[\"contents\",{\"1\":{\"94\":1,\"447\":2,\"901\":2}}],[\"contexts\",{\"1\":{\"120\":1}}],[\"context\",{\"0\":{\"1020\":1,\"1037\":1,\"1113\":1,\"1131\":1,\"1223\":1,\"1291\":1,\"1415\":1,\"1463\":1,\"1591\":1,\"1609\":1,\"1640\":1,\"1768\":1,\"1786\":1,\"1817\":1,\"1945\":1,\"1963\":1,\"1994\":1,\"2122\":1,\"2140\":1,\"2171\":1,\"2299\":1,\"2317\":1,\"2358\":1,\"2444\":1,\"2518\":1,\"2536\":1,\"2577\":1,\"2663\":1,\"2737\":1,\"2755\":1,\"2796\":1,\"2882\":1,\"2956\":1,\"2974\":1,\"3015\":1,\"3101\":1,\"3175\":1,\"3193\":1,\"3303\":1,\"3320\":1,\"3396\":1,\"3414\":1},\"1\":{\"81\":1,\"127\":1,\"332\":2,\"1020\":2,\"1037\":2,\"1113\":2,\"1131\":2,\"1223\":2,\"1291\":2,\"1415\":2,\"1463\":2,\"1591\":2,\"1609\":2,\"1640\":2,\"1768\":2,\"1786\":2,\"1817\":2,\"1945\":2,\"1963\":2,\"1994\":2,\"2122\":2,\"2140\":2,\"2171\":2,\"2299\":2,\"2317\":2,\"2358\":2,\"2444\":2,\"2518\":2,\"2536\":2,\"2577\":2,\"2663\":2,\"2737\":2,\"2755\":2,\"2796\":2,\"2882\":2,\"2956\":2,\"2974\":2,\"3015\":2,\"3101\":2,\"3175\":2,\"3193\":2,\"3303\":2,\"3320\":2,\"3396\":2,\"3414\":2}}],[\"contributor\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"contributors\",{\"1\":{\"4\":1,\"69\":1,\"73\":1,\"83\":1,\"413\":1,\"415\":4,\"417\":1,\"419\":1,\"637\":1,\"639\":4,\"641\":1,\"643\":1,\"683\":1,\"685\":4,\"687\":1,\"689\":1,\"729\":1,\"731\":4,\"733\":1,\"735\":1,\"775\":1,\"777\":4,\"779\":1,\"781\":1,\"821\":1,\"823\":4,\"825\":1,\"827\":1,\"867\":1,\"869\":4,\"871\":1,\"873\":1}}],[\"contributing\",{\"0\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1},\"1\":{\"418\":1,\"419\":4,\"642\":1,\"643\":4,\"688\":1,\"689\":4,\"734\":1,\"735\":4,\"780\":1,\"781\":4,\"826\":1,\"827\":4,\"872\":1,\"873\":4}}],[\"contributions\",{\"1\":{\"404\":1,\"418\":1,\"419\":4,\"628\":1,\"642\":1,\"643\":4,\"674\":1,\"688\":1,\"689\":4,\"720\":1,\"734\":1,\"735\":4,\"766\":1,\"780\":1,\"781\":4,\"812\":1,\"826\":1,\"827\":4,\"858\":1,\"872\":1,\"873\":4}}],[\"contribution\",{\"0\":{\"82\":1},\"1\":{\"38\":1,\"405\":1,\"417\":2,\"629\":1,\"641\":2,\"675\":1,\"687\":2,\"721\":1,\"733\":2,\"767\":1,\"779\":2,\"813\":1,\"825\":2,\"859\":1,\"871\":2}}],[\"contributes\",{\"1\":{\"81\":1}}],[\"contribute\",{\"0\":{\"74\":1,\"404\":1,\"417\":1,\"418\":1,\"628\":1,\"641\":1,\"642\":1,\"674\":1,\"687\":1,\"688\":1,\"720\":1,\"733\":1,\"734\":1,\"766\":1,\"779\":1,\"780\":1,\"812\":1,\"825\":1,\"826\":1,\"858\":1,\"871\":1,\"872\":1},\"1\":{\"414\":1,\"417\":2,\"419\":4,\"638\":1,\"641\":2,\"643\":4,\"684\":1,\"687\":2,\"689\":4,\"730\":1,\"733\":2,\"735\":4,\"776\":1,\"779\":2,\"781\":4,\"822\":1,\"825\":2,\"827\":4,\"868\":1,\"871\":2,\"873\":4}}],[\"controlled\",{\"1\":{\"95\":1}}],[\"control\",{\"0\":{\"10\":1,\"334\":1,\"919\":1,\"1048\":1,\"1354\":1,\"1530\":1,\"1707\":1,\"1884\":1,\"2061\":1,\"2238\":1,\"2326\":1,\"2453\":1,\"2545\":1,\"2672\":1,\"2764\":1,\"2891\":1,\"2983\":1,\"3110\":1,\"3202\":1,\"3331\":1},\"1\":{\"88\":1,\"160\":1,\"261\":1,\"357\":1,\"395\":1,\"415\":1,\"425\":2,\"442\":1,\"491\":1,\"504\":1,\"517\":1,\"530\":1,\"543\":1,\"560\":1,\"573\":1,\"590\":1,\"603\":1,\"620\":1,\"639\":1,\"649\":1,\"666\":1,\"685\":1,\"695\":2,\"712\":1,\"731\":1,\"741\":2,\"758\":1,\"777\":1,\"787\":2,\"804\":1,\"823\":1,\"833\":2,\"850\":1,\"869\":1,\"879\":2,\"896\":1,\"918\":1,\"992\":1,\"1024\":1,\"1047\":1,\"1085\":1,\"1117\":1,\"1353\":1,\"1388\":1,\"1419\":1,\"1529\":1,\"1564\":1,\"1595\":1,\"1706\":1,\"1741\":1,\"1772\":1,\"1883\":1,\"1918\":1,\"1949\":1,\"2060\":1,\"2095\":1,\"2126\":1,\"2237\":1,\"2272\":1,\"2303\":1,\"2325\":1,\"2423\":1,\"2431\":1,\"2452\":1,\"2490\":1,\"2522\":1,\"2544\":1,\"2642\":1,\"2650\":1,\"2671\":1,\"2709\":1,\"2741\":1,\"2763\":1,\"2861\":1,\"2869\":1,\"2890\":1,\"2928\":1,\"2960\":1,\"2982\":1,\"3080\":1,\"3088\":1,\"3109\":1,\"3147\":1,\"3179\":1,\"3201\":1,\"3275\":1,\"3307\":1,\"3330\":1,\"3368\":1,\"3400\":1}}],[\"coordinated\",{\"1\":{\"36\":1}}],[\"coordinate\",{\"1\":{\"0\":1,\"32\":1,\"99\":1,\"129\":1,\"169\":1}}],[\"editor\",{\"0\":{\"402\":1},\"1\":{\"319\":1,\"394\":1,\"402\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"edit\",{\"1\":{\"163\":1}}],[\"educational\",{\"1\":{\"77\":1}}],[\"education\",{\"1\":{\"0\":1,\"6\":1,\"98\":2,\"116\":1,\"126\":1}}],[\"elements\",{\"1\":{\"240\":1,\"356\":1,\"408\":2,\"632\":2,\"678\":2,\"724\":2,\"770\":2,\"816\":2,\"862\":2}}],[\"element\",{\"1\":{\"163\":1}}],[\"else\",{\"1\":{\"159\":3,\"160\":1}}],[\"ellipsis\",{\"1\":{\"159\":2}}],[\"ecc\",{\"1\":{\"457\":11,\"911\":11,\"1044\":8,\"1138\":8,\"3327\":8,\"3421\":8}}],[\"ecosystem\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"economics\",{\"1\":{\"77\":2}}],[\"echo\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"eclipse\",{\"0\":{\"159\":1},\"1\":{\"156\":2,\"159\":317,\"319\":1,\"342\":1,\"394\":1,\"401\":3,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"europe\",{\"1\":{\"327\":8,\"461\":1,\"462\":1,\"915\":1,\"916\":1}}],[\"european\",{\"1\":{\"1\":1}}],[\"eu\",{\"1\":{\"109\":1}}],[\"early\",{\"1\":{\"100\":1,\"170\":1}}],[\"easier\",{\"1\":{\"95\":1}}],[\"each\",{\"1\":{\"8\":1,\"85\":2,\"88\":1,\"91\":1,\"138\":1,\"318\":2,\"333\":1,\"346\":1,\"347\":2,\"348\":1,\"371\":2,\"374\":1,\"430\":1,\"431\":1,\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"792\":1,\"793\":1,\"808\":1,\"838\":1,\"839\":1,\"854\":1,\"884\":1,\"885\":1,\"913\":1}}],[\"e\",{\"1\":{\"37\":1,\"40\":1,\"71\":1,\"73\":1,\"78\":1,\"85\":1,\"88\":1,\"99\":2,\"103\":1,\"109\":1,\"110\":1,\"112\":3,\"113\":3,\"127\":1,\"139\":2,\"163\":1,\"165\":1,\"167\":3,\"168\":3,\"169\":2,\"284\":3,\"289\":6,\"290\":2,\"295\":3,\"300\":7,\"301\":2,\"347\":1,\"372\":1,\"401\":1,\"402\":1,\"428\":3,\"434\":1,\"438\":2,\"439\":1,\"442\":4,\"443\":1,\"457\":1,\"458\":2,\"459\":2,\"460\":1,\"470\":1,\"471\":3,\"473\":2,\"477\":2,\"478\":1,\"481\":5,\"482\":2,\"485\":2,\"493\":1,\"494\":3,\"496\":2,\"500\":2,\"501\":1,\"504\":4,\"505\":2,\"508\":2,\"519\":1,\"520\":3,\"522\":2,\"526\":2,\"527\":1,\"530\":4,\"531\":2,\"534\":2,\"546\":3,\"552\":1,\"556\":2,\"557\":1,\"560\":4,\"561\":2,\"564\":2,\"576\":3,\"582\":1,\"586\":2,\"587\":1,\"590\":4,\"591\":1,\"594\":2,\"606\":3,\"612\":1,\"616\":2,\"617\":1,\"620\":4,\"621\":1,\"624\":2,\"652\":3,\"658\":1,\"662\":2,\"663\":1,\"666\":4,\"667\":1,\"670\":2,\"698\":3,\"704\":1,\"708\":2,\"709\":1,\"712\":4,\"713\":1,\"716\":2,\"744\":3,\"750\":1,\"754\":2,\"755\":1,\"758\":4,\"759\":1,\"762\":2,\"790\":3,\"796\":1,\"800\":2,\"801\":1,\"804\":4,\"805\":1,\"808\":2,\"836\":3,\"842\":1,\"846\":2,\"847\":1,\"850\":4,\"851\":1,\"854\":2,\"882\":3,\"888\":1,\"892\":2,\"893\":1,\"896\":4,\"897\":1,\"911\":1,\"912\":2,\"913\":2,\"914\":1,\"923\":2,\"928\":2,\"1043\":1,\"1052\":2,\"1057\":2,\"1137\":1,\"1358\":2,\"1363\":2,\"1534\":2,\"1539\":2,\"1711\":2,\"1716\":2,\"1888\":2,\"1893\":2,\"2065\":2,\"2070\":2,\"2242\":2,\"2247\":2,\"2330\":2,\"2335\":2,\"2457\":2,\"2462\":2,\"2549\":2,\"2554\":2,\"2676\":2,\"2681\":2,\"2768\":2,\"2773\":2,\"2895\":2,\"2900\":2,\"2987\":2,\"2992\":2,\"3114\":2,\"3119\":2,\"3206\":2,\"3211\":2,\"3326\":1,\"3335\":2,\"3340\":2,\"3420\":1}}],[\"etc\",{\"1\":{\"283\":1,\"294\":1,\"327\":2,\"400\":2,\"416\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"640\":1,\"661\":1,\"686\":1,\"707\":1,\"732\":1,\"753\":1,\"778\":1,\"799\":1,\"824\":1,\"845\":1,\"870\":1,\"891\":1}}],[\"et\",{\"1\":{\"26\":1}}],[\"either\",{\"1\":{\"113\":1,\"138\":2,\"168\":1,\"277\":1,\"338\":1,\"381\":2,\"393\":2,\"427\":1,\"450\":1,\"451\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1,\"904\":1,\"905\":1,\"1040\":1,\"1134\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1,\"3323\":1,\"3417\":1}}],[\"eils\",{\"1\":{\"26\":1}}],[\"eine\",{\"1\":{\"17\":1}}],[\"eines\",{\"1\":{\"17\":1}}],[\"einem\",{\"1\":{\"14\":1,\"17\":1}}],[\"einige\",{\"1\":{\"15\":1}}],[\"ein\",{\"1\":{\"15\":1,\"17\":1}}],[\"einladung\",{\"1\":{\"14\":1}}],[\"einladen\",{\"1\":{\"14\":1}}],[\"empty\",{\"1\":{\"159\":11,\"920\":1,\"1037\":1,\"1049\":1,\"1131\":1,\"1355\":1,\"1388\":1,\"1531\":1,\"1609\":1,\"1708\":1,\"1786\":1,\"1885\":1,\"1963\":1,\"2062\":1,\"2140\":1,\"2239\":1,\"2317\":1,\"2327\":1,\"2444\":1,\"2454\":1,\"2536\":1,\"2546\":1,\"2663\":1,\"2673\":1,\"2755\":1,\"2765\":1,\"2882\":1,\"2892\":1,\"2974\":1,\"2984\":1,\"3101\":1,\"3111\":1,\"3193\":1,\"3203\":1,\"3320\":1,\"3332\":1,\"3414\":1}}],[\"empfehlen\",{\"1\":{\"16\":1}}],[\"emailclaim\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"email\",{\"0\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1},\"1\":{\"37\":1,\"921\":1,\"923\":1,\"928\":2,\"1050\":1,\"1052\":1,\"1057\":1,\"1356\":1,\"1358\":1,\"1363\":1,\"1532\":1,\"1534\":1,\"1539\":1,\"1709\":1,\"1711\":1,\"1716\":1,\"1886\":1,\"1888\":1,\"1893\":1,\"2063\":1,\"2065\":1,\"2070\":1,\"2240\":1,\"2242\":1,\"2247\":1,\"2328\":1,\"2330\":1,\"2335\":2,\"2455\":1,\"2457\":1,\"2462\":1,\"2547\":1,\"2549\":1,\"2554\":2,\"2674\":1,\"2676\":1,\"2681\":1,\"2766\":1,\"2768\":1,\"2773\":2,\"2893\":1,\"2895\":1,\"2900\":1,\"2985\":1,\"2987\":1,\"2992\":2,\"3112\":1,\"3114\":1,\"3119\":1,\"3204\":1,\"3206\":1,\"3211\":2,\"3333\":1,\"3335\":1,\"3340\":1}}],[\"embark\",{\"1\":{\"12\":1}}],[\"escience\",{\"1\":{\"457\":2,\"911\":2,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"especially\",{\"1\":{\"117\":1}}],[\"estimates\",{\"1\":{\"127\":1}}],[\"estimations\",{\"1\":{\"99\":1,\"169\":1}}],[\"established\",{\"1\":{\"90\":1,\"98\":1,\"117\":1,\"127\":1,\"129\":2,\"193\":1,\"202\":1,\"209\":1,\"234\":1,\"247\":1,\"271\":1,\"272\":1,\"951\":1,\"954\":1,\"960\":1,\"986\":1,\"1033\":1,\"1034\":1,\"1062\":1,\"1127\":1,\"1128\":1,\"1160\":1,\"1163\":1,\"1170\":1,\"1193\":1,\"1230\":1,\"1258\":1,\"1259\":1,\"1311\":1,\"1314\":1,\"1321\":1,\"1344\":1,\"1368\":1,\"1429\":1,\"1430\":1,\"1484\":1,\"1487\":1,\"1493\":1,\"1519\":1,\"1544\":1,\"1605\":1,\"1606\":1,\"1661\":1,\"1664\":1,\"1670\":1,\"1696\":1,\"1721\":1,\"1782\":1,\"1783\":1,\"1838\":1,\"1841\":1,\"1847\":1,\"1873\":1,\"1898\":1,\"1959\":1,\"1960\":1,\"2015\":1,\"2018\":1,\"2024\":1,\"2050\":1,\"2075\":1,\"2136\":1,\"2137\":1,\"2192\":1,\"2195\":1,\"2201\":1,\"2227\":1,\"2252\":1,\"2313\":1,\"2314\":1,\"2382\":1,\"2385\":1,\"2391\":1,\"2417\":1,\"2440\":1,\"2441\":1,\"2467\":1,\"2532\":1,\"2533\":1,\"2601\":1,\"2604\":1,\"2610\":1,\"2636\":1,\"2659\":1,\"2660\":1,\"2686\":1,\"2751\":1,\"2752\":1,\"2820\":1,\"2823\":1,\"2829\":1,\"2855\":1,\"2878\":1,\"2879\":1,\"2905\":1,\"2970\":1,\"2971\":1,\"3039\":1,\"3042\":1,\"3048\":1,\"3074\":1,\"3097\":1,\"3098\":1,\"3124\":1,\"3189\":1,\"3190\":1,\"3234\":1,\"3237\":1,\"3243\":1,\"3269\":1,\"3316\":1,\"3317\":1,\"3345\":1,\"3410\":1,\"3411\":1}}],[\"establish\",{\"1\":{\"82\":1,\"210\":1,\"235\":1,\"961\":1,\"987\":1,\"1171\":1,\"1194\":1,\"1322\":1,\"1345\":1,\"1494\":1,\"1520\":1,\"1671\":1,\"1697\":1,\"1848\":1,\"1874\":1,\"2025\":1,\"2051\":1,\"2202\":1,\"2228\":1,\"2392\":1,\"2418\":1,\"2611\":1,\"2637\":1,\"2830\":1,\"2856\":1,\"3049\":1,\"3075\":1,\"3244\":1,\"3270\":1}}],[\"es\",{\"1\":{\"16\":1,\"17\":1}}],[\"evaluate\",{\"1\":{\"120\":1}}],[\"evaluator\",{\"1\":{\"14\":2,\"21\":1}}],[\"even\",{\"1\":{\"102\":1,\"117\":1,\"416\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"640\":1,\"650\":1,\"686\":1,\"696\":1,\"732\":1,\"742\":1,\"778\":1,\"788\":1,\"824\":1,\"870\":1}}],[\"eventconfig\",{\"1\":{\"147\":1}}],[\"event\",{\"0\":{\"325\":1,\"378\":1,\"379\":1},\"1\":{\"97\":1,\"217\":2,\"218\":2,\"304\":4,\"327\":6,\"334\":1,\"347\":2,\"356\":2,\"359\":2,\"364\":6,\"381\":2,\"385\":2,\"390\":10,\"968\":2,\"969\":2,\"1178\":2,\"1179\":2,\"1329\":2,\"1330\":2,\"1501\":2,\"1502\":2,\"1678\":2,\"1679\":2,\"1855\":2,\"1856\":2,\"2032\":2,\"2033\":2,\"2209\":2,\"2210\":2,\"2399\":2,\"2400\":2,\"2618\":2,\"2619\":2,\"2837\":2,\"2838\":2,\"3056\":2,\"3057\":2,\"3251\":2,\"3252\":2}}],[\"events\",{\"0\":{\"323\":1,\"325\":1,\"353\":1,\"354\":1,\"378\":1,\"379\":1,\"382\":1},\"1\":{\"97\":2,\"186\":1,\"332\":1,\"382\":1,\"945\":1,\"946\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2376\":1,\"2377\":1,\"2595\":1,\"2596\":1,\"2814\":1,\"2815\":1,\"3033\":1,\"3034\":1,\"3228\":1,\"3229\":1}}],[\"everybody\",{\"1\":{\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1}}],[\"everyone\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"everything\",{\"1\":{\"395\":1}}],[\"every\",{\"1\":{\"0\":1,\"32\":1,\"88\":1,\"97\":1,\"117\":1,\"184\":1,\"185\":1,\"186\":1,\"222\":1,\"332\":1,\"356\":2,\"383\":1,\"405\":1,\"417\":2,\"629\":1,\"641\":2,\"675\":1,\"687\":2,\"721\":1,\"733\":2,\"767\":1,\"779\":2,\"813\":1,\"825\":2,\"859\":1,\"871\":2,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"973\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1183\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1334\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1506\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1683\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1860\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2037\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2214\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2404\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2623\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2842\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3061\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3256\":1}}],[\"error\",{\"1\":{\"217\":2,\"218\":2,\"222\":1,\"381\":1,\"413\":1,\"429\":1,\"444\":2,\"445\":1,\"472\":1,\"483\":2,\"484\":1,\"495\":1,\"506\":2,\"507\":1,\"521\":1,\"532\":2,\"533\":1,\"547\":1,\"562\":2,\"563\":1,\"577\":1,\"592\":2,\"593\":1,\"607\":1,\"622\":2,\"623\":1,\"637\":1,\"653\":1,\"668\":2,\"669\":1,\"683\":1,\"699\":1,\"714\":2,\"715\":1,\"729\":1,\"745\":1,\"760\":2,\"761\":1,\"775\":1,\"791\":1,\"806\":2,\"807\":1,\"821\":1,\"837\":1,\"852\":2,\"853\":1,\"867\":1,\"883\":1,\"898\":2,\"899\":1,\"968\":2,\"969\":2,\"973\":1,\"1178\":2,\"1179\":2,\"1183\":1,\"1329\":2,\"1330\":2,\"1334\":1,\"1501\":2,\"1502\":2,\"1506\":1,\"1678\":2,\"1679\":2,\"1683\":1,\"1855\":2,\"1856\":2,\"1860\":1,\"2032\":2,\"2033\":2,\"2037\":1,\"2209\":2,\"2210\":2,\"2214\":1,\"2399\":2,\"2400\":2,\"2404\":1,\"2618\":2,\"2619\":2,\"2623\":1,\"2837\":2,\"2838\":2,\"2842\":1,\"3056\":2,\"3057\":2,\"3061\":1,\"3251\":2,\"3252\":2,\"3256\":1}}],[\"errors\",{\"1\":{\"106\":1,\"107\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2}}],[\"erste\",{\"1\":{\"16\":1}}],[\"erfüllt\",{\"1\":{\"15\":1}}],[\"erproben\",{\"1\":{\"14\":1}}],[\"erprobt\",{\"1\":{\"14\":1}}],[\"erprobung\",{\"1\":{\"14\":1}}],[\"ergänzend\",{\"1\":{\"14\":1}}],[\"effect\",{\"1\":{\"217\":1,\"218\":1,\"352\":1,\"968\":1,\"969\":1,\"1178\":1,\"1179\":1,\"1329\":1,\"1330\":1,\"1501\":1,\"1502\":1,\"1678\":1,\"1679\":1,\"1855\":1,\"1856\":1,\"2032\":1,\"2033\":1,\"2209\":1,\"2210\":1,\"2399\":1,\"2400\":1,\"2618\":1,\"2619\":1,\"2837\":1,\"2838\":1,\"3056\":1,\"3057\":1,\"3251\":1,\"3252\":1}}],[\"effective\",{\"1\":{\"117\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"effectively\",{\"1\":{\"36\":1}}],[\"effectiveness\",{\"1\":{\"5\":1}}],[\"efficiency\",{\"1\":{\"82\":1,\"395\":1}}],[\"efficient\",{\"1\":{\"5\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"effort\",{\"1\":{\"38\":1}}],[\"efforts\",{\"1\":{\"35\":1}}],[\"efmi\",{\"1\":{\"1\":4}}],[\"exactly\",{\"1\":{\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1}}],[\"examine\",{\"1\":{\"324\":1,\"347\":1,\"369\":1}}],[\"examplestarter\",{\"1\":{\"138\":1}}],[\"examples\",{\"0\":{\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1},\"1\":{\"116\":1,\"117\":1,\"382\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"example\",{\"0\":{\"103\":1,\"363\":1,\"389\":1,\"447\":1,\"449\":1,\"901\":1,\"903\":1,\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1},\"1\":{\"95\":2,\"96\":1,\"97\":1,\"98\":1,\"99\":2,\"100\":2,\"102\":1,\"103\":2,\"152\":1,\"153\":1,\"154\":2,\"169\":2,\"170\":4,\"175\":1,\"177\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"191\":1,\"197\":1,\"200\":1,\"205\":1,\"207\":1,\"208\":1,\"212\":1,\"213\":1,\"214\":1,\"215\":1,\"216\":1,\"220\":1,\"221\":1,\"224\":1,\"225\":1,\"226\":1,\"227\":1,\"228\":1,\"241\":1,\"242\":1,\"243\":1,\"245\":1,\"249\":1,\"251\":1,\"253\":1,\"255\":1,\"257\":1,\"260\":1,\"263\":1,\"269\":1,\"270\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":2,\"315\":1,\"316\":2,\"341\":1,\"356\":2,\"357\":3,\"363\":1,\"372\":1,\"383\":1,\"389\":1,\"433\":3,\"442\":1,\"443\":1,\"460\":1,\"461\":1,\"462\":2,\"481\":2,\"482\":1,\"504\":2,\"505\":1,\"510\":1,\"511\":2,\"530\":2,\"531\":1,\"536\":1,\"537\":2,\"560\":2,\"561\":1,\"566\":1,\"567\":2,\"590\":2,\"591\":1,\"596\":1,\"597\":2,\"620\":2,\"621\":1,\"626\":1,\"627\":2,\"666\":2,\"667\":1,\"672\":1,\"673\":2,\"712\":2,\"713\":1,\"718\":1,\"719\":2,\"758\":2,\"759\":1,\"764\":1,\"765\":2,\"795\":3,\"804\":2,\"805\":1,\"810\":1,\"811\":2,\"841\":3,\"850\":2,\"851\":1,\"856\":1,\"857\":2,\"887\":3,\"896\":1,\"897\":1,\"914\":1,\"915\":1,\"916\":2,\"920\":2,\"928\":3,\"932\":1,\"934\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"959\":1,\"963\":1,\"964\":1,\"965\":1,\"966\":1,\"967\":1,\"971\":1,\"972\":1,\"975\":1,\"976\":1,\"977\":1,\"978\":1,\"979\":1,\"985\":1,\"989\":1,\"991\":1,\"995\":1,\"997\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1014\":2,\"1015\":1,\"1026\":1,\"1031\":1,\"1032\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1049\":2,\"1057\":3,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1070\":1,\"1072\":1,\"1074\":1,\"1080\":1,\"1082\":1,\"1088\":1,\"1090\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1107\":2,\"1108\":1,\"1120\":1,\"1125\":1,\"1126\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1147\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1168\":1,\"1169\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1176\":1,\"1177\":1,\"1181\":1,\"1182\":1,\"1185\":1,\"1186\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1197\":1,\"1199\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1217\":2,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1238\":1,\"1240\":1,\"1242\":1,\"1245\":1,\"1247\":1,\"1251\":1,\"1253\":1,\"1256\":1,\"1257\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1285\":2,\"1286\":1,\"1296\":1,\"1298\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1319\":1,\"1320\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1327\":1,\"1328\":1,\"1332\":1,\"1333\":1,\"1336\":1,\"1337\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1348\":1,\"1350\":1,\"1355\":2,\"1363\":3,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1376\":1,\"1378\":1,\"1380\":1,\"1383\":1,\"1385\":1,\"1390\":1,\"1392\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1409\":2,\"1410\":1,\"1422\":1,\"1427\":1,\"1428\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1457\":2,\"1458\":1,\"1468\":1,\"1470\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1492\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1499\":1,\"1500\":1,\"1504\":1,\"1505\":1,\"1508\":1,\"1509\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1526\":1,\"1531\":2,\"1539\":3,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1552\":1,\"1554\":1,\"1556\":1,\"1559\":1,\"1561\":1,\"1566\":1,\"1568\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1585\":2,\"1586\":1,\"1598\":1,\"1603\":1,\"1604\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1634\":2,\"1635\":1,\"1645\":1,\"1647\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1669\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1676\":1,\"1677\":1,\"1681\":1,\"1682\":1,\"1685\":1,\"1686\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1703\":1,\"1708\":2,\"1716\":3,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1729\":1,\"1731\":1,\"1733\":1,\"1736\":1,\"1738\":1,\"1743\":1,\"1745\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1762\":2,\"1763\":1,\"1775\":1,\"1780\":1,\"1781\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1811\":2,\"1812\":1,\"1822\":1,\"1824\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1846\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1853\":1,\"1854\":1,\"1858\":1,\"1859\":1,\"1862\":1,\"1863\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1880\":1,\"1885\":2,\"1893\":3,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1906\":1,\"1908\":1,\"1910\":1,\"1913\":1,\"1915\":1,\"1920\":1,\"1922\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1939\":2,\"1940\":1,\"1952\":1,\"1957\":1,\"1958\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1988\":2,\"1989\":1,\"1999\":1,\"2001\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2023\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2030\":1,\"2031\":1,\"2035\":1,\"2036\":1,\"2039\":1,\"2040\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2057\":1,\"2062\":2,\"2070\":3,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2083\":1,\"2085\":1,\"2087\":1,\"2090\":1,\"2092\":1,\"2097\":1,\"2099\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2116\":2,\"2117\":1,\"2129\":1,\"2134\":1,\"2135\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2165\":2,\"2166\":1,\"2176\":1,\"2178\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2200\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2207\":1,\"2208\":1,\"2212\":1,\"2213\":1,\"2216\":1,\"2217\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2234\":1,\"2239\":2,\"2247\":3,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2260\":1,\"2262\":1,\"2264\":1,\"2267\":1,\"2269\":1,\"2274\":1,\"2276\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2293\":2,\"2294\":1,\"2306\":1,\"2311\":1,\"2312\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2327\":2,\"2335\":3,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2352\":2,\"2353\":1,\"2363\":1,\"2365\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2390\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2397\":1,\"2398\":1,\"2402\":1,\"2403\":1,\"2406\":1,\"2407\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2416\":1,\"2420\":1,\"2422\":1,\"2426\":1,\"2428\":1,\"2433\":1,\"2438\":1,\"2439\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2454\":2,\"2462\":3,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2475\":1,\"2477\":1,\"2479\":1,\"2485\":1,\"2487\":1,\"2493\":1,\"2495\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2512\":2,\"2513\":1,\"2525\":1,\"2530\":1,\"2531\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2546\":2,\"2554\":3,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2571\":2,\"2572\":1,\"2582\":1,\"2584\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2609\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2616\":1,\"2617\":1,\"2621\":1,\"2622\":1,\"2625\":1,\"2626\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2635\":1,\"2639\":1,\"2641\":1,\"2645\":1,\"2647\":1,\"2652\":1,\"2657\":1,\"2658\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2673\":2,\"2681\":3,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2694\":1,\"2696\":1,\"2698\":1,\"2704\":1,\"2706\":1,\"2712\":1,\"2714\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2731\":2,\"2732\":1,\"2744\":1,\"2749\":1,\"2750\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2765\":2,\"2773\":3,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2790\":2,\"2791\":1,\"2801\":1,\"2803\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2828\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2835\":1,\"2836\":1,\"2840\":1,\"2841\":1,\"2844\":1,\"2845\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2854\":1,\"2858\":1,\"2860\":1,\"2864\":1,\"2866\":1,\"2871\":1,\"2876\":1,\"2877\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2892\":2,\"2900\":3,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2913\":1,\"2915\":1,\"2917\":1,\"2923\":1,\"2925\":1,\"2931\":1,\"2933\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2950\":2,\"2951\":1,\"2963\":1,\"2968\":1,\"2969\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2984\":2,\"2992\":3,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3009\":2,\"3010\":1,\"3020\":1,\"3022\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3047\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3054\":1,\"3055\":1,\"3059\":1,\"3060\":1,\"3063\":1,\"3064\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3073\":1,\"3077\":1,\"3079\":1,\"3083\":1,\"3085\":1,\"3090\":1,\"3095\":1,\"3096\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3111\":2,\"3119\":3,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3132\":1,\"3134\":1,\"3136\":1,\"3142\":1,\"3144\":1,\"3150\":1,\"3152\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3169\":2,\"3170\":1,\"3182\":1,\"3187\":1,\"3188\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3203\":2,\"3211\":3,\"3215\":1,\"3217\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3242\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3249\":1,\"3250\":1,\"3254\":1,\"3255\":1,\"3258\":1,\"3259\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3268\":1,\"3272\":1,\"3274\":1,\"3278\":1,\"3280\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3297\":2,\"3298\":1,\"3309\":1,\"3314\":1,\"3315\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3332\":2,\"3340\":3,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3353\":1,\"3355\":1,\"3357\":1,\"3363\":1,\"3365\":1,\"3371\":1,\"3373\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3390\":2,\"3391\":1,\"3403\":1,\"3408\":1,\"3409\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"exercise\",{\"0\":{\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"326\":1,\"328\":1,\"329\":1,\"335\":1,\"339\":1,\"340\":1,\"342\":1,\"343\":1,\"344\":1,\"349\":1,\"353\":1,\"354\":1,\"364\":1,\"368\":1,\"369\":1,\"374\":1,\"378\":1,\"379\":1,\"390\":1},\"1\":{\"318\":1,\"320\":2,\"321\":2,\"322\":1,\"323\":2,\"324\":2,\"325\":8,\"326\":6,\"327\":6,\"328\":6,\"329\":2,\"334\":2,\"338\":7,\"339\":6,\"340\":1,\"341\":1,\"342\":7,\"343\":6,\"344\":1,\"347\":1,\"348\":2,\"349\":2,\"352\":8,\"353\":6,\"354\":1,\"367\":7,\"368\":6,\"369\":1,\"377\":7,\"378\":6,\"379\":2,\"393\":6,\"403\":6}}],[\"exercises\",{\"1\":{\"318\":2,\"319\":1,\"394\":1}}],[\"execition\",{\"1\":{\"134\":1}}],[\"executor\",{\"1\":{\"982\":1,\"983\":1,\"984\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3265\":1,\"3266\":1,\"3267\":1}}],[\"executable\",{\"1\":{\"332\":1}}],[\"execution\",{\"0\":{\"333\":1,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1},\"1\":{\"88\":1,\"98\":1,\"130\":1,\"134\":1,\"154\":1,\"321\":1,\"324\":1,\"333\":1,\"340\":1,\"354\":1,\"356\":2,\"363\":2,\"369\":1,\"371\":1,\"372\":2,\"373\":3,\"374\":2,\"389\":2}}],[\"executing\",{\"1\":{\"26\":1,\"29\":1,\"99\":1,\"153\":1,\"169\":1,\"338\":1,\"356\":2,\"433\":1,\"795\":1,\"841\":1,\"887\":1}}],[\"executes\",{\"1\":{\"90\":1}}],[\"executed\",{\"1\":{\"85\":1,\"90\":1,\"96\":1,\"127\":1,\"318\":1,\"332\":1,\"338\":2,\"352\":2,\"354\":1,\"364\":1,\"367\":3,\"377\":2,\"393\":3}}],[\"execute\",{\"1\":{\"0\":1,\"32\":1,\"96\":1,\"97\":1,\"99\":1,\"102\":1,\"105\":1,\"116\":1,\"117\":1,\"126\":1,\"135\":4,\"141\":1,\"142\":1,\"169\":1,\"175\":1,\"176\":1,\"251\":1,\"252\":1,\"290\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"320\":1,\"329\":2,\"337\":1,\"338\":1,\"341\":1,\"342\":1,\"351\":1,\"352\":2,\"366\":1,\"367\":2,\"376\":1,\"377\":2,\"392\":1,\"393\":2,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1,\"932\":1,\"933\":1,\"1068\":1,\"1069\":1,\"1145\":1,\"1146\":1,\"1236\":1,\"1237\":1,\"1296\":1,\"1297\":1,\"1374\":1,\"1375\":1,\"1468\":1,\"1469\":1,\"1550\":1,\"1551\":1,\"1645\":1,\"1646\":1,\"1727\":1,\"1728\":1,\"1822\":1,\"1823\":1,\"1904\":1,\"1905\":1,\"1999\":1,\"2000\":1,\"2081\":1,\"2082\":1,\"2176\":1,\"2177\":1,\"2258\":1,\"2259\":1,\"2363\":1,\"2364\":1,\"2473\":1,\"2474\":1,\"2582\":1,\"2583\":1,\"2692\":1,\"2693\":1,\"2801\":1,\"2802\":1,\"2911\":1,\"2912\":1,\"3020\":1,\"3021\":1,\"3130\":1,\"3131\":1,\"3215\":1,\"3216\":1,\"3351\":1,\"3352\":1}}],[\"extension>\",{\"1\":{\"363\":7,\"389\":11}}],[\"extensions\",{\"1\":{\"358\":1,\"384\":1}}],[\"extension\",{\"0\":{\"363\":1,\"389\":1},\"1\":{\"358\":3,\"359\":1,\"360\":1,\"361\":8,\"362\":4,\"363\":3,\"364\":1,\"384\":3,\"385\":1,\"386\":1,\"387\":8,\"388\":4,\"389\":3,\"923\":1,\"1052\":1,\"1056\":1,\"1358\":1,\"1362\":1,\"1534\":1,\"1538\":1,\"1711\":1,\"1715\":1,\"1888\":1,\"1892\":1,\"2065\":1,\"2069\":1,\"2242\":1,\"2246\":1,\"2330\":1,\"2457\":1,\"2461\":1,\"2549\":1,\"2676\":1,\"2680\":1,\"2768\":1,\"2895\":1,\"2899\":1,\"2987\":1,\"3114\":1,\"3118\":1,\"3206\":1,\"3335\":1,\"3339\":1}}],[\"extended\",{\"1\":{\"438\":1,\"456\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1,\"910\":1}}],[\"extend\",{\"1\":{\"332\":1}}],[\"extending\",{\"0\":{\"451\":1,\"905\":1},\"1\":{\"154\":1,\"333\":1,\"373\":1}}],[\"extends\",{\"1\":{\"147\":1,\"160\":2}}],[\"external\",{\"0\":{\"92\":1,\"100\":1,\"170\":1},\"1\":{\"100\":1,\"112\":1,\"167\":1,\"170\":1,\"240\":1,\"270\":2,\"284\":1,\"285\":1,\"289\":4,\"290\":1,\"295\":1,\"296\":1,\"300\":6,\"301\":1,\"303\":2,\"348\":1,\"438\":1,\"439\":1,\"442\":2,\"443\":1,\"477\":1,\"478\":1,\"481\":4,\"482\":1,\"500\":1,\"501\":1,\"504\":3,\"505\":1,\"526\":1,\"527\":1,\"530\":3,\"531\":1,\"556\":1,\"557\":1,\"560\":3,\"561\":1,\"586\":1,\"587\":1,\"590\":3,\"591\":1,\"616\":1,\"617\":1,\"620\":3,\"621\":1,\"662\":1,\"663\":1,\"666\":3,\"667\":1,\"708\":1,\"709\":1,\"712\":3,\"713\":1,\"754\":1,\"755\":1,\"758\":3,\"759\":1,\"800\":1,\"801\":1,\"804\":3,\"805\":1,\"846\":1,\"847\":1,\"850\":3,\"851\":1,\"892\":1,\"893\":1,\"896\":2,\"897\":1,\"1032\":1,\"1126\":2,\"1257\":2,\"1428\":2,\"1604\":2,\"1781\":2,\"1958\":2,\"2135\":2,\"2312\":2,\"2439\":2,\"2531\":2,\"2658\":2,\"2750\":2,\"2877\":2,\"2969\":2,\"3096\":2,\"3188\":2,\"3315\":1,\"3409\":2}}],[\"externally\",{\"1\":{\"89\":1}}],[\"extra\",{\"1\":{\"327\":6,\"341\":2}}],[\"extraktion\",{\"1\":{\"14\":1}}],[\"extraktionstool\",{\"1\":{\"14\":1}}],[\"extraktionstools\",{\"1\":{\"14\":1}}],[\"extraction\",{\"1\":{\"6\":1,\"128\":1}}],[\"extract\",{\"1\":{\"0\":1,\"98\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"442\":1,\"443\":2,\"481\":1,\"482\":2,\"504\":1,\"505\":2,\"530\":1,\"531\":2,\"560\":1,\"561\":2,\"590\":1,\"591\":2,\"620\":1,\"621\":2,\"666\":1,\"667\":2,\"712\":1,\"713\":2,\"758\":1,\"759\":2,\"804\":1,\"805\":2,\"850\":1,\"851\":2,\"896\":1,\"897\":2}}],[\"exposing\",{\"1\":{\"991\":1,\"2422\":1,\"2641\":1,\"2860\":1,\"3079\":1,\"3274\":1}}],[\"expanded\",{\"1\":{\"481\":1}}],[\"expertise\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"experienced\",{\"1\":{\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"experience\",{\"0\":{\"75\":1},\"1\":{\"75\":1,\"116\":1,\"117\":1,\"415\":1,\"419\":2,\"639\":1,\"643\":2,\"685\":1,\"689\":2,\"731\":1,\"735\":2,\"777\":1,\"781\":2,\"823\":1,\"827\":2,\"869\":1,\"873\":2}}],[\"expected\",{\"0\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1},\"1\":{\"285\":1,\"296\":1,\"338\":2,\"367\":2,\"393\":2,\"439\":1,\"452\":2,\"454\":2,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"906\":2,\"908\":2,\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"expression$\",{\"1\":{\"372\":1}}],[\"expressions\",{\"0\":{\"372\":1},\"1\":{\"159\":3,\"374\":1}}],[\"expression\",{\"1\":{\"159\":15,\"371\":1,\"372\":1}}],[\"explanations\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"explain\",{\"1\":{\"95\":1}}],[\"explained\",{\"1\":{\"89\":1}}],[\"explicitly\",{\"1\":{\"456\":1,\"910\":1}}],[\"explicit\",{\"1\":{\"159\":1}}],[\"explicitconstructorcall\",{\"1\":{\"159\":2}}],[\"explore\",{\"1\":{\"431\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"exploring\",{\"1\":{\"12\":1}}],[\"exploit\",{\"1\":{\"37\":1}}],[\"exploited\",{\"1\":{\"37\":1}}],[\"exists\",{\"1\":{\"428\":2,\"471\":2,\"494\":2,\"520\":2,\"546\":2,\"576\":2,\"606\":2,\"652\":2,\"698\":2,\"744\":2,\"790\":2,\"836\":2,\"882\":2}}],[\"existing\",{\"1\":{\"145\":1,\"146\":2,\"147\":5,\"148\":2,\"149\":1,\"150\":1,\"381\":1,\"434\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"457\":2,\"473\":3,\"496\":3,\"522\":3,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"911\":2,\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"exist\",{\"1\":{\"35\":1,\"396\":1}}],[\"excited\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"excluding\",{\"1\":{\"441\":1,\"442\":1,\"895\":1,\"896\":1,\"1040\":1,\"1041\":1,\"1134\":1,\"1135\":1,\"3323\":1,\"3324\":1,\"3417\":1,\"3418\":1}}],[\"exclude\",{\"1\":{\"304\":2,\"307\":2,\"433\":1,\"795\":1,\"841\":1,\"887\":1}}],[\"excluded\",{\"0\":{\"233\":1,\"985\":1,\"1192\":1,\"1343\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1},\"1\":{\"233\":2,\"304\":4,\"307\":1,\"985\":2,\"1192\":2,\"1343\":2,\"1518\":2,\"1695\":2,\"1872\":2,\"2049\":2,\"2226\":2,\"2416\":2,\"2635\":2,\"2854\":2,\"3073\":2,\"3268\":2}}],[\"exclusive\",{\"0\":{\"324\":1,\"368\":1,\"369\":1,\"371\":1},\"1\":{\"324\":1,\"369\":1,\"371\":1,\"374\":1}}],[\"excel\",{\"0\":{\"286\":1,\"297\":1},\"1\":{\"286\":2,\"297\":2}}],[\"excellent\",{\"1\":{\"1\":1,\"109\":1}}],[\"excepted\",{\"1\":{\"276\":1,\"1039\":1,\"1133\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3416\":1}}],[\"exceptions\",{\"1\":{\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"247\":1,\"248\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"1062\":1,\"1063\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1230\":1,\"1231\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1368\":1,\"1369\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1544\":1,\"1545\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1721\":1,\"1722\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1898\":1,\"1899\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2075\":1,\"2076\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2252\":1,\"2253\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2467\":1,\"2468\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2686\":1,\"2687\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2905\":1,\"2906\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3124\":1,\"3125\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3345\":1,\"3346\":1}}],[\"except\",{\"1\":{\"99\":1,\"169\":1,\"311\":1,\"314\":1,\"348\":2}}],[\"exchanged\",{\"1\":{\"94\":1,\"383\":1}}],[\"exchange\",{\"1\":{\"0\":1,\"9\":1,\"26\":1,\"82\":1,\"94\":1,\"95\":2,\"98\":3,\"129\":1,\"356\":1}}],[\"enough\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"engage\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"engines\",{\"1\":{\"0\":1,\"32\":1}}],[\"engine\",{\"0\":{\"90\":1,\"113\":1,\"168\":1,\"982\":1,\"983\":1,\"984\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3265\":1,\"3266\":1,\"3267\":1},\"1\":{\"0\":1,\"8\":1,\"32\":2,\"88\":3,\"96\":1,\"97\":1,\"99\":2,\"110\":1,\"113\":1,\"117\":1,\"152\":1,\"153\":1,\"165\":1,\"168\":1,\"169\":2,\"283\":1,\"294\":1,\"332\":2,\"431\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"793\":1,\"799\":1,\"839\":1,\"845\":1,\"885\":1,\"891\":1,\"982\":2,\"983\":2,\"984\":2,\"1515\":2,\"1516\":2,\"1517\":2,\"1692\":2,\"1693\":2,\"1694\":2,\"1869\":2,\"1870\":2,\"1871\":2,\"2046\":2,\"2047\":2,\"2048\":2,\"2223\":2,\"2224\":2,\"2225\":2,\"2413\":2,\"2414\":2,\"2415\":2,\"2632\":2,\"2633\":2,\"2634\":2,\"2851\":2,\"2852\":2,\"2853\":2,\"3070\":2,\"3071\":2,\"3072\":2,\"3265\":2,\"3266\":2,\"3267\":2}}],[\"enhancing\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"enhancement\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"enhanced\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"enhance\",{\"1\":{\"12\":1,\"344\":1,\"404\":1,\"419\":1,\"628\":1,\"643\":1,\"674\":1,\"689\":1,\"720\":1,\"735\":1,\"766\":1,\"781\":1,\"812\":1,\"827\":1,\"858\":1,\"873\":1}}],[\"envelop\",{\"1\":{\"356\":1}}],[\"environment\",{\"0\":{\"346\":1,\"447\":1,\"901\":1},\"1\":{\"33\":1,\"138\":2,\"289\":5,\"290\":3,\"300\":5,\"301\":3,\"304\":2,\"319\":1,\"320\":1,\"327\":8,\"329\":1,\"338\":1,\"341\":2,\"345\":1,\"346\":5,\"349\":4,\"352\":3,\"362\":1,\"388\":1,\"394\":1,\"429\":2,\"431\":1,\"442\":5,\"443\":3,\"446\":3,\"447\":2,\"448\":1,\"449\":1,\"451\":1,\"452\":3,\"453\":1,\"454\":3,\"455\":1,\"459\":2,\"460\":1,\"461\":3,\"462\":2,\"473\":1,\"481\":5,\"482\":3,\"496\":1,\"504\":5,\"505\":3,\"522\":1,\"530\":5,\"531\":3,\"536\":1,\"560\":5,\"561\":3,\"564\":2,\"577\":2,\"590\":5,\"591\":3,\"594\":2,\"607\":2,\"620\":5,\"621\":3,\"624\":2,\"653\":2,\"666\":5,\"667\":3,\"670\":2,\"699\":2,\"712\":5,\"713\":3,\"716\":2,\"745\":2,\"758\":5,\"759\":3,\"762\":2,\"791\":2,\"793\":1,\"804\":5,\"805\":3,\"808\":2,\"837\":2,\"839\":1,\"850\":5,\"851\":3,\"854\":2,\"883\":2,\"885\":1,\"896\":5,\"897\":3,\"900\":3,\"901\":2,\"902\":1,\"903\":1,\"905\":1,\"906\":3,\"907\":1,\"908\":3,\"909\":1,\"913\":2,\"914\":1,\"915\":3,\"916\":2,\"920\":1,\"1027\":1,\"1049\":1,\"1121\":1,\"1355\":1,\"1423\":1,\"1531\":1,\"1599\":1,\"1708\":1,\"1776\":1,\"1885\":1,\"1953\":1,\"2062\":1,\"2130\":1,\"2239\":1,\"2307\":1,\"2327\":1,\"2434\":1,\"2454\":1,\"2526\":1,\"2546\":1,\"2653\":1,\"2673\":1,\"2745\":1,\"2765\":1,\"2872\":1,\"2892\":1,\"2964\":1,\"2984\":1,\"3091\":1,\"3111\":1,\"3183\":1,\"3203\":1,\"3310\":1,\"3332\":1,\"3404\":1}}],[\"environments\",{\"0\":{\"11\":1},\"1\":{\"117\":1,\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"enabling\",{\"1\":{\"159\":1}}],[\"enabled><\",{\"1\":{\"162\":2}}],[\"enabled\",{\"1\":{\"160\":1,\"186\":1,\"212\":1,\"213\":1,\"217\":1,\"218\":1,\"228\":1,\"352\":1,\"920\":1,\"945\":1,\"946\":1,\"963\":1,\"964\":1,\"968\":1,\"969\":1,\"979\":1,\"1003\":1,\"1006\":1,\"1007\":1,\"1024\":1,\"1025\":1,\"1049\":1,\"1096\":1,\"1099\":1,\"1100\":1,\"1117\":1,\"1118\":1,\"1156\":1,\"1173\":1,\"1174\":1,\"1178\":1,\"1179\":1,\"1189\":1,\"1206\":1,\"1209\":1,\"1210\":1,\"1274\":1,\"1277\":1,\"1278\":1,\"1307\":1,\"1324\":1,\"1325\":1,\"1329\":1,\"1330\":1,\"1340\":1,\"1355\":1,\"1398\":1,\"1401\":1,\"1402\":1,\"1419\":1,\"1420\":1,\"1446\":1,\"1449\":1,\"1450\":1,\"1479\":1,\"1480\":1,\"1496\":1,\"1497\":1,\"1501\":1,\"1502\":1,\"1512\":1,\"1531\":1,\"1574\":1,\"1577\":1,\"1578\":1,\"1595\":1,\"1596\":1,\"1623\":1,\"1626\":1,\"1627\":1,\"1656\":1,\"1657\":1,\"1673\":1,\"1674\":1,\"1678\":1,\"1679\":1,\"1689\":1,\"1708\":1,\"1751\":1,\"1754\":1,\"1755\":1,\"1772\":1,\"1773\":1,\"1800\":1,\"1803\":1,\"1804\":1,\"1833\":1,\"1834\":1,\"1850\":1,\"1851\":1,\"1855\":1,\"1856\":1,\"1866\":1,\"1885\":1,\"1928\":1,\"1931\":1,\"1932\":1,\"1949\":1,\"1950\":1,\"1977\":1,\"1980\":1,\"1981\":1,\"2010\":1,\"2011\":1,\"2027\":1,\"2028\":1,\"2032\":1,\"2033\":1,\"2043\":1,\"2062\":1,\"2105\":1,\"2108\":1,\"2109\":1,\"2126\":1,\"2127\":1,\"2154\":1,\"2157\":1,\"2158\":1,\"2187\":1,\"2188\":1,\"2204\":1,\"2205\":1,\"2209\":1,\"2210\":1,\"2220\":1,\"2239\":1,\"2282\":1,\"2285\":1,\"2286\":1,\"2303\":1,\"2304\":1,\"2327\":1,\"2341\":1,\"2344\":1,\"2345\":1,\"2376\":1,\"2377\":1,\"2394\":1,\"2395\":1,\"2399\":1,\"2400\":1,\"2410\":1,\"2431\":1,\"2432\":1,\"2454\":1,\"2501\":1,\"2504\":1,\"2505\":1,\"2522\":1,\"2523\":1,\"2546\":1,\"2560\":1,\"2563\":1,\"2564\":1,\"2595\":1,\"2596\":1,\"2613\":1,\"2614\":1,\"2618\":1,\"2619\":1,\"2629\":1,\"2650\":1,\"2651\":1,\"2673\":1,\"2720\":1,\"2723\":1,\"2724\":1,\"2741\":1,\"2742\":1,\"2765\":1,\"2779\":1,\"2782\":1,\"2783\":1,\"2814\":1,\"2815\":1,\"2832\":1,\"2833\":1,\"2837\":1,\"2838\":1,\"2848\":1,\"2869\":1,\"2870\":1,\"2892\":1,\"2939\":1,\"2942\":1,\"2943\":1,\"2960\":1,\"2961\":1,\"2984\":1,\"2998\":1,\"3001\":1,\"3002\":1,\"3033\":1,\"3034\":1,\"3051\":1,\"3052\":1,\"3056\":1,\"3057\":1,\"3067\":1,\"3088\":1,\"3089\":1,\"3111\":1,\"3158\":1,\"3161\":1,\"3162\":1,\"3179\":1,\"3180\":1,\"3203\":1,\"3228\":1,\"3229\":1,\"3246\":1,\"3247\":1,\"3251\":1,\"3252\":1,\"3262\":1,\"3286\":1,\"3289\":1,\"3290\":1,\"3307\":1,\"3308\":1,\"3332\":1,\"3379\":1,\"3382\":1,\"3383\":1,\"3400\":1,\"3401\":1}}],[\"enables\",{\"1\":{\"8\":1,\"98\":1,\"116\":1}}],[\"enable\",{\"1\":{\"0\":2,\"32\":1,\"81\":1,\"94\":2,\"97\":1,\"98\":1,\"127\":1,\"184\":1,\"185\":1,\"186\":1,\"195\":1,\"204\":1,\"219\":1,\"222\":1,\"223\":1,\"224\":1,\"229\":1,\"230\":1,\"250\":1,\"349\":1,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2,\"920\":2,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"953\":1,\"956\":1,\"970\":1,\"973\":1,\"974\":1,\"975\":1,\"980\":1,\"981\":1,\"1002\":1,\"1003\":1,\"1005\":1,\"1025\":1,\"1049\":2,\"1065\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1095\":1,\"1096\":1,\"1098\":1,\"1118\":1,\"1119\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1180\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1190\":1,\"1191\":1,\"1205\":1,\"1206\":1,\"1208\":1,\"1233\":1,\"1273\":1,\"1274\":1,\"1276\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1331\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1341\":1,\"1342\":1,\"1355\":2,\"1371\":1,\"1397\":1,\"1398\":1,\"1400\":1,\"1420\":1,\"1421\":1,\"1445\":1,\"1446\":1,\"1448\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1486\":1,\"1489\":1,\"1503\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1513\":1,\"1514\":1,\"1531\":2,\"1547\":1,\"1573\":1,\"1574\":1,\"1576\":1,\"1596\":1,\"1597\":1,\"1622\":1,\"1623\":1,\"1625\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1663\":1,\"1666\":1,\"1680\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1690\":1,\"1691\":1,\"1708\":2,\"1724\":1,\"1750\":1,\"1751\":1,\"1753\":1,\"1773\":1,\"1774\":1,\"1799\":1,\"1800\":1,\"1802\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1840\":1,\"1843\":1,\"1857\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1867\":1,\"1868\":1,\"1885\":2,\"1901\":1,\"1927\":1,\"1928\":1,\"1930\":1,\"1950\":1,\"1951\":1,\"1976\":1,\"1977\":1,\"1979\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2017\":1,\"2020\":1,\"2034\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2044\":1,\"2045\":1,\"2062\":2,\"2078\":1,\"2104\":1,\"2105\":1,\"2107\":1,\"2127\":1,\"2128\":1,\"2153\":1,\"2154\":1,\"2156\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2194\":1,\"2197\":1,\"2211\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2221\":1,\"2222\":1,\"2239\":2,\"2255\":1,\"2281\":1,\"2282\":1,\"2284\":1,\"2304\":1,\"2305\":1,\"2327\":2,\"2340\":1,\"2341\":1,\"2343\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2384\":1,\"2387\":1,\"2401\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2411\":1,\"2412\":1,\"2432\":1,\"2454\":2,\"2470\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2500\":1,\"2501\":1,\"2503\":1,\"2523\":1,\"2524\":1,\"2546\":2,\"2559\":1,\"2560\":1,\"2562\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2603\":1,\"2606\":1,\"2620\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2630\":1,\"2631\":1,\"2651\":1,\"2673\":2,\"2689\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2719\":1,\"2720\":1,\"2722\":1,\"2742\":1,\"2743\":1,\"2765\":2,\"2778\":1,\"2779\":1,\"2781\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2822\":1,\"2825\":1,\"2839\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2849\":1,\"2850\":1,\"2870\":1,\"2892\":2,\"2908\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2938\":1,\"2939\":1,\"2941\":1,\"2961\":1,\"2962\":1,\"2984\":2,\"2997\":1,\"2998\":1,\"3000\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3041\":1,\"3044\":1,\"3058\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3068\":1,\"3069\":1,\"3089\":1,\"3111\":2,\"3127\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3157\":1,\"3158\":1,\"3160\":1,\"3180\":1,\"3181\":1,\"3203\":2,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3236\":1,\"3239\":1,\"3253\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3263\":1,\"3264\":1,\"3285\":1,\"3286\":1,\"3288\":1,\"3308\":1,\"3332\":2,\"3348\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3378\":1,\"3379\":1,\"3381\":1,\"3401\":1,\"3402\":1}}],[\"enum\",{\"1\":{\"159\":21}}],[\"en\",{\"1\":{\"116\":1}}],[\"enty\",{\"1\":{\"920\":1,\"1049\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"entrypoint\",{\"1\":{\"327\":1}}],[\"entry\",{\"1\":{\"144\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"entries\",{\"0\":{\"400\":1},\"1\":{\"112\":1,\"167\":1,\"276\":1,\"289\":1,\"300\":1,\"361\":1,\"362\":1,\"387\":1,\"388\":1,\"400\":1,\"444\":1,\"456\":1,\"481\":1,\"483\":1,\"504\":1,\"506\":1,\"530\":1,\"532\":1,\"560\":1,\"562\":1,\"590\":1,\"592\":1,\"620\":1,\"622\":1,\"666\":1,\"668\":1,\"712\":1,\"714\":1,\"758\":1,\"760\":1,\"804\":1,\"806\":1,\"850\":1,\"852\":1,\"898\":1,\"910\":1,\"923\":1,\"995\":1,\"1039\":1,\"1052\":1,\"1088\":1,\"1133\":1,\"1197\":1,\"1251\":1,\"1263\":1,\"1348\":1,\"1358\":1,\"1390\":1,\"1434\":1,\"1524\":1,\"1534\":1,\"1566\":1,\"1611\":1,\"1701\":1,\"1711\":1,\"1743\":1,\"1788\":1,\"1878\":1,\"1888\":1,\"1920\":1,\"1965\":1,\"2055\":1,\"2065\":1,\"2097\":1,\"2142\":1,\"2232\":1,\"2242\":1,\"2274\":1,\"2319\":1,\"2330\":1,\"2426\":1,\"2446\":1,\"2457\":1,\"2493\":1,\"2538\":1,\"2549\":1,\"2645\":1,\"2665\":1,\"2676\":1,\"2712\":1,\"2757\":1,\"2768\":1,\"2864\":1,\"2884\":1,\"2895\":1,\"2931\":1,\"2976\":1,\"2987\":1,\"3083\":1,\"3103\":1,\"3114\":1,\"3150\":1,\"3195\":1,\"3206\":1,\"3278\":1,\"3322\":1,\"3335\":1,\"3371\":1,\"3416\":1}}],[\"entered\",{\"1\":{\"110\":1,\"165\":1}}],[\"entire\",{\"1\":{\"81\":1,\"95\":1,\"134\":1,\"135\":1,\"154\":1}}],[\"encounter\",{\"1\":{\"413\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"637\":1,\"668\":1,\"683\":1,\"714\":1,\"729\":1,\"760\":1,\"775\":1,\"806\":1,\"821\":1,\"852\":1,\"867\":1,\"898\":1}}],[\"encourage\",{\"1\":{\"35\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"encoded\",{\"1\":{\"187\":1,\"188\":1,\"205\":1,\"212\":1,\"213\":1,\"224\":1,\"225\":1,\"228\":1,\"241\":1,\"242\":1,\"249\":1,\"275\":1,\"277\":1,\"278\":1,\"279\":1,\"288\":4,\"290\":1,\"299\":4,\"301\":1,\"441\":5,\"480\":4,\"503\":4,\"529\":4,\"559\":4,\"589\":4,\"619\":4,\"665\":4,\"711\":4,\"757\":4,\"803\":4,\"849\":4,\"895\":5,\"948\":1,\"949\":1,\"957\":1,\"963\":1,\"964\":1,\"975\":1,\"976\":1,\"979\":1,\"1008\":1,\"1009\":1,\"1013\":1,\"1015\":1,\"1026\":1,\"1038\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1064\":1,\"1101\":1,\"1102\":1,\"1106\":1,\"1108\":1,\"1120\":1,\"1132\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1157\":1,\"1158\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1211\":1,\"1212\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1232\":1,\"1262\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":1,\"1284\":1,\"1286\":1,\"1308\":1,\"1309\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1365\":1,\"1366\":1,\"1370\":1,\"1403\":1,\"1404\":1,\"1408\":1,\"1410\":1,\"1422\":1,\"1433\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":1,\"1456\":1,\"1458\":1,\"1481\":1,\"1482\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1541\":1,\"1542\":1,\"1546\":1,\"1579\":1,\"1580\":1,\"1584\":1,\"1586\":1,\"1598\":1,\"1610\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":1,\"1633\":1,\"1635\":1,\"1658\":1,\"1659\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1718\":1,\"1719\":1,\"1723\":1,\"1756\":1,\"1757\":1,\"1761\":1,\"1763\":1,\"1775\":1,\"1787\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":1,\"1810\":1,\"1812\":1,\"1835\":1,\"1836\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1895\":1,\"1896\":1,\"1900\":1,\"1933\":1,\"1934\":1,\"1938\":1,\"1940\":1,\"1952\":1,\"1964\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":1,\"1987\":1,\"1989\":1,\"2012\":1,\"2013\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2072\":1,\"2073\":1,\"2077\":1,\"2110\":1,\"2111\":1,\"2115\":1,\"2117\":1,\"2129\":1,\"2141\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":1,\"2164\":1,\"2166\":1,\"2189\":1,\"2190\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2249\":1,\"2250\":1,\"2254\":1,\"2287\":1,\"2288\":1,\"2292\":1,\"2294\":1,\"2306\":1,\"2318\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2346\":1,\"2347\":1,\"2351\":1,\"2353\":1,\"2379\":1,\"2380\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2433\":1,\"2445\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2469\":1,\"2506\":1,\"2507\":1,\"2511\":1,\"2513\":1,\"2525\":1,\"2537\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2565\":1,\"2566\":1,\"2570\":1,\"2572\":1,\"2598\":1,\"2599\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2652\":1,\"2664\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2688\":1,\"2725\":1,\"2726\":1,\"2730\":1,\"2732\":1,\"2744\":1,\"2756\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2784\":1,\"2785\":1,\"2789\":1,\"2791\":1,\"2817\":1,\"2818\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2871\":1,\"2883\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2907\":1,\"2944\":1,\"2945\":1,\"2949\":1,\"2951\":1,\"2963\":1,\"2975\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3003\":1,\"3004\":1,\"3008\":1,\"3010\":1,\"3036\":1,\"3037\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3090\":1,\"3102\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3126\":1,\"3163\":1,\"3164\":1,\"3168\":1,\"3170\":1,\"3182\":1,\"3194\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3231\":1,\"3232\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3291\":1,\"3292\":1,\"3296\":1,\"3298\":1,\"3309\":1,\"3321\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3347\":1,\"3384\":1,\"3385\":1,\"3389\":1,\"3391\":1,\"3403\":1,\"3415\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"encoding=\",{\"1\":{\"159\":1}}],[\"encrypting\",{\"1\":{\"290\":1,\"301\":1}}],[\"encryption\",{\"1\":{\"37\":1,\"109\":1}}],[\"encrypted\",{\"1\":{\"40\":1,\"188\":1,\"189\":1,\"213\":1,\"214\":1,\"242\":1,\"243\":1,\"288\":2,\"289\":2,\"290\":2,\"299\":2,\"300\":2,\"301\":2,\"441\":2,\"442\":2,\"443\":2,\"480\":2,\"481\":2,\"482\":2,\"503\":2,\"504\":2,\"505\":2,\"529\":2,\"530\":2,\"531\":2,\"559\":2,\"560\":2,\"561\":2,\"589\":2,\"590\":2,\"591\":2,\"619\":2,\"620\":2,\"621\":2,\"665\":2,\"666\":2,\"667\":2,\"711\":2,\"712\":2,\"713\":2,\"757\":2,\"758\":2,\"759\":2,\"803\":2,\"804\":2,\"805\":2,\"849\":2,\"850\":2,\"851\":2,\"895\":2,\"896\":2,\"897\":2,\"949\":1,\"950\":1,\"964\":1,\"965\":1,\"1009\":1,\"1010\":1,\"1060\":1,\"1061\":1,\"1102\":1,\"1103\":1,\"1158\":1,\"1159\":1,\"1174\":1,\"1175\":1,\"1212\":1,\"1213\":1,\"1228\":1,\"1229\":1,\"1280\":1,\"1281\":1,\"1309\":1,\"1310\":1,\"1325\":1,\"1326\":1,\"1366\":1,\"1367\":1,\"1404\":1,\"1405\":1,\"1452\":1,\"1453\":1,\"1482\":1,\"1483\":1,\"1497\":1,\"1498\":1,\"1542\":1,\"1543\":1,\"1580\":1,\"1581\":1,\"1629\":1,\"1630\":1,\"1659\":1,\"1660\":1,\"1674\":1,\"1675\":1,\"1719\":1,\"1720\":1,\"1757\":1,\"1758\":1,\"1806\":1,\"1807\":1,\"1836\":1,\"1837\":1,\"1851\":1,\"1852\":1,\"1896\":1,\"1897\":1,\"1934\":1,\"1935\":1,\"1983\":1,\"1984\":1,\"2013\":1,\"2014\":1,\"2028\":1,\"2029\":1,\"2073\":1,\"2074\":1,\"2111\":1,\"2112\":1,\"2160\":1,\"2161\":1,\"2190\":1,\"2191\":1,\"2205\":1,\"2206\":1,\"2250\":1,\"2251\":1,\"2288\":1,\"2289\":1,\"2347\":1,\"2348\":1,\"2380\":1,\"2381\":1,\"2395\":1,\"2396\":1,\"2465\":1,\"2466\":1,\"2507\":1,\"2508\":1,\"2566\":1,\"2567\":1,\"2599\":1,\"2600\":1,\"2614\":1,\"2615\":1,\"2684\":1,\"2685\":1,\"2726\":1,\"2727\":1,\"2785\":1,\"2786\":1,\"2818\":1,\"2819\":1,\"2833\":1,\"2834\":1,\"2903\":1,\"2904\":1,\"2945\":1,\"2946\":1,\"3004\":1,\"3005\":1,\"3037\":1,\"3038\":1,\"3052\":1,\"3053\":1,\"3122\":1,\"3123\":1,\"3164\":1,\"3165\":1,\"3232\":1,\"3233\":1,\"3247\":1,\"3248\":1,\"3292\":1,\"3293\":1,\"3343\":1,\"3344\":1,\"3385\":1,\"3386\":1}}],[\"ending\",{\"1\":{\"446\":2,\"900\":2}}],[\"end\",{\"1\":{\"37\":2,\"94\":1,\"117\":1,\"159\":2,\"184\":1,\"186\":1,\"290\":1,\"301\":1,\"338\":1,\"364\":5,\"390\":5,\"443\":1,\"450\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"904\":1,\"943\":1,\"945\":1,\"946\":1,\"1037\":1,\"1131\":1,\"1154\":1,\"1156\":1,\"1305\":1,\"1307\":1,\"1477\":1,\"1479\":1,\"1480\":1,\"1609\":1,\"1654\":1,\"1656\":1,\"1657\":1,\"1786\":1,\"1831\":1,\"1833\":1,\"1834\":1,\"1963\":1,\"2008\":1,\"2010\":1,\"2011\":1,\"2140\":1,\"2185\":1,\"2187\":1,\"2188\":1,\"2317\":1,\"2374\":1,\"2376\":1,\"2377\":1,\"2444\":1,\"2536\":1,\"2593\":1,\"2595\":1,\"2596\":1,\"2663\":1,\"2755\":1,\"2812\":1,\"2814\":1,\"2815\":1,\"2882\":1,\"2974\":1,\"3031\":1,\"3033\":1,\"3034\":1,\"3101\":1,\"3193\":1,\"3226\":1,\"3228\":1,\"3229\":1,\"3320\":1,\"3414\":1}}],[\"endpoints\",{\"1\":{\"110\":1,\"113\":1,\"165\":1,\"168\":1}}],[\"endpoint\",{\"0\":{\"112\":1,\"167\":1},\"1\":{\"0\":1,\"8\":1,\"32\":1,\"85\":1,\"88\":2,\"97\":1,\"99\":2,\"110\":1,\"112\":1,\"113\":1,\"134\":1,\"135\":1,\"138\":1,\"165\":1,\"167\":1,\"168\":1,\"169\":2,\"290\":1,\"301\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"428\":1,\"443\":1,\"462\":1,\"471\":1,\"482\":1,\"494\":1,\"505\":1,\"511\":1,\"520\":1,\"531\":1,\"537\":1,\"546\":1,\"561\":1,\"567\":1,\"576\":1,\"591\":1,\"597\":1,\"606\":1,\"621\":1,\"627\":1,\"652\":1,\"667\":1,\"673\":1,\"698\":1,\"713\":1,\"719\":1,\"744\":1,\"759\":1,\"765\":1,\"790\":1,\"805\":1,\"811\":1,\"836\":1,\"851\":1,\"857\":1,\"882\":1,\"897\":1,\"916\":1}}],[\"ensure\",{\"1\":{\"9\":1,\"10\":1,\"33\":2,\"82\":1,\"85\":1,\"416\":2,\"419\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"640\":2,\"643\":1,\"670\":2,\"686\":2,\"689\":1,\"716\":2,\"732\":2,\"735\":1,\"762\":2,\"778\":2,\"781\":1,\"808\":2,\"824\":2,\"827\":1,\"854\":2,\"870\":2,\"873\":1,\"913\":2}}],[\"ensures\",{\"1\":{\"8\":1,\"94\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"ensuring\",{\"1\":{\"5\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"omit\",{\"1\":{\"1041\":1,\"1135\":1,\"3324\":1,\"3418\":1}}],[\"omitted\",{\"1\":{\"276\":1,\"277\":1,\"1039\":1,\"1040\":1,\"1133\":1,\"1134\":1,\"1263\":1,\"1264\":1,\"1434\":1,\"1435\":1,\"1611\":1,\"1612\":1,\"1788\":1,\"1789\":1,\"1965\":1,\"1966\":1,\"2142\":1,\"2143\":1,\"2319\":1,\"2320\":1,\"2446\":1,\"2447\":1,\"2538\":1,\"2539\":1,\"2665\":1,\"2666\":1,\"2757\":1,\"2758\":1,\"2884\":1,\"2885\":1,\"2976\":1,\"2977\":1,\"3103\":1,\"3104\":1,\"3195\":1,\"3196\":1,\"3322\":1,\"3323\":1,\"3416\":1,\"3417\":1}}],[\"o3\",{\"1\":{\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"odic\",{\"0\":{\"1026\":1,\"1120\":1,\"1422\":1,\"1598\":1,\"1775\":1,\"1952\":1,\"2129\":1,\"2306\":1,\"2433\":1,\"2525\":1,\"2652\":1,\"2744\":1,\"2871\":1,\"2963\":1,\"3090\":1,\"3182\":1,\"3309\":1,\"3403\":1}}],[\"oder\",{\"1\":{\"17\":2,\"19\":1,\"22\":2,\"450\":1,\"904\":1}}],[\"oauth\",{\"1\":{\"920\":1,\"924\":1,\"928\":2,\"1024\":1,\"1049\":1,\"1053\":1,\"1057\":2,\"1117\":1,\"1355\":1,\"1359\":1,\"1363\":2,\"1419\":1,\"1531\":1,\"1535\":1,\"1539\":2,\"1595\":1,\"1708\":1,\"1712\":1,\"1716\":2,\"1772\":1,\"1885\":1,\"1889\":1,\"1893\":2,\"1949\":1,\"2062\":1,\"2066\":1,\"2070\":2,\"2126\":1,\"2239\":1,\"2243\":1,\"2247\":2,\"2303\":1,\"2327\":1,\"2331\":1,\"2335\":2,\"2431\":1,\"2454\":1,\"2458\":1,\"2462\":2,\"2522\":1,\"2546\":1,\"2550\":1,\"2554\":2,\"2650\":1,\"2673\":1,\"2677\":1,\"2681\":2,\"2741\":1,\"2765\":1,\"2769\":1,\"2773\":2,\"2869\":1,\"2892\":1,\"2896\":1,\"2900\":2,\"2960\":1,\"2984\":1,\"2988\":1,\"2992\":2,\"3088\":1,\"3111\":1,\"3115\":1,\"3119\":2,\"3179\":1,\"3203\":1,\"3207\":1,\"3211\":2,\"3307\":1,\"3332\":1,\"3336\":1,\"3340\":2,\"3400\":1}}],[\"oct\",{\"1\":{\"457\":1,\"911\":1}}],[\"occurred\",{\"1\":{\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"occur\",{\"1\":{\"106\":1,\"107\":1,\"120\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"247\":1,\"248\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"1062\":1,\"1063\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1230\":1,\"1231\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1368\":1,\"1369\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1544\":1,\"1545\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1721\":1,\"1722\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1898\":1,\"1899\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2075\":1,\"2076\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2252\":1,\"2253\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2467\":1,\"2468\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2686\":1,\"2687\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2905\":1,\"2906\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3124\":1,\"3125\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3345\":1,\"3346\":1}}],[\"ov\",{\"1\":{\"457\":4,\"911\":4,\"1044\":4,\"1138\":4,\"3327\":4,\"3421\":4}}],[\"oversight\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"overrides\",{\"1\":{\"460\":1,\"914\":1}}],[\"override\",{\"1\":{\"390\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1}}],[\"overwrite\",{\"1\":{\"154\":2}}],[\"overwrites\",{\"0\":{\"154\":1},\"1\":{\"143\":1,\"154\":1}}],[\"overwritten\",{\"1\":{\"154\":3}}],[\"over\",{\"1\":{\"126\":2,\"212\":1,\"213\":1,\"219\":1,\"228\":1,\"229\":1,\"230\":1,\"417\":1,\"455\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1,\"909\":1,\"963\":1,\"964\":1,\"970\":1,\"979\":1,\"980\":1,\"981\":1,\"1173\":1,\"1174\":1,\"1180\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1324\":1,\"1325\":1,\"1331\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1496\":1,\"1497\":1,\"1503\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1673\":1,\"1674\":1,\"1680\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1850\":1,\"1851\":1,\"1857\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"2027\":1,\"2028\":1,\"2034\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2204\":1,\"2205\":1,\"2211\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2394\":1,\"2395\":1,\"2401\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2613\":1,\"2614\":1,\"2620\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2832\":1,\"2833\":1,\"2839\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"3051\":1,\"3052\":1,\"3058\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3246\":1,\"3247\":1,\"3253\":1,\"3262\":1,\"3263\":1,\"3264\":1}}],[\"overview\",{\"0\":{\"4\":1,\"6\":1,\"24\":1,\"31\":1,\"69\":1,\"102\":1,\"124\":1,\"126\":1,\"421\":1,\"425\":1,\"427\":1,\"464\":1,\"468\":1,\"470\":1,\"487\":1,\"491\":1,\"493\":1,\"513\":1,\"517\":1,\"519\":1,\"539\":1,\"543\":1,\"545\":1,\"569\":1,\"573\":1,\"575\":1,\"599\":1,\"603\":1,\"605\":1,\"645\":1,\"649\":1,\"651\":1,\"691\":1,\"695\":1,\"697\":1,\"737\":1,\"741\":1,\"743\":1,\"783\":1,\"787\":1,\"789\":1,\"829\":1,\"833\":1,\"835\":1,\"875\":1,\"879\":1,\"881\":1,\"918\":1,\"920\":1,\"1024\":1,\"1029\":1,\"1047\":1,\"1049\":1,\"1117\":1,\"1123\":1,\"1141\":1,\"1268\":1,\"1353\":1,\"1355\":1,\"1419\":1,\"1425\":1,\"1440\":1,\"1529\":1,\"1531\":1,\"1595\":1,\"1601\":1,\"1617\":1,\"1706\":1,\"1708\":1,\"1772\":1,\"1778\":1,\"1794\":1,\"1883\":1,\"1885\":1,\"1949\":1,\"1955\":1,\"1971\":1,\"2060\":1,\"2062\":1,\"2126\":1,\"2132\":1,\"2148\":1,\"2237\":1,\"2239\":1,\"2303\":1,\"2309\":1,\"2325\":1,\"2327\":1,\"2431\":1,\"2436\":1,\"2452\":1,\"2454\":1,\"2522\":1,\"2528\":1,\"2544\":1,\"2546\":1,\"2650\":1,\"2655\":1,\"2671\":1,\"2673\":1,\"2741\":1,\"2747\":1,\"2763\":1,\"2765\":1,\"2869\":1,\"2874\":1,\"2890\":1,\"2892\":1,\"2960\":1,\"2966\":1,\"2982\":1,\"2984\":1,\"3088\":1,\"3093\":1,\"3109\":1,\"3111\":1,\"3179\":1,\"3185\":1,\"3201\":1,\"3203\":1,\"3307\":1,\"3312\":1,\"3330\":1,\"3332\":1,\"3400\":1,\"3406\":1},\"1\":{\"13\":1,\"117\":1,\"285\":1,\"296\":1,\"399\":1,\"431\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"548\":1,\"557\":1,\"578\":1,\"587\":1,\"608\":1,\"617\":1,\"654\":1,\"663\":1,\"700\":1,\"709\":1,\"746\":1,\"755\":1,\"793\":1,\"801\":1,\"839\":1,\"847\":1,\"885\":1,\"893\":1}}],[\"oidc\",{\"0\":{\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1},\"1\":{\"447\":3,\"449\":4,\"453\":2,\"455\":2,\"901\":3,\"903\":4,\"907\":2,\"909\":2,\"1002\":5,\"1003\":5,\"1004\":2,\"1005\":3,\"1006\":3,\"1007\":3,\"1008\":3,\"1009\":5,\"1010\":4,\"1011\":2,\"1012\":2,\"1013\":3,\"1014\":2,\"1025\":6,\"1026\":2,\"1027\":7,\"1045\":1,\"1095\":5,\"1096\":5,\"1097\":2,\"1098\":3,\"1099\":3,\"1100\":3,\"1101\":3,\"1102\":5,\"1103\":4,\"1104\":2,\"1105\":2,\"1106\":3,\"1107\":2,\"1118\":6,\"1119\":2,\"1120\":2,\"1121\":7,\"1139\":1,\"1205\":5,\"1206\":5,\"1207\":2,\"1208\":3,\"1209\":3,\"1210\":3,\"1211\":3,\"1212\":5,\"1213\":4,\"1214\":2,\"1215\":2,\"1216\":3,\"1217\":2,\"1273\":5,\"1274\":5,\"1275\":2,\"1276\":3,\"1277\":3,\"1278\":3,\"1279\":3,\"1280\":5,\"1281\":4,\"1282\":2,\"1283\":2,\"1284\":3,\"1285\":2,\"1397\":5,\"1398\":5,\"1399\":2,\"1400\":3,\"1401\":3,\"1402\":3,\"1403\":3,\"1404\":5,\"1405\":4,\"1406\":2,\"1407\":2,\"1408\":3,\"1409\":2,\"1420\":6,\"1421\":2,\"1422\":2,\"1423\":7,\"1438\":1,\"1445\":5,\"1446\":5,\"1447\":2,\"1448\":3,\"1449\":3,\"1450\":3,\"1451\":3,\"1452\":5,\"1453\":4,\"1454\":2,\"1455\":2,\"1456\":3,\"1457\":2,\"1573\":5,\"1574\":5,\"1575\":2,\"1576\":3,\"1577\":3,\"1578\":3,\"1579\":3,\"1580\":5,\"1581\":4,\"1582\":2,\"1583\":2,\"1584\":3,\"1585\":2,\"1596\":6,\"1597\":2,\"1598\":2,\"1599\":7,\"1615\":1,\"1622\":5,\"1623\":5,\"1624\":2,\"1625\":3,\"1626\":3,\"1627\":3,\"1628\":3,\"1629\":5,\"1630\":4,\"1631\":2,\"1632\":2,\"1633\":3,\"1634\":2,\"1750\":5,\"1751\":5,\"1752\":2,\"1753\":3,\"1754\":3,\"1755\":3,\"1756\":3,\"1757\":5,\"1758\":4,\"1759\":2,\"1760\":2,\"1761\":3,\"1762\":2,\"1773\":6,\"1774\":2,\"1775\":2,\"1776\":7,\"1792\":1,\"1799\":5,\"1800\":5,\"1801\":2,\"1802\":3,\"1803\":3,\"1804\":3,\"1805\":3,\"1806\":5,\"1807\":4,\"1808\":2,\"1809\":2,\"1810\":3,\"1811\":2,\"1927\":5,\"1928\":5,\"1929\":2,\"1930\":3,\"1931\":3,\"1932\":3,\"1933\":3,\"1934\":5,\"1935\":4,\"1936\":2,\"1937\":2,\"1938\":3,\"1939\":2,\"1950\":6,\"1951\":2,\"1952\":2,\"1953\":7,\"1969\":1,\"1976\":5,\"1977\":5,\"1978\":2,\"1979\":3,\"1980\":3,\"1981\":3,\"1982\":3,\"1983\":5,\"1984\":4,\"1985\":2,\"1986\":2,\"1987\":3,\"1988\":2,\"2104\":5,\"2105\":5,\"2106\":2,\"2107\":3,\"2108\":3,\"2109\":3,\"2110\":3,\"2111\":5,\"2112\":4,\"2113\":2,\"2114\":2,\"2115\":3,\"2116\":2,\"2127\":6,\"2128\":2,\"2129\":2,\"2130\":7,\"2146\":1,\"2153\":5,\"2154\":5,\"2155\":2,\"2156\":3,\"2157\":3,\"2158\":3,\"2159\":3,\"2160\":5,\"2161\":4,\"2162\":2,\"2163\":2,\"2164\":3,\"2165\":2,\"2281\":5,\"2282\":5,\"2283\":2,\"2284\":3,\"2285\":3,\"2286\":3,\"2287\":3,\"2288\":5,\"2289\":4,\"2290\":2,\"2291\":2,\"2292\":3,\"2293\":2,\"2304\":6,\"2305\":2,\"2306\":2,\"2307\":7,\"2323\":1,\"2340\":5,\"2341\":5,\"2342\":2,\"2343\":3,\"2344\":3,\"2345\":3,\"2346\":3,\"2347\":5,\"2348\":4,\"2349\":2,\"2350\":2,\"2351\":3,\"2352\":2,\"2432\":6,\"2433\":2,\"2434\":7,\"2450\":1,\"2500\":5,\"2501\":5,\"2502\":2,\"2503\":3,\"2504\":3,\"2505\":3,\"2506\":3,\"2507\":5,\"2508\":4,\"2509\":2,\"2510\":2,\"2511\":3,\"2512\":2,\"2523\":6,\"2524\":2,\"2525\":2,\"2526\":7,\"2542\":1,\"2559\":5,\"2560\":5,\"2561\":2,\"2562\":3,\"2563\":3,\"2564\":3,\"2565\":3,\"2566\":5,\"2567\":4,\"2568\":2,\"2569\":2,\"2570\":3,\"2571\":2,\"2651\":6,\"2652\":2,\"2653\":7,\"2669\":1,\"2719\":5,\"2720\":5,\"2721\":2,\"2722\":3,\"2723\":3,\"2724\":3,\"2725\":3,\"2726\":5,\"2727\":4,\"2728\":2,\"2729\":2,\"2730\":3,\"2731\":2,\"2742\":6,\"2743\":2,\"2744\":2,\"2745\":7,\"2761\":1,\"2778\":5,\"2779\":5,\"2780\":2,\"2781\":3,\"2782\":3,\"2783\":3,\"2784\":3,\"2785\":5,\"2786\":4,\"2787\":2,\"2788\":2,\"2789\":3,\"2790\":2,\"2870\":6,\"2871\":2,\"2872\":7,\"2888\":1,\"2938\":5,\"2939\":5,\"2940\":2,\"2941\":3,\"2942\":3,\"2943\":3,\"2944\":3,\"2945\":5,\"2946\":4,\"2947\":2,\"2948\":2,\"2949\":3,\"2950\":2,\"2961\":6,\"2962\":2,\"2963\":2,\"2964\":7,\"2980\":1,\"2997\":5,\"2998\":5,\"2999\":2,\"3000\":3,\"3001\":3,\"3002\":3,\"3003\":3,\"3004\":5,\"3005\":4,\"3006\":2,\"3007\":2,\"3008\":3,\"3009\":2,\"3089\":6,\"3090\":2,\"3091\":7,\"3107\":1,\"3157\":5,\"3158\":5,\"3159\":2,\"3160\":3,\"3161\":3,\"3162\":3,\"3163\":3,\"3164\":5,\"3165\":4,\"3166\":2,\"3167\":2,\"3168\":3,\"3169\":2,\"3180\":6,\"3181\":2,\"3182\":2,\"3183\":7,\"3199\":1,\"3285\":5,\"3286\":5,\"3287\":2,\"3288\":3,\"3289\":3,\"3290\":3,\"3291\":3,\"3292\":5,\"3293\":4,\"3294\":2,\"3295\":2,\"3296\":3,\"3297\":2,\"3308\":6,\"3309\":2,\"3310\":7,\"3328\":1,\"3378\":5,\"3379\":5,\"3380\":2,\"3381\":3,\"3382\":3,\"3383\":3,\"3384\":3,\"3385\":5,\"3386\":4,\"3387\":2,\"3388\":2,\"3389\":3,\"3390\":2,\"3401\":6,\"3402\":2,\"3403\":2,\"3404\":7,\"3422\":1}}],[\"obtain\",{\"1\":{\"98\":1}}],[\"objective\",{\"1\":{\"85\":1}}],[\"owner\",{\"1\":{\"134\":3,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":4,\"442\":3,\"443\":1,\"481\":3,\"482\":1,\"504\":3,\"505\":1,\"530\":3,\"531\":1,\"560\":3,\"561\":1,\"590\":3,\"591\":1,\"620\":3,\"621\":1,\"666\":3,\"667\":1,\"712\":3,\"713\":1,\"758\":3,\"759\":1,\"804\":3,\"805\":1,\"850\":3,\"851\":1,\"896\":3,\"897\":1}}],[\"own\",{\"1\":{\"85\":1,\"90\":1,\"154\":1,\"162\":1,\"348\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"opt\",{\"1\":{\"218\":1,\"289\":11,\"290\":14,\"300\":11,\"301\":13,\"303\":9,\"304\":16,\"306\":4,\"307\":10,\"309\":4,\"310\":6,\"312\":4,\"313\":4,\"315\":4,\"316\":4,\"327\":18,\"433\":2,\"442\":12,\"443\":9,\"444\":6,\"453\":1,\"455\":1,\"459\":6,\"461\":4,\"462\":4,\"481\":12,\"482\":9,\"483\":6,\"485\":4,\"504\":12,\"505\":9,\"506\":6,\"508\":4,\"510\":4,\"511\":4,\"530\":12,\"531\":9,\"532\":6,\"534\":4,\"536\":4,\"537\":4,\"560\":12,\"561\":9,\"562\":6,\"564\":6,\"566\":4,\"567\":4,\"590\":12,\"591\":9,\"592\":6,\"594\":6,\"596\":4,\"597\":4,\"620\":12,\"621\":9,\"622\":6,\"624\":6,\"626\":4,\"627\":4,\"666\":12,\"667\":9,\"668\":6,\"670\":6,\"672\":4,\"673\":4,\"712\":12,\"713\":9,\"714\":6,\"716\":6,\"718\":4,\"719\":4,\"758\":12,\"759\":9,\"760\":6,\"762\":6,\"764\":4,\"765\":4,\"795\":2,\"804\":12,\"805\":9,\"806\":6,\"808\":6,\"810\":4,\"811\":4,\"841\":2,\"850\":12,\"851\":9,\"852\":6,\"854\":6,\"856\":4,\"857\":4,\"887\":2,\"896\":12,\"897\":9,\"898\":6,\"907\":1,\"909\":1,\"913\":6,\"915\":4,\"916\":4,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1}}],[\"options\",{\"1\":{\"1142\":1,\"1226\":1}}],[\"optionally\",{\"1\":{\"1025\":1,\"1118\":1,\"1420\":1,\"1596\":1,\"1773\":1,\"1950\":1,\"2127\":1,\"2304\":1,\"2432\":1,\"2523\":1,\"2651\":1,\"2742\":1,\"2870\":1,\"2961\":1,\"3089\":1,\"3180\":1,\"3308\":1,\"3401\":1}}],[\"optional\",{\"1\":{\"347\":2,\"442\":1,\"530\":1,\"536\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"1024\":1,\"1045\":1,\"1117\":1,\"1139\":1,\"1419\":1,\"1438\":1,\"1595\":1,\"1615\":1,\"1772\":1,\"1792\":1,\"1949\":1,\"1969\":1,\"2126\":1,\"2146\":1,\"2303\":1,\"2323\":1,\"2431\":1,\"2450\":1,\"2522\":1,\"2542\":1,\"2650\":1,\"2669\":1,\"2741\":1,\"2761\":1,\"2869\":1,\"2888\":1,\"2960\":1,\"2980\":1,\"3088\":1,\"3107\":1,\"3179\":1,\"3199\":1,\"3307\":1,\"3328\":1,\"3400\":1,\"3422\":1}}],[\"option\",{\"1\":{\"217\":1,\"218\":1,\"452\":2,\"454\":2,\"906\":2,\"908\":2,\"930\":1,\"968\":1,\"969\":1,\"1066\":1,\"1143\":1,\"1178\":1,\"1179\":1,\"1234\":1,\"1294\":1,\"1329\":1,\"1330\":1,\"1372\":1,\"1466\":1,\"1501\":1,\"1502\":1,\"1548\":1,\"1643\":1,\"1678\":1,\"1679\":1,\"1725\":1,\"1820\":1,\"1855\":1,\"1856\":1,\"1902\":1,\"1997\":1,\"2032\":1,\"2033\":1,\"2079\":1,\"2174\":1,\"2209\":1,\"2210\":1,\"2256\":1,\"2361\":1,\"2399\":1,\"2400\":1,\"2471\":1,\"2580\":1,\"2618\":1,\"2619\":1,\"2690\":1,\"2799\":1,\"2837\":1,\"2838\":1,\"2909\":1,\"3018\":1,\"3056\":1,\"3057\":1,\"3128\":1,\"3213\":1,\"3251\":1,\"3252\":1,\"3349\":1}}],[\"option>\",{\"1\":{\"160\":2}}],[\"opportunity\",{\"1\":{\"37\":1,\"98\":1,\"116\":1,\"117\":1}}],[\"operator\",{\"1\":{\"159\":14}}],[\"operations\",{\"1\":{\"537\":1}}],[\"operation\",{\"1\":{\"81\":1,\"160\":3}}],[\"operational\",{\"1\":{\"11\":1}}],[\"operating\",{\"0\":{\"457\":1,\"911\":1},\"1\":{\"33\":2}}],[\"operate\",{\"1\":{\"33\":1,\"81\":1}}],[\"opensource\",{\"1\":{\"332\":1}}],[\"openssl\",{\"1\":{\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"opening\",{\"1\":{\"159\":51,\"318\":2}}],[\"openid\",{\"0\":{\"1023\":1,\"1116\":1,\"1418\":1,\"1594\":1,\"1771\":1,\"1948\":1,\"2125\":1,\"2302\":1,\"2430\":1,\"2521\":1,\"2649\":1,\"2740\":1,\"2868\":1,\"2959\":1,\"3087\":1,\"3178\":1,\"3306\":1,\"3399\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"425\":2,\"453\":1,\"455\":1,\"491\":1,\"517\":1,\"543\":1,\"573\":1,\"603\":1,\"649\":1,\"695\":2,\"741\":2,\"787\":2,\"833\":2,\"879\":2,\"907\":1,\"909\":1,\"918\":1,\"920\":5,\"923\":2,\"1024\":2,\"1025\":1,\"1026\":1,\"1047\":1,\"1049\":4,\"1052\":2,\"1117\":2,\"1118\":1,\"1120\":1,\"1353\":1,\"1355\":4,\"1358\":2,\"1419\":2,\"1420\":1,\"1422\":1,\"1529\":1,\"1531\":4,\"1534\":2,\"1595\":2,\"1596\":1,\"1598\":1,\"1706\":1,\"1708\":4,\"1711\":2,\"1772\":2,\"1773\":1,\"1775\":1,\"1883\":1,\"1885\":4,\"1888\":2,\"1949\":2,\"1950\":1,\"1952\":1,\"2060\":1,\"2062\":4,\"2065\":2,\"2126\":2,\"2127\":1,\"2129\":1,\"2237\":1,\"2239\":4,\"2242\":2,\"2303\":2,\"2304\":1,\"2306\":1,\"2325\":1,\"2327\":5,\"2330\":2,\"2431\":2,\"2432\":1,\"2433\":1,\"2452\":1,\"2454\":4,\"2457\":2,\"2522\":2,\"2523\":1,\"2525\":1,\"2544\":1,\"2546\":5,\"2549\":2,\"2650\":2,\"2651\":1,\"2652\":1,\"2671\":1,\"2673\":4,\"2676\":2,\"2741\":2,\"2742\":1,\"2744\":1,\"2763\":1,\"2765\":5,\"2768\":2,\"2869\":2,\"2870\":1,\"2871\":1,\"2890\":1,\"2892\":4,\"2895\":2,\"2960\":2,\"2961\":1,\"2963\":1,\"2982\":1,\"2984\":5,\"2987\":2,\"3088\":2,\"3089\":1,\"3090\":1,\"3109\":1,\"3111\":4,\"3114\":2,\"3179\":2,\"3180\":1,\"3182\":1,\"3201\":1,\"3203\":5,\"3206\":2,\"3307\":2,\"3308\":1,\"3309\":1,\"3330\":1,\"3332\":4,\"3335\":2,\"3400\":2,\"3401\":1,\"3403\":1}}],[\"openehrclientstubfactory\",{\"1\":{\"232\":1}}],[\"openehrclient\",{\"1\":{\"153\":1}}],[\"openehrclientjerseyfactory\",{\"1\":{\"153\":1}}],[\"openehrclientfactory\",{\"1\":{\"153\":3}}],[\"openehr\",{\"0\":{\"153\":1,\"232\":1},\"1\":{\"99\":1,\"143\":1,\"152\":1,\"153\":14,\"169\":1,\"232\":4,\"304\":3,\"307\":3,\"310\":3}}],[\"open\",{\"1\":{\"9\":1,\"109\":1,\"116\":1,\"117\":1,\"127\":1,\"395\":1,\"396\":1,\"407\":2,\"419\":1,\"444\":2,\"547\":2,\"631\":2,\"643\":1,\"677\":2,\"689\":1,\"723\":2,\"735\":1,\"760\":2,\"769\":2,\"781\":1,\"806\":2,\"815\":2,\"827\":1,\"852\":2,\"861\":2,\"873\":1,\"898\":2}}],[\"ourselves\",{\"1\":{\"97\":1}}],[\"our\",{\"0\":{\"35\":1,\"38\":1},\"1\":{\"35\":3,\"36\":1,\"37\":1,\"38\":3,\"73\":1,\"405\":1,\"407\":1,\"415\":2,\"417\":6,\"418\":2,\"419\":12,\"426\":1,\"544\":1,\"574\":1,\"604\":1,\"629\":1,\"631\":1,\"639\":2,\"641\":6,\"642\":2,\"643\":12,\"650\":1,\"675\":1,\"677\":1,\"685\":2,\"687\":6,\"688\":2,\"689\":12,\"696\":1,\"721\":1,\"723\":1,\"731\":2,\"733\":6,\"734\":2,\"735\":12,\"742\":1,\"767\":1,\"769\":1,\"777\":2,\"779\":6,\"780\":2,\"781\":12,\"788\":1,\"813\":1,\"815\":1,\"823\":2,\"825\":6,\"826\":2,\"827\":12,\"834\":1,\"859\":1,\"861\":1,\"869\":2,\"871\":6,\"872\":2,\"873\":12,\"880\":1}}],[\"outdated\",{\"1\":{\"469\":2,\"492\":2,\"518\":2,\"544\":2,\"574\":2,\"604\":2,\"650\":2,\"696\":2,\"742\":2,\"788\":2}}],[\"output\",{\"1\":{\"303\":1}}],[\"outer\",{\"1\":{\"159\":1}}],[\"outgoing\",{\"1\":{\"106\":1,\"371\":1,\"374\":2}}],[\"outside\",{\"1\":{\"88\":1}}],[\"outstanding\",{\"1\":{\"1\":1}}],[\"out\",{\"1\":{\"12\":1,\"95\":1,\"286\":1,\"297\":1,\"364\":1,\"390\":2,\"417\":1,\"418\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"641\":1,\"642\":1,\"670\":1,\"687\":1,\"688\":1,\"716\":1,\"733\":1,\"734\":1,\"762\":1,\"779\":1,\"780\":1,\"808\":1,\"825\":1,\"826\":1,\"854\":1,\"871\":1,\"872\":1,\"913\":1}}],[\"oldstable\",{\"1\":{\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1}}],[\"older\",{\"1\":{\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"171\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"old\",{\"1\":{\"30\":1,\"459\":10,\"485\":1,\"508\":1,\"534\":1,\"536\":1,\"537\":3,\"564\":10,\"594\":10,\"624\":10,\"670\":10,\"716\":10,\"762\":10,\"808\":10,\"854\":10,\"913\":10,\"989\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"o\",{\"1\":{\"26\":2,\"283\":2,\"294\":2,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"offer\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"offers\",{\"1\":{\"5\":1,\"95\":1}}],[\"official\",{\"1\":{\"289\":1,\"300\":1}}],[\"off\",{\"1\":{\"159\":2}}],[\"of\",{\"0\":{\"2\":1,\"6\":1,\"77\":1,\"78\":2,\"79\":1,\"82\":1,\"87\":1,\"405\":1,\"456\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1,\"910\":1},\"1\":{\"0\":1,\"1\":1,\"6\":2,\"9\":1,\"10\":2,\"26\":1,\"30\":1,\"33\":5,\"35\":2,\"36\":1,\"37\":2,\"38\":2,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"71\":1,\"76\":1,\"77\":4,\"78\":4,\"79\":3,\"81\":12,\"82\":7,\"85\":5,\"88\":3,\"89\":1,\"91\":1,\"93\":1,\"94\":6,\"95\":6,\"96\":3,\"97\":2,\"98\":5,\"99\":6,\"102\":1,\"103\":1,\"104\":3,\"106\":1,\"107\":1,\"109\":3,\"110\":3,\"112\":1,\"113\":1,\"116\":2,\"117\":6,\"119\":1,\"120\":2,\"126\":3,\"128\":2,\"129\":3,\"130\":1,\"134\":1,\"135\":1,\"138\":1,\"139\":2,\"147\":1,\"152\":6,\"153\":6,\"154\":3,\"157\":2,\"159\":5,\"165\":3,\"167\":1,\"168\":1,\"169\":6,\"174\":1,\"177\":1,\"178\":1,\"181\":1,\"186\":1,\"195\":1,\"204\":1,\"207\":1,\"208\":1,\"209\":2,\"217\":1,\"218\":3,\"223\":1,\"228\":1,\"231\":1,\"232\":1,\"233\":2,\"234\":2,\"236\":1,\"237\":2,\"238\":1,\"240\":1,\"250\":1,\"253\":1,\"254\":1,\"256\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"265\":2,\"266\":2,\"269\":1,\"270\":1,\"280\":1,\"285\":1,\"289\":9,\"290\":6,\"291\":1,\"296\":1,\"300\":9,\"301\":6,\"303\":2,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"311\":1,\"312\":1,\"313\":2,\"314\":1,\"315\":1,\"316\":2,\"318\":2,\"319\":1,\"321\":2,\"324\":1,\"329\":1,\"331\":2,\"332\":3,\"333\":1,\"334\":3,\"335\":1,\"337\":1,\"338\":5,\"340\":2,\"341\":1,\"342\":2,\"344\":1,\"345\":2,\"346\":5,\"347\":5,\"348\":2,\"349\":5,\"351\":1,\"352\":5,\"354\":1,\"356\":1,\"357\":3,\"359\":1,\"361\":2,\"362\":2,\"363\":2,\"364\":4,\"366\":1,\"367\":8,\"369\":1,\"371\":2,\"372\":2,\"373\":3,\"376\":1,\"377\":4,\"381\":1,\"385\":1,\"387\":2,\"388\":2,\"389\":2,\"390\":2,\"392\":1,\"393\":11,\"394\":1,\"396\":1,\"399\":1,\"400\":2,\"401\":2,\"402\":1,\"403\":2,\"404\":1,\"405\":2,\"415\":4,\"416\":1,\"417\":2,\"418\":1,\"419\":5,\"422\":2,\"423\":1,\"426\":1,\"427\":1,\"428\":2,\"431\":1,\"432\":1,\"434\":2,\"437\":1,\"439\":1,\"442\":7,\"443\":5,\"445\":1,\"446\":3,\"447\":2,\"450\":2,\"451\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"459\":5,\"460\":2,\"461\":1,\"462\":1,\"465\":2,\"466\":1,\"469\":2,\"470\":1,\"471\":2,\"473\":5,\"476\":1,\"478\":1,\"481\":9,\"482\":6,\"484\":1,\"488\":2,\"489\":1,\"492\":2,\"493\":1,\"494\":2,\"496\":5,\"499\":1,\"501\":1,\"504\":8,\"505\":6,\"507\":1,\"510\":1,\"511\":1,\"514\":2,\"515\":1,\"518\":2,\"519\":1,\"520\":2,\"522\":5,\"525\":1,\"527\":1,\"530\":8,\"531\":6,\"533\":1,\"536\":2,\"537\":3,\"540\":2,\"541\":1,\"544\":2,\"545\":1,\"546\":2,\"548\":1,\"552\":2,\"555\":1,\"557\":1,\"560\":8,\"561\":6,\"563\":1,\"564\":5,\"566\":1,\"567\":1,\"570\":2,\"571\":1,\"574\":2,\"575\":1,\"576\":2,\"578\":1,\"582\":2,\"585\":1,\"587\":1,\"590\":8,\"591\":5,\"593\":1,\"594\":5,\"596\":1,\"597\":1,\"600\":2,\"601\":1,\"604\":2,\"605\":1,\"606\":2,\"608\":1,\"612\":2,\"615\":1,\"617\":1,\"620\":8,\"621\":5,\"623\":1,\"624\":5,\"626\":1,\"627\":1,\"628\":1,\"629\":2,\"639\":4,\"640\":1,\"641\":2,\"642\":1,\"643\":5,\"646\":2,\"647\":1,\"650\":2,\"651\":1,\"652\":2,\"654\":1,\"658\":2,\"661\":1,\"663\":1,\"666\":8,\"667\":5,\"669\":1,\"670\":5,\"672\":1,\"673\":1,\"674\":1,\"675\":2,\"685\":4,\"686\":1,\"687\":2,\"688\":1,\"689\":5,\"692\":2,\"693\":1,\"696\":2,\"697\":1,\"698\":2,\"700\":1,\"704\":2,\"707\":1,\"709\":1,\"712\":8,\"713\":5,\"715\":1,\"716\":5,\"718\":1,\"719\":1,\"720\":1,\"721\":2,\"731\":4,\"732\":1,\"733\":2,\"734\":1,\"735\":5,\"738\":2,\"739\":1,\"742\":2,\"743\":1,\"744\":2,\"746\":1,\"750\":2,\"753\":1,\"755\":1,\"758\":8,\"759\":5,\"761\":1,\"762\":5,\"764\":1,\"765\":1,\"766\":1,\"767\":2,\"777\":4,\"778\":1,\"779\":2,\"780\":1,\"781\":5,\"784\":2,\"785\":1,\"788\":2,\"789\":1,\"790\":2,\"793\":1,\"794\":1,\"796\":2,\"799\":1,\"801\":1,\"804\":8,\"805\":5,\"807\":1,\"808\":5,\"810\":1,\"811\":1,\"812\":1,\"813\":2,\"823\":4,\"824\":1,\"825\":2,\"826\":1,\"827\":5,\"830\":2,\"831\":1,\"834\":1,\"835\":1,\"836\":2,\"839\":1,\"840\":1,\"842\":2,\"845\":1,\"847\":1,\"850\":8,\"851\":5,\"853\":1,\"854\":5,\"856\":1,\"857\":1,\"858\":1,\"859\":2,\"869\":4,\"870\":1,\"871\":2,\"872\":1,\"873\":5,\"876\":2,\"877\":1,\"880\":1,\"881\":1,\"882\":2,\"885\":1,\"886\":1,\"888\":2,\"891\":1,\"893\":1,\"896\":7,\"897\":5,\"899\":1,\"900\":3,\"901\":2,\"904\":2,\"905\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"913\":5,\"914\":2,\"915\":1,\"916\":1,\"920\":2,\"921\":1,\"922\":1,\"923\":1,\"925\":1,\"928\":2,\"934\":1,\"935\":1,\"938\":1,\"941\":1,\"942\":1,\"945\":2,\"946\":2,\"947\":1,\"953\":1,\"956\":1,\"959\":1,\"960\":2,\"968\":1,\"969\":3,\"974\":1,\"979\":1,\"985\":2,\"986\":2,\"988\":1,\"989\":2,\"990\":2,\"991\":1,\"1001\":1,\"1026\":1,\"1031\":1,\"1032\":1,\"1043\":1,\"1044\":1,\"1049\":3,\"1050\":1,\"1051\":1,\"1052\":1,\"1054\":1,\"1056\":1,\"1057\":2,\"1065\":1,\"1070\":1,\"1071\":1,\"1073\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1094\":1,\"1120\":1,\"1125\":1,\"1126\":1,\"1137\":1,\"1138\":1,\"1147\":1,\"1148\":1,\"1151\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1168\":1,\"1169\":1,\"1170\":2,\"1178\":1,\"1179\":3,\"1184\":1,\"1189\":1,\"1192\":2,\"1193\":2,\"1195\":1,\"1196\":2,\"1204\":1,\"1233\":1,\"1238\":1,\"1239\":1,\"1241\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1256\":1,\"1257\":1,\"1272\":1,\"1298\":1,\"1299\":1,\"1302\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1319\":1,\"1320\":1,\"1321\":2,\"1329\":1,\"1330\":3,\"1335\":1,\"1340\":1,\"1343\":2,\"1344\":2,\"1346\":1,\"1347\":2,\"1355\":3,\"1356\":1,\"1357\":1,\"1358\":1,\"1360\":1,\"1362\":1,\"1363\":2,\"1371\":1,\"1376\":1,\"1377\":1,\"1379\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1396\":1,\"1422\":1,\"1427\":1,\"1428\":1,\"1444\":1,\"1470\":1,\"1471\":1,\"1474\":1,\"1479\":2,\"1480\":2,\"1486\":1,\"1489\":1,\"1492\":1,\"1493\":2,\"1501\":1,\"1502\":3,\"1507\":1,\"1512\":1,\"1518\":2,\"1519\":2,\"1521\":1,\"1522\":2,\"1523\":2,\"1531\":3,\"1532\":1,\"1533\":1,\"1534\":1,\"1536\":1,\"1538\":1,\"1539\":2,\"1547\":1,\"1552\":1,\"1553\":1,\"1555\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1572\":1,\"1598\":1,\"1603\":1,\"1604\":1,\"1621\":1,\"1647\":1,\"1648\":1,\"1651\":1,\"1656\":2,\"1657\":2,\"1663\":1,\"1666\":1,\"1669\":1,\"1670\":2,\"1678\":1,\"1679\":3,\"1684\":1,\"1689\":1,\"1695\":2,\"1696\":2,\"1698\":1,\"1699\":2,\"1700\":2,\"1708\":3,\"1709\":1,\"1710\":1,\"1711\":1,\"1713\":1,\"1715\":1,\"1716\":2,\"1724\":1,\"1729\":1,\"1730\":1,\"1732\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1749\":1,\"1775\":1,\"1780\":1,\"1781\":1,\"1798\":1,\"1824\":1,\"1825\":1,\"1828\":1,\"1833\":2,\"1834\":2,\"1840\":1,\"1843\":1,\"1846\":1,\"1847\":2,\"1855\":1,\"1856\":3,\"1861\":1,\"1866\":1,\"1872\":2,\"1873\":2,\"1875\":1,\"1876\":2,\"1877\":2,\"1885\":3,\"1886\":1,\"1887\":1,\"1888\":1,\"1890\":1,\"1892\":1,\"1893\":2,\"1901\":1,\"1906\":1,\"1907\":1,\"1909\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1926\":1,\"1952\":1,\"1957\":1,\"1958\":1,\"1975\":1,\"2001\":1,\"2002\":1,\"2005\":1,\"2010\":2,\"2011\":2,\"2017\":1,\"2020\":1,\"2023\":1,\"2024\":2,\"2032\":1,\"2033\":3,\"2038\":1,\"2043\":1,\"2049\":2,\"2050\":2,\"2052\":1,\"2053\":2,\"2054\":2,\"2062\":3,\"2063\":1,\"2064\":1,\"2065\":1,\"2067\":1,\"2069\":1,\"2070\":2,\"2078\":1,\"2083\":1,\"2084\":1,\"2086\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2103\":1,\"2129\":1,\"2134\":1,\"2135\":1,\"2152\":1,\"2178\":1,\"2179\":1,\"2182\":1,\"2187\":2,\"2188\":2,\"2194\":1,\"2197\":1,\"2200\":1,\"2201\":2,\"2209\":1,\"2210\":3,\"2215\":1,\"2220\":1,\"2226\":2,\"2227\":2,\"2229\":1,\"2230\":2,\"2231\":2,\"2239\":3,\"2240\":1,\"2241\":1,\"2242\":1,\"2244\":1,\"2246\":1,\"2247\":2,\"2255\":1,\"2260\":1,\"2261\":1,\"2263\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2280\":1,\"2306\":1,\"2311\":1,\"2312\":1,\"2327\":2,\"2328\":1,\"2329\":1,\"2330\":1,\"2332\":1,\"2335\":2,\"2339\":1,\"2365\":1,\"2366\":1,\"2369\":1,\"2372\":1,\"2373\":1,\"2376\":2,\"2377\":2,\"2378\":1,\"2384\":1,\"2387\":1,\"2390\":1,\"2391\":2,\"2399\":1,\"2400\":3,\"2405\":1,\"2410\":1,\"2416\":2,\"2417\":2,\"2419\":1,\"2420\":2,\"2421\":2,\"2422\":1,\"2433\":1,\"2438\":1,\"2439\":1,\"2454\":3,\"2455\":1,\"2456\":1,\"2457\":1,\"2459\":1,\"2461\":1,\"2462\":2,\"2470\":1,\"2475\":1,\"2476\":1,\"2478\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2499\":1,\"2525\":1,\"2530\":1,\"2531\":1,\"2546\":2,\"2547\":1,\"2548\":1,\"2549\":1,\"2551\":1,\"2554\":2,\"2558\":1,\"2584\":1,\"2585\":1,\"2588\":1,\"2591\":1,\"2592\":1,\"2595\":2,\"2596\":2,\"2597\":1,\"2603\":1,\"2606\":1,\"2609\":1,\"2610\":2,\"2618\":1,\"2619\":3,\"2624\":1,\"2629\":1,\"2635\":2,\"2636\":2,\"2638\":1,\"2639\":2,\"2640\":2,\"2641\":1,\"2652\":1,\"2657\":1,\"2658\":1,\"2673\":3,\"2674\":1,\"2675\":1,\"2676\":1,\"2678\":1,\"2680\":1,\"2681\":2,\"2689\":1,\"2694\":1,\"2695\":1,\"2697\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2718\":1,\"2744\":1,\"2749\":1,\"2750\":1,\"2765\":2,\"2766\":1,\"2767\":1,\"2768\":1,\"2770\":1,\"2773\":2,\"2777\":1,\"2803\":1,\"2804\":1,\"2807\":1,\"2810\":1,\"2811\":1,\"2814\":2,\"2815\":2,\"2816\":1,\"2822\":1,\"2825\":1,\"2828\":1,\"2829\":2,\"2837\":1,\"2838\":3,\"2843\":1,\"2848\":1,\"2854\":2,\"2855\":2,\"2857\":1,\"2858\":2,\"2859\":2,\"2860\":1,\"2871\":1,\"2876\":1,\"2877\":1,\"2892\":3,\"2893\":1,\"2894\":1,\"2895\":1,\"2897\":1,\"2899\":1,\"2900\":2,\"2908\":1,\"2913\":1,\"2914\":1,\"2916\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2937\":1,\"2963\":1,\"2968\":1,\"2969\":1,\"2984\":2,\"2985\":1,\"2986\":1,\"2987\":1,\"2989\":1,\"2992\":2,\"2996\":1,\"3022\":1,\"3023\":1,\"3026\":1,\"3029\":1,\"3030\":1,\"3033\":2,\"3034\":2,\"3035\":1,\"3041\":1,\"3044\":1,\"3047\":1,\"3048\":2,\"3056\":1,\"3057\":3,\"3062\":1,\"3067\":1,\"3073\":2,\"3074\":2,\"3076\":1,\"3077\":2,\"3078\":2,\"3079\":1,\"3090\":1,\"3095\":1,\"3096\":1,\"3111\":3,\"3112\":1,\"3113\":1,\"3114\":1,\"3116\":1,\"3118\":1,\"3119\":2,\"3127\":1,\"3132\":1,\"3133\":1,\"3135\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3156\":1,\"3182\":1,\"3187\":1,\"3188\":1,\"3203\":2,\"3204\":1,\"3205\":1,\"3206\":1,\"3208\":1,\"3211\":2,\"3217\":1,\"3218\":1,\"3221\":1,\"3224\":1,\"3225\":1,\"3228\":2,\"3229\":2,\"3230\":1,\"3236\":1,\"3239\":1,\"3242\":1,\"3243\":2,\"3251\":1,\"3252\":3,\"3257\":1,\"3262\":1,\"3268\":2,\"3269\":2,\"3271\":1,\"3272\":2,\"3273\":2,\"3274\":1,\"3284\":1,\"3309\":1,\"3314\":1,\"3315\":1,\"3326\":1,\"3327\":1,\"3332\":3,\"3333\":1,\"3334\":1,\"3335\":1,\"3337\":1,\"3339\":1,\"3340\":2,\"3348\":1,\"3353\":1,\"3354\":1,\"3356\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3377\":1,\"3403\":1,\"3408\":1,\"3409\":1,\"3420\":1,\"3421\":1}}],[\"origin\",{\"1\":{\"261\":2}}],[\"origins\",{\"0\":{\"261\":1},\"1\":{\"261\":2}}],[\"orchestrates\",{\"1\":{\"98\":1}}],[\"org\",{\"0\":{\"174\":1,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":2,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1},\"1\":{\"88\":1,\"134\":2,\"152\":3,\"153\":3,\"159\":317,\"160\":1,\"162\":4,\"174\":2,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":2,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":3,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":2,\"213\":4,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":3,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":2,\"229\":2,\"230\":1,\"231\":2,\"232\":2,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":2,\"241\":1,\"242\":3,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":2,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"289\":7,\"290\":3,\"300\":8,\"301\":3,\"303\":1,\"304\":10,\"306\":1,\"307\":5,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"327\":90,\"332\":3,\"333\":1,\"338\":2,\"346\":1,\"348\":1,\"349\":2,\"352\":1,\"357\":1,\"358\":2,\"361\":5,\"362\":5,\"363\":10,\"364\":1,\"367\":2,\"377\":1,\"384\":2,\"387\":5,\"388\":5,\"389\":12,\"393\":3,\"398\":4,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1,\"928\":2,\"1027\":1,\"1057\":2,\"1121\":1,\"1363\":2,\"1423\":1,\"1539\":2,\"1599\":1,\"1716\":2,\"1776\":1,\"1893\":2,\"1953\":1,\"2070\":2,\"2130\":1,\"2247\":2,\"2307\":1,\"2335\":2,\"2434\":1,\"2462\":2,\"2526\":1,\"2554\":2,\"2653\":1,\"2681\":2,\"2745\":1,\"2773\":2,\"2872\":1,\"2900\":2,\"2964\":1,\"2992\":2,\"3091\":1,\"3119\":2,\"3183\":1,\"3211\":2,\"3310\":1,\"3340\":2,\"3404\":1}}],[\"organisational\",{\"1\":{\"98\":1}}],[\"organisationaffiliation\",{\"1\":{\"85\":1}}],[\"organisations\",{\"1\":{\"88\":2,\"91\":1,\"109\":3,\"112\":1}}],[\"organisation\",{\"1\":{\"88\":3,\"89\":2,\"90\":1,\"109\":1}}],[\"organizationaffiliation\",{\"1\":{\"361\":2,\"362\":1,\"387\":2,\"388\":1}}],[\"organizational\",{\"1\":{\"0\":1,\"82\":1,\"94\":2,\"98\":1,\"116\":1,\"117\":1,\"399\":1}}],[\"organization\",{\"0\":{\"208\":1,\"263\":1,\"1082\":1,\"1083\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1386\":1,\"1561\":1,\"1562\":1,\"1738\":1,\"1739\":1,\"1915\":1,\"1916\":1,\"2092\":1,\"2093\":1,\"2269\":1,\"2270\":1,\"2487\":1,\"2488\":1,\"2706\":1,\"2707\":1,\"2925\":1,\"2926\":1,\"3144\":1,\"3145\":1,\"3365\":1,\"3366\":1},\"1\":{\"85\":5,\"97\":3,\"99\":1,\"103\":1,\"107\":1,\"127\":1,\"169\":1,\"208\":2,\"233\":1,\"263\":2,\"289\":6,\"290\":3,\"300\":6,\"301\":3,\"304\":4,\"307\":2,\"323\":2,\"327\":6,\"333\":2,\"334\":2,\"335\":1,\"338\":4,\"342\":2,\"348\":1,\"352\":3,\"354\":4,\"356\":3,\"357\":2,\"361\":8,\"362\":7,\"363\":8,\"364\":3,\"367\":10,\"377\":4,\"381\":3,\"383\":1,\"387\":8,\"388\":7,\"389\":6,\"393\":15,\"428\":3,\"442\":6,\"443\":1,\"457\":2,\"471\":4,\"481\":4,\"482\":3,\"494\":4,\"504\":5,\"505\":4,\"520\":4,\"530\":5,\"531\":4,\"546\":4,\"560\":5,\"561\":4,\"576\":3,\"590\":5,\"591\":1,\"606\":3,\"620\":5,\"621\":1,\"652\":3,\"666\":5,\"667\":1,\"698\":3,\"712\":5,\"713\":1,\"744\":3,\"758\":5,\"759\":1,\"790\":3,\"804\":5,\"805\":1,\"836\":3,\"850\":5,\"851\":1,\"882\":3,\"896\":6,\"897\":1,\"911\":2,\"985\":1,\"1044\":2,\"1049\":2,\"1082\":2,\"1083\":2,\"1138\":2,\"1169\":2,\"1192\":1,\"1247\":2,\"1320\":2,\"1343\":1,\"1355\":2,\"1385\":2,\"1386\":2,\"1518\":1,\"1531\":2,\"1561\":2,\"1562\":2,\"1695\":1,\"1708\":2,\"1738\":2,\"1739\":2,\"1872\":1,\"1885\":2,\"1915\":2,\"1916\":2,\"2049\":1,\"2062\":2,\"2092\":2,\"2093\":2,\"2226\":1,\"2239\":2,\"2269\":2,\"2270\":2,\"2416\":1,\"2454\":2,\"2487\":2,\"2488\":2,\"2635\":1,\"2673\":2,\"2706\":2,\"2707\":2,\"2854\":1,\"2892\":2,\"2925\":2,\"2926\":2,\"3073\":1,\"3111\":2,\"3144\":2,\"3145\":2,\"3268\":1,\"3327\":2,\"3332\":2,\"3365\":2,\"3366\":2,\"3421\":2}}],[\"organizations\",{\"1\":{\"0\":1,\"5\":1,\"6\":1,\"10\":1,\"85\":3,\"94\":1,\"97\":1,\"99\":4,\"100\":1,\"104\":1,\"106\":4,\"107\":2,\"110\":4,\"112\":1,\"116\":1,\"117\":2,\"130\":1,\"165\":4,\"167\":2,\"169\":4,\"170\":1,\"280\":1,\"289\":2,\"290\":1,\"291\":1,\"300\":2,\"301\":1,\"323\":1,\"325\":1,\"331\":1,\"348\":3,\"354\":3,\"356\":1,\"361\":4,\"362\":2,\"379\":1,\"387\":4,\"388\":2,\"399\":1,\"400\":1,\"403\":1,\"428\":1,\"442\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"576\":1,\"590\":1,\"606\":1,\"620\":1,\"652\":1,\"666\":1,\"698\":1,\"712\":1,\"744\":1,\"758\":1,\"790\":1,\"804\":1,\"836\":1,\"850\":1,\"882\":1,\"896\":1,\"920\":1,\"2327\":1,\"2546\":1,\"2765\":1,\"2984\":1,\"3203\":1}}],[\"ort\",{\"1\":{\"14\":1,\"41\":1}}],[\"or\",{\"0\":{\"175\":1,\"179\":1,\"182\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"214\":1,\"219\":1,\"225\":1,\"243\":1,\"244\":1,\"251\":1,\"255\":1,\"257\":1,\"451\":1,\"905\":1,\"932\":1,\"936\":1,\"939\":1,\"950\":1,\"965\":1,\"970\":1,\"976\":1,\"996\":1,\"1010\":1,\"1019\":1,\"1061\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1089\":1,\"1103\":1,\"1112\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1159\":1,\"1175\":1,\"1180\":1,\"1186\":1,\"1198\":1,\"1213\":1,\"1222\":1,\"1229\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1252\":1,\"1281\":1,\"1290\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1310\":1,\"1326\":1,\"1331\":1,\"1337\":1,\"1349\":1,\"1367\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1391\":1,\"1405\":1,\"1414\":1,\"1453\":1,\"1462\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1483\":1,\"1498\":1,\"1503\":1,\"1509\":1,\"1525\":1,\"1543\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1567\":1,\"1581\":1,\"1590\":1,\"1630\":1,\"1639\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1660\":1,\"1675\":1,\"1680\":1,\"1686\":1,\"1702\":1,\"1720\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1744\":1,\"1758\":1,\"1767\":1,\"1807\":1,\"1816\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1837\":1,\"1852\":1,\"1857\":1,\"1863\":1,\"1879\":1,\"1897\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1921\":1,\"1935\":1,\"1944\":1,\"1984\":1,\"1993\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2014\":1,\"2029\":1,\"2034\":1,\"2040\":1,\"2056\":1,\"2074\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2098\":1,\"2112\":1,\"2121\":1,\"2161\":1,\"2170\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2191\":1,\"2206\":1,\"2211\":1,\"2217\":1,\"2233\":1,\"2251\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2275\":1,\"2289\":1,\"2298\":1,\"2348\":1,\"2357\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2381\":1,\"2396\":1,\"2401\":1,\"2407\":1,\"2427\":1,\"2466\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2494\":1,\"2508\":1,\"2517\":1,\"2567\":1,\"2576\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2600\":1,\"2615\":1,\"2620\":1,\"2626\":1,\"2646\":1,\"2685\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2713\":1,\"2727\":1,\"2736\":1,\"2786\":1,\"2795\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2819\":1,\"2834\":1,\"2839\":1,\"2845\":1,\"2865\":1,\"2904\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2932\":1,\"2946\":1,\"2955\":1,\"3005\":1,\"3014\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3038\":1,\"3053\":1,\"3058\":1,\"3064\":1,\"3084\":1,\"3123\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3151\":1,\"3165\":1,\"3174\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3233\":1,\"3248\":1,\"3253\":1,\"3259\":1,\"3279\":1,\"3293\":1,\"3302\":1,\"3344\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3372\":1,\"3386\":1,\"3395\":1},\"1\":{\"0\":1,\"12\":2,\"33\":1,\"36\":1,\"37\":2,\"38\":1,\"39\":1,\"40\":1,\"75\":1,\"81\":1,\"86\":1,\"91\":1,\"94\":7,\"95\":3,\"97\":3,\"98\":1,\"99\":2,\"100\":1,\"102\":1,\"113\":1,\"117\":1,\"120\":1,\"126\":1,\"138\":2,\"159\":1,\"168\":1,\"169\":2,\"170\":1,\"177\":1,\"186\":1,\"188\":1,\"205\":1,\"213\":1,\"221\":1,\"226\":1,\"227\":1,\"228\":1,\"233\":1,\"236\":1,\"237\":1,\"242\":1,\"249\":1,\"253\":1,\"261\":1,\"262\":1,\"265\":1,\"266\":1,\"269\":1,\"277\":1,\"284\":1,\"288\":1,\"289\":1,\"290\":8,\"295\":1,\"299\":1,\"300\":1,\"301\":3,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"319\":1,\"333\":2,\"334\":2,\"338\":2,\"345\":1,\"347\":1,\"348\":1,\"352\":1,\"356\":2,\"357\":1,\"359\":1,\"361\":2,\"362\":1,\"381\":3,\"385\":1,\"387\":2,\"388\":1,\"393\":2,\"394\":1,\"401\":1,\"414\":3,\"415\":2,\"416\":1,\"417\":3,\"418\":2,\"419\":2,\"427\":2,\"428\":1,\"429\":2,\"432\":1,\"433\":1,\"434\":1,\"438\":1,\"439\":1,\"441\":1,\"442\":1,\"443\":1,\"445\":1,\"446\":3,\"451\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"470\":2,\"472\":2,\"473\":1,\"477\":1,\"478\":1,\"480\":1,\"481\":2,\"482\":1,\"484\":1,\"493\":2,\"495\":2,\"496\":1,\"500\":1,\"501\":1,\"503\":1,\"504\":1,\"505\":1,\"507\":1,\"519\":2,\"521\":2,\"522\":1,\"526\":1,\"527\":1,\"529\":1,\"530\":1,\"531\":1,\"533\":1,\"536\":1,\"545\":2,\"546\":1,\"547\":2,\"552\":1,\"556\":1,\"557\":1,\"559\":1,\"560\":1,\"561\":1,\"563\":1,\"565\":1,\"575\":2,\"576\":1,\"577\":2,\"582\":1,\"586\":1,\"587\":1,\"589\":1,\"590\":1,\"591\":1,\"593\":1,\"595\":1,\"605\":2,\"606\":1,\"607\":2,\"612\":1,\"616\":1,\"617\":1,\"619\":1,\"620\":1,\"621\":1,\"623\":1,\"625\":1,\"638\":3,\"639\":2,\"640\":1,\"641\":3,\"642\":2,\"643\":2,\"651\":2,\"652\":1,\"653\":2,\"658\":1,\"662\":1,\"663\":1,\"665\":1,\"666\":1,\"667\":1,\"669\":1,\"671\":1,\"684\":3,\"685\":2,\"686\":1,\"687\":3,\"688\":2,\"689\":2,\"697\":2,\"698\":1,\"699\":2,\"704\":1,\"708\":1,\"709\":1,\"711\":1,\"712\":1,\"713\":1,\"715\":1,\"717\":1,\"730\":3,\"731\":2,\"732\":1,\"733\":3,\"734\":2,\"735\":2,\"743\":2,\"744\":1,\"745\":2,\"750\":1,\"754\":1,\"755\":1,\"757\":1,\"758\":1,\"759\":1,\"761\":1,\"763\":1,\"776\":3,\"777\":2,\"778\":1,\"779\":3,\"780\":2,\"781\":2,\"789\":2,\"790\":1,\"791\":2,\"794\":1,\"795\":1,\"796\":1,\"800\":1,\"801\":1,\"803\":1,\"804\":1,\"805\":1,\"807\":1,\"809\":1,\"822\":3,\"823\":2,\"824\":1,\"825\":3,\"826\":2,\"827\":2,\"835\":2,\"836\":1,\"837\":2,\"840\":1,\"841\":1,\"842\":1,\"846\":1,\"847\":1,\"849\":1,\"850\":1,\"851\":1,\"853\":1,\"868\":3,\"869\":2,\"870\":1,\"871\":3,\"872\":2,\"873\":2,\"881\":2,\"882\":1,\"883\":2,\"886\":1,\"887\":1,\"888\":1,\"892\":1,\"893\":1,\"895\":1,\"896\":1,\"897\":1,\"899\":1,\"900\":3,\"905\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"920\":3,\"921\":2,\"922\":1,\"934\":1,\"945\":1,\"946\":1,\"949\":1,\"957\":1,\"964\":1,\"972\":1,\"977\":1,\"978\":1,\"979\":1,\"985\":1,\"988\":1,\"989\":1,\"990\":1,\"995\":2,\"1009\":1,\"1013\":1,\"1015\":1,\"1031\":1,\"1040\":1,\"1049\":1,\"1050\":2,\"1051\":1,\"1060\":1,\"1064\":1,\"1070\":1,\"1081\":1,\"1088\":2,\"1102\":1,\"1106\":1,\"1108\":1,\"1125\":1,\"1134\":1,\"1147\":1,\"1156\":1,\"1158\":1,\"1166\":1,\"1174\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1192\":1,\"1195\":1,\"1196\":1,\"1197\":2,\"1212\":1,\"1216\":1,\"1218\":1,\"1228\":1,\"1232\":1,\"1238\":1,\"1246\":1,\"1251\":2,\"1256\":1,\"1264\":1,\"1280\":1,\"1284\":1,\"1286\":1,\"1298\":1,\"1307\":1,\"1309\":1,\"1317\":1,\"1325\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1343\":1,\"1346\":1,\"1347\":1,\"1348\":2,\"1355\":1,\"1356\":2,\"1357\":1,\"1366\":1,\"1370\":1,\"1376\":1,\"1384\":1,\"1388\":1,\"1390\":2,\"1404\":1,\"1408\":1,\"1410\":1,\"1427\":1,\"1435\":1,\"1452\":1,\"1456\":1,\"1458\":1,\"1470\":1,\"1479\":1,\"1480\":1,\"1482\":1,\"1490\":1,\"1497\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1518\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":2,\"1531\":1,\"1532\":2,\"1533\":1,\"1542\":1,\"1546\":1,\"1552\":1,\"1560\":1,\"1566\":2,\"1580\":1,\"1584\":1,\"1586\":1,\"1603\":1,\"1612\":1,\"1629\":1,\"1633\":1,\"1635\":1,\"1647\":1,\"1656\":1,\"1657\":1,\"1659\":1,\"1667\":1,\"1674\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1695\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":2,\"1708\":1,\"1709\":2,\"1710\":1,\"1719\":1,\"1723\":1,\"1729\":1,\"1737\":1,\"1743\":2,\"1757\":1,\"1761\":1,\"1763\":1,\"1780\":1,\"1789\":1,\"1806\":1,\"1810\":1,\"1812\":1,\"1824\":1,\"1833\":1,\"1834\":1,\"1836\":1,\"1844\":1,\"1851\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1872\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":2,\"1885\":1,\"1886\":2,\"1887\":1,\"1896\":1,\"1900\":1,\"1906\":1,\"1914\":1,\"1920\":2,\"1934\":1,\"1938\":1,\"1940\":1,\"1957\":1,\"1966\":1,\"1983\":1,\"1987\":1,\"1989\":1,\"2001\":1,\"2010\":1,\"2011\":1,\"2013\":1,\"2021\":1,\"2028\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2049\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":2,\"2062\":1,\"2063\":2,\"2064\":1,\"2073\":1,\"2077\":1,\"2083\":1,\"2091\":1,\"2097\":2,\"2111\":1,\"2115\":1,\"2117\":1,\"2134\":1,\"2143\":1,\"2160\":1,\"2164\":1,\"2166\":1,\"2178\":1,\"2187\":1,\"2188\":1,\"2190\":1,\"2198\":1,\"2205\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2226\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":2,\"2239\":1,\"2240\":2,\"2241\":1,\"2250\":1,\"2254\":1,\"2260\":1,\"2268\":1,\"2274\":2,\"2288\":1,\"2292\":1,\"2294\":1,\"2311\":1,\"2320\":1,\"2327\":3,\"2328\":2,\"2329\":1,\"2347\":1,\"2351\":1,\"2353\":1,\"2365\":1,\"2376\":1,\"2377\":1,\"2380\":1,\"2388\":1,\"2395\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2416\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2426\":2,\"2438\":1,\"2447\":1,\"2454\":1,\"2455\":2,\"2456\":1,\"2465\":1,\"2469\":1,\"2475\":1,\"2486\":1,\"2493\":2,\"2507\":1,\"2511\":1,\"2513\":1,\"2530\":1,\"2539\":1,\"2546\":3,\"2547\":2,\"2548\":1,\"2566\":1,\"2570\":1,\"2572\":1,\"2584\":1,\"2595\":1,\"2596\":1,\"2599\":1,\"2607\":1,\"2614\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2635\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2645\":2,\"2657\":1,\"2666\":1,\"2673\":1,\"2674\":2,\"2675\":1,\"2684\":1,\"2688\":1,\"2694\":1,\"2705\":1,\"2712\":2,\"2726\":1,\"2730\":1,\"2732\":1,\"2749\":1,\"2758\":1,\"2765\":3,\"2766\":2,\"2767\":1,\"2785\":1,\"2789\":1,\"2791\":1,\"2803\":1,\"2814\":1,\"2815\":1,\"2818\":1,\"2826\":1,\"2833\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2854\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2864\":2,\"2876\":1,\"2885\":1,\"2892\":1,\"2893\":2,\"2894\":1,\"2903\":1,\"2907\":1,\"2913\":1,\"2924\":1,\"2931\":2,\"2945\":1,\"2949\":1,\"2951\":1,\"2968\":1,\"2977\":1,\"2984\":3,\"2985\":2,\"2986\":1,\"3004\":1,\"3008\":1,\"3010\":1,\"3022\":1,\"3033\":1,\"3034\":1,\"3037\":1,\"3045\":1,\"3052\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3073\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3083\":2,\"3095\":1,\"3104\":1,\"3111\":1,\"3112\":2,\"3113\":1,\"3122\":1,\"3126\":1,\"3132\":1,\"3143\":1,\"3150\":2,\"3164\":1,\"3168\":1,\"3170\":1,\"3187\":1,\"3196\":1,\"3203\":3,\"3204\":2,\"3205\":1,\"3217\":1,\"3228\":1,\"3229\":1,\"3232\":1,\"3240\":1,\"3247\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3268\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3278\":2,\"3292\":1,\"3296\":1,\"3298\":1,\"3314\":1,\"3323\":1,\"3332\":1,\"3333\":2,\"3334\":1,\"3343\":1,\"3347\":1,\"3353\":1,\"3364\":1,\"3371\":2,\"3385\":1,\"3389\":1,\"3391\":1,\"3408\":1,\"3417\":1}}],[\"order\",{\"1\":{\"0\":1,\"32\":1,\"99\":1,\"128\":1,\"138\":1,\"145\":2,\"146\":1,\"147\":2,\"149\":1,\"150\":1,\"162\":1,\"169\":1,\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"290\":1,\"319\":1,\"322\":1,\"332\":1,\"344\":1,\"356\":1,\"357\":1,\"381\":1,\"383\":2,\"394\":1,\"398\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"others\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"other\",{\"0\":{\"458\":1,\"912\":1},\"1\":{\"0\":1,\"9\":1,\"32\":1,\"37\":1,\"77\":1,\"85\":1,\"88\":2,\"91\":1,\"95\":1,\"97\":1,\"98\":1,\"99\":4,\"110\":1,\"112\":2,\"116\":1,\"117\":1,\"147\":1,\"165\":1,\"167\":2,\"169\":4,\"289\":1,\"300\":1,\"318\":1,\"371\":1,\"381\":1,\"408\":1,\"417\":1,\"419\":2,\"439\":4,\"442\":2,\"478\":4,\"481\":2,\"501\":4,\"504\":2,\"527\":4,\"530\":2,\"557\":4,\"560\":2,\"587\":4,\"590\":2,\"617\":4,\"620\":2,\"632\":1,\"641\":1,\"643\":2,\"663\":4,\"666\":2,\"678\":1,\"687\":1,\"689\":2,\"709\":4,\"712\":2,\"724\":1,\"733\":1,\"735\":2,\"755\":4,\"758\":2,\"770\":1,\"779\":1,\"781\":2,\"801\":4,\"804\":2,\"816\":1,\"825\":1,\"827\":2,\"847\":4,\"850\":2,\"862\":1,\"871\":1,\"873\":2,\"893\":4,\"896\":2,\"920\":1,\"2327\":1,\"2546\":1,\"2765\":1,\"2984\":1,\"3203\":1}}],[\"onopen\",{\"1\":{\"444\":2,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":2,\"806\":2,\"852\":2,\"898\":2}}],[\"onactivitystart\",{\"0\":{\"185\":1,\"944\":1,\"1155\":1,\"1306\":1,\"1478\":1,\"1655\":1,\"1832\":1,\"2009\":1,\"2186\":1,\"2375\":1,\"2594\":1,\"2813\":1,\"3032\":1,\"3227\":1},\"1\":{\"185\":1,\"944\":1,\"1155\":1,\"1306\":1,\"1478\":1,\"1655\":1,\"1832\":1,\"2009\":1,\"2186\":1,\"2375\":1,\"2594\":1,\"2813\":1,\"3032\":1,\"3227\":1}}],[\"onactivityend\",{\"0\":{\"184\":1,\"943\":1,\"1154\":1,\"1305\":1,\"1477\":1,\"1654\":1,\"1831\":1,\"2008\":1,\"2185\":1,\"2374\":1,\"2593\":1,\"2812\":1,\"3031\":1,\"3226\":1},\"1\":{\"184\":1,\"943\":1,\"1154\":1,\"1305\":1,\"1477\":1,\"1654\":1,\"1831\":1,\"2008\":1,\"2185\":1,\"2374\":1,\"2593\":1,\"2812\":1,\"3031\":1,\"3226\":1}}],[\"onboarding\",{\"1\":{\"117\":1}}],[\"ones\",{\"1\":{\"97\":1,\"148\":2,\"372\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"one\",{\"1\":{\"97\":2,\"127\":1,\"145\":1,\"147\":2,\"154\":1,\"159\":24,\"160\":1,\"162\":1,\"205\":1,\"226\":1,\"228\":1,\"249\":1,\"289\":1,\"300\":1,\"323\":1,\"338\":2,\"354\":1,\"398\":1,\"434\":1,\"442\":1,\"459\":1,\"473\":1,\"481\":1,\"496\":1,\"504\":1,\"522\":1,\"530\":1,\"537\":2,\"552\":1,\"560\":1,\"564\":1,\"582\":1,\"590\":1,\"594\":1,\"612\":1,\"620\":1,\"624\":1,\"658\":1,\"666\":1,\"670\":1,\"704\":1,\"712\":1,\"716\":1,\"750\":1,\"758\":1,\"762\":1,\"796\":1,\"804\":1,\"808\":1,\"842\":1,\"850\":1,\"854\":1,\"888\":1,\"896\":1,\"913\":1,\"922\":2,\"957\":1,\"977\":1,\"979\":1,\"995\":1,\"1013\":1,\"1015\":1,\"1051\":2,\"1064\":1,\"1088\":1,\"1106\":1,\"1108\":1,\"1166\":1,\"1187\":1,\"1189\":1,\"1197\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1251\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1338\":1,\"1340\":1,\"1348\":1,\"1357\":2,\"1370\":1,\"1390\":1,\"1408\":1,\"1410\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1510\":1,\"1512\":1,\"1524\":1,\"1533\":2,\"1546\":1,\"1566\":1,\"1584\":1,\"1586\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1687\":1,\"1689\":1,\"1701\":1,\"1710\":2,\"1723\":1,\"1743\":1,\"1761\":1,\"1763\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1864\":1,\"1866\":1,\"1878\":1,\"1887\":2,\"1900\":1,\"1920\":1,\"1938\":1,\"1940\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2041\":1,\"2043\":1,\"2055\":1,\"2064\":2,\"2077\":1,\"2097\":1,\"2115\":1,\"2117\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2218\":1,\"2220\":1,\"2232\":1,\"2241\":2,\"2254\":1,\"2274\":1,\"2292\":1,\"2294\":1,\"2329\":2,\"2351\":1,\"2353\":1,\"2388\":1,\"2408\":1,\"2410\":1,\"2426\":1,\"2456\":2,\"2469\":1,\"2493\":1,\"2511\":1,\"2513\":1,\"2548\":2,\"2570\":1,\"2572\":1,\"2607\":1,\"2627\":1,\"2629\":1,\"2645\":1,\"2675\":2,\"2688\":1,\"2712\":1,\"2730\":1,\"2732\":1,\"2767\":2,\"2789\":1,\"2791\":1,\"2826\":1,\"2846\":1,\"2848\":1,\"2864\":1,\"2894\":2,\"2907\":1,\"2931\":1,\"2949\":1,\"2951\":1,\"2986\":2,\"3008\":1,\"3010\":1,\"3045\":1,\"3065\":1,\"3067\":1,\"3083\":1,\"3113\":2,\"3126\":1,\"3150\":1,\"3168\":1,\"3170\":1,\"3205\":2,\"3240\":1,\"3260\":1,\"3262\":1,\"3278\":1,\"3296\":1,\"3298\":1,\"3334\":2,\"3347\":1,\"3371\":1,\"3389\":1,\"3391\":1}}],[\"once\",{\"1\":{\"38\":1,\"88\":1,\"105\":1,\"358\":1,\"359\":1,\"360\":1,\"384\":1,\"385\":1,\"386\":1}}],[\"only\",{\"1\":{\"5\":1,\"85\":1,\"90\":1,\"93\":1,\"102\":1,\"103\":1,\"109\":2,\"127\":1,\"154\":2,\"156\":1,\"159\":1,\"177\":1,\"184\":1,\"185\":1,\"186\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"233\":1,\"236\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"253\":1,\"262\":1,\"280\":1,\"285\":3,\"289\":1,\"290\":1,\"296\":3,\"300\":1,\"301\":1,\"327\":9,\"335\":1,\"338\":1,\"348\":1,\"359\":1,\"360\":1,\"363\":2,\"385\":1,\"386\":1,\"389\":2,\"407\":1,\"408\":1,\"439\":3,\"442\":1,\"443\":1,\"457\":8,\"459\":1,\"470\":1,\"472\":1,\"478\":3,\"481\":1,\"482\":1,\"493\":1,\"495\":1,\"501\":3,\"504\":1,\"505\":1,\"519\":1,\"521\":1,\"527\":3,\"530\":1,\"531\":1,\"547\":1,\"557\":3,\"560\":1,\"561\":1,\"564\":1,\"587\":3,\"590\":1,\"591\":1,\"594\":1,\"617\":3,\"620\":1,\"621\":1,\"624\":1,\"631\":1,\"632\":1,\"663\":3,\"666\":1,\"667\":1,\"670\":1,\"677\":1,\"678\":1,\"709\":3,\"712\":1,\"713\":1,\"716\":1,\"723\":1,\"724\":1,\"755\":3,\"758\":1,\"759\":1,\"762\":1,\"769\":1,\"770\":1,\"801\":3,\"804\":1,\"805\":1,\"808\":1,\"815\":1,\"816\":1,\"847\":3,\"850\":1,\"851\":1,\"854\":1,\"861\":1,\"862\":1,\"893\":3,\"896\":1,\"897\":1,\"911\":8,\"913\":1,\"920\":2,\"930\":1,\"934\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"985\":1,\"988\":1,\"993\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1024\":1,\"1049\":3,\"1057\":2,\"1062\":1,\"1063\":1,\"1066\":1,\"1070\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1081\":1,\"1086\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1117\":1,\"1143\":1,\"1147\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1192\":1,\"1195\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1230\":1,\"1231\":1,\"1234\":1,\"1238\":1,\"1246\":1,\"1250\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1294\":1,\"1298\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1343\":1,\"1346\":1,\"1355\":3,\"1363\":2,\"1368\":1,\"1369\":1,\"1372\":1,\"1376\":1,\"1384\":1,\"1389\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1466\":1,\"1470\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1518\":1,\"1521\":1,\"1531\":3,\"1539\":2,\"1544\":1,\"1545\":1,\"1548\":1,\"1552\":1,\"1560\":1,\"1565\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1643\":1,\"1647\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1695\":1,\"1698\":1,\"1708\":3,\"1716\":2,\"1721\":1,\"1722\":1,\"1725\":1,\"1729\":1,\"1737\":1,\"1742\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1820\":1,\"1824\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1872\":1,\"1875\":1,\"1885\":3,\"1893\":2,\"1898\":1,\"1899\":1,\"1902\":1,\"1906\":1,\"1914\":1,\"1919\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1997\":1,\"2001\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2049\":1,\"2052\":1,\"2062\":3,\"2070\":2,\"2075\":1,\"2076\":1,\"2079\":1,\"2083\":1,\"2091\":1,\"2096\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2174\":1,\"2178\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2226\":1,\"2229\":1,\"2239\":3,\"2247\":2,\"2252\":1,\"2253\":1,\"2256\":1,\"2260\":1,\"2268\":1,\"2273\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2327\":2,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2361\":1,\"2365\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2416\":1,\"2419\":1,\"2424\":1,\"2431\":1,\"2454\":3,\"2462\":2,\"2467\":1,\"2468\":1,\"2471\":1,\"2475\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2486\":1,\"2491\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2522\":1,\"2546\":2,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2580\":1,\"2584\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2635\":1,\"2638\":1,\"2643\":1,\"2650\":1,\"2673\":3,\"2681\":2,\"2686\":1,\"2687\":1,\"2690\":1,\"2694\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2705\":1,\"2710\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2741\":1,\"2765\":2,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2799\":1,\"2803\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2854\":1,\"2857\":1,\"2862\":1,\"2869\":1,\"2892\":3,\"2900\":2,\"2905\":1,\"2906\":1,\"2909\":1,\"2913\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2924\":1,\"2929\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2960\":1,\"2984\":2,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3018\":1,\"3022\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3073\":1,\"3076\":1,\"3081\":1,\"3088\":1,\"3111\":3,\"3119\":2,\"3124\":1,\"3125\":1,\"3128\":1,\"3132\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3143\":1,\"3148\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3179\":1,\"3203\":2,\"3213\":1,\"3217\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3268\":1,\"3271\":1,\"3276\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3307\":1,\"3332\":3,\"3340\":2,\"3345\":1,\"3346\":1,\"3349\":1,\"3353\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3364\":1,\"3369\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3400\":1}}],[\"on\",{\"0\":{\"286\":1,\"297\":1,\"445\":1,\"484\":1,\"507\":1,\"533\":1,\"563\":1,\"593\":1,\"623\":1,\"669\":1,\"715\":1,\"761\":1,\"807\":1,\"853\":1,\"899\":1},\"1\":{\"0\":1,\"5\":1,\"12\":1,\"14\":2,\"28\":1,\"32\":1,\"33\":3,\"37\":1,\"73\":1,\"74\":1,\"78\":1,\"79\":1,\"81\":2,\"82\":1,\"88\":1,\"90\":2,\"95\":1,\"96\":1,\"97\":5,\"99\":7,\"102\":1,\"112\":1,\"113\":1,\"116\":2,\"117\":3,\"119\":1,\"120\":1,\"126\":1,\"127\":2,\"130\":2,\"137\":4,\"147\":2,\"152\":2,\"153\":1,\"159\":35,\"160\":8,\"167\":1,\"168\":1,\"169\":7,\"170\":1,\"217\":1,\"218\":1,\"223\":1,\"233\":1,\"236\":1,\"262\":1,\"285\":1,\"286\":2,\"289\":1,\"290\":3,\"296\":1,\"297\":2,\"300\":1,\"301\":3,\"303\":2,\"304\":2,\"306\":2,\"307\":2,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"318\":2,\"320\":1,\"322\":1,\"324\":1,\"327\":6,\"329\":1,\"332\":1,\"341\":1,\"344\":1,\"346\":1,\"348\":1,\"352\":1,\"356\":1,\"364\":1,\"369\":1,\"373\":1,\"374\":2,\"377\":2,\"390\":2,\"393\":1,\"399\":1,\"400\":2,\"407\":2,\"411\":1,\"413\":1,\"414\":2,\"415\":3,\"419\":4,\"422\":1,\"423\":1,\"427\":1,\"429\":1,\"431\":1,\"444\":1,\"445\":1,\"461\":2,\"462\":1,\"465\":1,\"466\":1,\"470\":2,\"472\":2,\"481\":1,\"483\":1,\"484\":1,\"488\":1,\"489\":1,\"493\":2,\"495\":2,\"504\":1,\"506\":1,\"507\":1,\"510\":2,\"511\":1,\"514\":1,\"515\":1,\"519\":2,\"521\":2,\"530\":1,\"532\":1,\"533\":1,\"536\":2,\"537\":1,\"540\":1,\"541\":1,\"545\":2,\"547\":1,\"560\":1,\"562\":1,\"563\":1,\"566\":2,\"567\":1,\"570\":1,\"571\":1,\"575\":1,\"577\":1,\"590\":1,\"592\":1,\"593\":1,\"596\":2,\"597\":1,\"600\":1,\"601\":1,\"605\":1,\"607\":1,\"620\":1,\"622\":1,\"623\":1,\"626\":2,\"627\":1,\"631\":2,\"635\":1,\"637\":1,\"638\":2,\"639\":3,\"643\":4,\"646\":1,\"647\":1,\"651\":1,\"653\":1,\"666\":1,\"668\":1,\"669\":1,\"672\":2,\"673\":1,\"677\":2,\"681\":1,\"683\":1,\"684\":2,\"685\":3,\"689\":4,\"692\":1,\"693\":1,\"697\":1,\"699\":1,\"712\":1,\"714\":1,\"715\":1,\"718\":2,\"719\":1,\"723\":2,\"727\":1,\"729\":1,\"730\":2,\"731\":3,\"735\":4,\"738\":1,\"739\":1,\"743\":1,\"745\":1,\"758\":1,\"760\":1,\"761\":1,\"764\":2,\"765\":1,\"769\":2,\"773\":1,\"775\":1,\"776\":2,\"777\":3,\"781\":4,\"784\":1,\"785\":1,\"789\":1,\"791\":1,\"793\":1,\"804\":1,\"806\":1,\"807\":1,\"810\":2,\"811\":1,\"815\":2,\"819\":1,\"821\":1,\"822\":2,\"823\":3,\"827\":4,\"830\":1,\"831\":1,\"835\":1,\"837\":1,\"839\":1,\"850\":1,\"852\":1,\"853\":1,\"856\":2,\"857\":1,\"861\":2,\"865\":1,\"867\":1,\"868\":2,\"869\":3,\"873\":4,\"876\":1,\"877\":1,\"881\":1,\"883\":1,\"885\":1,\"898\":1,\"899\":1,\"915\":2,\"916\":1,\"968\":1,\"969\":1,\"974\":1,\"985\":1,\"988\":1,\"1026\":1,\"1081\":1,\"1120\":1,\"1178\":1,\"1179\":1,\"1184\":1,\"1192\":1,\"1195\":1,\"1246\":1,\"1329\":1,\"1330\":1,\"1335\":1,\"1343\":1,\"1346\":1,\"1384\":1,\"1422\":1,\"1501\":1,\"1502\":1,\"1507\":1,\"1518\":1,\"1521\":1,\"1560\":1,\"1598\":1,\"1678\":1,\"1679\":1,\"1684\":1,\"1695\":1,\"1698\":1,\"1737\":1,\"1775\":1,\"1855\":1,\"1856\":1,\"1861\":1,\"1872\":1,\"1875\":1,\"1914\":1,\"1952\":1,\"2032\":1,\"2033\":1,\"2038\":1,\"2049\":1,\"2052\":1,\"2091\":1,\"2129\":1,\"2209\":1,\"2210\":1,\"2215\":1,\"2226\":1,\"2229\":1,\"2268\":1,\"2306\":1,\"2399\":1,\"2400\":1,\"2405\":1,\"2416\":1,\"2419\":1,\"2433\":1,\"2486\":1,\"2525\":1,\"2618\":1,\"2619\":1,\"2624\":1,\"2635\":1,\"2638\":1,\"2652\":1,\"2705\":1,\"2744\":1,\"2837\":1,\"2838\":1,\"2843\":1,\"2854\":1,\"2857\":1,\"2871\":1,\"2924\":1,\"2963\":1,\"3056\":1,\"3057\":1,\"3062\":1,\"3073\":1,\"3076\":1,\"3090\":1,\"3143\":1,\"3182\":1,\"3251\":1,\"3252\":1,\"3257\":1,\"3268\":1,\"3271\":1,\"3309\":1,\"3364\":1,\"3403\":1}}],[\"icon\",{\"1\":{\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"icons\",{\"1\":{\"356\":1}}],[\"icd\",{\"1\":{\"94\":1}}],[\"io\",{\"1\":{\"283\":1,\"294\":1,\"303\":4,\"304\":4,\"306\":4,\"307\":4,\"309\":4,\"310\":4,\"312\":4,\"313\":2,\"315\":4,\"316\":2,\"327\":6,\"341\":2,\"437\":1,\"449\":1,\"461\":4,\"462\":2,\"476\":1,\"499\":1,\"510\":4,\"511\":2,\"525\":1,\"536\":4,\"537\":2,\"555\":1,\"566\":4,\"567\":2,\"585\":1,\"596\":4,\"597\":2,\"615\":1,\"626\":4,\"627\":2,\"661\":1,\"672\":4,\"673\":2,\"707\":1,\"718\":4,\"719\":2,\"753\":1,\"764\":4,\"765\":2,\"799\":1,\"810\":4,\"811\":2,\"845\":1,\"856\":4,\"857\":2,\"891\":1,\"903\":1,\"915\":4,\"916\":2,\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"ipam\",{\"1\":{\"327\":3}}],[\"ipv4\",{\"1\":{\"327\":6}}],[\"ip\",{\"0\":{\"269\":1,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1},\"1\":{\"269\":1,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1}}],[\"illustrate\",{\"1\":{\"103\":1,\"117\":1}}],[\"idle\",{\"1\":{\"1012\":1,\"1105\":1,\"1215\":1,\"1283\":1,\"1407\":1,\"1455\":1,\"1583\":1,\"1632\":1,\"1760\":1,\"1809\":1,\"1937\":1,\"1986\":1,\"2114\":1,\"2163\":1,\"2291\":1,\"2350\":1,\"2510\":1,\"2569\":1,\"2729\":1,\"2788\":1,\"2948\":1,\"3007\":1,\"3167\":1,\"3295\":1,\"3388\":1}}],[\"idletimeout\",{\"0\":{\"1012\":1,\"1105\":1,\"1215\":1,\"1283\":1,\"1407\":1,\"1455\":1,\"1583\":1,\"1632\":1,\"1760\":1,\"1809\":1,\"1937\":1,\"1986\":1,\"2114\":1,\"2163\":1,\"2291\":1,\"2350\":1,\"2510\":1,\"2569\":1,\"2729\":1,\"2788\":1,\"2948\":1,\"3007\":1,\"3167\":1,\"3295\":1,\"3388\":1},\"1\":{\"1012\":1,\"1105\":1,\"1215\":1,\"1283\":1,\"1407\":1,\"1455\":1,\"1583\":1,\"1632\":1,\"1760\":1,\"1809\":1,\"1937\":1,\"1986\":1,\"2114\":1,\"2163\":1,\"2291\":1,\"2350\":1,\"2510\":1,\"2569\":1,\"2729\":1,\"2788\":1,\"2948\":1,\"3007\":1,\"3167\":1,\"3295\":1,\"3388\":1}}],[\"id>\",{\"1\":{\"162\":3,\"398\":1}}],[\"id=924467857\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=924467859\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=1199354\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=133227\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=133226\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=16099180989\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=16099180988\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=16099180997\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=16099180990\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475253350\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475255043\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475254782\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475254888\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475254903\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2475254970\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=2841410\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=25484789\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=25484751\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=23908438\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=8733622\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4147052292\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4147049674\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4147041876\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4147045948\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4442848517\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4442848523\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4442848529\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=4442848530\",{\"1\":{\"457\":1,\"911\":1}}],[\"id=\",{\"1\":{\"159\":317}}],[\"ids\",{\"1\":{\"152\":1}}],[\"idea\",{\"1\":{\"156\":2,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"ideas\",{\"1\":{\"117\":1,\"118\":1,\"404\":1,\"419\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"628\":1,\"643\":1,\"653\":1,\"669\":1,\"674\":1,\"689\":1,\"699\":1,\"715\":1,\"720\":1,\"735\":1,\"745\":1,\"761\":1,\"766\":1,\"781\":1,\"791\":1,\"807\":1,\"812\":1,\"827\":1,\"837\":1,\"853\":1,\"858\":1,\"873\":1,\"883\":1,\"899\":1}}],[\"ide\",{\"0\":{\"401\":1},\"1\":{\"134\":2,\"319\":1,\"321\":1,\"340\":1,\"342\":3,\"394\":1,\"401\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"identify\",{\"1\":{\"347\":2,\"357\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"identifying\",{\"1\":{\"99\":1,\"169\":1}}],[\"identifier\",{\"0\":{\"208\":1,\"263\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1},\"1\":{\"208\":2,\"263\":2,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"304\":4,\"307\":2,\"327\":6,\"335\":1,\"348\":1,\"361\":8,\"362\":6,\"363\":6,\"383\":1,\"387\":8,\"388\":6,\"389\":6,\"428\":1,\"442\":2,\"471\":1,\"481\":3,\"482\":3,\"494\":1,\"504\":2,\"505\":2,\"520\":1,\"530\":2,\"531\":2,\"546\":1,\"560\":2,\"561\":2,\"576\":1,\"590\":2,\"606\":1,\"620\":2,\"652\":1,\"666\":2,\"698\":1,\"712\":2,\"744\":1,\"758\":2,\"790\":1,\"804\":2,\"836\":1,\"850\":2,\"882\":1,\"896\":2,\"1082\":2,\"1169\":2,\"1247\":2,\"1320\":2,\"1385\":2,\"1561\":2,\"1738\":2,\"1915\":2,\"2092\":2,\"2269\":2,\"2487\":2,\"2706\":2,\"2925\":2,\"3144\":2,\"3365\":2}}],[\"identified\",{\"1\":{\"99\":1,\"169\":1,\"347\":1}}],[\"id\",{\"0\":{\"1006\":1,\"1099\":1,\"1209\":1,\"1277\":1,\"1401\":1,\"1449\":1,\"1577\":1,\"1626\":1,\"1754\":1,\"1803\":1,\"1931\":1,\"1980\":1,\"2108\":1,\"2157\":1,\"2285\":1,\"2344\":1,\"2504\":1,\"2563\":1,\"2723\":1,\"2782\":1,\"2942\":1,\"3001\":1,\"3161\":1,\"3289\":1,\"3382\":1},\"1\":{\"112\":1,\"113\":1,\"167\":1,\"168\":1,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"1002\":1,\"1003\":1,\"1006\":2,\"1025\":1,\"1027\":1,\"1095\":1,\"1096\":1,\"1099\":2,\"1118\":1,\"1121\":1,\"1205\":1,\"1206\":1,\"1209\":2,\"1273\":1,\"1274\":1,\"1277\":2,\"1397\":1,\"1398\":1,\"1401\":2,\"1420\":1,\"1423\":1,\"1445\":1,\"1446\":1,\"1449\":2,\"1573\":1,\"1574\":1,\"1577\":2,\"1596\":1,\"1599\":1,\"1622\":1,\"1623\":1,\"1626\":2,\"1750\":1,\"1751\":1,\"1754\":2,\"1773\":1,\"1776\":1,\"1799\":1,\"1800\":1,\"1803\":2,\"1927\":1,\"1928\":1,\"1931\":2,\"1950\":1,\"1953\":1,\"1976\":1,\"1977\":1,\"1980\":2,\"2104\":1,\"2105\":1,\"2108\":2,\"2127\":1,\"2130\":1,\"2153\":1,\"2154\":1,\"2157\":2,\"2281\":1,\"2282\":1,\"2285\":2,\"2304\":1,\"2307\":1,\"2340\":1,\"2341\":1,\"2344\":2,\"2432\":1,\"2434\":1,\"2500\":1,\"2501\":1,\"2504\":2,\"2523\":1,\"2526\":1,\"2559\":1,\"2560\":1,\"2563\":2,\"2651\":1,\"2653\":1,\"2719\":1,\"2720\":1,\"2723\":2,\"2742\":1,\"2745\":1,\"2778\":1,\"2779\":1,\"2782\":2,\"2870\":1,\"2872\":1,\"2938\":1,\"2939\":1,\"2942\":2,\"2961\":1,\"2964\":1,\"2997\":1,\"2998\":1,\"3001\":2,\"3089\":1,\"3091\":1,\"3157\":1,\"3158\":1,\"3161\":2,\"3180\":1,\"3183\":1,\"3285\":1,\"3286\":1,\"3289\":2,\"3308\":1,\"3310\":1,\"3378\":1,\"3379\":1,\"3382\":2,\"3401\":1,\"3404\":1}}],[\"idat\",{\"1\":{\"99\":1,\"152\":1,\"169\":1}}],[\"ihe\",{\"1\":{\"99\":2,\"152\":1,\"169\":2}}],[\"ihres\",{\"1\":{\"16\":1}}],[\"ihre\",{\"1\":{\"14\":1}}],[\"i\",{\"0\":{\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1},\"1\":{\"26\":1,\"103\":1,\"127\":1,\"347\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1}}],[\"image\",{\"1\":{\"303\":4,\"304\":4,\"306\":4,\"307\":4,\"309\":4,\"310\":4,\"312\":4,\"313\":2,\"315\":4,\"316\":2,\"327\":8,\"449\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"461\":4,\"462\":2,\"510\":4,\"511\":2,\"536\":5,\"537\":3,\"566\":4,\"567\":2,\"596\":4,\"597\":2,\"626\":4,\"627\":2,\"672\":4,\"673\":2,\"718\":4,\"719\":2,\"764\":4,\"765\":2,\"810\":4,\"811\":2,\"856\":4,\"857\":2,\"903\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"915\":4,\"916\":2,\"999\":1,\"1000\":1,\"1020\":2,\"1022\":1,\"1027\":1,\"1092\":1,\"1093\":1,\"1113\":2,\"1115\":1,\"1121\":1,\"1202\":1,\"1203\":1,\"1223\":2,\"1225\":1,\"1270\":1,\"1271\":1,\"1291\":2,\"1293\":1,\"1394\":1,\"1395\":1,\"1415\":2,\"1417\":1,\"1423\":1,\"1442\":1,\"1443\":1,\"1463\":2,\"1465\":1,\"1570\":1,\"1571\":1,\"1591\":2,\"1593\":1,\"1599\":1,\"1619\":1,\"1620\":1,\"1640\":2,\"1642\":1,\"1747\":1,\"1748\":1,\"1768\":2,\"1770\":1,\"1776\":1,\"1796\":1,\"1797\":1,\"1817\":2,\"1819\":1,\"1924\":1,\"1925\":1,\"1945\":2,\"1947\":1,\"1953\":1,\"1973\":1,\"1974\":1,\"1994\":2,\"1996\":1,\"2101\":1,\"2102\":1,\"2122\":2,\"2124\":1,\"2130\":1,\"2150\":1,\"2151\":1,\"2171\":2,\"2173\":1,\"2278\":1,\"2279\":1,\"2299\":2,\"2301\":1,\"2307\":1,\"2337\":1,\"2338\":1,\"2358\":2,\"2360\":1,\"2434\":1,\"2497\":1,\"2498\":1,\"2518\":2,\"2520\":1,\"2526\":1,\"2556\":1,\"2557\":1,\"2577\":2,\"2579\":1,\"2653\":1,\"2716\":1,\"2717\":1,\"2737\":2,\"2739\":1,\"2745\":1,\"2775\":1,\"2776\":1,\"2796\":2,\"2798\":1,\"2872\":1,\"2935\":1,\"2936\":1,\"2956\":2,\"2958\":1,\"2964\":1,\"2994\":1,\"2995\":1,\"3015\":2,\"3017\":1,\"3091\":1,\"3154\":1,\"3155\":1,\"3175\":2,\"3177\":1,\"3183\":1,\"3282\":1,\"3283\":1,\"3303\":2,\"3305\":1,\"3310\":1,\"3375\":1,\"3376\":1,\"3396\":2,\"3398\":1,\"3404\":1}}],[\"images\",{\"1\":{\"135\":1,\"141\":2,\"142\":2,\"280\":1,\"291\":1,\"341\":1,\"450\":1,\"451\":1,\"904\":1,\"905\":1}}],[\"imagine\",{\"1\":{\"102\":1}}],[\"im\",{\"1\":{\"14\":1,\"16\":1,\"17\":2,\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"improving\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"improvement\",{\"1\":{\"404\":1,\"417\":1,\"418\":1,\"419\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"628\":1,\"641\":1,\"642\":1,\"643\":1,\"653\":1,\"669\":1,\"674\":1,\"687\":1,\"688\":1,\"689\":1,\"699\":1,\"715\":1,\"720\":1,\"733\":1,\"734\":1,\"735\":1,\"745\":1,\"761\":1,\"766\":1,\"779\":1,\"780\":1,\"781\":1,\"791\":1,\"807\":1,\"812\":1,\"825\":1,\"826\":1,\"827\":1,\"837\":1,\"853\":1,\"858\":1,\"871\":1,\"872\":1,\"873\":1,\"883\":1,\"899\":1}}],[\"improvements\",{\"1\":{\"117\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"improved\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"improve\",{\"1\":{\"6\":1,\"82\":1,\"417\":1,\"419\":2,\"641\":1,\"643\":2,\"687\":1,\"689\":2,\"733\":1,\"735\":2,\"779\":1,\"781\":2,\"825\":1,\"827\":2,\"871\":1,\"873\":2}}],[\"imported\",{\"1\":{\"332\":1}}],[\"import\",{\"1\":{\"159\":1,\"160\":4,\"407\":3,\"631\":3,\"677\":3,\"723\":3,\"769\":3,\"815\":3,\"861\":3}}],[\"imports\",{\"1\":{\"159\":2}}],[\"importantly\",{\"1\":{\"94\":1}}],[\"important\",{\"1\":{\"33\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"89\":1,\"97\":2,\"102\":1,\"117\":1,\"333\":1,\"397\":1,\"399\":1,\"410\":1,\"413\":1,\"565\":1,\"595\":1,\"625\":1,\"634\":1,\"637\":1,\"671\":1,\"680\":1,\"683\":1,\"717\":1,\"726\":1,\"729\":1,\"763\":1,\"772\":1,\"775\":1,\"809\":1,\"818\":1,\"821\":1,\"864\":1,\"867\":1}}],[\"imple\",{\"1\":{\"159\":1}}],[\"implemented\",{\"1\":{\"97\":1,\"324\":1,\"369\":1,\"383\":1,\"399\":1}}],[\"implements\",{\"1\":{\"32\":1,\"88\":1,\"332\":2,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"implementing\",{\"0\":{\"318\":1},\"1\":{\"28\":1,\"120\":1,\"152\":1,\"153\":1,\"332\":1,\"397\":1}}],[\"implement\",{\"0\":{\"13\":1},\"1\":{\"5\":1,\"12\":1,\"13\":1,\"33\":2,\"82\":1,\"96\":1,\"147\":1,\"148\":1,\"152\":2,\"153\":2,\"318\":1,\"320\":1,\"329\":1}}],[\"implementations\",{\"1\":{\"174\":1,\"231\":1,\"232\":1,\"238\":1}}],[\"implementation\",{\"1\":{\"5\":1,\"26\":2,\"29\":1,\"96\":2,\"152\":1,\"153\":1,\"154\":1,\"174\":2,\"231\":2,\"232\":2,\"238\":2,\"332\":1,\"335\":1,\"352\":1,\"372\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"impl\",{\"1\":{\"150\":2,\"153\":3,\"304\":2,\"307\":2,\"310\":2}}],[\"impact\",{\"1\":{\"37\":1,\"405\":1,\"415\":1,\"418\":1,\"629\":1,\"639\":1,\"642\":1,\"675\":1,\"685\":1,\"688\":1,\"721\":1,\"731\":1,\"734\":1,\"767\":1,\"777\":1,\"780\":1,\"813\":1,\"823\":1,\"826\":1,\"859\":1,\"869\":1,\"872\":1}}],[\"if\",{\"0\":{\"148\":1},\"1\":{\"12\":1,\"13\":1,\"37\":4,\"38\":1,\"40\":1,\"73\":1,\"75\":1,\"86\":1,\"93\":1,\"97\":2,\"106\":1,\"107\":1,\"112\":1,\"120\":1,\"134\":1,\"135\":1,\"136\":2,\"139\":1,\"156\":1,\"157\":1,\"159\":10,\"167\":1,\"170\":2,\"177\":1,\"188\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"213\":1,\"219\":1,\"229\":1,\"236\":1,\"242\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"253\":1,\"262\":1,\"276\":1,\"277\":1,\"280\":1,\"286\":1,\"289\":3,\"290\":3,\"291\":1,\"297\":1,\"300\":3,\"301\":3,\"302\":1,\"304\":2,\"305\":2,\"307\":2,\"308\":1,\"310\":2,\"325\":1,\"338\":3,\"352\":1,\"356\":1,\"367\":2,\"379\":1,\"381\":2,\"383\":1,\"390\":1,\"393\":2,\"407\":1,\"414\":3,\"417\":3,\"419\":5,\"428\":2,\"438\":1,\"442\":2,\"443\":3,\"444\":2,\"447\":2,\"455\":1,\"456\":1,\"459\":2,\"460\":1,\"469\":1,\"471\":2,\"473\":1,\"477\":1,\"481\":4,\"482\":3,\"483\":2,\"492\":1,\"494\":2,\"496\":1,\"500\":1,\"504\":3,\"505\":3,\"506\":2,\"509\":1,\"518\":1,\"520\":2,\"522\":1,\"526\":1,\"530\":3,\"531\":3,\"532\":2,\"535\":1,\"536\":1,\"544\":1,\"546\":2,\"556\":1,\"560\":3,\"561\":3,\"562\":2,\"564\":2,\"565\":1,\"574\":1,\"576\":2,\"586\":1,\"590\":3,\"591\":3,\"592\":2,\"594\":2,\"604\":1,\"606\":2,\"616\":1,\"620\":3,\"621\":3,\"622\":2,\"624\":2,\"631\":1,\"638\":3,\"641\":3,\"643\":5,\"650\":1,\"652\":2,\"662\":1,\"666\":3,\"667\":3,\"668\":2,\"670\":2,\"677\":1,\"684\":3,\"687\":3,\"689\":5,\"696\":1,\"698\":2,\"708\":1,\"712\":3,\"713\":3,\"714\":2,\"716\":2,\"723\":1,\"730\":3,\"733\":3,\"735\":5,\"742\":1,\"744\":2,\"754\":1,\"758\":3,\"759\":3,\"760\":2,\"762\":2,\"769\":1,\"776\":3,\"779\":3,\"781\":5,\"788\":1,\"790\":2,\"800\":1,\"804\":3,\"805\":3,\"806\":2,\"808\":2,\"815\":1,\"822\":3,\"825\":3,\"827\":5,\"836\":2,\"846\":1,\"850\":3,\"851\":3,\"852\":2,\"854\":2,\"861\":1,\"868\":3,\"871\":3,\"873\":5,\"882\":2,\"892\":1,\"896\":2,\"897\":3,\"898\":2,\"901\":2,\"909\":1,\"910\":1,\"913\":2,\"914\":1,\"920\":1,\"922\":1,\"923\":1,\"934\":1,\"949\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"964\":1,\"970\":1,\"980\":1,\"983\":1,\"984\":1,\"988\":1,\"995\":1,\"996\":1,\"998\":1,\"1006\":1,\"1007\":1,\"1009\":1,\"1026\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1043\":1,\"1044\":1,\"1049\":1,\"1051\":1,\"1052\":1,\"1056\":2,\"1060\":1,\"1062\":1,\"1063\":1,\"1070\":1,\"1081\":1,\"1088\":1,\"1089\":1,\"1091\":1,\"1099\":1,\"1100\":1,\"1102\":1,\"1120\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1137\":1,\"1138\":1,\"1147\":1,\"1158\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1174\":1,\"1180\":1,\"1190\":1,\"1195\":1,\"1197\":1,\"1198\":1,\"1200\":1,\"1209\":1,\"1210\":1,\"1212\":1,\"1228\":1,\"1230\":1,\"1231\":1,\"1238\":1,\"1246\":1,\"1251\":1,\"1252\":1,\"1254\":1,\"1263\":1,\"1264\":1,\"1277\":1,\"1278\":1,\"1280\":1,\"1298\":1,\"1309\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1325\":1,\"1331\":1,\"1341\":1,\"1346\":1,\"1348\":1,\"1349\":1,\"1351\":1,\"1355\":1,\"1357\":1,\"1358\":1,\"1362\":2,\"1366\":1,\"1368\":1,\"1369\":1,\"1376\":1,\"1384\":1,\"1388\":1,\"1390\":1,\"1391\":1,\"1393\":1,\"1401\":1,\"1402\":1,\"1404\":1,\"1422\":1,\"1434\":1,\"1435\":1,\"1449\":1,\"1450\":1,\"1452\":1,\"1470\":1,\"1482\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1497\":1,\"1503\":1,\"1513\":1,\"1516\":1,\"1517\":1,\"1521\":1,\"1524\":1,\"1525\":1,\"1527\":1,\"1531\":1,\"1533\":1,\"1534\":1,\"1538\":2,\"1542\":1,\"1544\":1,\"1545\":1,\"1552\":1,\"1560\":1,\"1566\":1,\"1567\":1,\"1569\":1,\"1577\":1,\"1578\":1,\"1580\":1,\"1598\":1,\"1611\":1,\"1612\":1,\"1626\":1,\"1627\":1,\"1629\":1,\"1647\":1,\"1659\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1674\":1,\"1680\":1,\"1690\":1,\"1693\":1,\"1694\":1,\"1698\":1,\"1701\":1,\"1702\":1,\"1704\":1,\"1708\":1,\"1710\":1,\"1711\":1,\"1715\":2,\"1719\":1,\"1721\":1,\"1722\":1,\"1729\":1,\"1737\":1,\"1743\":1,\"1744\":1,\"1746\":1,\"1754\":1,\"1755\":1,\"1757\":1,\"1775\":1,\"1788\":1,\"1789\":1,\"1803\":1,\"1804\":1,\"1806\":1,\"1824\":1,\"1836\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1851\":1,\"1857\":1,\"1867\":1,\"1870\":1,\"1871\":1,\"1875\":1,\"1878\":1,\"1879\":1,\"1881\":1,\"1885\":1,\"1887\":1,\"1888\":1,\"1892\":2,\"1896\":1,\"1898\":1,\"1899\":1,\"1906\":1,\"1914\":1,\"1920\":1,\"1921\":1,\"1923\":1,\"1931\":1,\"1932\":1,\"1934\":1,\"1952\":1,\"1965\":1,\"1966\":1,\"1980\":1,\"1981\":1,\"1983\":1,\"2001\":1,\"2013\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2028\":1,\"2034\":1,\"2044\":1,\"2047\":1,\"2048\":1,\"2052\":1,\"2055\":1,\"2056\":1,\"2058\":1,\"2062\":1,\"2064\":1,\"2065\":1,\"2069\":2,\"2073\":1,\"2075\":1,\"2076\":1,\"2083\":1,\"2091\":1,\"2097\":1,\"2098\":1,\"2100\":1,\"2108\":1,\"2109\":1,\"2111\":1,\"2129\":1,\"2142\":1,\"2143\":1,\"2157\":1,\"2158\":1,\"2160\":1,\"2178\":1,\"2190\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2205\":1,\"2211\":1,\"2221\":1,\"2224\":1,\"2225\":1,\"2229\":1,\"2232\":1,\"2233\":1,\"2235\":1,\"2239\":1,\"2241\":1,\"2242\":1,\"2246\":2,\"2250\":1,\"2252\":1,\"2253\":1,\"2260\":1,\"2268\":1,\"2274\":1,\"2275\":1,\"2277\":1,\"2285\":1,\"2286\":1,\"2288\":1,\"2306\":1,\"2319\":1,\"2320\":1,\"2327\":1,\"2329\":1,\"2330\":1,\"2344\":1,\"2345\":1,\"2347\":1,\"2365\":1,\"2380\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2395\":1,\"2401\":1,\"2411\":1,\"2414\":1,\"2415\":1,\"2419\":1,\"2426\":1,\"2427\":1,\"2429\":1,\"2433\":1,\"2446\":1,\"2447\":1,\"2454\":1,\"2456\":1,\"2457\":1,\"2461\":2,\"2465\":1,\"2467\":1,\"2468\":1,\"2475\":1,\"2486\":1,\"2493\":1,\"2494\":1,\"2496\":1,\"2504\":1,\"2505\":1,\"2507\":1,\"2525\":1,\"2538\":1,\"2539\":1,\"2546\":1,\"2548\":1,\"2549\":1,\"2563\":1,\"2564\":1,\"2566\":1,\"2584\":1,\"2599\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2614\":1,\"2620\":1,\"2630\":1,\"2633\":1,\"2634\":1,\"2638\":1,\"2645\":1,\"2646\":1,\"2648\":1,\"2652\":1,\"2665\":1,\"2666\":1,\"2673\":1,\"2675\":1,\"2676\":1,\"2680\":2,\"2684\":1,\"2686\":1,\"2687\":1,\"2694\":1,\"2705\":1,\"2712\":1,\"2713\":1,\"2715\":1,\"2723\":1,\"2724\":1,\"2726\":1,\"2744\":1,\"2757\":1,\"2758\":1,\"2765\":1,\"2767\":1,\"2768\":1,\"2782\":1,\"2783\":1,\"2785\":1,\"2803\":1,\"2818\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2833\":1,\"2839\":1,\"2849\":1,\"2852\":1,\"2853\":1,\"2857\":1,\"2864\":1,\"2865\":1,\"2867\":1,\"2871\":1,\"2884\":1,\"2885\":1,\"2892\":1,\"2894\":1,\"2895\":1,\"2899\":2,\"2903\":1,\"2905\":1,\"2906\":1,\"2913\":1,\"2924\":1,\"2931\":1,\"2932\":1,\"2934\":1,\"2942\":1,\"2943\":1,\"2945\":1,\"2963\":1,\"2976\":1,\"2977\":1,\"2984\":1,\"2986\":1,\"2987\":1,\"3001\":1,\"3002\":1,\"3004\":1,\"3022\":1,\"3037\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3052\":1,\"3058\":1,\"3068\":1,\"3071\":1,\"3072\":1,\"3076\":1,\"3083\":1,\"3084\":1,\"3086\":1,\"3090\":1,\"3103\":1,\"3104\":1,\"3111\":1,\"3113\":1,\"3114\":1,\"3118\":2,\"3122\":1,\"3124\":1,\"3125\":1,\"3132\":1,\"3143\":1,\"3150\":1,\"3151\":1,\"3153\":1,\"3161\":1,\"3162\":1,\"3164\":1,\"3182\":1,\"3195\":1,\"3196\":1,\"3203\":1,\"3205\":1,\"3206\":1,\"3217\":1,\"3232\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3247\":1,\"3253\":1,\"3263\":1,\"3266\":1,\"3267\":1,\"3271\":1,\"3278\":1,\"3279\":1,\"3281\":1,\"3289\":1,\"3290\":1,\"3292\":1,\"3309\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3326\":1,\"3327\":1,\"3332\":1,\"3334\":1,\"3335\":1,\"3339\":2,\"3343\":1,\"3345\":1,\"3346\":1,\"3353\":1,\"3364\":1,\"3371\":1,\"3372\":1,\"3374\":1,\"3382\":1,\"3383\":1,\"3385\":1,\"3403\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3420\":1,\"3421\":1}}],[\"its\",{\"1\":{\"11\":1,\"33\":1,\"89\":1,\"99\":1,\"127\":1,\"154\":1,\"169\":1,\"285\":1,\"296\":1,\"338\":1,\"349\":1,\"364\":1,\"413\":1,\"416\":1,\"419\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"637\":1,\"640\":1,\"643\":1,\"663\":1,\"683\":1,\"686\":1,\"689\":1,\"709\":1,\"729\":1,\"732\":1,\"735\":1,\"755\":1,\"775\":1,\"778\":1,\"781\":1,\"801\":1,\"821\":1,\"824\":1,\"827\":1,\"847\":1,\"867\":1,\"870\":1,\"873\":1,\"893\":1}}],[\"it\",{\"1\":{\"1\":1,\"6\":1,\"9\":1,\"12\":1,\"33\":2,\"37\":2,\"88\":2,\"89\":1,\"94\":1,\"95\":1,\"96\":1,\"97\":2,\"102\":4,\"120\":1,\"128\":1,\"147\":1,\"149\":1,\"152\":1,\"153\":1,\"154\":1,\"286\":1,\"289\":1,\"290\":1,\"297\":1,\"300\":1,\"301\":1,\"332\":1,\"333\":3,\"338\":1,\"347\":2,\"348\":1,\"352\":1,\"364\":1,\"390\":1,\"400\":1,\"411\":1,\"414\":2,\"415\":1,\"417\":1,\"419\":2,\"443\":1,\"448\":1,\"482\":1,\"505\":1,\"531\":1,\"537\":2,\"561\":1,\"565\":1,\"591\":1,\"595\":1,\"621\":1,\"625\":1,\"635\":1,\"638\":2,\"639\":1,\"641\":1,\"643\":2,\"667\":1,\"671\":1,\"681\":1,\"684\":2,\"685\":1,\"687\":1,\"689\":2,\"713\":1,\"717\":1,\"727\":1,\"730\":2,\"731\":1,\"733\":1,\"735\":2,\"759\":1,\"763\":1,\"773\":1,\"776\":2,\"777\":1,\"779\":1,\"781\":2,\"805\":1,\"809\":1,\"819\":1,\"822\":2,\"823\":1,\"825\":1,\"827\":2,\"851\":1,\"865\":1,\"868\":2,\"869\":1,\"871\":1,\"873\":2,\"897\":1,\"902\":1}}],[\"innovative\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"innen\",{\"1\":{\"14\":1}}],[\"inject\",{\"1\":{\"349\":1}}],[\"ingress\",{\"1\":{\"170\":1}}],[\"initdb\",{\"1\":{\"327\":1}}],[\"init\",{\"0\":{\"262\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1},\"1\":{\"262\":1,\"327\":2,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"initial\",{\"1\":{\"262\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"initializer\",{\"1\":{\"159\":12,\"160\":3}}],[\"initiate\",{\"1\":{\"39\":1}}],[\"initiative\",{\"1\":{\"6\":1,\"17\":1,\"81\":1,\"98\":2,\"116\":2,\"117\":1,\"127\":1,\"419\":1,\"433\":1,\"550\":2,\"580\":2,\"610\":3,\"643\":1,\"656\":3,\"689\":1,\"702\":3,\"735\":1,\"748\":4,\"781\":1,\"795\":1,\"827\":1,\"841\":1,\"873\":1,\"887\":1}}],[\"inits\",{\"1\":{\"159\":2}}],[\"input\",{\"0\":{\"322\":1,\"343\":1,\"344\":1,\"347\":1},\"1\":{\"139\":2,\"345\":1,\"347\":5,\"349\":4,\"352\":2,\"364\":1,\"374\":2,\"377\":1,\"383\":2,\"390\":4,\"393\":3,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"inherits\",{\"1\":{\"347\":1}}],[\"inherit\",{\"1\":{\"134\":1}}],[\"inside\",{\"1\":{\"332\":1,\"341\":1,\"448\":1,\"902\":1}}],[\"insights\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"insight\",{\"1\":{\"116\":1}}],[\"inspect\",{\"1\":{\"170\":1}}],[\"insert\",{\"1\":{\"145\":2,\"159\":358}}],[\"instead\",{\"1\":{\"459\":2,\"485\":1,\"508\":1,\"534\":1,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2}}],[\"institutions\",{\"1\":{\"98\":2,\"127\":1}}],[\"institution\",{\"1\":{\"77\":1}}],[\"institutional\",{\"1\":{\"6\":1,\"127\":1}}],[\"institute\",{\"0\":{\"77\":1,\"78\":1,\"79\":1},\"1\":{\"77\":1,\"78\":2,\"79\":1,\"82\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"instantiation\",{\"1\":{\"334\":1,\"356\":1,\"357\":1}}],[\"instantiatesuri\",{\"0\":{\"357\":1},\"1\":{\"357\":1,\"364\":2,\"390\":1}}],[\"instantiated\",{\"1\":{\"334\":1,\"356\":1,\"357\":1,\"358\":1,\"384\":1}}],[\"instantiate\",{\"1\":{\"333\":1,\"335\":1}}],[\"instances\",{\"0\":{\"383\":1},\"1\":{\"98\":1,\"152\":1,\"331\":3,\"333\":1,\"346\":1,\"347\":3,\"356\":1,\"367\":1,\"377\":1,\"381\":1,\"383\":2,\"393\":1,\"459\":4,\"485\":2,\"508\":2,\"534\":2,\"564\":4,\"594\":4,\"624\":4,\"670\":4,\"716\":4,\"762\":4,\"808\":4,\"854\":4,\"913\":4}}],[\"instance\",{\"0\":{\"424\":1,\"467\":1,\"490\":1,\"516\":1,\"542\":1,\"572\":1,\"602\":1,\"648\":1,\"694\":1,\"740\":1,\"786\":1,\"832\":1,\"878\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"97\":1,\"153\":1,\"162\":1,\"289\":2,\"290\":4,\"300\":2,\"301\":4,\"303\":4,\"304\":4,\"307\":4,\"310\":2,\"333\":1,\"334\":2,\"338\":2,\"345\":1,\"347\":3,\"352\":1,\"356\":2,\"357\":2,\"358\":1,\"362\":1,\"363\":1,\"371\":1,\"372\":1,\"373\":1,\"374\":1,\"381\":1,\"383\":2,\"384\":1,\"388\":1,\"389\":1,\"398\":1,\"428\":1,\"434\":1,\"442\":1,\"459\":1,\"471\":1,\"473\":1,\"481\":1,\"485\":1,\"494\":1,\"496\":1,\"504\":1,\"508\":1,\"520\":1,\"522\":1,\"530\":1,\"534\":1,\"546\":1,\"552\":1,\"560\":1,\"564\":1,\"576\":1,\"582\":1,\"590\":1,\"594\":1,\"606\":1,\"612\":1,\"620\":1,\"624\":1,\"652\":1,\"658\":1,\"666\":1,\"670\":1,\"698\":1,\"704\":1,\"712\":1,\"716\":1,\"744\":1,\"750\":1,\"758\":1,\"762\":1,\"790\":1,\"796\":1,\"804\":1,\"808\":1,\"836\":1,\"842\":1,\"850\":1,\"854\":1,\"882\":1,\"888\":1,\"896\":1,\"913\":1}}],[\"installing\",{\"0\":{\"163\":1}}],[\"installed\",{\"1\":{\"88\":2,\"126\":1,\"129\":1,\"134\":1,\"135\":1,\"411\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"635\":1,\"661\":1,\"681\":1,\"707\":1,\"727\":1,\"753\":1,\"773\":1,\"799\":1,\"819\":1,\"845\":1,\"865\":1,\"891\":1}}],[\"install\",{\"0\":{\"430\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"548\":1,\"552\":1,\"578\":1,\"582\":1,\"608\":1,\"612\":1,\"654\":1,\"658\":1,\"700\":1,\"704\":1,\"746\":1,\"750\":1,\"792\":1,\"796\":1,\"838\":1,\"842\":1,\"884\":1,\"888\":1},\"1\":{\"33\":2,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"133\":1,\"134\":3,\"135\":2,\"162\":1,\"163\":1,\"171\":2,\"280\":1,\"283\":5,\"291\":1,\"294\":5,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"337\":1,\"338\":2,\"351\":1,\"352\":1,\"366\":1,\"367\":1,\"376\":1,\"377\":1,\"392\":1,\"393\":1,\"425\":1,\"430\":1,\"431\":1,\"434\":1,\"437\":4,\"459\":1,\"462\":1,\"468\":1,\"473\":2,\"476\":4,\"485\":1,\"491\":1,\"496\":2,\"499\":4,\"508\":1,\"511\":1,\"517\":1,\"522\":2,\"525\":4,\"534\":1,\"537\":1,\"543\":1,\"552\":1,\"555\":4,\"564\":1,\"567\":1,\"573\":1,\"582\":1,\"585\":4,\"594\":1,\"597\":1,\"603\":1,\"612\":1,\"615\":4,\"624\":1,\"627\":1,\"649\":1,\"658\":1,\"661\":4,\"670\":1,\"673\":1,\"695\":1,\"704\":1,\"707\":4,\"716\":1,\"719\":1,\"741\":1,\"750\":1,\"753\":4,\"762\":1,\"765\":1,\"787\":1,\"792\":1,\"793\":1,\"796\":1,\"799\":4,\"808\":1,\"811\":1,\"833\":1,\"838\":1,\"839\":1,\"842\":1,\"845\":4,\"854\":1,\"857\":1,\"879\":1,\"884\":1,\"885\":1,\"888\":1,\"891\":4,\"913\":1,\"916\":1}}],[\"installations\",{\"1\":{\"331\":1,\"536\":1}}],[\"installationshinweise\",{\"0\":{\"18\":1},\"1\":{\"14\":1}}],[\"installation\",{\"1\":{\"17\":1,\"19\":1,\"22\":1,\"163\":1,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"395\":2,\"397\":2,\"399\":2,\"401\":4,\"402\":2,\"428\":1,\"432\":2,\"434\":4,\"459\":5,\"473\":4,\"485\":1,\"496\":4,\"508\":1,\"522\":4,\"534\":1,\"546\":1,\"552\":4,\"564\":5,\"576\":1,\"582\":4,\"594\":5,\"606\":1,\"612\":4,\"624\":5,\"652\":1,\"658\":4,\"670\":5,\"698\":1,\"704\":4,\"716\":5,\"744\":1,\"750\":4,\"762\":5,\"790\":1,\"794\":2,\"796\":4,\"808\":5,\"836\":1,\"840\":2,\"842\":4,\"854\":5,\"882\":1,\"886\":2,\"888\":4,\"913\":5,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"instructions\",{\"1\":{\"20\":5,\"21\":4,\"33\":2,\"290\":1,\"301\":1,\"311\":1,\"314\":1,\"434\":1,\"459\":1,\"470\":1,\"473\":1,\"485\":1,\"493\":1,\"496\":1,\"508\":1,\"509\":1,\"519\":1,\"522\":1,\"534\":1,\"535\":1,\"545\":1,\"552\":1,\"564\":1,\"565\":1,\"582\":1,\"594\":1,\"612\":1,\"624\":1,\"658\":1,\"670\":1,\"704\":1,\"716\":1,\"750\":1,\"762\":1,\"796\":1,\"808\":1,\"842\":1,\"854\":1,\"888\":1,\"913\":1}}],[\"indicator\",{\"1\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"indicates\",{\"1\":{\"261\":1}}],[\"individual\",{\"1\":{\"102\":1,\"154\":1}}],[\"individuals\",{\"1\":{\"39\":1,\"116\":1}}],[\"indentoptions>\",{\"1\":{\"160\":1}}],[\"indent\",{\"1\":{\"159\":14}}],[\"indentations\",{\"1\":{\"159\":1}}],[\"indentation\",{\"1\":{\"159\":3}}],[\"index\",{\"1\":{\"99\":1,\"152\":1,\"169\":1,\"231\":1}}],[\"independent\",{\"1\":{\"98\":1,\"117\":1}}],[\"invaluable\",{\"1\":{\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"invite\",{\"1\":{\"286\":1,\"297\":1,\"404\":1,\"628\":1,\"674\":1,\"720\":1,\"766\":1,\"812\":1,\"858\":1}}],[\"involves\",{\"1\":{\"302\":1,\"305\":1,\"308\":1,\"311\":1,\"314\":1,\"431\":1,\"460\":1,\"509\":1,\"535\":1,\"565\":1,\"595\":1,\"625\":1,\"671\":1,\"717\":1,\"763\":1,\"793\":1,\"809\":1,\"839\":1,\"855\":1,\"885\":1,\"914\":1}}],[\"involved\",{\"1\":{\"82\":2,\"116\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"invocation\",{\"1\":{\"159\":9}}],[\"investigation\",{\"1\":{\"38\":1}}],[\"investigate\",{\"1\":{\"37\":1,\"38\":1}}],[\"int\",{\"1\":{\"327\":3}}],[\"introduced\",{\"1\":{\"120\":1,\"460\":1,\"914\":1}}],[\"introduction\",{\"0\":{\"32\":1,\"98\":1,\"330\":1,\"341\":1,\"345\":1,\"355\":1,\"370\":1,\"380\":1},\"1\":{\"24\":1,\"28\":1,\"426\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"834\":1,\"880\":1}}],[\"intranet\",{\"1\":{\"88\":1}}],[\"into\",{\"1\":{\"9\":1,\"12\":1,\"89\":1,\"93\":1,\"94\":1,\"95\":1,\"116\":1,\"117\":1,\"127\":2,\"141\":3,\"152\":1,\"153\":1,\"157\":4,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"318\":1,\"338\":1,\"348\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1,\"415\":1,\"442\":2,\"443\":2,\"459\":1,\"481\":2,\"482\":2,\"485\":1,\"504\":2,\"505\":2,\"508\":1,\"530\":2,\"531\":2,\"534\":1,\"560\":2,\"561\":2,\"564\":1,\"590\":2,\"591\":2,\"594\":1,\"620\":2,\"621\":2,\"624\":1,\"639\":1,\"666\":2,\"667\":2,\"670\":1,\"685\":1,\"712\":2,\"713\":2,\"716\":1,\"731\":1,\"758\":2,\"759\":2,\"762\":1,\"777\":1,\"804\":2,\"805\":2,\"808\":1,\"823\":1,\"850\":2,\"851\":2,\"854\":1,\"869\":1,\"896\":2,\"897\":2,\"913\":1}}],[\"intellij\",{\"0\":{\"160\":1},\"1\":{\"156\":2,\"319\":1,\"342\":1,\"394\":1,\"401\":3,\"407\":2,\"631\":2,\"677\":2,\"723\":2,\"769\":2,\"815\":2,\"861\":2}}],[\"intended\",{\"1\":{\"103\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"interaction\",{\"1\":{\"356\":1}}],[\"interception\",{\"1\":{\"285\":2,\"296\":2,\"439\":2,\"478\":2,\"501\":2,\"527\":2,\"557\":2,\"587\":2,\"617\":2,\"663\":2,\"709\":2,\"755\":2,\"801\":2,\"847\":2,\"893\":2}}],[\"interconnectivity\",{\"1\":{\"94\":1}}],[\"intermediate\",{\"0\":{\"325\":1,\"378\":1,\"379\":1},\"1\":{\"275\":1,\"334\":1,\"356\":1,\"359\":1,\"381\":1,\"385\":1,\"390\":3,\"441\":1,\"442\":1,\"450\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"457\":1,\"895\":1,\"896\":1,\"904\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"911\":1,\"1038\":1,\"1132\":1,\"1262\":1,\"1433\":1,\"1610\":1,\"1787\":1,\"1964\":1,\"2141\":1,\"2318\":1,\"2445\":1,\"2537\":1,\"2664\":1,\"2756\":1,\"2883\":1,\"2975\":1,\"3102\":1,\"3194\":1,\"3321\":1,\"3415\":1}}],[\"interface\",{\"1\":{\"134\":1,\"135\":1,\"147\":1,\"150\":1,\"152\":5,\"153\":3,\"154\":1,\"289\":1,\"300\":1,\"332\":3,\"920\":3,\"926\":1,\"1024\":2,\"1049\":3,\"1055\":1,\"1117\":2,\"1355\":3,\"1361\":1,\"1419\":2,\"1531\":3,\"1537\":1,\"1595\":2,\"1708\":3,\"1714\":1,\"1772\":2,\"1885\":3,\"1891\":1,\"1949\":2,\"2062\":3,\"2068\":1,\"2126\":2,\"2239\":3,\"2245\":1,\"2303\":2,\"2327\":3,\"2333\":1,\"2431\":2,\"2454\":3,\"2460\":1,\"2522\":2,\"2546\":3,\"2552\":1,\"2650\":2,\"2673\":3,\"2679\":1,\"2741\":2,\"2765\":3,\"2771\":1,\"2869\":2,\"2892\":3,\"2898\":1,\"2960\":2,\"2984\":3,\"2990\":1,\"3088\":2,\"3111\":3,\"3117\":1,\"3179\":2,\"3203\":3,\"3209\":1,\"3307\":2,\"3332\":3,\"3338\":1,\"3400\":2}}],[\"interfaces\",{\"1\":{\"77\":1}}],[\"interval\",{\"1\":{\"105\":4,\"327\":1,\"536\":1,\"537\":1}}],[\"internet\",{\"1\":{\"99\":1,\"139\":1,\"169\":1,\"199\":1,\"200\":1,\"201\":1,\"244\":1,\"245\":1,\"246\":1,\"285\":3,\"296\":3,\"327\":8,\"439\":3,\"478\":3,\"501\":3,\"527\":3,\"557\":3,\"587\":3,\"617\":3,\"663\":3,\"709\":3,\"755\":3,\"801\":3,\"847\":3,\"893\":3}}],[\"international\",{\"1\":{\"98\":1}}],[\"internal\",{\"1\":{\"90\":2,\"99\":2,\"109\":2,\"169\":2,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"interpretation\",{\"1\":{\"94\":1}}],[\"interested\",{\"1\":{\"12\":1,\"116\":1}}],[\"interoperability\",{\"0\":{\"94\":1},\"1\":{\"6\":1,\"26\":1,\"77\":1,\"93\":1,\"94\":3,\"95\":1}}],[\"interoperable\",{\"1\":{\"0\":1,\"12\":1,\"98\":1}}],[\"integrated\",{\"1\":{\"94\":1,\"127\":1,\"154\":1,\"460\":1,\"914\":1}}],[\"integrating\",{\"1\":{\"12\":1}}],[\"integration\",{\"0\":{\"134\":1,\"135\":1,\"137\":1},\"1\":{\"11\":1,\"78\":1,\"81\":2,\"82\":1,\"91\":1,\"98\":1,\"127\":2,\"128\":1,\"130\":1,\"138\":1,\"151\":1}}],[\"integrity\",{\"1\":{\"5\":1,\"10\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"incl\",{\"1\":{\"457\":3,\"911\":3}}],[\"included\",{\"1\":{\"99\":1,\"109\":1,\"147\":1,\"169\":1,\"416\":1,\"450\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1,\"904\":1,\"1041\":1,\"1135\":1,\"3324\":1,\"3418\":1}}],[\"include\",{\"1\":{\"37\":1,\"77\":1,\"145\":2,\"147\":2,\"163\":1,\"217\":1,\"419\":1,\"444\":1,\"460\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"643\":1,\"668\":1,\"689\":1,\"714\":1,\"735\":1,\"760\":1,\"781\":1,\"806\":1,\"827\":1,\"852\":1,\"873\":1,\"898\":1,\"914\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\"includes\",{\"1\":{\"0\":1,\"10\":1,\"32\":1,\"39\":1,\"83\":1,\"94\":1,\"134\":1,\"135\":1,\"152\":1,\"153\":1,\"349\":1}}],[\"including\",{\"1\":{\"37\":1,\"83\":1,\"116\":1,\"134\":1,\"135\":1,\"141\":2,\"142\":2,\"152\":1,\"153\":1,\"163\":1,\"275\":1,\"1038\":1,\"1132\":1,\"1262\":1,\"1433\":1,\"1610\":1,\"1787\":1,\"1964\":1,\"2141\":1,\"2318\":1,\"2445\":1,\"2537\":1,\"2664\":1,\"2756\":1,\"2883\":1,\"2975\":1,\"3102\":1,\"3194\":1,\"3321\":1,\"3415\":1}}],[\"incredibly\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"increments\",{\"1\":{\"159\":2}}],[\"increase\",{\"1\":{\"82\":1,\"141\":1}}],[\"incoming\",{\"1\":{\"99\":4,\"100\":1,\"106\":1,\"169\":4,\"170\":1}}],[\"incorporated\",{\"1\":{\"9\":1}}],[\"infastructure\",{\"1\":{\"547\":1}}],[\"infile=certificate\",{\"1\":{\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"infile=client\",{\"1\":{\"289\":1,\"300\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"1083\":1,\"1386\":1,\"1562\":1,\"1739\":1,\"1916\":1,\"2093\":1,\"2270\":1,\"2488\":1,\"2707\":1,\"2926\":1,\"3145\":1,\"3366\":1}}],[\"infinite\",{\"1\":{\"209\":1,\"234\":1,\"960\":1,\"986\":1,\"1170\":1,\"1193\":1,\"1321\":1,\"1344\":1,\"1493\":1,\"1519\":1,\"1670\":1,\"1696\":1,\"1847\":1,\"1873\":1,\"2024\":1,\"2050\":1,\"2201\":1,\"2227\":1,\"2391\":1,\"2417\":1,\"2610\":1,\"2636\":1,\"2829\":1,\"2855\":1,\"3048\":1,\"3074\":1,\"3243\":1,\"3269\":1}}],[\"infos\",{\"1\":{\"284\":1,\"295\":1}}],[\"info\",{\"0\":{\"3424\":1},\"1\":{\"217\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"444\":4,\"457\":28,\"462\":2,\"483\":2,\"506\":2,\"511\":2,\"532\":2,\"537\":2,\"562\":2,\"567\":2,\"592\":2,\"597\":2,\"622\":2,\"627\":2,\"668\":2,\"673\":2,\"714\":2,\"719\":2,\"760\":4,\"765\":2,\"806\":4,\"811\":2,\"852\":4,\"857\":2,\"898\":4,\"911\":28,\"916\":2,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\"informed\",{\"1\":{\"38\":1}}],[\"inform\",{\"1\":{\"26\":10}}],[\"informational\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"informationen\",{\"1\":{\"14\":1}}],[\"information\",{\"0\":{\"128\":1,\"164\":1},\"1\":{\"13\":1,\"30\":1,\"31\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"74\":1,\"78\":1,\"86\":1,\"91\":2,\"92\":1,\"93\":1,\"94\":1,\"95\":3,\"99\":1,\"109\":1,\"110\":1,\"112\":1,\"113\":1,\"126\":1,\"127\":1,\"130\":1,\"162\":1,\"163\":1,\"169\":1,\"186\":1,\"285\":1,\"286\":1,\"296\":1,\"297\":1,\"356\":1,\"415\":1,\"419\":1,\"427\":2,\"439\":1,\"442\":1,\"444\":1,\"445\":1,\"470\":3,\"478\":1,\"483\":1,\"484\":1,\"493\":3,\"501\":1,\"504\":1,\"506\":1,\"507\":1,\"519\":3,\"527\":1,\"530\":1,\"532\":1,\"533\":1,\"545\":2,\"557\":1,\"560\":1,\"562\":1,\"563\":1,\"575\":2,\"587\":1,\"590\":1,\"592\":1,\"593\":1,\"605\":2,\"617\":1,\"620\":1,\"622\":1,\"623\":1,\"639\":1,\"643\":1,\"651\":2,\"663\":1,\"666\":1,\"668\":1,\"669\":1,\"685\":1,\"689\":1,\"697\":2,\"709\":1,\"712\":1,\"714\":1,\"715\":1,\"731\":1,\"735\":1,\"743\":2,\"755\":1,\"758\":1,\"760\":1,\"761\":1,\"777\":1,\"781\":1,\"789\":2,\"801\":1,\"804\":1,\"806\":1,\"807\":1,\"823\":1,\"827\":1,\"835\":2,\"847\":1,\"850\":1,\"852\":1,\"853\":1,\"869\":1,\"873\":1,\"881\":2,\"893\":1,\"896\":1,\"898\":1,\"899\":1,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"informatician\",{\"1\":{\"1\":1}}],[\"informatics\",{\"0\":{\"78\":1,\"81\":1},\"1\":{\"0\":1,\"1\":1,\"6\":1,\"77\":1,\"78\":1,\"79\":1,\"81\":1,\"82\":1,\"98\":3,\"116\":1,\"117\":1,\"118\":1,\"127\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"inf\",{\"1\":{\"152\":1,\"153\":1,\"332\":1}}],[\"infrastructure\",{\"1\":{\"0\":1,\"20\":1,\"81\":1,\"98\":1,\"117\":2,\"129\":1,\"130\":1,\"428\":1,\"429\":3,\"470\":1,\"471\":1,\"493\":1,\"494\":1,\"519\":1,\"520\":1,\"546\":1,\"547\":2,\"576\":1,\"577\":3,\"606\":1,\"607\":3,\"652\":1,\"653\":3,\"698\":1,\"699\":3,\"744\":1,\"745\":3,\"790\":1,\"791\":3,\"836\":1,\"837\":3,\"882\":1,\"883\":3}}],[\"in\",{\"0\":{\"11\":1,\"82\":1,\"92\":1,\"100\":1,\"170\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1},\"1\":{\"0\":3,\"1\":2,\"5\":3,\"11\":2,\"12\":1,\"13\":2,\"14\":1,\"15\":1,\"16\":2,\"17\":1,\"26\":6,\"29\":2,\"30\":1,\"32\":2,\"33\":1,\"35\":1,\"37\":2,\"38\":2,\"39\":2,\"42\":1,\"43\":1,\"44\":1,\"45\":1,\"46\":1,\"47\":1,\"48\":1,\"49\":1,\"50\":1,\"51\":1,\"52\":1,\"53\":1,\"54\":1,\"55\":1,\"56\":1,\"57\":1,\"58\":1,\"59\":1,\"60\":1,\"61\":1,\"62\":1,\"63\":1,\"64\":1,\"65\":1,\"66\":1,\"67\":1,\"74\":1,\"77\":1,\"78\":1,\"79\":1,\"81\":6,\"82\":3,\"85\":1,\"88\":4,\"89\":3,\"90\":3,\"91\":3,\"95\":1,\"96\":1,\"97\":4,\"98\":1,\"99\":1,\"100\":2,\"102\":2,\"103\":1,\"105\":1,\"106\":2,\"109\":4,\"110\":1,\"113\":1,\"116\":3,\"117\":4,\"120\":2,\"126\":2,\"128\":1,\"129\":2,\"130\":2,\"134\":2,\"135\":6,\"136\":2,\"138\":2,\"139\":1,\"141\":4,\"142\":5,\"145\":3,\"146\":1,\"147\":3,\"149\":2,\"150\":1,\"152\":1,\"153\":1,\"154\":2,\"159\":184,\"160\":3,\"162\":2,\"163\":1,\"165\":1,\"169\":1,\"170\":2,\"174\":1,\"177\":1,\"180\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"208\":1,\"217\":1,\"218\":1,\"231\":1,\"232\":1,\"233\":1,\"238\":1,\"247\":1,\"248\":1,\"253\":1,\"262\":1,\"263\":1,\"289\":1,\"290\":1,\"300\":1,\"304\":8,\"307\":8,\"310\":4,\"313\":2,\"316\":2,\"318\":1,\"319\":2,\"320\":1,\"322\":1,\"323\":1,\"324\":2,\"325\":1,\"329\":1,\"331\":1,\"332\":3,\"334\":1,\"335\":1,\"338\":2,\"341\":3,\"342\":4,\"344\":1,\"346\":3,\"347\":4,\"348\":3,\"349\":4,\"352\":4,\"354\":2,\"356\":4,\"357\":3,\"361\":2,\"362\":1,\"363\":1,\"364\":5,\"367\":4,\"369\":2,\"371\":1,\"372\":2,\"374\":1,\"377\":3,\"379\":1,\"381\":4,\"382\":1,\"383\":4,\"387\":2,\"388\":1,\"389\":1,\"390\":6,\"393\":6,\"394\":2,\"396\":2,\"398\":1,\"400\":2,\"405\":2,\"412\":1,\"413\":1,\"414\":2,\"415\":1,\"416\":3,\"417\":3,\"418\":1,\"419\":3,\"422\":3,\"423\":3,\"426\":1,\"431\":1,\"433\":2,\"434\":1,\"444\":5,\"446\":2,\"448\":1,\"450\":1,\"451\":1,\"457\":3,\"459\":1,\"460\":1,\"462\":2,\"465\":3,\"466\":3,\"473\":1,\"481\":1,\"483\":5,\"488\":3,\"489\":3,\"496\":1,\"504\":1,\"506\":5,\"511\":2,\"514\":3,\"515\":3,\"522\":1,\"530\":1,\"532\":5,\"537\":2,\"540\":3,\"541\":3,\"544\":1,\"547\":1,\"552\":1,\"560\":1,\"562\":5,\"564\":1,\"567\":2,\"570\":3,\"571\":3,\"574\":1,\"582\":1,\"590\":1,\"592\":5,\"594\":1,\"597\":2,\"600\":3,\"601\":3,\"604\":1,\"612\":1,\"620\":1,\"622\":5,\"624\":1,\"627\":2,\"629\":2,\"636\":1,\"637\":1,\"638\":2,\"639\":1,\"640\":3,\"641\":3,\"642\":1,\"643\":3,\"646\":3,\"647\":3,\"650\":1,\"658\":1,\"666\":1,\"668\":5,\"670\":1,\"673\":2,\"675\":2,\"682\":1,\"683\":1,\"684\":2,\"685\":1,\"686\":3,\"687\":3,\"688\":1,\"689\":3,\"692\":3,\"693\":3,\"696\":1,\"704\":1,\"712\":1,\"714\":5,\"716\":1,\"719\":2,\"721\":2,\"728\":1,\"729\":1,\"730\":2,\"731\":1,\"732\":3,\"733\":3,\"734\":1,\"735\":3,\"738\":3,\"739\":3,\"742\":1,\"750\":1,\"758\":1,\"760\":5,\"762\":1,\"765\":2,\"767\":2,\"774\":1,\"775\":1,\"776\":2,\"777\":1,\"778\":3,\"779\":3,\"780\":1,\"781\":3,\"784\":3,\"785\":3,\"788\":1,\"793\":1,\"795\":2,\"796\":1,\"804\":1,\"806\":5,\"808\":1,\"811\":2,\"813\":2,\"820\":1,\"821\":1,\"822\":2,\"823\":1,\"824\":3,\"825\":3,\"826\":1,\"827\":3,\"830\":3,\"831\":3,\"834\":1,\"839\":1,\"841\":2,\"842\":1,\"850\":1,\"852\":5,\"854\":1,\"857\":2,\"859\":2,\"866\":1,\"867\":1,\"868\":2,\"869\":1,\"870\":3,\"871\":3,\"872\":1,\"873\":3,\"876\":3,\"877\":3,\"880\":1,\"885\":1,\"887\":2,\"888\":1,\"898\":5,\"900\":2,\"902\":1,\"904\":1,\"905\":1,\"911\":3,\"913\":1,\"914\":1,\"916\":2,\"920\":1,\"923\":3,\"931\":1,\"934\":1,\"937\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"968\":1,\"969\":1,\"985\":1,\"992\":1,\"999\":1,\"1000\":1,\"1011\":1,\"1012\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":2,\"1022\":1,\"1043\":1,\"1044\":1,\"1049\":1,\"1052\":3,\"1056\":2,\"1062\":1,\"1063\":1,\"1067\":1,\"1070\":1,\"1081\":1,\"1082\":1,\"1085\":1,\"1092\":1,\"1093\":1,\"1104\":1,\"1105\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":2,\"1115\":1,\"1137\":1,\"1138\":1,\"1144\":1,\"1147\":1,\"1150\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1169\":1,\"1178\":1,\"1179\":1,\"1192\":1,\"1202\":1,\"1203\":1,\"1214\":1,\"1215\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":2,\"1225\":1,\"1230\":1,\"1231\":1,\"1235\":1,\"1238\":1,\"1246\":1,\"1247\":1,\"1270\":1,\"1271\":1,\"1282\":1,\"1283\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":2,\"1293\":1,\"1295\":1,\"1298\":1,\"1301\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1320\":1,\"1329\":1,\"1330\":1,\"1343\":1,\"1355\":1,\"1358\":3,\"1362\":2,\"1368\":1,\"1369\":1,\"1373\":1,\"1376\":1,\"1384\":1,\"1385\":1,\"1388\":1,\"1394\":1,\"1395\":1,\"1406\":1,\"1407\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":2,\"1417\":1,\"1442\":1,\"1443\":1,\"1454\":1,\"1455\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":2,\"1465\":1,\"1467\":1,\"1470\":1,\"1473\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1501\":1,\"1502\":1,\"1518\":1,\"1531\":1,\"1534\":3,\"1538\":2,\"1544\":1,\"1545\":1,\"1549\":1,\"1552\":1,\"1560\":1,\"1561\":1,\"1564\":1,\"1570\":1,\"1571\":1,\"1582\":1,\"1583\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":2,\"1593\":1,\"1619\":1,\"1620\":1,\"1631\":1,\"1632\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":2,\"1642\":1,\"1644\":1,\"1647\":1,\"1650\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1678\":1,\"1679\":1,\"1695\":1,\"1708\":1,\"1711\":3,\"1715\":2,\"1721\":1,\"1722\":1,\"1726\":1,\"1729\":1,\"1737\":1,\"1738\":1,\"1741\":1,\"1747\":1,\"1748\":1,\"1759\":1,\"1760\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":2,\"1770\":1,\"1796\":1,\"1797\":1,\"1808\":1,\"1809\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":2,\"1819\":1,\"1821\":1,\"1824\":1,\"1827\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1855\":1,\"1856\":1,\"1872\":1,\"1885\":1,\"1888\":3,\"1892\":2,\"1898\":1,\"1899\":1,\"1903\":1,\"1906\":1,\"1914\":1,\"1915\":1,\"1918\":1,\"1924\":1,\"1925\":1,\"1936\":1,\"1937\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":2,\"1947\":1,\"1973\":1,\"1974\":1,\"1985\":1,\"1986\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":2,\"1996\":1,\"1998\":1,\"2001\":1,\"2004\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2032\":1,\"2033\":1,\"2049\":1,\"2062\":1,\"2065\":3,\"2069\":2,\"2075\":1,\"2076\":1,\"2080\":1,\"2083\":1,\"2091\":1,\"2092\":1,\"2095\":1,\"2101\":1,\"2102\":1,\"2113\":1,\"2114\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":2,\"2124\":1,\"2150\":1,\"2151\":1,\"2162\":1,\"2163\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":2,\"2173\":1,\"2175\":1,\"2178\":1,\"2181\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2209\":1,\"2210\":1,\"2226\":1,\"2239\":1,\"2242\":3,\"2246\":2,\"2252\":1,\"2253\":1,\"2257\":1,\"2260\":1,\"2268\":1,\"2269\":1,\"2272\":1,\"2278\":1,\"2279\":1,\"2290\":1,\"2291\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":2,\"2301\":1,\"2327\":1,\"2330\":3,\"2337\":1,\"2338\":1,\"2349\":1,\"2350\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":2,\"2360\":1,\"2362\":1,\"2365\":1,\"2368\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2399\":1,\"2400\":1,\"2416\":1,\"2423\":1,\"2454\":1,\"2457\":3,\"2461\":2,\"2467\":1,\"2468\":1,\"2472\":1,\"2475\":1,\"2486\":1,\"2487\":1,\"2490\":1,\"2497\":1,\"2498\":1,\"2509\":1,\"2510\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":2,\"2520\":1,\"2546\":1,\"2549\":3,\"2556\":1,\"2557\":1,\"2568\":1,\"2569\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":2,\"2579\":1,\"2581\":1,\"2584\":1,\"2587\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2618\":1,\"2619\":1,\"2635\":1,\"2642\":1,\"2673\":1,\"2676\":3,\"2680\":2,\"2686\":1,\"2687\":1,\"2691\":1,\"2694\":1,\"2705\":1,\"2706\":1,\"2709\":1,\"2716\":1,\"2717\":1,\"2728\":1,\"2729\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":2,\"2739\":1,\"2765\":1,\"2768\":3,\"2775\":1,\"2776\":1,\"2787\":1,\"2788\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":2,\"2798\":1,\"2800\":1,\"2803\":1,\"2806\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2837\":1,\"2838\":1,\"2854\":1,\"2861\":1,\"2892\":1,\"2895\":3,\"2899\":2,\"2905\":1,\"2906\":1,\"2910\":1,\"2913\":1,\"2924\":1,\"2925\":1,\"2928\":1,\"2935\":1,\"2936\":1,\"2947\":1,\"2948\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":2,\"2958\":1,\"2984\":1,\"2987\":3,\"2994\":1,\"2995\":1,\"3006\":1,\"3007\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":2,\"3017\":1,\"3019\":1,\"3022\":1,\"3025\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3056\":1,\"3057\":1,\"3073\":1,\"3080\":1,\"3111\":1,\"3114\":3,\"3118\":2,\"3124\":1,\"3125\":1,\"3129\":1,\"3132\":1,\"3143\":1,\"3144\":1,\"3147\":1,\"3154\":1,\"3155\":1,\"3166\":1,\"3167\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":2,\"3177\":1,\"3203\":1,\"3206\":3,\"3214\":1,\"3217\":1,\"3220\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3251\":1,\"3252\":1,\"3268\":1,\"3275\":1,\"3282\":1,\"3283\":1,\"3294\":1,\"3295\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":2,\"3305\":1,\"3326\":1,\"3327\":1,\"3332\":1,\"3335\":3,\"3339\":2,\"3345\":1,\"3346\":1,\"3350\":1,\"3353\":1,\"3364\":1,\"3365\":1,\"3368\":1,\"3375\":1,\"3376\":1,\"3387\":1,\"3388\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":2,\"3398\":1,\"3420\":1,\"3421\":1}}],[\"iso\",{\"1\":{\"382\":1}}],[\"isready\",{\"1\":{\"327\":1}}],[\"issuing\",{\"1\":{\"289\":1,\"300\":1,\"450\":1,\"452\":2,\"453\":1,\"454\":2,\"455\":1,\"456\":1,\"457\":20,\"458\":2,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"904\":1,\"906\":2,\"907\":1,\"908\":2,\"909\":1,\"910\":1,\"911\":20,\"912\":2,\"1038\":1,\"1039\":1,\"1044\":2,\"1132\":1,\"1133\":1,\"1138\":2,\"3321\":1,\"3322\":1,\"3327\":2,\"3415\":1,\"3416\":1,\"3421\":2}}],[\"issuer\",{\"1\":{\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"issued\",{\"1\":{\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1}}],[\"issues\",{\"1\":{\"38\":1,\"75\":1,\"117\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"issue\",{\"1\":{\"37\":2,\"38\":2,\"141\":3,\"158\":1,\"408\":1,\"409\":1,\"414\":4,\"417\":2,\"419\":3,\"632\":1,\"633\":1,\"638\":4,\"641\":2,\"643\":3,\"678\":1,\"679\":1,\"684\":4,\"687\":2,\"689\":3,\"724\":1,\"725\":1,\"730\":4,\"733\":2,\"735\":3,\"770\":1,\"771\":1,\"776\":4,\"779\":2,\"781\":3,\"816\":1,\"817\":1,\"822\":4,\"825\":2,\"827\":3,\"862\":1,\"863\":1,\"868\":4,\"871\":2,\"873\":3}}],[\"ist\",{\"1\":{\"15\":1}}],[\"is\",{\"1\":{\"0\":4,\"1\":2,\"5\":2,\"6\":1,\"9\":1,\"10\":1,\"11\":1,\"13\":1,\"26\":1,\"30\":1,\"32\":2,\"33\":2,\"38\":1,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"72\":1,\"77\":2,\"78\":1,\"81\":1,\"82\":2,\"85\":3,\"88\":4,\"89\":2,\"90\":4,\"91\":4,\"94\":2,\"95\":2,\"96\":3,\"97\":8,\"98\":5,\"99\":5,\"100\":2,\"102\":7,\"103\":2,\"104\":1,\"105\":1,\"106\":1,\"107\":1,\"109\":4,\"110\":3,\"112\":1,\"116\":1,\"117\":2,\"120\":1,\"126\":1,\"127\":5,\"129\":1,\"130\":2,\"136\":1,\"138\":1,\"139\":1,\"152\":1,\"153\":1,\"154\":1,\"156\":1,\"165\":3,\"167\":1,\"168\":1,\"169\":5,\"170\":2,\"174\":1,\"186\":1,\"188\":1,\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"213\":1,\"231\":1,\"232\":1,\"238\":1,\"242\":1,\"247\":1,\"248\":1,\"277\":1,\"280\":1,\"285\":1,\"289\":7,\"290\":3,\"291\":1,\"296\":1,\"300\":7,\"301\":2,\"304\":3,\"307\":3,\"310\":3,\"313\":3,\"316\":3,\"318\":2,\"319\":1,\"323\":1,\"331\":1,\"332\":6,\"333\":3,\"334\":1,\"338\":2,\"341\":1,\"344\":1,\"348\":5,\"352\":2,\"354\":1,\"356\":5,\"357\":2,\"362\":1,\"364\":1,\"367\":1,\"372\":1,\"377\":1,\"381\":1,\"382\":1,\"383\":3,\"388\":1,\"390\":1,\"393\":1,\"394\":1,\"395\":1,\"400\":1,\"403\":1,\"407\":1,\"408\":1,\"409\":1,\"412\":1,\"413\":1,\"415\":1,\"416\":2,\"417\":1,\"419\":2,\"427\":1,\"429\":1,\"433\":1,\"437\":1,\"439\":1,\"442\":2,\"443\":2,\"444\":1,\"445\":1,\"448\":1,\"459\":1,\"462\":3,\"469\":1,\"470\":2,\"472\":1,\"473\":1,\"476\":1,\"478\":1,\"481\":3,\"482\":2,\"483\":1,\"484\":1,\"485\":1,\"492\":1,\"493\":2,\"495\":1,\"496\":1,\"499\":1,\"501\":1,\"504\":3,\"505\":2,\"506\":1,\"507\":1,\"508\":1,\"511\":3,\"518\":1,\"519\":2,\"521\":1,\"522\":1,\"525\":1,\"527\":1,\"530\":3,\"531\":2,\"532\":1,\"533\":1,\"534\":1,\"536\":2,\"537\":5,\"544\":1,\"545\":1,\"547\":1,\"555\":1,\"557\":1,\"560\":3,\"561\":2,\"562\":1,\"563\":1,\"564\":1,\"565\":1,\"567\":3,\"574\":1,\"575\":1,\"577\":1,\"585\":1,\"587\":1,\"590\":3,\"591\":2,\"592\":1,\"593\":1,\"594\":1,\"595\":1,\"597\":3,\"604\":1,\"605\":1,\"607\":1,\"615\":1,\"617\":1,\"620\":3,\"621\":2,\"622\":1,\"623\":1,\"624\":1,\"625\":1,\"627\":3,\"631\":1,\"632\":1,\"633\":1,\"636\":1,\"637\":1,\"639\":1,\"640\":2,\"641\":1,\"643\":2,\"650\":1,\"651\":1,\"653\":1,\"661\":1,\"663\":1,\"666\":3,\"667\":2,\"668\":1,\"669\":1,\"670\":1,\"671\":1,\"673\":3,\"677\":1,\"678\":1,\"679\":1,\"682\":1,\"683\":1,\"685\":1,\"686\":2,\"687\":1,\"689\":2,\"696\":1,\"697\":1,\"699\":1,\"707\":1,\"709\":1,\"712\":3,\"713\":2,\"714\":1,\"715\":1,\"716\":1,\"717\":1,\"719\":3,\"723\":1,\"724\":1,\"725\":1,\"728\":1,\"729\":1,\"731\":1,\"732\":2,\"733\":1,\"735\":2,\"742\":1,\"743\":1,\"745\":1,\"753\":1,\"755\":1,\"758\":3,\"759\":2,\"760\":1,\"761\":1,\"762\":1,\"763\":1,\"765\":3,\"769\":1,\"770\":1,\"771\":1,\"774\":1,\"775\":1,\"777\":1,\"778\":2,\"779\":1,\"781\":2,\"788\":1,\"789\":1,\"791\":1,\"795\":1,\"799\":1,\"801\":1,\"804\":3,\"805\":2,\"806\":1,\"807\":1,\"808\":1,\"809\":1,\"811\":3,\"815\":1,\"816\":1,\"817\":1,\"820\":1,\"821\":1,\"823\":1,\"824\":2,\"825\":1,\"827\":2,\"835\":1,\"837\":1,\"841\":1,\"845\":1,\"847\":1,\"850\":3,\"851\":2,\"852\":1,\"853\":1,\"854\":1,\"857\":3,\"861\":1,\"862\":1,\"863\":1,\"866\":1,\"867\":1,\"869\":1,\"870\":2,\"871\":1,\"873\":2,\"881\":1,\"883\":1,\"887\":1,\"891\":1,\"893\":1,\"896\":2,\"897\":2,\"898\":1,\"899\":1,\"902\":1,\"913\":1,\"916\":3,\"920\":2,\"945\":1,\"946\":1,\"949\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"964\":1,\"983\":1,\"995\":1,\"1006\":1,\"1007\":1,\"1009\":1,\"1024\":1,\"1040\":1,\"1043\":1,\"1044\":1,\"1049\":3,\"1060\":1,\"1062\":1,\"1063\":1,\"1088\":1,\"1099\":1,\"1100\":1,\"1102\":1,\"1117\":1,\"1134\":1,\"1137\":1,\"1138\":1,\"1156\":1,\"1158\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1174\":1,\"1197\":1,\"1209\":1,\"1210\":1,\"1212\":1,\"1228\":1,\"1230\":1,\"1231\":1,\"1251\":1,\"1264\":1,\"1277\":1,\"1278\":1,\"1280\":1,\"1307\":1,\"1309\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1325\":1,\"1348\":1,\"1355\":3,\"1366\":1,\"1368\":1,\"1369\":1,\"1390\":1,\"1401\":1,\"1402\":1,\"1404\":1,\"1419\":1,\"1435\":1,\"1449\":1,\"1450\":1,\"1452\":1,\"1479\":1,\"1480\":1,\"1482\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1497\":1,\"1516\":1,\"1524\":1,\"1531\":3,\"1542\":1,\"1544\":1,\"1545\":1,\"1566\":1,\"1577\":1,\"1578\":1,\"1580\":1,\"1595\":1,\"1612\":1,\"1626\":1,\"1627\":1,\"1629\":1,\"1656\":1,\"1657\":1,\"1659\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1674\":1,\"1693\":1,\"1701\":1,\"1708\":3,\"1719\":1,\"1721\":1,\"1722\":1,\"1743\":1,\"1754\":1,\"1755\":1,\"1757\":1,\"1772\":1,\"1789\":1,\"1803\":1,\"1804\":1,\"1806\":1,\"1833\":1,\"1834\":1,\"1836\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1851\":1,\"1870\":1,\"1878\":1,\"1885\":3,\"1896\":1,\"1898\":1,\"1899\":1,\"1920\":1,\"1931\":1,\"1932\":1,\"1934\":1,\"1949\":1,\"1966\":1,\"1980\":1,\"1981\":1,\"1983\":1,\"2010\":1,\"2011\":1,\"2013\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2028\":1,\"2047\":1,\"2055\":1,\"2062\":3,\"2073\":1,\"2075\":1,\"2076\":1,\"2097\":1,\"2108\":1,\"2109\":1,\"2111\":1,\"2126\":1,\"2143\":1,\"2157\":1,\"2158\":1,\"2160\":1,\"2187\":1,\"2188\":1,\"2190\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2205\":1,\"2224\":1,\"2232\":1,\"2239\":3,\"2250\":1,\"2252\":1,\"2253\":1,\"2274\":1,\"2285\":1,\"2286\":1,\"2288\":1,\"2303\":1,\"2320\":1,\"2327\":2,\"2344\":1,\"2345\":1,\"2347\":1,\"2376\":1,\"2377\":1,\"2380\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2395\":1,\"2414\":1,\"2426\":1,\"2431\":1,\"2447\":1,\"2454\":3,\"2465\":1,\"2467\":1,\"2468\":1,\"2493\":1,\"2504\":1,\"2505\":1,\"2507\":1,\"2522\":1,\"2539\":1,\"2546\":2,\"2563\":1,\"2564\":1,\"2566\":1,\"2595\":1,\"2596\":1,\"2599\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2614\":1,\"2633\":1,\"2645\":1,\"2650\":1,\"2666\":1,\"2673\":3,\"2684\":1,\"2686\":1,\"2687\":1,\"2712\":1,\"2723\":1,\"2724\":1,\"2726\":1,\"2741\":1,\"2758\":1,\"2765\":2,\"2782\":1,\"2783\":1,\"2785\":1,\"2814\":1,\"2815\":1,\"2818\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2833\":1,\"2852\":1,\"2864\":1,\"2869\":1,\"2885\":1,\"2892\":3,\"2903\":1,\"2905\":1,\"2906\":1,\"2931\":1,\"2942\":1,\"2943\":1,\"2945\":1,\"2960\":1,\"2977\":1,\"2984\":2,\"3001\":1,\"3002\":1,\"3004\":1,\"3033\":1,\"3034\":1,\"3037\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3052\":1,\"3071\":1,\"3083\":1,\"3088\":1,\"3104\":1,\"3111\":3,\"3122\":1,\"3124\":1,\"3125\":1,\"3150\":1,\"3161\":1,\"3162\":1,\"3164\":1,\"3179\":1,\"3196\":1,\"3203\":2,\"3228\":1,\"3229\":1,\"3232\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3247\":1,\"3266\":1,\"3278\":1,\"3289\":1,\"3290\":1,\"3292\":1,\"3307\":1,\"3323\":1,\"3326\":1,\"3327\":1,\"3332\":3,\"3343\":1,\"3345\":1,\"3346\":1,\"3371\":1,\"3382\":1,\"3383\":1,\"3385\":1,\"3400\":1,\"3417\":1,\"3420\":1,\"3421\":1}}],[\"pg\",{\"1\":{\"327\":1}}],[\"psn\",{\"1\":{\"290\":1,\"304\":2}}],[\"pseudonymizationclientstubfactory\",{\"1\":{\"238\":1}}],[\"pseudonymization\",{\"0\":{\"238\":1},\"1\":{\"0\":1,\"6\":1,\"32\":1,\"82\":1,\"238\":4}}],[\"pseudonymize\",{\"1\":{\"0\":1,\"98\":1,\"238\":1}}],[\"pkcs\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"pkcs12\",{\"1\":{\"224\":1,\"225\":1,\"975\":1,\"976\":1,\"1185\":1,\"1186\":1,\"1336\":1,\"1337\":1,\"1508\":1,\"1509\":1,\"1685\":1,\"1686\":1,\"1862\":1,\"1863\":1,\"2039\":1,\"2040\":1,\"2216\":1,\"2217\":1,\"2406\":1,\"2407\":1,\"2625\":1,\"2626\":1,\"2844\":1,\"2845\":1,\"3063\":1,\"3064\":1,\"3258\":1,\"3259\":1}}],[\"pkg\",{\"1\":{\"162\":1}}],[\"pki\",{\"1\":{\"110\":2,\"112\":1,\"113\":1,\"165\":2,\"167\":1,\"168\":1,\"284\":3,\"289\":1,\"295\":3,\"300\":1,\"438\":3,\"477\":3,\"481\":1,\"500\":3,\"526\":3,\"556\":3,\"586\":3,\"616\":3,\"662\":3,\"708\":3,\"754\":3,\"800\":3,\"846\":3,\"892\":3}}],[\"phase\",{\"1\":{\"157\":1,\"346\":1}}],[\"pformat\",{\"1\":{\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"peer\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"pexercise\",{\"1\":{\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"pemdev\",{\"1\":{\"455\":1,\"909\":1}}],[\"pem\",{\"1\":{\"134\":1,\"135\":1,\"187\":2,\"188\":2,\"189\":1,\"205\":2,\"212\":2,\"213\":2,\"214\":1,\"228\":2,\"241\":2,\"242\":2,\"243\":1,\"249\":2,\"275\":2,\"276\":1,\"277\":2,\"278\":2,\"279\":2,\"288\":14,\"289\":12,\"290\":11,\"299\":14,\"300\":12,\"301\":11,\"327\":73,\"338\":1,\"441\":16,\"442\":14,\"443\":7,\"451\":1,\"452\":4,\"453\":4,\"454\":4,\"455\":4,\"461\":24,\"462\":12,\"480\":14,\"481\":15,\"482\":7,\"503\":14,\"504\":15,\"505\":7,\"529\":14,\"530\":15,\"531\":7,\"559\":14,\"560\":15,\"561\":7,\"589\":14,\"590\":15,\"591\":7,\"619\":14,\"620\":15,\"621\":7,\"665\":14,\"666\":15,\"667\":7,\"711\":14,\"712\":15,\"713\":7,\"757\":14,\"758\":15,\"759\":7,\"803\":14,\"804\":15,\"805\":7,\"849\":14,\"850\":15,\"851\":7,\"895\":16,\"896\":14,\"897\":7,\"905\":1,\"906\":4,\"907\":4,\"908\":4,\"909\":4,\"915\":24,\"916\":12,\"920\":1,\"948\":2,\"949\":2,\"950\":1,\"957\":3,\"963\":2,\"964\":2,\"965\":1,\"979\":3,\"1008\":2,\"1009\":2,\"1010\":1,\"1013\":3,\"1015\":3,\"1026\":1,\"1027\":4,\"1038\":2,\"1039\":1,\"1040\":2,\"1041\":2,\"1042\":2,\"1049\":1,\"1059\":2,\"1060\":2,\"1061\":1,\"1064\":3,\"1083\":1,\"1101\":2,\"1102\":2,\"1103\":1,\"1106\":3,\"1108\":3,\"1120\":1,\"1121\":4,\"1132\":2,\"1133\":1,\"1134\":2,\"1135\":2,\"1136\":2,\"1157\":2,\"1158\":2,\"1159\":1,\"1166\":2,\"1173\":2,\"1174\":2,\"1175\":1,\"1189\":2,\"1211\":2,\"1212\":2,\"1213\":1,\"1216\":2,\"1218\":2,\"1227\":2,\"1228\":2,\"1229\":1,\"1232\":2,\"1262\":2,\"1263\":1,\"1264\":2,\"1265\":2,\"1266\":2,\"1279\":2,\"1280\":2,\"1281\":1,\"1284\":2,\"1286\":2,\"1308\":2,\"1309\":2,\"1310\":1,\"1317\":2,\"1324\":2,\"1325\":2,\"1326\":1,\"1340\":2,\"1355\":1,\"1365\":2,\"1366\":2,\"1367\":1,\"1370\":2,\"1386\":1,\"1403\":2,\"1404\":2,\"1405\":1,\"1408\":2,\"1410\":2,\"1422\":1,\"1423\":4,\"1433\":2,\"1434\":1,\"1435\":2,\"1436\":2,\"1437\":2,\"1451\":2,\"1452\":2,\"1453\":1,\"1456\":2,\"1458\":2,\"1481\":2,\"1482\":2,\"1483\":1,\"1490\":2,\"1496\":2,\"1497\":2,\"1498\":1,\"1512\":2,\"1531\":1,\"1541\":2,\"1542\":2,\"1543\":1,\"1546\":2,\"1562\":1,\"1579\":2,\"1580\":2,\"1581\":1,\"1584\":2,\"1586\":2,\"1598\":1,\"1599\":4,\"1610\":2,\"1611\":1,\"1612\":2,\"1613\":2,\"1614\":2,\"1628\":2,\"1629\":2,\"1630\":1,\"1633\":2,\"1635\":2,\"1658\":2,\"1659\":2,\"1660\":1,\"1667\":2,\"1673\":2,\"1674\":2,\"1675\":1,\"1689\":2,\"1708\":1,\"1718\":2,\"1719\":2,\"1720\":1,\"1723\":2,\"1739\":1,\"1756\":2,\"1757\":2,\"1758\":1,\"1761\":2,\"1763\":2,\"1775\":1,\"1776\":4,\"1787\":2,\"1788\":1,\"1789\":2,\"1790\":2,\"1791\":2,\"1805\":2,\"1806\":2,\"1807\":1,\"1810\":2,\"1812\":2,\"1835\":2,\"1836\":2,\"1837\":1,\"1844\":2,\"1850\":2,\"1851\":2,\"1852\":1,\"1866\":2,\"1885\":1,\"1895\":2,\"1896\":2,\"1897\":1,\"1900\":2,\"1916\":1,\"1933\":2,\"1934\":2,\"1935\":1,\"1938\":2,\"1940\":2,\"1952\":1,\"1953\":4,\"1964\":2,\"1965\":1,\"1966\":2,\"1967\":2,\"1968\":2,\"1982\":2,\"1983\":2,\"1984\":1,\"1987\":2,\"1989\":2,\"2012\":2,\"2013\":2,\"2014\":1,\"2021\":2,\"2027\":2,\"2028\":2,\"2029\":1,\"2043\":2,\"2062\":1,\"2072\":2,\"2073\":2,\"2074\":1,\"2077\":2,\"2093\":1,\"2110\":2,\"2111\":2,\"2112\":1,\"2115\":2,\"2117\":2,\"2129\":1,\"2130\":4,\"2141\":2,\"2142\":1,\"2143\":2,\"2144\":2,\"2145\":2,\"2159\":2,\"2160\":2,\"2161\":1,\"2164\":2,\"2166\":2,\"2189\":2,\"2190\":2,\"2191\":1,\"2198\":2,\"2204\":2,\"2205\":2,\"2206\":1,\"2220\":2,\"2239\":1,\"2249\":2,\"2250\":2,\"2251\":1,\"2254\":2,\"2270\":1,\"2287\":2,\"2288\":2,\"2289\":1,\"2292\":2,\"2294\":2,\"2306\":1,\"2307\":4,\"2318\":2,\"2319\":1,\"2320\":2,\"2321\":2,\"2322\":2,\"2327\":1,\"2346\":2,\"2347\":2,\"2348\":1,\"2351\":2,\"2353\":2,\"2379\":2,\"2380\":2,\"2381\":1,\"2388\":2,\"2394\":2,\"2395\":2,\"2396\":1,\"2410\":2,\"2433\":1,\"2434\":4,\"2445\":2,\"2446\":1,\"2447\":2,\"2448\":2,\"2449\":2,\"2454\":1,\"2464\":2,\"2465\":2,\"2466\":1,\"2469\":2,\"2488\":1,\"2506\":2,\"2507\":2,\"2508\":1,\"2511\":2,\"2513\":2,\"2525\":1,\"2526\":4,\"2537\":2,\"2538\":1,\"2539\":2,\"2540\":2,\"2541\":2,\"2546\":1,\"2565\":2,\"2566\":2,\"2567\":1,\"2570\":2,\"2572\":2,\"2598\":2,\"2599\":2,\"2600\":1,\"2607\":2,\"2613\":2,\"2614\":2,\"2615\":1,\"2629\":2,\"2652\":1,\"2653\":4,\"2664\":2,\"2665\":1,\"2666\":2,\"2667\":2,\"2668\":2,\"2673\":1,\"2683\":2,\"2684\":2,\"2685\":1,\"2688\":2,\"2707\":1,\"2725\":2,\"2726\":2,\"2727\":1,\"2730\":2,\"2732\":2,\"2744\":1,\"2745\":4,\"2756\":2,\"2757\":1,\"2758\":2,\"2759\":2,\"2760\":2,\"2765\":1,\"2784\":2,\"2785\":2,\"2786\":1,\"2789\":2,\"2791\":2,\"2817\":2,\"2818\":2,\"2819\":1,\"2826\":2,\"2832\":2,\"2833\":2,\"2834\":1,\"2848\":2,\"2871\":1,\"2872\":4,\"2883\":2,\"2884\":1,\"2885\":2,\"2886\":2,\"2887\":2,\"2892\":1,\"2902\":2,\"2903\":2,\"2904\":1,\"2907\":2,\"2926\":1,\"2944\":2,\"2945\":2,\"2946\":1,\"2949\":2,\"2951\":2,\"2963\":1,\"2964\":4,\"2975\":2,\"2976\":1,\"2977\":2,\"2978\":2,\"2979\":2,\"2984\":1,\"3003\":2,\"3004\":2,\"3005\":1,\"3008\":2,\"3010\":2,\"3036\":2,\"3037\":2,\"3038\":1,\"3045\":2,\"3051\":2,\"3052\":2,\"3053\":1,\"3067\":2,\"3090\":1,\"3091\":4,\"3102\":2,\"3103\":1,\"3104\":2,\"3105\":2,\"3106\":2,\"3111\":1,\"3121\":2,\"3122\":2,\"3123\":1,\"3126\":2,\"3145\":1,\"3163\":2,\"3164\":2,\"3165\":1,\"3168\":2,\"3170\":2,\"3182\":1,\"3183\":4,\"3194\":2,\"3195\":1,\"3196\":2,\"3197\":2,\"3198\":2,\"3203\":1,\"3231\":2,\"3232\":2,\"3233\":1,\"3240\":3,\"3246\":2,\"3247\":2,\"3248\":1,\"3262\":3,\"3291\":2,\"3292\":2,\"3293\":1,\"3296\":3,\"3298\":3,\"3309\":1,\"3310\":4,\"3321\":2,\"3322\":1,\"3323\":2,\"3324\":2,\"3325\":2,\"3332\":1,\"3342\":2,\"3343\":2,\"3344\":1,\"3347\":3,\"3366\":1,\"3384\":2,\"3385\":2,\"3386\":1,\"3389\":3,\"3391\":3,\"3403\":1,\"3404\":4,\"3415\":2,\"3416\":1,\"3417\":2,\"3418\":2,\"3419\":2}}],[\"period\",{\"1\":{\"381\":1}}],[\"periodic\",{\"1\":{\"104\":1}}],[\"permanently\",{\"1\":{\"289\":1,\"300\":1}}],[\"permanent\",{\"0\":{\"256\":1,\"257\":2,\"258\":1,\"266\":1,\"1073\":1,\"1074\":2,\"1075\":1,\"1241\":1,\"1242\":2,\"1243\":1,\"1379\":1,\"1380\":2,\"1381\":1,\"1555\":1,\"1556\":2,\"1557\":1,\"1732\":1,\"1733\":2,\"1734\":1,\"1909\":1,\"1910\":2,\"1911\":1,\"2086\":1,\"2087\":2,\"2088\":1,\"2263\":1,\"2264\":2,\"2265\":1,\"2478\":1,\"2479\":2,\"2480\":1,\"2697\":1,\"2698\":2,\"2699\":1,\"2916\":1,\"2917\":2,\"2918\":1,\"3135\":1,\"3136\":2,\"3137\":1,\"3356\":1,\"3357\":2,\"3358\":1},\"1\":{\"145\":1,\"256\":3,\"257\":4,\"258\":3,\"266\":2,\"289\":2,\"300\":2,\"327\":33,\"442\":1,\"461\":3,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"915\":3,\"1055\":1,\"1073\":3,\"1074\":4,\"1075\":3,\"1241\":3,\"1242\":4,\"1243\":3,\"1361\":1,\"1379\":3,\"1380\":4,\"1381\":3,\"1537\":1,\"1555\":3,\"1556\":4,\"1557\":3,\"1714\":1,\"1732\":3,\"1733\":4,\"1734\":3,\"1891\":1,\"1909\":3,\"1910\":4,\"1911\":3,\"2068\":1,\"2086\":3,\"2087\":4,\"2088\":3,\"2245\":1,\"2263\":3,\"2264\":4,\"2265\":3,\"2460\":1,\"2478\":3,\"2479\":4,\"2480\":3,\"2679\":1,\"2697\":3,\"2698\":4,\"2699\":3,\"2898\":1,\"2916\":3,\"2917\":4,\"2918\":3,\"3117\":1,\"3135\":3,\"3136\":4,\"3137\":3,\"3338\":1,\"3356\":3,\"3357\":4,\"3358\":3}}],[\"permissions\",{\"1\":{\"174\":1,\"414\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"638\":1,\"666\":1,\"684\":1,\"712\":1,\"730\":1,\"758\":1,\"776\":1,\"804\":1,\"822\":1,\"850\":1,\"868\":1,\"896\":1}}],[\"permission\",{\"1\":{\"37\":1}}],[\"per\",{\"1\":{\"105\":1,\"359\":1,\"360\":1,\"385\":1,\"386\":1}}],[\"performs\",{\"1\":{\"105\":1,\"106\":1,\"107\":1}}],[\"performed\",{\"1\":{\"99\":1,\"169\":1}}],[\"perform\",{\"1\":{\"85\":1,\"102\":1,\"126\":1,\"459\":3,\"485\":1,\"508\":1,\"534\":1,\"564\":3,\"594\":3,\"624\":3,\"670\":3,\"716\":3,\"762\":3,\"808\":3,\"854\":3,\"913\":3}}],[\"person\",{\"1\":{\"428\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"836\":1,\"882\":1}}],[\"personal\",{\"1\":{\"162\":2,\"265\":1,\"266\":1,\"289\":1,\"300\":1,\"398\":2,\"416\":6,\"427\":1,\"442\":1,\"457\":4,\"470\":1,\"481\":1,\"493\":1,\"504\":1,\"519\":1,\"530\":1,\"545\":1,\"560\":1,\"575\":1,\"590\":1,\"605\":1,\"620\":1,\"640\":6,\"651\":1,\"666\":1,\"686\":6,\"697\":1,\"712\":1,\"732\":6,\"743\":1,\"758\":1,\"778\":6,\"789\":1,\"804\":1,\"824\":6,\"835\":1,\"850\":1,\"870\":6,\"881\":1,\"896\":1,\"911\":4,\"1044\":4,\"1138\":4,\"3327\":4,\"3421\":4}}],[\"personalized\",{\"1\":{\"12\":1}}],[\"persisted\",{\"1\":{\"90\":1}}],[\"persisting\",{\"1\":{\"89\":1}}],[\"perspective\",{\"1\":{\"28\":1,\"81\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"p12keystore\",{\"0\":{\"224\":1,\"225\":2,\"975\":1,\"976\":2,\"1185\":1,\"1186\":2,\"1336\":1,\"1337\":2,\"1508\":1,\"1509\":2,\"1685\":1,\"1686\":2,\"1862\":1,\"1863\":2,\"2039\":1,\"2040\":2,\"2216\":1,\"2217\":2,\"2406\":1,\"2407\":2,\"2625\":1,\"2626\":2,\"2844\":1,\"2845\":2,\"3063\":1,\"3064\":2,\"3258\":1,\"3259\":2},\"1\":{\"224\":1,\"225\":2,\"975\":1,\"976\":2,\"1185\":1,\"1186\":2,\"1336\":1,\"1337\":2,\"1508\":1,\"1509\":2,\"1685\":1,\"1686\":2,\"1862\":1,\"1863\":2,\"2039\":1,\"2040\":2,\"2216\":1,\"2217\":2,\"2406\":1,\"2407\":2,\"2625\":1,\"2626\":2,\"2844\":1,\"2845\":2,\"3063\":1,\"3064\":2,\"3258\":1,\"3259\":2}}],[\"p12\",{\"1\":{\"134\":2,\"135\":2,\"138\":1,\"224\":1,\"225\":1,\"338\":2,\"367\":1,\"393\":1,\"975\":1,\"976\":1,\"1185\":1,\"1186\":1,\"1336\":1,\"1337\":1,\"1508\":1,\"1509\":1,\"1685\":1,\"1686\":1,\"1862\":1,\"1863\":1,\"2039\":1,\"2040\":1,\"2216\":1,\"2217\":1,\"2406\":1,\"2407\":1,\"2625\":1,\"2626\":1,\"2844\":1,\"2845\":1,\"3063\":1,\"3064\":1,\"3258\":1,\"3259\":1}}],[\"pdq\",{\"1\":{\"152\":4,\"304\":3,\"307\":3,\"310\":3}}],[\"pdf\",{\"1\":{\"110\":1,\"165\":1,\"318\":1}}],[\"pdp\",{\"1\":{\"99\":2,\"169\":2}}],[\"picture\",{\"1\":{\"97\":1}}],[\"ping\",{\"0\":{\"104\":1,\"105\":1,\"106\":1},\"1\":{\"20\":1,\"96\":1,\"102\":1,\"104\":3,\"105\":2,\"106\":4,\"107\":2,\"290\":2,\"301\":2,\"304\":7,\"307\":7,\"310\":3,\"313\":3,\"316\":3,\"422\":1,\"423\":1,\"431\":1,\"462\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"511\":1,\"514\":1,\"515\":1,\"537\":3,\"540\":1,\"541\":1,\"549\":2,\"567\":1,\"570\":1,\"571\":1,\"579\":2,\"597\":1,\"600\":1,\"601\":1,\"609\":2,\"627\":1,\"646\":1,\"647\":1,\"655\":2,\"673\":1,\"692\":1,\"693\":1,\"701\":2,\"719\":1,\"738\":1,\"739\":1,\"747\":2,\"765\":1,\"784\":1,\"785\":1,\"793\":1,\"811\":1,\"830\":1,\"831\":1,\"839\":1,\"857\":1,\"876\":1,\"877\":1,\"885\":1,\"916\":1}}],[\"p\",{\"1\":{\"26\":1}}],[\"pool\",{\"1\":{\"982\":1,\"983\":2,\"984\":1,\"1515\":1,\"1516\":2,\"1517\":1,\"1692\":1,\"1693\":2,\"1694\":1,\"1869\":1,\"1870\":2,\"1871\":1,\"2046\":1,\"2047\":2,\"2048\":1,\"2223\":1,\"2224\":2,\"2225\":1,\"2413\":1,\"2414\":2,\"2415\":1,\"2632\":1,\"2633\":2,\"2634\":1,\"2851\":1,\"2852\":2,\"2853\":1,\"3070\":1,\"3071\":2,\"3072\":1,\"3265\":1,\"3266\":2,\"3267\":1}}],[\"popup\",{\"1\":{\"472\":1,\"495\":1,\"521\":1,\"547\":1}}],[\"power\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"pom\",{\"1\":{\"141\":1,\"142\":1,\"163\":1,\"346\":1}}],[\"point\",{\"1\":{\"99\":1,\"169\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2}}],[\"possibly\",{\"1\":{\"377\":1}}],[\"possible\",{\"0\":{\"2\":1,\"87\":1},\"1\":{\"37\":2,\"71\":1,\"94\":1,\"102\":3,\"208\":1,\"263\":1,\"348\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"possibilities\",{\"1\":{\"322\":1,\"344\":1}}],[\"position\",{\"1\":{\"159\":13}}],[\"positions\",{\"1\":{\"159\":10}}],[\"posted\",{\"1\":{\"338\":1,\"381\":1}}],[\"posting\",{\"1\":{\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1}}],[\"postgres\",{\"1\":{\"327\":6}}],[\"postgresql\",{\"1\":{\"99\":2,\"134\":2,\"136\":1,\"169\":2,\"177\":1,\"253\":1,\"327\":7,\"331\":1,\"934\":1,\"1070\":1,\"1147\":1,\"1238\":1,\"1298\":1,\"1376\":1,\"1470\":1,\"1552\":1,\"1647\":1,\"1729\":1,\"1824\":1,\"1906\":1,\"2001\":1,\"2083\":1,\"2178\":1,\"2260\":1,\"2365\":1,\"2475\":1,\"2584\":1,\"2694\":1,\"2803\":1,\"2913\":1,\"3022\":1,\"3132\":1,\"3217\":1,\"3353\":1}}],[\"postfix\",{\"1\":{\"159\":2}}],[\"poses\",{\"1\":{\"127\":1}}],[\"ports\",{\"1\":{\"303\":1,\"306\":1,\"309\":1,\"312\":1,\"315\":1,\"327\":7,\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1}}],[\"portion\",{\"1\":{\"119\":1}}],[\"port\",{\"0\":{\"220\":1,\"270\":1,\"971\":1,\"1000\":1,\"1022\":1,\"1032\":1,\"1093\":1,\"1115\":1,\"1126\":1,\"1181\":1,\"1203\":1,\"1225\":1,\"1257\":1,\"1271\":1,\"1293\":1,\"1332\":1,\"1395\":1,\"1417\":1,\"1428\":1,\"1443\":1,\"1465\":1,\"1504\":1,\"1571\":1,\"1593\":1,\"1604\":1,\"1620\":1,\"1642\":1,\"1681\":1,\"1748\":1,\"1770\":1,\"1781\":1,\"1797\":1,\"1819\":1,\"1858\":1,\"1925\":1,\"1947\":1,\"1958\":1,\"1974\":1,\"1996\":1,\"2035\":1,\"2102\":1,\"2124\":1,\"2135\":1,\"2151\":1,\"2173\":1,\"2212\":1,\"2279\":1,\"2301\":1,\"2312\":1,\"2338\":1,\"2360\":1,\"2402\":1,\"2439\":1,\"2498\":1,\"2520\":1,\"2531\":1,\"2557\":1,\"2579\":1,\"2621\":1,\"2658\":1,\"2717\":1,\"2739\":1,\"2750\":1,\"2776\":1,\"2798\":1,\"2840\":1,\"2877\":1,\"2936\":1,\"2958\":1,\"2969\":1,\"2995\":1,\"3017\":1,\"3059\":1,\"3096\":1,\"3155\":1,\"3177\":1,\"3188\":1,\"3254\":1,\"3283\":1,\"3305\":1,\"3315\":1,\"3376\":1,\"3398\":1,\"3409\":1},\"1\":{\"99\":1,\"169\":1,\"220\":2,\"270\":1,\"285\":1,\"289\":1,\"296\":1,\"300\":1,\"341\":2,\"439\":1,\"442\":1,\"478\":1,\"481\":1,\"501\":1,\"504\":1,\"527\":1,\"530\":1,\"557\":1,\"560\":1,\"587\":1,\"590\":1,\"617\":1,\"620\":1,\"663\":1,\"666\":1,\"709\":1,\"712\":1,\"755\":1,\"758\":1,\"801\":1,\"804\":1,\"847\":1,\"850\":1,\"893\":1,\"896\":1,\"971\":2,\"995\":1,\"1000\":2,\"1022\":2,\"1032\":1,\"1088\":1,\"1093\":2,\"1115\":2,\"1126\":1,\"1181\":2,\"1197\":1,\"1203\":2,\"1225\":2,\"1251\":1,\"1257\":1,\"1271\":2,\"1293\":2,\"1332\":2,\"1348\":1,\"1390\":1,\"1395\":2,\"1417\":2,\"1428\":1,\"1443\":2,\"1465\":2,\"1504\":2,\"1524\":1,\"1566\":1,\"1571\":2,\"1593\":2,\"1604\":1,\"1620\":2,\"1642\":2,\"1681\":2,\"1701\":1,\"1743\":1,\"1748\":2,\"1770\":2,\"1781\":1,\"1797\":2,\"1819\":2,\"1858\":2,\"1878\":1,\"1920\":1,\"1925\":2,\"1947\":2,\"1958\":1,\"1974\":2,\"1996\":2,\"2035\":2,\"2055\":1,\"2097\":1,\"2102\":2,\"2124\":2,\"2135\":1,\"2151\":2,\"2173\":2,\"2212\":2,\"2232\":1,\"2274\":1,\"2279\":2,\"2301\":2,\"2312\":1,\"2338\":2,\"2360\":2,\"2402\":2,\"2426\":1,\"2439\":1,\"2493\":1,\"2498\":2,\"2520\":2,\"2531\":1,\"2557\":2,\"2579\":2,\"2621\":2,\"2645\":1,\"2658\":1,\"2712\":1,\"2717\":2,\"2739\":2,\"2750\":1,\"2776\":2,\"2798\":2,\"2840\":2,\"2864\":1,\"2877\":1,\"2931\":1,\"2936\":2,\"2958\":2,\"2969\":1,\"2995\":2,\"3017\":2,\"3059\":2,\"3083\":1,\"3096\":1,\"3150\":1,\"3155\":2,\"3177\":2,\"3188\":1,\"3254\":2,\"3278\":1,\"3283\":2,\"3305\":2,\"3315\":1,\"3371\":1,\"3376\":2,\"3398\":2,\"3409\":1}}],[\"portal\",{\"1\":{\"81\":1,\"91\":1,\"98\":1,\"126\":2,\"128\":1,\"427\":3,\"470\":3,\"493\":3,\"519\":3,\"545\":3,\"575\":3,\"605\":3,\"651\":3,\"697\":3,\"743\":3,\"789\":3,\"835\":3,\"881\":3}}],[\"potential\",{\"1\":{\"36\":1,\"37\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"policy\",{\"0\":{\"34\":1},\"1\":{\"39\":1,\"40\":1,\"94\":1,\"99\":1,\"169\":1}}],[\"pong\",{\"0\":{\"104\":1,\"107\":1},\"1\":{\"20\":1,\"96\":1,\"102\":1,\"104\":2,\"106\":2,\"107\":3,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"422\":1,\"423\":1,\"431\":1,\"462\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"511\":1,\"514\":1,\"515\":1,\"537\":3,\"540\":1,\"541\":1,\"549\":2,\"567\":1,\"570\":1,\"571\":1,\"579\":2,\"597\":1,\"600\":1,\"601\":1,\"609\":2,\"627\":1,\"646\":1,\"647\":1,\"655\":2,\"673\":1,\"692\":1,\"693\":1,\"701\":2,\"719\":1,\"738\":1,\"739\":1,\"747\":2,\"765\":1,\"784\":1,\"785\":1,\"793\":1,\"811\":1,\"830\":1,\"831\":1,\"839\":1,\"857\":1,\"876\":1,\"877\":1,\"885\":1,\"916\":1}}],[\"purpose\",{\"1\":{\"167\":1,\"168\":1,\"348\":1}}],[\"purposes\",{\"1\":{\"91\":1,\"265\":1,\"266\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"put\",{\"1\":{\"159\":1}}],[\"pull\",{\"0\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1},\"1\":{\"141\":1,\"156\":1,\"407\":1,\"414\":2,\"415\":5,\"417\":2,\"419\":1,\"631\":1,\"638\":2,\"639\":5,\"641\":2,\"643\":1,\"677\":1,\"684\":2,\"685\":5,\"687\":2,\"689\":1,\"723\":1,\"730\":2,\"731\":5,\"733\":2,\"735\":1,\"769\":1,\"776\":2,\"777\":5,\"779\":2,\"781\":1,\"815\":1,\"822\":2,\"823\":5,\"825\":2,\"827\":1,\"861\":1,\"868\":2,\"869\":5,\"871\":2,\"873\":1}}],[\"pushing\",{\"1\":{\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"push\",{\"1\":{\"141\":3,\"142\":2}}],[\"publish\",{\"1\":{\"97\":1,\"141\":1,\"142\":1}}],[\"publication\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"publications\",{\"0\":{\"25\":1,\"26\":1}}],[\"publicly\",{\"1\":{\"37\":1}}],[\"public\",{\"0\":{\"80\":1},\"1\":{\"4\":1,\"36\":1,\"69\":1,\"79\":1,\"290\":5,\"301\":5,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"punkt\",{\"1\":{\"16\":1}}],[\"plain\",{\"1\":{\"446\":1,\"900\":1}}],[\"place\",{\"1\":{\"418\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"642\":1,\"670\":1,\"688\":1,\"716\":1,\"734\":1,\"762\":1,\"780\":1,\"808\":1,\"826\":1,\"854\":1,\"872\":1,\"913\":1}}],[\"placeholders\",{\"0\":{\"348\":1},\"1\":{\"348\":1}}],[\"play\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"planning\",{\"1\":{\"120\":1}}],[\"planen\",{\"1\":{\"16\":1}}],[\"platform\",{\"1\":{\"26\":1,\"128\":1,\"129\":1}}],[\"plugin`\",{\"1\":{\"310\":1}}],[\"plugin\",{\"0\":{\"236\":1,\"317\":1,\"332\":1,\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1,\"988\":1,\"1195\":1,\"1346\":1,\"1521\":1,\"1698\":1,\"1875\":1,\"2052\":1,\"2229\":1,\"2419\":1,\"2638\":1,\"2857\":1,\"3076\":1,\"3271\":1},\"1\":{\"14\":1,\"20\":1,\"31\":1,\"42\":1,\"43\":1,\"44\":1,\"45\":1,\"46\":1,\"47\":1,\"48\":1,\"49\":1,\"50\":1,\"51\":1,\"52\":1,\"53\":1,\"54\":1,\"55\":1,\"56\":1,\"57\":1,\"58\":1,\"59\":1,\"60\":1,\"61\":1,\"62\":1,\"63\":1,\"64\":1,\"65\":1,\"66\":1,\"67\":1,\"81\":2,\"90\":1,\"102\":3,\"104\":1,\"121\":1,\"152\":2,\"153\":2,\"154\":4,\"184\":1,\"185\":1,\"186\":1,\"236\":1,\"290\":4,\"301\":4,\"304\":4,\"307\":4,\"310\":3,\"321\":1,\"327\":6,\"331\":1,\"332\":5,\"340\":1,\"345\":1,\"348\":1,\"419\":2,\"421\":1,\"422\":5,\"423\":5,\"430\":1,\"431\":3,\"434\":1,\"437\":1,\"439\":1,\"459\":2,\"464\":1,\"465\":5,\"466\":5,\"473\":1,\"476\":1,\"478\":1,\"485\":1,\"487\":1,\"488\":5,\"489\":5,\"496\":1,\"499\":1,\"501\":1,\"508\":1,\"513\":1,\"514\":5,\"515\":5,\"522\":1,\"525\":1,\"527\":1,\"534\":1,\"537\":3,\"539\":1,\"540\":5,\"541\":5,\"552\":1,\"555\":1,\"557\":1,\"564\":2,\"569\":1,\"570\":5,\"571\":5,\"582\":1,\"585\":1,\"587\":1,\"594\":2,\"599\":1,\"600\":5,\"601\":5,\"612\":1,\"615\":1,\"617\":1,\"624\":2,\"643\":2,\"645\":1,\"646\":5,\"647\":5,\"658\":1,\"661\":1,\"663\":1,\"670\":2,\"689\":2,\"691\":1,\"692\":5,\"693\":5,\"704\":1,\"707\":1,\"709\":1,\"716\":2,\"735\":2,\"737\":1,\"738\":5,\"739\":5,\"750\":1,\"753\":1,\"755\":1,\"762\":2,\"781\":2,\"783\":1,\"784\":5,\"785\":5,\"792\":1,\"793\":3,\"796\":1,\"799\":1,\"801\":1,\"808\":2,\"827\":2,\"829\":1,\"830\":5,\"831\":5,\"838\":1,\"839\":3,\"842\":1,\"845\":1,\"847\":1,\"854\":2,\"873\":2,\"875\":1,\"876\":5,\"877\":5,\"884\":1,\"885\":3,\"888\":1,\"891\":1,\"893\":1,\"913\":2,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"988\":1,\"1056\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1195\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1346\":1,\"1362\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1521\":1,\"1538\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1698\":1,\"1715\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1875\":1,\"1892\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2052\":1,\"2069\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2229\":1,\"2246\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2419\":1,\"2461\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2638\":1,\"2680\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2857\":1,\"2899\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3076\":1,\"3118\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3271\":1,\"3339\":1}}],[\"plugins\",{\"0\":{\"101\":1,\"318\":1,\"420\":1,\"430\":1,\"463\":1,\"486\":1,\"512\":1,\"538\":1,\"548\":1,\"568\":1,\"578\":1,\"598\":1,\"608\":1,\"644\":1,\"654\":1,\"690\":1,\"700\":1,\"736\":1,\"746\":1,\"782\":1,\"792\":1,\"828\":1,\"838\":1,\"874\":1,\"884\":1},\"1\":{\"5\":1,\"24\":1,\"28\":1,\"33\":2,\"81\":3,\"90\":1,\"102\":3,\"173\":1,\"236\":1,\"290\":3,\"301\":3,\"302\":1,\"304\":8,\"305\":1,\"307\":8,\"308\":1,\"310\":4,\"318\":1,\"322\":1,\"344\":1,\"345\":1,\"416\":1,\"419\":3,\"423\":1,\"430\":1,\"431\":2,\"439\":1,\"443\":1,\"459\":2,\"460\":1,\"466\":1,\"478\":1,\"482\":1,\"485\":2,\"489\":1,\"501\":1,\"505\":1,\"508\":2,\"515\":1,\"527\":1,\"531\":1,\"534\":2,\"541\":1,\"548\":1,\"557\":1,\"561\":1,\"564\":2,\"571\":1,\"578\":1,\"587\":1,\"591\":1,\"594\":2,\"601\":1,\"608\":1,\"617\":1,\"621\":1,\"624\":2,\"640\":1,\"643\":3,\"647\":1,\"654\":1,\"663\":1,\"667\":1,\"670\":2,\"686\":1,\"689\":3,\"693\":1,\"700\":1,\"709\":1,\"713\":1,\"716\":2,\"732\":1,\"735\":3,\"739\":1,\"746\":1,\"755\":1,\"759\":1,\"762\":2,\"778\":1,\"781\":3,\"785\":1,\"792\":1,\"793\":2,\"801\":1,\"805\":1,\"808\":2,\"824\":1,\"827\":3,\"831\":1,\"838\":1,\"839\":2,\"847\":1,\"851\":1,\"854\":2,\"870\":1,\"873\":3,\"877\":1,\"884\":1,\"885\":2,\"893\":1,\"897\":1,\"913\":2,\"914\":1,\"988\":1,\"1056\":1,\"1195\":1,\"1346\":1,\"1362\":1,\"1521\":1,\"1538\":1,\"1698\":1,\"1715\":1,\"1875\":1,\"1892\":1,\"2052\":1,\"2069\":1,\"2229\":1,\"2246\":1,\"2419\":1,\"2461\":1,\"2638\":1,\"2680\":1,\"2857\":1,\"2899\":1,\"3076\":1,\"3118\":1,\"3271\":1,\"3339\":1}}],[\"please\",{\"1\":{\"13\":2,\"20\":1,\"37\":2,\"40\":1,\"73\":1,\"173\":1,\"240\":1,\"302\":1,\"305\":2,\"308\":1,\"416\":1,\"417\":2,\"419\":3,\"429\":1,\"439\":1,\"444\":1,\"445\":2,\"459\":5,\"469\":1,\"470\":2,\"472\":1,\"473\":1,\"478\":1,\"483\":1,\"484\":2,\"485\":3,\"492\":1,\"493\":2,\"495\":1,\"496\":1,\"501\":1,\"506\":1,\"507\":2,\"508\":3,\"509\":1,\"518\":1,\"519\":2,\"521\":1,\"522\":1,\"527\":1,\"532\":1,\"533\":2,\"534\":3,\"535\":1,\"537\":1,\"544\":1,\"545\":1,\"547\":1,\"557\":1,\"562\":1,\"563\":2,\"564\":5,\"565\":1,\"574\":1,\"577\":1,\"587\":1,\"592\":1,\"593\":2,\"594\":5,\"604\":1,\"607\":1,\"617\":1,\"622\":1,\"623\":2,\"624\":5,\"640\":1,\"641\":2,\"643\":3,\"650\":1,\"653\":1,\"663\":1,\"668\":1,\"669\":2,\"670\":5,\"686\":1,\"687\":2,\"689\":3,\"696\":1,\"699\":1,\"709\":1,\"714\":1,\"715\":2,\"716\":5,\"732\":1,\"733\":2,\"735\":3,\"742\":1,\"745\":1,\"755\":1,\"760\":1,\"761\":2,\"762\":5,\"778\":1,\"779\":2,\"781\":3,\"788\":1,\"791\":1,\"801\":1,\"806\":1,\"807\":2,\"808\":5,\"824\":1,\"825\":2,\"827\":3,\"837\":1,\"847\":1,\"852\":1,\"853\":2,\"854\":5,\"870\":1,\"871\":2,\"873\":3,\"883\":1,\"893\":1,\"898\":1,\"899\":2,\"913\":5,\"1142\":1,\"1226\":1}}],[\"pleased\",{\"1\":{\"1\":1}}],[\"payload=application\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"passed\",{\"1\":{\"341\":1}}],[\"pass\",{\"0\":{\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1},\"1\":{\"170\":1,\"322\":1,\"344\":1}}],[\"passwords\",{\"0\":{\"446\":1,\"900\":1},\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"password>\",{\"1\":{\"162\":1,\"398\":1}}],[\"password\",{\"0\":{\"175\":2,\"179\":2,\"182\":2,\"189\":2,\"190\":2,\"196\":2,\"199\":2,\"214\":2,\"219\":2,\"225\":2,\"243\":2,\"244\":2,\"251\":2,\"255\":2,\"257\":2,\"932\":2,\"936\":2,\"939\":2,\"950\":2,\"965\":2,\"970\":2,\"976\":2,\"996\":2,\"1010\":2,\"1019\":2,\"1061\":2,\"1068\":2,\"1072\":2,\"1074\":2,\"1089\":2,\"1103\":2,\"1112\":2,\"1145\":2,\"1149\":2,\"1152\":2,\"1159\":2,\"1175\":2,\"1180\":2,\"1186\":2,\"1198\":2,\"1213\":2,\"1222\":2,\"1229\":2,\"1236\":2,\"1240\":2,\"1242\":2,\"1252\":2,\"1281\":2,\"1290\":2,\"1296\":2,\"1300\":2,\"1303\":2,\"1310\":2,\"1326\":2,\"1331\":2,\"1337\":2,\"1349\":2,\"1367\":2,\"1374\":2,\"1378\":2,\"1380\":2,\"1391\":2,\"1405\":2,\"1414\":2,\"1453\":2,\"1462\":2,\"1468\":2,\"1472\":2,\"1475\":2,\"1483\":2,\"1498\":2,\"1503\":2,\"1509\":2,\"1525\":2,\"1543\":2,\"1550\":2,\"1554\":2,\"1556\":2,\"1567\":2,\"1581\":2,\"1590\":2,\"1630\":2,\"1639\":2,\"1645\":2,\"1649\":2,\"1652\":2,\"1660\":2,\"1675\":2,\"1680\":2,\"1686\":2,\"1702\":2,\"1720\":2,\"1727\":2,\"1731\":2,\"1733\":2,\"1744\":2,\"1758\":2,\"1767\":2,\"1807\":2,\"1816\":2,\"1822\":2,\"1826\":2,\"1829\":2,\"1837\":2,\"1852\":2,\"1857\":2,\"1863\":2,\"1879\":2,\"1897\":2,\"1904\":2,\"1908\":2,\"1910\":2,\"1921\":2,\"1935\":2,\"1944\":2,\"1984\":2,\"1993\":2,\"1999\":2,\"2003\":2,\"2006\":2,\"2014\":2,\"2029\":2,\"2034\":2,\"2040\":2,\"2056\":2,\"2074\":2,\"2081\":2,\"2085\":2,\"2087\":2,\"2098\":2,\"2112\":2,\"2121\":2,\"2161\":2,\"2170\":2,\"2176\":2,\"2180\":2,\"2183\":2,\"2191\":2,\"2206\":2,\"2211\":2,\"2217\":2,\"2233\":2,\"2251\":2,\"2258\":2,\"2262\":2,\"2264\":2,\"2275\":2,\"2289\":2,\"2298\":2,\"2348\":2,\"2357\":2,\"2363\":2,\"2367\":2,\"2370\":2,\"2381\":2,\"2396\":2,\"2401\":2,\"2407\":2,\"2427\":2,\"2466\":2,\"2473\":2,\"2477\":2,\"2479\":2,\"2494\":2,\"2508\":2,\"2517\":2,\"2567\":2,\"2576\":2,\"2582\":2,\"2586\":2,\"2589\":2,\"2600\":2,\"2615\":2,\"2620\":2,\"2626\":2,\"2646\":2,\"2685\":2,\"2692\":2,\"2696\":2,\"2698\":2,\"2713\":2,\"2727\":2,\"2736\":2,\"2786\":2,\"2795\":2,\"2801\":2,\"2805\":2,\"2808\":2,\"2819\":2,\"2834\":2,\"2839\":2,\"2845\":2,\"2865\":2,\"2904\":2,\"2911\":2,\"2915\":2,\"2917\":2,\"2932\":2,\"2946\":2,\"2955\":2,\"3005\":2,\"3014\":2,\"3020\":2,\"3024\":2,\"3027\":2,\"3038\":2,\"3053\":2,\"3058\":2,\"3064\":2,\"3084\":2,\"3123\":2,\"3130\":2,\"3134\":2,\"3136\":2,\"3151\":2,\"3165\":2,\"3174\":2,\"3215\":2,\"3219\":2,\"3222\":2,\"3233\":2,\"3248\":2,\"3253\":2,\"3259\":2,\"3279\":2,\"3293\":2,\"3302\":2,\"3344\":2,\"3351\":2,\"3355\":2,\"3357\":2,\"3372\":2,\"3386\":2,\"3395\":2},\"1\":{\"134\":3,\"135\":2,\"138\":4,\"139\":1,\"175\":4,\"179\":4,\"182\":4,\"188\":2,\"189\":4,\"190\":3,\"196\":3,\"199\":3,\"213\":2,\"214\":4,\"219\":4,\"225\":4,\"229\":1,\"242\":2,\"243\":4,\"244\":3,\"251\":4,\"255\":4,\"257\":4,\"289\":14,\"290\":14,\"300\":14,\"301\":14,\"327\":103,\"338\":7,\"367\":2,\"393\":2,\"442\":14,\"443\":14,\"446\":3,\"447\":4,\"449\":5,\"461\":8,\"462\":8,\"481\":14,\"482\":14,\"504\":14,\"505\":14,\"530\":14,\"531\":14,\"560\":14,\"561\":14,\"590\":14,\"591\":14,\"620\":14,\"621\":14,\"666\":14,\"667\":14,\"712\":14,\"713\":14,\"758\":14,\"759\":14,\"804\":14,\"805\":14,\"850\":14,\"851\":14,\"896\":14,\"897\":14,\"900\":3,\"901\":4,\"903\":5,\"915\":8,\"916\":8,\"932\":4,\"936\":4,\"939\":4,\"949\":2,\"950\":4,\"964\":2,\"965\":4,\"970\":4,\"976\":4,\"980\":1,\"996\":4,\"1009\":2,\"1010\":4,\"1019\":2,\"1060\":2,\"1061\":4,\"1068\":4,\"1072\":4,\"1074\":4,\"1089\":4,\"1102\":2,\"1103\":4,\"1112\":2,\"1145\":4,\"1149\":4,\"1152\":4,\"1158\":2,\"1159\":4,\"1174\":2,\"1175\":4,\"1180\":4,\"1186\":4,\"1190\":1,\"1198\":4,\"1212\":2,\"1213\":4,\"1222\":2,\"1228\":2,\"1229\":4,\"1236\":4,\"1240\":4,\"1242\":4,\"1252\":4,\"1280\":2,\"1281\":4,\"1290\":2,\"1296\":4,\"1300\":4,\"1303\":4,\"1309\":2,\"1310\":4,\"1325\":2,\"1326\":4,\"1331\":4,\"1337\":4,\"1341\":1,\"1349\":4,\"1366\":2,\"1367\":4,\"1374\":4,\"1378\":4,\"1380\":4,\"1391\":4,\"1404\":2,\"1405\":4,\"1414\":2,\"1452\":2,\"1453\":4,\"1462\":2,\"1468\":4,\"1472\":4,\"1475\":4,\"1482\":2,\"1483\":4,\"1497\":2,\"1498\":4,\"1503\":4,\"1509\":4,\"1513\":1,\"1525\":4,\"1542\":2,\"1543\":4,\"1550\":4,\"1554\":4,\"1556\":4,\"1567\":4,\"1580\":2,\"1581\":4,\"1590\":2,\"1629\":2,\"1630\":4,\"1639\":2,\"1645\":4,\"1649\":4,\"1652\":4,\"1659\":2,\"1660\":4,\"1674\":2,\"1675\":4,\"1680\":4,\"1686\":4,\"1690\":1,\"1702\":4,\"1719\":2,\"1720\":4,\"1727\":4,\"1731\":4,\"1733\":4,\"1744\":4,\"1757\":2,\"1758\":4,\"1767\":2,\"1806\":2,\"1807\":4,\"1816\":2,\"1822\":4,\"1826\":4,\"1829\":4,\"1836\":2,\"1837\":4,\"1851\":2,\"1852\":4,\"1857\":4,\"1863\":4,\"1867\":1,\"1879\":4,\"1896\":2,\"1897\":4,\"1904\":4,\"1908\":4,\"1910\":4,\"1921\":4,\"1934\":2,\"1935\":4,\"1944\":2,\"1983\":2,\"1984\":4,\"1993\":2,\"1999\":4,\"2003\":4,\"2006\":4,\"2013\":2,\"2014\":4,\"2028\":2,\"2029\":4,\"2034\":4,\"2040\":4,\"2044\":1,\"2056\":4,\"2073\":2,\"2074\":4,\"2081\":4,\"2085\":4,\"2087\":4,\"2098\":4,\"2111\":2,\"2112\":4,\"2121\":2,\"2160\":2,\"2161\":4,\"2170\":2,\"2176\":4,\"2180\":4,\"2183\":4,\"2190\":2,\"2191\":4,\"2205\":2,\"2206\":4,\"2211\":4,\"2217\":4,\"2221\":1,\"2233\":4,\"2250\":2,\"2251\":4,\"2258\":4,\"2262\":4,\"2264\":4,\"2275\":4,\"2288\":2,\"2289\":4,\"2298\":2,\"2347\":2,\"2348\":4,\"2357\":2,\"2363\":4,\"2367\":4,\"2370\":4,\"2380\":2,\"2381\":4,\"2395\":2,\"2396\":4,\"2401\":4,\"2407\":4,\"2411\":1,\"2427\":4,\"2465\":2,\"2466\":4,\"2473\":4,\"2477\":4,\"2479\":4,\"2494\":4,\"2507\":2,\"2508\":4,\"2517\":2,\"2566\":2,\"2567\":4,\"2576\":2,\"2582\":4,\"2586\":4,\"2589\":4,\"2599\":2,\"2600\":4,\"2614\":2,\"2615\":4,\"2620\":4,\"2626\":4,\"2630\":1,\"2646\":4,\"2684\":2,\"2685\":4,\"2692\":4,\"2696\":4,\"2698\":4,\"2713\":4,\"2726\":2,\"2727\":4,\"2736\":2,\"2785\":2,\"2786\":4,\"2795\":2,\"2801\":4,\"2805\":4,\"2808\":4,\"2818\":2,\"2819\":4,\"2833\":2,\"2834\":4,\"2839\":4,\"2845\":4,\"2849\":1,\"2865\":4,\"2903\":2,\"2904\":4,\"2911\":4,\"2915\":4,\"2917\":4,\"2932\":4,\"2945\":2,\"2946\":4,\"2955\":2,\"3004\":2,\"3005\":4,\"3014\":2,\"3020\":4,\"3024\":4,\"3027\":4,\"3037\":2,\"3038\":4,\"3052\":2,\"3053\":4,\"3058\":4,\"3064\":4,\"3068\":1,\"3084\":4,\"3122\":2,\"3123\":4,\"3130\":4,\"3134\":4,\"3136\":4,\"3151\":4,\"3164\":2,\"3165\":4,\"3174\":2,\"3215\":4,\"3219\":4,\"3222\":4,\"3232\":2,\"3233\":4,\"3247\":2,\"3248\":4,\"3253\":4,\"3259\":4,\"3263\":1,\"3279\":4,\"3292\":2,\"3293\":4,\"3302\":2,\"3343\":2,\"3344\":4,\"3351\":4,\"3355\":4,\"3357\":4,\"3372\":4,\"3385\":2,\"3386\":4,\"3395\":2}}],[\"paste\",{\"1\":{\"145\":1,\"146\":1,\"147\":5,\"149\":1,\"150\":4,\"151\":2}}],[\"past\",{\"1\":{\"145\":1}}],[\"packaged\",{\"1\":{\"322\":1,\"344\":1}}],[\"packages<\",{\"1\":{\"162\":1}}],[\"packages\",{\"0\":{\"162\":1,\"398\":1},\"1\":{\"160\":1,\"162\":2,\"163\":1,\"398\":3}}],[\"package\",{\"0\":{\"161\":1,\"163\":1},\"1\":{\"143\":1,\"152\":1,\"153\":1,\"159\":3,\"163\":5,\"346\":3,\"398\":1}}],[\"pandemic\",{\"1\":{\"129\":1}}],[\"parallel\",{\"1\":{\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1}}],[\"paramters\",{\"1\":{\"468\":1}}],[\"parameterized\",{\"1\":{\"159\":6}}],[\"parameter\",{\"0\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1026\":1,\"1120\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1422\":1,\"1491\":1,\"1495\":1,\"1598\":1,\"1668\":1,\"1672\":1,\"1775\":1,\"1845\":1,\"1849\":1,\"1952\":1,\"2022\":1,\"2026\":1,\"2129\":1,\"2199\":1,\"2203\":1,\"2306\":1,\"2389\":1,\"2393\":1,\"2433\":1,\"2525\":1,\"2608\":1,\"2612\":1,\"2652\":1,\"2744\":1,\"2827\":1,\"2831\":1,\"2871\":1,\"2963\":1,\"3046\":1,\"3050\":1,\"3090\":1,\"3182\":1,\"3241\":1,\"3245\":1,\"3309\":1,\"3403\":1},\"1\":{\"147\":4,\"150\":1,\"159\":5,\"160\":2,\"206\":1,\"211\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":2,\"300\":2,\"349\":3,\"352\":2,\"373\":1,\"374\":1,\"377\":1,\"383\":2,\"390\":3,\"393\":2,\"459\":2,\"481\":1,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2,\"920\":2,\"958\":1,\"962\":1,\"994\":1,\"1024\":1,\"1025\":1,\"1026\":3,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1045\":1,\"1049\":3,\"1087\":1,\"1117\":1,\"1118\":1,\"1119\":2,\"1120\":3,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1139\":1,\"1167\":1,\"1172\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1318\":1,\"1323\":1,\"1355\":3,\"1419\":1,\"1420\":1,\"1421\":2,\"1422\":3,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1491\":1,\"1495\":1,\"1531\":3,\"1595\":1,\"1596\":1,\"1597\":2,\"1598\":3,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1668\":1,\"1672\":1,\"1708\":3,\"1772\":1,\"1773\":1,\"1774\":2,\"1775\":3,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1845\":1,\"1849\":1,\"1885\":3,\"1949\":1,\"1950\":1,\"1951\":2,\"1952\":3,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"2022\":1,\"2026\":1,\"2062\":3,\"2126\":1,\"2127\":1,\"2128\":2,\"2129\":3,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2199\":1,\"2203\":1,\"2239\":3,\"2303\":1,\"2304\":1,\"2305\":2,\"2306\":3,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2327\":2,\"2389\":1,\"2393\":1,\"2425\":1,\"2431\":1,\"2432\":1,\"2433\":3,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2454\":3,\"2492\":1,\"2522\":1,\"2523\":1,\"2524\":2,\"2525\":3,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2546\":2,\"2608\":1,\"2612\":1,\"2644\":1,\"2650\":1,\"2651\":1,\"2652\":3,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2673\":3,\"2711\":1,\"2741\":1,\"2742\":1,\"2743\":2,\"2744\":3,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2765\":2,\"2827\":1,\"2831\":1,\"2863\":1,\"2869\":1,\"2870\":1,\"2871\":3,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2892\":3,\"2930\":1,\"2960\":1,\"2961\":1,\"2962\":2,\"2963\":3,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"2984\":2,\"3046\":1,\"3050\":1,\"3082\":1,\"3088\":1,\"3089\":1,\"3090\":3,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3111\":3,\"3149\":1,\"3179\":1,\"3180\":1,\"3181\":2,\"3182\":3,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3203\":2,\"3241\":1,\"3245\":1,\"3277\":1,\"3307\":1,\"3308\":1,\"3309\":3,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3328\":1,\"3332\":3,\"3370\":1,\"3400\":1,\"3401\":1,\"3402\":2,\"3403\":3,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3422\":1}}],[\"parameters\",{\"0\":{\"173\":1,\"240\":1,\"268\":1,\"322\":1,\"343\":1,\"344\":1,\"347\":1,\"929\":1,\"1030\":1,\"1058\":1,\"1124\":1,\"1140\":1,\"1142\":1,\"1201\":1,\"1226\":1,\"1255\":1,\"1269\":1,\"1364\":1,\"1426\":1,\"1441\":1,\"1540\":1,\"1602\":1,\"1618\":1,\"1717\":1,\"1779\":1,\"1795\":1,\"1894\":1,\"1956\":1,\"1972\":1,\"2071\":1,\"2133\":1,\"2149\":1,\"2248\":1,\"2310\":1,\"2336\":1,\"2437\":1,\"2463\":1,\"2529\":1,\"2555\":1,\"2656\":1,\"2682\":1,\"2748\":1,\"2774\":1,\"2875\":1,\"2901\":1,\"2967\":1,\"2993\":1,\"3094\":1,\"3120\":1,\"3186\":1,\"3212\":1,\"3313\":1,\"3341\":1,\"3407\":1},\"1\":{\"112\":1,\"113\":1,\"147\":4,\"151\":1,\"159\":13,\"160\":3,\"171\":3,\"173\":1,\"240\":1,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"322\":1,\"344\":1,\"345\":1,\"347\":5,\"364\":1,\"390\":1,\"425\":4,\"442\":2,\"443\":1,\"481\":2,\"482\":1,\"491\":3,\"504\":2,\"505\":1,\"517\":3,\"530\":2,\"531\":1,\"543\":3,\"560\":2,\"561\":1,\"573\":3,\"590\":2,\"591\":1,\"603\":3,\"620\":2,\"621\":1,\"649\":3,\"666\":2,\"667\":1,\"695\":4,\"712\":2,\"713\":1,\"741\":4,\"758\":2,\"759\":1,\"787\":4,\"804\":2,\"805\":1,\"833\":4,\"850\":2,\"851\":1,\"879\":4,\"896\":2,\"897\":1,\"918\":1,\"1025\":1,\"1029\":1,\"1047\":1,\"1118\":1,\"1123\":1,\"1141\":4,\"1142\":1,\"1226\":1,\"1268\":1,\"1353\":1,\"1420\":1,\"1425\":1,\"1440\":1,\"1529\":1,\"1596\":1,\"1601\":1,\"1617\":1,\"1706\":1,\"1773\":1,\"1778\":1,\"1794\":1,\"1883\":1,\"1950\":1,\"1955\":1,\"1971\":1,\"2060\":1,\"2127\":1,\"2132\":1,\"2148\":1,\"2237\":1,\"2304\":1,\"2309\":1,\"2325\":1,\"2432\":1,\"2436\":1,\"2452\":1,\"2523\":1,\"2528\":1,\"2544\":1,\"2651\":1,\"2655\":1,\"2671\":1,\"2742\":1,\"2747\":1,\"2763\":1,\"2870\":1,\"2874\":1,\"2890\":1,\"2961\":1,\"2966\":1,\"2982\":1,\"3089\":1,\"3093\":1,\"3109\":1,\"3180\":1,\"3185\":1,\"3201\":1,\"3308\":1,\"3312\":1,\"3330\":1,\"3401\":1,\"3406\":1}}],[\"paren\",{\"1\":{\"159\":43}}],[\"parens\",{\"1\":{\"159\":5}}],[\"parenthesized\",{\"1\":{\"159\":5}}],[\"parentheses\",{\"1\":{\"159\":10}}],[\"parent\",{\"1\":{\"85\":2,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"partner\",{\"1\":{\"98\":1}}],[\"partners\",{\"0\":{\"76\":1},\"1\":{\"4\":1,\"69\":1,\"82\":1,\"85\":1,\"98\":1,\"109\":1,\"427\":1,\"439\":4,\"470\":1,\"478\":4,\"493\":1,\"501\":4,\"519\":1,\"527\":4,\"545\":1,\"557\":4,\"575\":1,\"587\":4,\"605\":1,\"617\":4,\"651\":1,\"663\":4,\"697\":1,\"709\":4,\"743\":1,\"755\":4,\"789\":1,\"801\":4,\"835\":1,\"847\":4,\"881\":1,\"893\":4}}],[\"parts\",{\"1\":{\"97\":1,\"331\":1}}],[\"parties\",{\"1\":{\"85\":1}}],[\"participants\",{\"1\":{\"116\":2,\"117\":1}}],[\"participating\",{\"1\":{\"0\":1,\"8\":1,\"32\":1,\"88\":1,\"109\":1,\"110\":1,\"165\":1}}],[\"particular\",{\"1\":{\"81\":2,\"82\":1,\"120\":1}}],[\"party\",{\"1\":{\"26\":1,\"82\":1,\"85\":1,\"134\":1,\"135\":1}}],[\"part\",{\"1\":{\"6\":1,\"77\":1,\"99\":1,\"104\":1,\"128\":1,\"129\":2,\"169\":1,\"345\":1,\"347\":1,\"403\":1,\"419\":2,\"434\":1,\"473\":2,\"496\":2,\"522\":2,\"536\":1,\"537\":1,\"552\":1,\"582\":1,\"612\":1,\"643\":2,\"658\":1,\"689\":2,\"704\":1,\"735\":2,\"750\":1,\"781\":2,\"796\":1,\"827\":2,\"842\":1,\"873\":2,\"888\":1}}],[\"pattern\",{\"1\":{\"357\":2}}],[\"paths\",{\"1\":{\"324\":1,\"369\":1}}],[\"path\",{\"0\":{\"1004\":1,\"1020\":1,\"1037\":1,\"1097\":1,\"1113\":1,\"1131\":1,\"1207\":1,\"1223\":1,\"1275\":1,\"1291\":1,\"1399\":1,\"1415\":1,\"1447\":1,\"1463\":1,\"1575\":1,\"1591\":1,\"1609\":1,\"1624\":1,\"1640\":1,\"1752\":1,\"1768\":1,\"1786\":1,\"1801\":1,\"1817\":1,\"1929\":1,\"1945\":1,\"1963\":1,\"1978\":1,\"1994\":1,\"2106\":1,\"2122\":1,\"2140\":1,\"2155\":1,\"2171\":1,\"2283\":1,\"2299\":1,\"2317\":1,\"2342\":1,\"2358\":1,\"2444\":1,\"2502\":1,\"2518\":1,\"2536\":1,\"2561\":1,\"2577\":1,\"2663\":1,\"2721\":1,\"2737\":1,\"2755\":1,\"2780\":1,\"2796\":1,\"2882\":1,\"2940\":1,\"2956\":1,\"2974\":1,\"2999\":1,\"3015\":1,\"3101\":1,\"3159\":1,\"3175\":1,\"3193\":1,\"3287\":1,\"3303\":1,\"3320\":1,\"3380\":1,\"3396\":1,\"3414\":1},\"1\":{\"138\":2,\"338\":1,\"1003\":1,\"1004\":2,\"1020\":2,\"1025\":2,\"1037\":2,\"1096\":1,\"1097\":2,\"1113\":2,\"1118\":2,\"1131\":2,\"1206\":1,\"1207\":2,\"1223\":2,\"1274\":1,\"1275\":2,\"1291\":2,\"1398\":1,\"1399\":2,\"1415\":2,\"1420\":2,\"1446\":1,\"1447\":2,\"1463\":2,\"1574\":1,\"1575\":2,\"1591\":2,\"1596\":2,\"1609\":2,\"1623\":1,\"1624\":2,\"1640\":2,\"1751\":1,\"1752\":2,\"1768\":2,\"1773\":2,\"1786\":2,\"1800\":1,\"1801\":2,\"1817\":2,\"1928\":1,\"1929\":2,\"1945\":2,\"1950\":2,\"1963\":2,\"1977\":1,\"1978\":2,\"1994\":2,\"2105\":1,\"2106\":2,\"2122\":2,\"2127\":2,\"2140\":2,\"2154\":1,\"2155\":2,\"2171\":2,\"2282\":1,\"2283\":2,\"2299\":2,\"2304\":2,\"2317\":2,\"2341\":1,\"2342\":2,\"2358\":2,\"2432\":2,\"2444\":2,\"2501\":1,\"2502\":2,\"2518\":2,\"2523\":2,\"2536\":2,\"2560\":1,\"2561\":2,\"2577\":2,\"2651\":2,\"2663\":2,\"2720\":1,\"2721\":2,\"2737\":2,\"2742\":2,\"2755\":2,\"2779\":1,\"2780\":2,\"2796\":2,\"2870\":2,\"2882\":2,\"2939\":1,\"2940\":2,\"2956\":2,\"2961\":2,\"2974\":2,\"2998\":1,\"2999\":2,\"3015\":2,\"3089\":2,\"3101\":2,\"3158\":1,\"3159\":2,\"3175\":2,\"3180\":2,\"3193\":2,\"3286\":1,\"3287\":2,\"3303\":2,\"3308\":2,\"3320\":2,\"3379\":1,\"3380\":2,\"3396\":2,\"3401\":2,\"3414\":2}}],[\"patients\",{\"1\":{\"126\":1}}],[\"patient\",{\"1\":{\"78\":1,\"82\":2,\"95\":1,\"98\":2,\"99\":4,\"152\":2,\"169\":4,\"174\":1,\"231\":2,\"232\":1,\"238\":1}}],[\"patches\",{\"1\":{\"38\":1,\"109\":1}}],[\"pages\",{\"1\":{\"33\":1,\"405\":1,\"434\":1,\"439\":1,\"473\":1,\"478\":1,\"496\":1,\"501\":1,\"522\":1,\"527\":1,\"552\":1,\"557\":1,\"582\":1,\"587\":1,\"612\":1,\"617\":1,\"629\":1,\"658\":1,\"663\":1,\"675\":1,\"704\":1,\"709\":1,\"721\":1,\"750\":1,\"755\":1,\"767\":1,\"796\":1,\"801\":1,\"813\":1,\"842\":1,\"847\":1,\"859\":1,\"888\":1,\"893\":1}}],[\"page\",{\"0\":{\"264\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1},\"1\":{\"12\":1,\"37\":1,\"99\":1,\"169\":1,\"264\":2,\"422\":1,\"442\":3,\"443\":1,\"460\":1,\"504\":2,\"505\":1,\"530\":2,\"531\":1,\"560\":2,\"561\":1,\"590\":2,\"591\":1,\"620\":2,\"621\":1,\"646\":1,\"666\":2,\"667\":1,\"692\":1,\"712\":2,\"713\":1,\"738\":1,\"758\":2,\"759\":1,\"784\":1,\"804\":2,\"805\":1,\"830\":1,\"850\":2,\"851\":1,\"876\":1,\"896\":3,\"897\":1,\"914\":1,\"920\":1,\"1026\":1,\"1049\":1,\"1084\":2,\"1120\":1,\"1248\":2,\"1355\":1,\"1387\":2,\"1422\":1,\"1531\":1,\"1563\":2,\"1598\":1,\"1708\":1,\"1740\":2,\"1775\":1,\"1885\":1,\"1917\":2,\"1952\":1,\"2062\":1,\"2094\":2,\"2129\":1,\"2239\":1,\"2271\":2,\"2306\":1,\"2327\":1,\"2433\":1,\"2454\":1,\"2489\":2,\"2525\":1,\"2546\":1,\"2652\":1,\"2673\":1,\"2708\":2,\"2744\":1,\"2765\":1,\"2871\":1,\"2892\":1,\"2927\":2,\"2963\":1,\"2984\":1,\"3090\":1,\"3111\":1,\"3146\":2,\"3182\":1,\"3203\":1,\"3309\":1,\"3332\":1,\"3367\":2,\"3403\":1}}],[\"paper\",{\"1\":{\"1\":2}}],[\"practionier\",{\"1\":{\"927\":1,\"2334\":1,\"2553\":1,\"2772\":1,\"2991\":1,\"3210\":1}}],[\"practitioner\",{\"0\":{\"925\":1,\"927\":1,\"1054\":1,\"1056\":1,\"1360\":1,\"1362\":1,\"1536\":1,\"1538\":1,\"1713\":1,\"1715\":1,\"1890\":1,\"1892\":1,\"2067\":1,\"2069\":1,\"2244\":1,\"2246\":1,\"2332\":1,\"2334\":1,\"2459\":1,\"2461\":1,\"2551\":1,\"2553\":1,\"2678\":1,\"2680\":1,\"2770\":1,\"2772\":1,\"2897\":1,\"2899\":1,\"2989\":1,\"2991\":1,\"3116\":1,\"3118\":1,\"3208\":1,\"3210\":1,\"3337\":1,\"3339\":1},\"1\":{\"1056\":3,\"1057\":4,\"1362\":3,\"1363\":4,\"1538\":3,\"1539\":4,\"1715\":3,\"1716\":4,\"1892\":3,\"1893\":4,\"2069\":3,\"2070\":4,\"2246\":3,\"2247\":4,\"2461\":3,\"2462\":4,\"2680\":3,\"2681\":4,\"2899\":3,\"2900\":4,\"3118\":3,\"3119\":4,\"3339\":3,\"3340\":4}}],[\"pr\",{\"1\":{\"141\":1}}],[\"prevent\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"previously\",{\"1\":{\"162\":1,\"237\":1,\"342\":1,\"374\":1,\"398\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"previous\",{\"1\":{\"136\":1,\"217\":1,\"372\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\"preferences\",{\"1\":{\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"prefixes\",{\"1\":{\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"prefix\",{\"1\":{\"159\":2}}],[\"preparation\",{\"1\":{\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"prepared\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"331\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"prepare\",{\"0\":{\"288\":1,\"299\":1,\"441\":1,\"480\":1,\"503\":1,\"529\":1,\"559\":1,\"589\":1,\"619\":1,\"665\":1,\"711\":1,\"757\":1,\"803\":1,\"849\":1,\"895\":1},\"1\":{\"346\":1}}],[\"pre\",{\"1\":{\"280\":1,\"290\":1,\"291\":1,\"301\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"preread\",{\"1\":{\"170\":2}}],[\"prerequisites\",{\"0\":{\"281\":1,\"292\":1,\"319\":1,\"394\":1,\"428\":1,\"432\":1,\"435\":1,\"471\":1,\"474\":1,\"494\":1,\"497\":1,\"520\":1,\"523\":1,\"546\":1,\"553\":1,\"576\":1,\"583\":1,\"606\":1,\"613\":1,\"652\":1,\"659\":1,\"698\":1,\"705\":1,\"744\":1,\"751\":1,\"790\":1,\"794\":1,\"797\":1,\"836\":1,\"840\":1,\"843\":1,\"882\":1,\"886\":1,\"889\":1},\"1\":{\"319\":1,\"325\":1,\"326\":1,\"327\":1,\"328\":1,\"338\":1,\"339\":1,\"342\":1,\"343\":1,\"352\":1,\"353\":1,\"367\":1,\"368\":1,\"377\":1,\"378\":1,\"393\":1,\"403\":1,\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"prerequisite\",{\"1\":{\"133\":1,\"134\":1,\"135\":1}}],[\"predefined\",{\"1\":{\"105\":2,\"347\":1}}],[\"prescriptions\",{\"1\":{\"126\":1}}],[\"president\",{\"1\":{\"1\":1}}],[\"preserve\",{\"1\":{\"159\":2}}],[\"preserving\",{\"1\":{\"0\":1,\"32\":1}}],[\"present\",{\"1\":{\"117\":3,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"presentation\",{\"1\":{\"1\":1}}],[\"presented\",{\"1\":{\"1\":2}}],[\"präsentiert\",{\"1\":{\"14\":1}}],[\"prior\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"prioritizes\",{\"1\":{\"5\":1}}],[\"printed\",{\"1\":{\"349\":1}}],[\"print\",{\"1\":{\"290\":1,\"301\":1,\"338\":4,\"352\":3,\"367\":2,\"393\":3,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"principles\",{\"1\":{\"36\":1}}],[\"private\",{\"0\":{\"188\":1,\"189\":2,\"213\":1,\"214\":2,\"242\":1,\"243\":2,\"949\":1,\"950\":2,\"964\":1,\"965\":2,\"1009\":1,\"1010\":2,\"1060\":1,\"1061\":2,\"1102\":1,\"1103\":2,\"1158\":1,\"1159\":2,\"1174\":1,\"1175\":2,\"1212\":1,\"1213\":2,\"1228\":1,\"1229\":2,\"1280\":1,\"1281\":2,\"1309\":1,\"1310\":2,\"1325\":1,\"1326\":2,\"1366\":1,\"1367\":2,\"1404\":1,\"1405\":2,\"1452\":1,\"1453\":2,\"1482\":1,\"1483\":2,\"1497\":1,\"1498\":2,\"1542\":1,\"1543\":2,\"1580\":1,\"1581\":2,\"1629\":1,\"1630\":2,\"1659\":1,\"1660\":2,\"1674\":1,\"1675\":2,\"1719\":1,\"1720\":2,\"1757\":1,\"1758\":2,\"1806\":1,\"1807\":2,\"1836\":1,\"1837\":2,\"1851\":1,\"1852\":2,\"1896\":1,\"1897\":2,\"1934\":1,\"1935\":2,\"1983\":1,\"1984\":2,\"2013\":1,\"2014\":2,\"2028\":1,\"2029\":2,\"2073\":1,\"2074\":2,\"2111\":1,\"2112\":2,\"2160\":1,\"2161\":2,\"2190\":1,\"2191\":2,\"2205\":1,\"2206\":2,\"2250\":1,\"2251\":2,\"2288\":1,\"2289\":2,\"2347\":1,\"2348\":2,\"2380\":1,\"2381\":2,\"2395\":1,\"2396\":2,\"2465\":1,\"2466\":2,\"2507\":1,\"2508\":2,\"2566\":1,\"2567\":2,\"2599\":1,\"2600\":2,\"2614\":1,\"2615\":2,\"2684\":1,\"2685\":2,\"2726\":1,\"2727\":2,\"2785\":1,\"2786\":2,\"2818\":1,\"2819\":2,\"2833\":1,\"2834\":2,\"2903\":1,\"2904\":2,\"2945\":1,\"2946\":2,\"3004\":1,\"3005\":2,\"3037\":1,\"3038\":2,\"3052\":1,\"3053\":2,\"3122\":1,\"3123\":2,\"3164\":1,\"3165\":2,\"3232\":1,\"3233\":2,\"3247\":1,\"3248\":2,\"3292\":1,\"3293\":2,\"3343\":1,\"3344\":2,\"3385\":1,\"3386\":2},\"1\":{\"134\":4,\"135\":4,\"188\":6,\"189\":4,\"213\":6,\"214\":4,\"224\":1,\"242\":6,\"243\":4,\"279\":1,\"288\":5,\"289\":11,\"290\":10,\"299\":5,\"300\":11,\"301\":10,\"327\":47,\"338\":2,\"441\":5,\"442\":11,\"443\":10,\"461\":2,\"462\":2,\"480\":5,\"481\":11,\"482\":10,\"503\":5,\"504\":11,\"505\":10,\"529\":5,\"530\":11,\"531\":10,\"559\":5,\"560\":11,\"561\":10,\"589\":5,\"590\":11,\"591\":10,\"619\":5,\"620\":11,\"621\":10,\"665\":5,\"666\":11,\"667\":10,\"711\":5,\"712\":11,\"713\":10,\"757\":5,\"758\":11,\"759\":10,\"803\":5,\"804\":11,\"805\":10,\"849\":5,\"850\":11,\"851\":10,\"895\":5,\"896\":11,\"897\":10,\"915\":2,\"916\":2,\"949\":6,\"950\":4,\"964\":6,\"965\":4,\"975\":1,\"1009\":6,\"1010\":4,\"1018\":1,\"1019\":1,\"1042\":1,\"1060\":6,\"1061\":4,\"1102\":6,\"1103\":4,\"1111\":1,\"1112\":1,\"1136\":1,\"1158\":6,\"1159\":4,\"1174\":6,\"1175\":4,\"1185\":1,\"1212\":6,\"1213\":4,\"1221\":1,\"1222\":1,\"1228\":6,\"1229\":4,\"1266\":1,\"1280\":6,\"1281\":4,\"1289\":1,\"1290\":1,\"1309\":6,\"1310\":4,\"1325\":6,\"1326\":4,\"1336\":1,\"1366\":6,\"1367\":4,\"1404\":6,\"1405\":4,\"1413\":1,\"1414\":1,\"1437\":1,\"1452\":6,\"1453\":4,\"1461\":1,\"1462\":1,\"1482\":6,\"1483\":4,\"1497\":6,\"1498\":4,\"1508\":1,\"1542\":6,\"1543\":4,\"1580\":6,\"1581\":4,\"1589\":1,\"1590\":1,\"1614\":1,\"1629\":6,\"1630\":4,\"1638\":1,\"1639\":1,\"1659\":6,\"1660\":4,\"1674\":6,\"1675\":4,\"1685\":1,\"1719\":6,\"1720\":4,\"1757\":6,\"1758\":4,\"1766\":1,\"1767\":1,\"1791\":1,\"1806\":6,\"1807\":4,\"1815\":1,\"1816\":1,\"1836\":6,\"1837\":4,\"1851\":6,\"1852\":4,\"1862\":1,\"1896\":6,\"1897\":4,\"1934\":6,\"1935\":4,\"1943\":1,\"1944\":1,\"1968\":1,\"1983\":6,\"1984\":4,\"1992\":1,\"1993\":1,\"2013\":6,\"2014\":4,\"2028\":6,\"2029\":4,\"2039\":1,\"2073\":6,\"2074\":4,\"2111\":6,\"2112\":4,\"2120\":1,\"2121\":1,\"2145\":1,\"2160\":6,\"2161\":4,\"2169\":1,\"2170\":1,\"2190\":6,\"2191\":4,\"2205\":6,\"2206\":4,\"2216\":1,\"2250\":6,\"2251\":4,\"2288\":6,\"2289\":4,\"2297\":1,\"2298\":1,\"2322\":1,\"2347\":6,\"2348\":4,\"2356\":1,\"2357\":1,\"2380\":6,\"2381\":4,\"2395\":6,\"2396\":4,\"2406\":1,\"2449\":1,\"2465\":6,\"2466\":4,\"2507\":6,\"2508\":4,\"2516\":1,\"2517\":1,\"2541\":1,\"2566\":6,\"2567\":4,\"2575\":1,\"2576\":1,\"2599\":6,\"2600\":4,\"2614\":6,\"2615\":4,\"2625\":1,\"2668\":1,\"2684\":6,\"2685\":4,\"2726\":6,\"2727\":4,\"2735\":1,\"2736\":1,\"2760\":1,\"2785\":6,\"2786\":4,\"2794\":1,\"2795\":1,\"2818\":6,\"2819\":4,\"2833\":6,\"2834\":4,\"2844\":1,\"2887\":1,\"2903\":6,\"2904\":4,\"2945\":6,\"2946\":4,\"2954\":1,\"2955\":1,\"2979\":1,\"3004\":6,\"3005\":4,\"3013\":1,\"3014\":1,\"3037\":6,\"3038\":4,\"3052\":6,\"3053\":4,\"3063\":1,\"3106\":1,\"3122\":6,\"3123\":4,\"3164\":6,\"3165\":4,\"3173\":1,\"3174\":1,\"3198\":1,\"3232\":6,\"3233\":4,\"3247\":6,\"3248\":4,\"3258\":1,\"3292\":6,\"3293\":4,\"3301\":1,\"3302\":1,\"3325\":1,\"3343\":6,\"3344\":4,\"3385\":6,\"3386\":4,\"3394\":1,\"3395\":1,\"3419\":1}}],[\"privacy\",{\"1\":{\"0\":1,\"32\":1,\"129\":1}}],[\"primary\",{\"1\":{\"98\":1,\"127\":1,\"154\":1}}],[\"primarily\",{\"1\":{\"9\":1}}],[\"primär\",{\"1\":{\"16\":1}}],[\"prompted\",{\"1\":{\"459\":1,\"485\":3,\"508\":3,\"534\":3,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"promise\",{\"0\":{\"38\":1},\"1\":{\"39\":1,\"127\":1}}],[\"proposed\",{\"1\":{\"419\":3,\"643\":3,\"689\":3,\"735\":3,\"781\":3,\"827\":3,\"873\":3}}],[\"propose\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"properties\",{\"1\":{\"921\":1,\"924\":1,\"1050\":1,\"1053\":1,\"1356\":1,\"1359\":1,\"1532\":1,\"1535\":1,\"1709\":1,\"1712\":1,\"1886\":1,\"1889\":1,\"2063\":1,\"2066\":1,\"2240\":1,\"2243\":1,\"2328\":1,\"2331\":1,\"2455\":1,\"2458\":1,\"2547\":1,\"2550\":1,\"2674\":1,\"2677\":1,\"2766\":1,\"2769\":1,\"2893\":1,\"2896\":1,\"2985\":1,\"2988\":1,\"3112\":1,\"3115\":1,\"3204\":1,\"3207\":1,\"3333\":1,\"3336\":1}}],[\"property\",{\"1\":{\"152\":2,\"153\":2,\"174\":1,\"175\":1,\"176\":1,\"177\":1,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":1,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":1,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":1,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":1,\"252\":1,\"253\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"346\":5,\"922\":1,\"923\":2,\"926\":1,\"930\":1,\"931\":1,\"932\":1,\"933\":1,\"934\":1,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":1,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":1,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":1,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":1,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":1,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1051\":1,\"1052\":2,\"1055\":1,\"1056\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":1,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":1,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1143\":1,\"1144\":1,\"1145\":1,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":1,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":1,\"1199\":1,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":1,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":1,\"1253\":1,\"1254\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":1,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":1,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":1,\"1350\":1,\"1351\":1,\"1357\":1,\"1358\":2,\"1361\":1,\"1362\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":1,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":1,\"1392\":1,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":1,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":1,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":1,\"1526\":1,\"1527\":1,\"1533\":1,\"1534\":2,\"1537\":1,\"1538\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":1,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":1,\"1568\":1,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":1,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":1,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":1,\"1703\":1,\"1704\":1,\"1710\":1,\"1711\":2,\"1714\":1,\"1715\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":1,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":1,\"1745\":1,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":1,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":1,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":1,\"1880\":1,\"1881\":1,\"1887\":1,\"1888\":2,\"1891\":1,\"1892\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":1,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":1,\"1922\":1,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":1,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":1,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":1,\"2057\":1,\"2058\":1,\"2064\":1,\"2065\":2,\"2068\":1,\"2069\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":1,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":1,\"2099\":1,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":1,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":1,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":1,\"2234\":1,\"2235\":1,\"2241\":1,\"2242\":2,\"2245\":1,\"2246\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":1,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":1,\"2276\":1,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2329\":1,\"2330\":2,\"2333\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":1,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":1,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":1,\"2428\":1,\"2429\":1,\"2456\":1,\"2457\":2,\"2460\":1,\"2461\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":1,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":1,\"2495\":1,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2548\":1,\"2549\":2,\"2552\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":1,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":1,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":1,\"2647\":1,\"2648\":1,\"2675\":1,\"2676\":2,\"2679\":1,\"2680\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":1,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":1,\"2714\":1,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2767\":1,\"2768\":2,\"2771\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":1,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":1,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":1,\"2866\":1,\"2867\":1,\"2894\":1,\"2895\":2,\"2898\":1,\"2899\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":1,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":1,\"2933\":1,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2986\":1,\"2987\":2,\"2990\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":1,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":1,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":1,\"3085\":1,\"3086\":1,\"3113\":1,\"3114\":2,\"3117\":1,\"3118\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":1,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":1,\"3152\":1,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3205\":1,\"3206\":2,\"3209\":1,\"3213\":1,\"3214\":1,\"3215\":1,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":1,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":1,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3334\":1,\"3335\":2,\"3338\":1,\"3339\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":1,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":1,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1}}],[\"properly\",{\"1\":{\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1}}],[\"proactive\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"prohibits\",{\"1\":{\"381\":1}}],[\"proceeding\",{\"1\":{\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"process|x\",{\"1\":{\"985\":1,\"989\":1,\"1518\":1,\"1522\":1,\"1695\":1,\"1699\":1,\"1872\":1,\"1876\":1,\"2049\":1,\"2053\":1,\"2226\":1,\"2230\":1,\"2416\":1,\"2420\":1,\"2635\":1,\"2639\":1,\"2854\":1,\"2858\":1,\"3073\":1,\"3077\":1,\"3268\":1,\"3272\":1}}],[\"processkey\",{\"1\":{\"357\":2}}],[\"processdocumentation\",{\"1\":{\"346\":2}}],[\"processplugindefinition\",{\"1\":{\"332\":2,\"348\":2}}],[\"processed\",{\"1\":{\"8\":1}}],[\"processes\",{\"0\":{\"8\":1,\"138\":1,\"154\":1,\"318\":1,\"423\":1,\"466\":1,\"489\":1,\"515\":1,\"541\":1,\"549\":1,\"550\":1,\"551\":1,\"571\":1,\"579\":1,\"580\":1,\"581\":1,\"601\":1,\"609\":1,\"610\":1,\"611\":1,\"647\":1,\"655\":1,\"656\":1,\"657\":1,\"693\":1,\"701\":1,\"702\":1,\"703\":1,\"739\":1,\"747\":1,\"748\":1,\"749\":1,\"785\":1,\"831\":1,\"877\":1},\"1\":{\"0\":2,\"6\":1,\"26\":2,\"28\":1,\"29\":1,\"32\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"77\":1,\"85\":1,\"88\":1,\"90\":2,\"94\":1,\"96\":3,\"97\":2,\"98\":2,\"99\":2,\"103\":1,\"116\":3,\"117\":4,\"120\":2,\"143\":1,\"154\":1,\"169\":2,\"178\":1,\"179\":1,\"180\":1,\"233\":1,\"237\":1,\"290\":15,\"301\":4,\"304\":9,\"307\":9,\"322\":1,\"323\":1,\"332\":3,\"334\":1,\"344\":1,\"346\":1,\"354\":3,\"356\":3,\"357\":1,\"358\":1,\"367\":1,\"377\":1,\"384\":1,\"390\":1,\"393\":1,\"396\":1,\"397\":1,\"399\":2,\"401\":1,\"402\":1,\"419\":1,\"421\":1,\"422\":1,\"427\":1,\"459\":1,\"464\":1,\"465\":1,\"470\":1,\"487\":1,\"488\":1,\"493\":1,\"513\":1,\"514\":1,\"519\":1,\"539\":1,\"540\":1,\"545\":1,\"551\":1,\"564\":1,\"569\":1,\"570\":1,\"575\":1,\"581\":1,\"594\":1,\"599\":1,\"600\":1,\"605\":1,\"611\":1,\"624\":1,\"643\":1,\"645\":1,\"646\":1,\"651\":1,\"657\":1,\"670\":1,\"689\":1,\"691\":1,\"692\":1,\"697\":1,\"703\":1,\"716\":1,\"735\":1,\"737\":1,\"738\":1,\"743\":1,\"749\":1,\"762\":1,\"781\":1,\"783\":1,\"784\":1,\"789\":1,\"808\":1,\"827\":1,\"829\":1,\"830\":1,\"835\":1,\"854\":1,\"873\":1,\"875\":1,\"876\":1,\"881\":1,\"913\":1,\"935\":1,\"936\":1,\"937\":1,\"985\":1,\"989\":1,\"990\":1,\"1056\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1192\":1,\"1196\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1343\":1,\"1347\":1,\"1362\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1518\":1,\"1522\":1,\"1523\":1,\"1538\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1695\":1,\"1699\":1,\"1700\":1,\"1715\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1872\":1,\"1876\":1,\"1877\":1,\"1892\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2049\":1,\"2053\":1,\"2054\":1,\"2069\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2226\":1,\"2230\":1,\"2231\":1,\"2246\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2416\":1,\"2420\":1,\"2421\":1,\"2461\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2635\":1,\"2639\":1,\"2640\":1,\"2680\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2854\":1,\"2858\":1,\"2859\":1,\"2899\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3073\":1,\"3077\":1,\"3078\":1,\"3118\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3268\":1,\"3272\":1,\"3273\":1,\"3339\":1}}],[\"process\",{\"0\":{\"90\":1,\"101\":1,\"104\":1,\"105\":1,\"106\":1,\"107\":1,\"113\":1,\"114\":1,\"127\":1,\"130\":1,\"168\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"317\":1,\"318\":1,\"320\":1,\"321\":1,\"326\":1,\"328\":1,\"329\":1,\"332\":1,\"333\":1,\"334\":1,\"338\":1,\"339\":1,\"340\":1,\"352\":1,\"357\":1,\"367\":1,\"373\":1,\"377\":1,\"383\":1,\"393\":1,\"415\":1,\"420\":1,\"422\":1,\"463\":1,\"465\":1,\"486\":1,\"488\":1,\"512\":1,\"514\":1,\"538\":1,\"540\":1,\"568\":1,\"570\":1,\"598\":1,\"600\":1,\"639\":1,\"644\":1,\"646\":1,\"685\":1,\"690\":1,\"692\":1,\"731\":1,\"736\":1,\"738\":1,\"777\":1,\"782\":1,\"784\":1,\"823\":1,\"828\":1,\"830\":1,\"869\":1,\"874\":1,\"876\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1},\"1\":{\"0\":3,\"5\":2,\"8\":1,\"17\":1,\"20\":3,\"24\":1,\"26\":1,\"28\":1,\"31\":1,\"32\":3,\"33\":2,\"42\":1,\"43\":1,\"44\":1,\"45\":1,\"46\":1,\"47\":1,\"48\":1,\"49\":1,\"50\":1,\"51\":1,\"52\":1,\"53\":1,\"54\":1,\"55\":1,\"56\":1,\"57\":1,\"58\":1,\"59\":1,\"60\":1,\"61\":1,\"62\":1,\"63\":1,\"64\":1,\"65\":1,\"66\":1,\"67\":1,\"88\":3,\"90\":2,\"96\":6,\"97\":3,\"98\":2,\"99\":2,\"102\":8,\"103\":1,\"104\":4,\"105\":2,\"106\":1,\"107\":1,\"110\":1,\"113\":1,\"117\":2,\"121\":1,\"126\":1,\"127\":3,\"128\":2,\"130\":3,\"138\":2,\"152\":1,\"153\":1,\"154\":4,\"163\":2,\"165\":1,\"168\":1,\"169\":2,\"173\":1,\"184\":1,\"185\":1,\"186\":1,\"233\":2,\"234\":2,\"235\":2,\"236\":3,\"237\":2,\"290\":8,\"301\":8,\"302\":1,\"304\":43,\"305\":1,\"307\":34,\"308\":1,\"310\":5,\"313\":2,\"316\":2,\"318\":1,\"320\":1,\"321\":1,\"322\":2,\"323\":2,\"324\":2,\"325\":1,\"327\":7,\"329\":2,\"331\":5,\"332\":8,\"333\":4,\"334\":1,\"335\":3,\"337\":1,\"338\":17,\"340\":1,\"342\":3,\"344\":3,\"345\":3,\"346\":4,\"347\":6,\"348\":2,\"349\":1,\"351\":1,\"352\":12,\"354\":2,\"356\":8,\"357\":6,\"358\":2,\"361\":5,\"362\":3,\"363\":7,\"364\":8,\"366\":1,\"367\":17,\"369\":3,\"371\":2,\"372\":1,\"373\":3,\"374\":6,\"376\":1,\"377\":12,\"379\":2,\"381\":6,\"383\":3,\"384\":2,\"387\":5,\"388\":3,\"389\":7,\"390\":11,\"392\":1,\"393\":23,\"413\":1,\"416\":1,\"419\":4,\"421\":1,\"422\":3,\"423\":2,\"430\":2,\"431\":10,\"433\":8,\"434\":2,\"439\":2,\"443\":1,\"459\":4,\"460\":1,\"464\":1,\"465\":3,\"466\":2,\"473\":2,\"478\":2,\"482\":1,\"485\":3,\"487\":1,\"488\":3,\"489\":2,\"496\":2,\"501\":2,\"505\":1,\"508\":3,\"513\":1,\"514\":3,\"515\":2,\"522\":2,\"527\":2,\"531\":1,\"534\":3,\"537\":3,\"539\":1,\"540\":3,\"541\":2,\"548\":1,\"549\":2,\"550\":2,\"552\":2,\"557\":2,\"561\":1,\"564\":4,\"569\":1,\"570\":3,\"571\":2,\"578\":1,\"579\":2,\"580\":2,\"582\":2,\"587\":2,\"591\":1,\"594\":4,\"599\":1,\"600\":3,\"601\":2,\"608\":1,\"609\":2,\"610\":3,\"612\":2,\"617\":2,\"621\":1,\"624\":4,\"637\":1,\"640\":1,\"643\":4,\"645\":1,\"646\":3,\"647\":2,\"654\":1,\"655\":2,\"656\":3,\"658\":2,\"663\":2,\"667\":1,\"670\":4,\"683\":1,\"686\":1,\"689\":4,\"691\":1,\"692\":3,\"693\":2,\"700\":1,\"701\":2,\"702\":3,\"704\":2,\"709\":2,\"713\":1,\"716\":4,\"729\":1,\"732\":1,\"735\":4,\"737\":1,\"738\":3,\"739\":2,\"746\":1,\"747\":2,\"748\":4,\"750\":2,\"755\":2,\"759\":1,\"762\":4,\"775\":1,\"778\":1,\"781\":4,\"783\":1,\"784\":3,\"785\":2,\"792\":2,\"793\":10,\"795\":8,\"796\":2,\"801\":2,\"805\":1,\"808\":4,\"821\":1,\"824\":1,\"827\":4,\"829\":1,\"830\":3,\"831\":2,\"838\":2,\"839\":10,\"841\":8,\"842\":2,\"847\":2,\"851\":1,\"854\":4,\"867\":1,\"870\":1,\"873\":4,\"875\":1,\"876\":3,\"877\":2,\"884\":2,\"885\":10,\"887\":8,\"888\":2,\"893\":2,\"897\":1,\"913\":4,\"914\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"982\":2,\"983\":2,\"984\":2,\"985\":2,\"986\":2,\"987\":2,\"988\":3,\"989\":2,\"990\":1,\"1056\":3,\"1154\":1,\"1155\":1,\"1156\":1,\"1192\":2,\"1193\":2,\"1194\":2,\"1195\":3,\"1196\":2,\"1305\":1,\"1306\":1,\"1307\":1,\"1343\":2,\"1344\":2,\"1345\":2,\"1346\":3,\"1347\":2,\"1362\":3,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1515\":2,\"1516\":2,\"1517\":2,\"1518\":2,\"1519\":2,\"1520\":2,\"1521\":3,\"1522\":2,\"1523\":1,\"1538\":3,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1692\":2,\"1693\":2,\"1694\":2,\"1695\":2,\"1696\":2,\"1697\":2,\"1698\":3,\"1699\":2,\"1700\":1,\"1715\":3,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1869\":2,\"1870\":2,\"1871\":2,\"1872\":2,\"1873\":2,\"1874\":2,\"1875\":3,\"1876\":2,\"1877\":1,\"1892\":3,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2046\":2,\"2047\":2,\"2048\":2,\"2049\":2,\"2050\":2,\"2051\":2,\"2052\":3,\"2053\":2,\"2054\":1,\"2069\":3,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2223\":2,\"2224\":2,\"2225\":2,\"2226\":2,\"2227\":2,\"2228\":2,\"2229\":3,\"2230\":2,\"2231\":1,\"2246\":3,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2413\":2,\"2414\":2,\"2415\":2,\"2416\":2,\"2417\":2,\"2418\":2,\"2419\":3,\"2420\":2,\"2421\":1,\"2461\":3,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2632\":2,\"2633\":2,\"2634\":2,\"2635\":2,\"2636\":2,\"2637\":2,\"2638\":3,\"2639\":2,\"2640\":1,\"2680\":3,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2851\":2,\"2852\":2,\"2853\":2,\"2854\":2,\"2855\":2,\"2856\":2,\"2857\":3,\"2858\":2,\"2859\":1,\"2899\":3,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3070\":2,\"3071\":2,\"3072\":2,\"3073\":2,\"3074\":2,\"3075\":2,\"3076\":3,\"3077\":2,\"3078\":1,\"3118\":3,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3265\":2,\"3266\":2,\"3267\":2,\"3268\":2,\"3269\":2,\"3270\":2,\"3271\":3,\"3272\":2,\"3273\":1,\"3339\":3}}],[\"programming\",{\"1\":{\"396\":1}}],[\"program\",{\"1\":{\"98\":1,\"338\":1}}],[\"progress\",{\"1\":{\"13\":2,\"38\":1,\"97\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"problem\",{\"1\":{\"97\":1,\"98\":1,\"381\":2}}],[\"professionals\",{\"1\":{\"118\":1}}],[\"profile|\",{\"1\":{\"363\":1,\"389\":1}}],[\"profile>\",{\"1\":{\"159\":1,\"162\":1}}],[\"profile\",{\"0\":{\"360\":1,\"386\":1},\"1\":{\"112\":1,\"113\":1,\"167\":1,\"168\":1,\"284\":2,\"295\":2,\"334\":1,\"338\":1,\"347\":4,\"348\":1,\"349\":1,\"356\":2,\"358\":1,\"360\":1,\"363\":1,\"364\":3,\"367\":1,\"384\":1,\"386\":1,\"389\":1,\"390\":1,\"393\":1,\"438\":2,\"477\":2,\"500\":2,\"526\":2,\"556\":2,\"586\":2,\"616\":2,\"662\":2,\"708\":2,\"754\":2,\"800\":2,\"846\":2,\"892\":2}}],[\"profiles>\",{\"1\":{\"159\":1,\"162\":1}}],[\"profiles\",{\"1\":{\"95\":3,\"110\":1,\"165\":1,\"383\":1}}],[\"prof\",{\"1\":{\"77\":1,\"83\":1}}],[\"proxytest\",{\"1\":{\"139\":1}}],[\"proxy\",{\"0\":{\"92\":1,\"100\":1,\"139\":1,\"170\":1,\"190\":2,\"191\":1,\"192\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"244\":2,\"245\":1,\"246\":1,\"268\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"995\":1,\"996\":2,\"997\":1,\"998\":1,\"1028\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1088\":1,\"1089\":2,\"1090\":1,\"1091\":1,\"1122\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1197\":1,\"1198\":2,\"1199\":1,\"1200\":1,\"1251\":1,\"1252\":2,\"1253\":1,\"1254\":1,\"1255\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1348\":1,\"1349\":2,\"1350\":1,\"1351\":1,\"1390\":1,\"1391\":2,\"1392\":1,\"1393\":1,\"1424\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1524\":1,\"1525\":2,\"1526\":1,\"1527\":1,\"1566\":1,\"1567\":2,\"1568\":1,\"1569\":1,\"1600\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1701\":1,\"1702\":2,\"1703\":1,\"1704\":1,\"1743\":1,\"1744\":2,\"1745\":1,\"1746\":1,\"1777\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1878\":1,\"1879\":2,\"1880\":1,\"1881\":1,\"1920\":1,\"1921\":2,\"1922\":1,\"1923\":1,\"1954\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"2055\":1,\"2056\":2,\"2057\":1,\"2058\":1,\"2097\":1,\"2098\":2,\"2099\":1,\"2100\":1,\"2131\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2232\":1,\"2233\":2,\"2234\":1,\"2235\":1,\"2274\":1,\"2275\":2,\"2276\":1,\"2277\":1,\"2308\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2426\":1,\"2427\":2,\"2428\":1,\"2429\":1,\"2435\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2493\":1,\"2494\":2,\"2495\":1,\"2496\":1,\"2527\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2645\":1,\"2646\":2,\"2647\":1,\"2648\":1,\"2654\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2712\":1,\"2713\":2,\"2714\":1,\"2715\":1,\"2746\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2864\":1,\"2865\":2,\"2866\":1,\"2867\":1,\"2873\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2931\":1,\"2932\":2,\"2933\":1,\"2934\":1,\"2965\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3083\":1,\"3084\":2,\"3085\":1,\"3086\":1,\"3092\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3150\":1,\"3151\":2,\"3152\":1,\"3153\":1,\"3184\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3278\":1,\"3279\":2,\"3280\":1,\"3281\":1,\"3311\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3371\":1,\"3372\":2,\"3373\":1,\"3374\":1,\"3405\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"99\":3,\"100\":3,\"131\":1,\"139\":7,\"169\":3,\"170\":4,\"171\":1,\"190\":4,\"191\":4,\"192\":3,\"196\":4,\"197\":4,\"198\":3,\"199\":4,\"200\":4,\"201\":3,\"244\":4,\"245\":4,\"246\":3,\"269\":1,\"271\":2,\"272\":2,\"273\":2,\"274\":2,\"289\":2,\"300\":2,\"303\":3,\"306\":3,\"309\":3,\"312\":3,\"315\":3,\"327\":15,\"331\":1,\"425\":2,\"442\":2,\"450\":2,\"461\":3,\"481\":2,\"491\":1,\"504\":2,\"510\":3,\"517\":1,\"530\":2,\"536\":3,\"543\":1,\"560\":2,\"566\":3,\"573\":1,\"590\":2,\"596\":3,\"603\":1,\"620\":2,\"626\":3,\"649\":1,\"666\":2,\"672\":3,\"695\":2,\"712\":2,\"718\":3,\"741\":2,\"758\":2,\"764\":3,\"787\":2,\"804\":2,\"810\":3,\"833\":2,\"850\":2,\"856\":3,\"879\":2,\"896\":2,\"904\":2,\"915\":3,\"995\":3,\"996\":4,\"997\":5,\"998\":3,\"1001\":1,\"1024\":2,\"1031\":1,\"1033\":2,\"1034\":2,\"1035\":2,\"1036\":2,\"1037\":1,\"1088\":3,\"1089\":4,\"1090\":5,\"1091\":3,\"1094\":1,\"1117\":2,\"1125\":1,\"1127\":2,\"1128\":2,\"1129\":2,\"1130\":2,\"1131\":1,\"1141\":1,\"1197\":3,\"1198\":4,\"1199\":5,\"1200\":3,\"1204\":1,\"1251\":3,\"1252\":4,\"1253\":5,\"1254\":3,\"1256\":1,\"1258\":2,\"1259\":2,\"1260\":2,\"1261\":2,\"1272\":1,\"1348\":3,\"1349\":4,\"1350\":5,\"1351\":3,\"1390\":3,\"1391\":4,\"1392\":5,\"1393\":3,\"1396\":1,\"1419\":2,\"1427\":1,\"1429\":2,\"1430\":2,\"1431\":2,\"1432\":2,\"1444\":1,\"1524\":3,\"1525\":4,\"1526\":5,\"1527\":3,\"1566\":3,\"1567\":4,\"1568\":5,\"1569\":3,\"1572\":1,\"1595\":2,\"1603\":1,\"1605\":2,\"1606\":2,\"1607\":2,\"1608\":2,\"1609\":1,\"1621\":1,\"1701\":3,\"1702\":4,\"1703\":5,\"1704\":3,\"1743\":3,\"1744\":4,\"1745\":5,\"1746\":3,\"1749\":1,\"1772\":2,\"1780\":1,\"1782\":2,\"1783\":2,\"1784\":2,\"1785\":2,\"1786\":1,\"1798\":1,\"1878\":3,\"1879\":4,\"1880\":5,\"1881\":3,\"1920\":3,\"1921\":4,\"1922\":5,\"1923\":3,\"1926\":1,\"1949\":2,\"1957\":1,\"1959\":2,\"1960\":2,\"1961\":2,\"1962\":2,\"1963\":1,\"1975\":1,\"2055\":3,\"2056\":4,\"2057\":5,\"2058\":3,\"2097\":3,\"2098\":4,\"2099\":5,\"2100\":3,\"2103\":1,\"2126\":2,\"2134\":1,\"2136\":2,\"2137\":2,\"2138\":2,\"2139\":2,\"2140\":1,\"2152\":1,\"2232\":3,\"2233\":4,\"2234\":5,\"2235\":3,\"2274\":3,\"2275\":4,\"2276\":5,\"2277\":3,\"2280\":1,\"2303\":2,\"2311\":1,\"2313\":2,\"2314\":2,\"2315\":2,\"2316\":2,\"2317\":1,\"2339\":1,\"2426\":3,\"2427\":4,\"2428\":5,\"2429\":3,\"2431\":2,\"2438\":1,\"2440\":2,\"2441\":2,\"2442\":2,\"2443\":2,\"2444\":1,\"2493\":3,\"2494\":4,\"2495\":5,\"2496\":3,\"2499\":1,\"2522\":2,\"2530\":1,\"2532\":2,\"2533\":2,\"2534\":2,\"2535\":2,\"2536\":1,\"2558\":1,\"2645\":3,\"2646\":4,\"2647\":5,\"2648\":3,\"2650\":2,\"2657\":1,\"2659\":2,\"2660\":2,\"2661\":2,\"2662\":2,\"2663\":1,\"2712\":3,\"2713\":4,\"2714\":5,\"2715\":3,\"2718\":1,\"2741\":2,\"2749\":1,\"2751\":2,\"2752\":2,\"2753\":2,\"2754\":2,\"2755\":1,\"2777\":1,\"2864\":3,\"2865\":4,\"2866\":5,\"2867\":3,\"2869\":2,\"2876\":1,\"2878\":2,\"2879\":2,\"2880\":2,\"2881\":2,\"2882\":1,\"2931\":3,\"2932\":4,\"2933\":5,\"2934\":3,\"2937\":1,\"2960\":2,\"2968\":1,\"2970\":2,\"2971\":2,\"2972\":2,\"2973\":2,\"2974\":1,\"2996\":1,\"3083\":3,\"3084\":4,\"3085\":5,\"3086\":3,\"3088\":2,\"3095\":1,\"3097\":2,\"3098\":2,\"3099\":2,\"3100\":2,\"3101\":1,\"3150\":3,\"3151\":4,\"3152\":5,\"3153\":3,\"3156\":1,\"3179\":2,\"3187\":1,\"3189\":2,\"3190\":2,\"3191\":2,\"3192\":2,\"3193\":1,\"3278\":3,\"3279\":4,\"3280\":5,\"3281\":3,\"3284\":1,\"3307\":2,\"3314\":1,\"3316\":2,\"3317\":2,\"3318\":2,\"3319\":2,\"3320\":1,\"3371\":3,\"3372\":4,\"3373\":5,\"3374\":3,\"3377\":1,\"3400\":2,\"3408\":1,\"3410\":2,\"3411\":2,\"3412\":2,\"3413\":2,\"3414\":1}}],[\"proof\",{\"1\":{\"37\":1}}],[\"protocol\",{\"1\":{\"109\":1,\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"protocols\",{\"1\":{\"5\":1,\"10\":2}}],[\"prototypical\",{\"1\":{\"82\":1}}],[\"protection\",{\"0\":{\"39\":1}}],[\"protect\",{\"1\":{\"36\":1,\"134\":1,\"135\":1}}],[\"prokosch\",{\"1\":{\"26\":1}}],[\"productive\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"production\",{\"1\":{\"117\":1,\"136\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"303\":2,\"414\":1,\"428\":1,\"429\":2,\"431\":1,\"459\":1,\"470\":1,\"473\":1,\"493\":1,\"496\":1,\"519\":1,\"522\":1,\"546\":1,\"547\":2,\"564\":1,\"576\":1,\"577\":2,\"594\":1,\"606\":1,\"607\":2,\"624\":1,\"638\":1,\"652\":1,\"653\":2,\"670\":1,\"684\":1,\"698\":1,\"699\":2,\"716\":1,\"730\":1,\"744\":1,\"745\":2,\"762\":1,\"776\":1,\"790\":1,\"791\":2,\"793\":1,\"808\":1,\"822\":1,\"836\":1,\"837\":2,\"839\":1,\"854\":1,\"868\":1,\"882\":1,\"883\":2,\"885\":1,\"913\":1}}],[\"prod\",{\"1\":{\"20\":1,\"135\":4,\"289\":3,\"290\":5,\"300\":3,\"301\":5,\"303\":6,\"994\":2,\"1087\":2,\"2425\":2,\"2492\":2,\"2644\":2,\"2711\":2,\"2863\":2,\"2930\":2,\"3082\":2,\"3149\":2,\"3277\":2,\"3370\":2}}],[\"prozessplugins\",{\"0\":{\"20\":1}}],[\"prozessplugin\",{\"1\":{\"14\":1}}],[\"prozesses\",{\"1\":{\"17\":1}}],[\"prozesse\",{\"1\":{\"14\":1,\"15\":1}}],[\"prozessen\",{\"1\":{\"14\":1}}],[\"prozess\",{\"1\":{\"14\":1,\"17\":1}}],[\"projekte\",{\"1\":{\"14\":1}}],[\"projects\",{\"1\":{\"9\":1,\"79\":1,\"81\":2,\"116\":2,\"117\":1,\"127\":1,\"162\":1,\"395\":1,\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"project\",{\"0\":{\"5\":1,\"133\":1,\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1},\"1\":{\"12\":1,\"81\":1,\"83\":1,\"98\":1,\"116\":1,\"117\":2,\"118\":1,\"120\":1,\"129\":2,\"131\":1,\"134\":1,\"135\":1,\"331\":5,\"397\":1,\"408\":1,\"410\":1,\"411\":1,\"412\":1,\"413\":2,\"419\":1,\"632\":1,\"634\":1,\"635\":1,\"636\":1,\"637\":2,\"643\":1,\"678\":1,\"680\":1,\"681\":1,\"682\":1,\"683\":2,\"689\":1,\"724\":1,\"726\":1,\"727\":1,\"728\":1,\"729\":2,\"735\":1,\"770\":1,\"772\":1,\"773\":1,\"774\":1,\"775\":2,\"781\":1,\"816\":1,\"818\":1,\"819\":1,\"820\":1,\"821\":2,\"827\":1,\"862\":1,\"864\":1,\"865\":1,\"866\":1,\"867\":2,\"873\":1}}],[\"providing\",{\"1\":{\"8\":1,\"99\":1,\"129\":1,\"169\":1,\"347\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"provider\",{\"0\":{\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1},\"1\":{\"147\":2,\"453\":2,\"455\":2,\"907\":2,\"909\":2,\"1002\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":3,\"1009\":5,\"1010\":4,\"1011\":2,\"1012\":2,\"1013\":3,\"1014\":2,\"1025\":1,\"1026\":2,\"1027\":2,\"1095\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":3,\"1102\":5,\"1103\":4,\"1104\":2,\"1105\":2,\"1106\":3,\"1107\":2,\"1118\":1,\"1119\":1,\"1120\":2,\"1121\":2,\"1205\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":3,\"1212\":5,\"1213\":4,\"1214\":2,\"1215\":2,\"1216\":3,\"1217\":2,\"1273\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":3,\"1280\":5,\"1281\":4,\"1282\":2,\"1283\":2,\"1284\":3,\"1285\":2,\"1397\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":3,\"1404\":5,\"1405\":4,\"1406\":2,\"1407\":2,\"1408\":3,\"1409\":2,\"1420\":1,\"1421\":1,\"1422\":2,\"1423\":2,\"1445\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":3,\"1452\":5,\"1453\":4,\"1454\":2,\"1455\":2,\"1456\":3,\"1457\":2,\"1573\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":3,\"1580\":5,\"1581\":4,\"1582\":2,\"1583\":2,\"1584\":3,\"1585\":2,\"1596\":1,\"1597\":1,\"1598\":2,\"1599\":2,\"1622\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":3,\"1629\":5,\"1630\":4,\"1631\":2,\"1632\":2,\"1633\":3,\"1634\":2,\"1750\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":3,\"1757\":5,\"1758\":4,\"1759\":2,\"1760\":2,\"1761\":3,\"1762\":2,\"1773\":1,\"1774\":1,\"1775\":2,\"1776\":2,\"1799\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":3,\"1806\":5,\"1807\":4,\"1808\":2,\"1809\":2,\"1810\":3,\"1811\":2,\"1927\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":3,\"1934\":5,\"1935\":4,\"1936\":2,\"1937\":2,\"1938\":3,\"1939\":2,\"1950\":1,\"1951\":1,\"1952\":2,\"1953\":2,\"1976\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":3,\"1983\":5,\"1984\":4,\"1985\":2,\"1986\":2,\"1987\":3,\"1988\":2,\"2104\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":3,\"2111\":5,\"2112\":4,\"2113\":2,\"2114\":2,\"2115\":3,\"2116\":2,\"2127\":1,\"2128\":1,\"2129\":2,\"2130\":2,\"2153\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":3,\"2160\":5,\"2161\":4,\"2162\":2,\"2163\":2,\"2164\":3,\"2165\":2,\"2281\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":3,\"2288\":5,\"2289\":4,\"2290\":2,\"2291\":2,\"2292\":3,\"2293\":2,\"2304\":1,\"2305\":1,\"2306\":2,\"2307\":2,\"2340\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":3,\"2347\":5,\"2348\":4,\"2349\":2,\"2350\":2,\"2351\":3,\"2352\":2,\"2432\":1,\"2433\":2,\"2434\":2,\"2500\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":3,\"2507\":5,\"2508\":4,\"2509\":2,\"2510\":2,\"2511\":3,\"2512\":2,\"2523\":1,\"2524\":1,\"2525\":2,\"2526\":2,\"2559\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":3,\"2566\":5,\"2567\":4,\"2568\":2,\"2569\":2,\"2570\":3,\"2571\":2,\"2651\":1,\"2652\":2,\"2653\":2,\"2719\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":3,\"2726\":5,\"2727\":4,\"2728\":2,\"2729\":2,\"2730\":3,\"2731\":2,\"2742\":1,\"2743\":1,\"2744\":2,\"2745\":2,\"2778\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":3,\"2785\":5,\"2786\":4,\"2787\":2,\"2788\":2,\"2789\":3,\"2790\":2,\"2870\":1,\"2871\":2,\"2872\":2,\"2938\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":3,\"2945\":5,\"2946\":4,\"2947\":2,\"2948\":2,\"2949\":3,\"2950\":2,\"2961\":1,\"2962\":1,\"2963\":2,\"2964\":2,\"2997\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":3,\"3004\":5,\"3005\":4,\"3006\":2,\"3007\":2,\"3008\":3,\"3009\":2,\"3089\":1,\"3090\":2,\"3091\":2,\"3157\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":3,\"3164\":5,\"3165\":4,\"3166\":2,\"3167\":2,\"3168\":3,\"3169\":2,\"3180\":1,\"3181\":1,\"3182\":2,\"3183\":2,\"3285\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":3,\"3292\":5,\"3293\":4,\"3294\":2,\"3295\":2,\"3296\":3,\"3297\":2,\"3308\":1,\"3309\":2,\"3310\":2,\"3378\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":3,\"3385\":5,\"3386\":4,\"3387\":2,\"3388\":2,\"3389\":3,\"3390\":2,\"3401\":1,\"3402\":1,\"3403\":2,\"3404\":2}}],[\"providers\",{\"1\":{\"117\":1}}],[\"provides\",{\"1\":{\"91\":1,\"128\":1,\"920\":1,\"2327\":1,\"2546\":1,\"2765\":1,\"2984\":1,\"3203\":1}}],[\"provided\",{\"1\":{\"37\":2,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"286\":1,\"297\":1,\"304\":2,\"307\":2,\"310\":2,\"318\":1,\"346\":2,\"423\":1,\"466\":1,\"489\":1,\"515\":1,\"541\":1,\"571\":1,\"601\":1,\"647\":1,\"693\":1,\"739\":1,\"785\":1,\"831\":1,\"877\":1,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"provide\",{\"1\":{\"0\":1,\"37\":1,\"40\":1,\"98\":1,\"99\":2,\"102\":1,\"109\":1,\"117\":1,\"169\":2,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1,\"1004\":1,\"1097\":1,\"1207\":1,\"1275\":1,\"1399\":1,\"1447\":1,\"1575\":1,\"1624\":1,\"1752\":1,\"1801\":1,\"1929\":1,\"1978\":1,\"2106\":1,\"2155\":1,\"2283\":1,\"2342\":1,\"2502\":1,\"2561\":1,\"2721\":1,\"2780\":1,\"2940\":1,\"2999\":1,\"3159\":1,\"3287\":1,\"3380\":1}}],[\"provisioning\",{\"1\":{\"6\":1}}],[\"proven\",{\"1\":{\"5\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"mpc\",{\"1\":{\"290\":1,\"304\":2,\"307\":2}}],[\"mpi\",{\"0\":{\"152\":1,\"231\":1},\"1\":{\"99\":2,\"143\":1,\"152\":12,\"169\":2,\"231\":4,\"304\":3,\"307\":3,\"310\":3}}],[\"my\",{\"1\":{\"270\":1,\"428\":2,\"576\":2,\"606\":2,\"652\":2,\"698\":2,\"744\":2,\"790\":2,\"836\":2,\"882\":2,\"1032\":1,\"1126\":1,\"1257\":1,\"1428\":1,\"1604\":1,\"1781\":1,\"1958\":1,\"2135\":1,\"2312\":1,\"2439\":1,\"2531\":1,\"2658\":1,\"2750\":1,\"2877\":1,\"2969\":1,\"3096\":1,\"3188\":1,\"3315\":1,\"3409\":1}}],[\"m2\",{\"1\":{\"162\":1,\"398\":1}}],[\"mvn\",{\"1\":{\"133\":1,\"134\":1,\"135\":1,\"156\":1,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"mdat\",{\"1\":{\"99\":3,\"169\":3}}],[\"mödinger\",{\"1\":{\"26\":2,\"83\":1}}],[\"möchten\",{\"1\":{\"14\":1}}],[\"m\",{\"1\":{\"26\":9,\"283\":1,\"294\":1}}],[\"müssen\",{\"1\":{\"17\":1}}],[\"must\",{\"1\":{\"85\":1,\"95\":1,\"152\":1,\"153\":1,\"154\":1,\"277\":1,\"347\":1,\"371\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"1006\":1,\"1007\":1,\"1040\":1,\"1043\":1,\"1044\":1,\"1099\":1,\"1100\":1,\"1134\":1,\"1137\":1,\"1138\":1,\"1209\":1,\"1210\":1,\"1264\":1,\"1277\":1,\"1278\":1,\"1401\":1,\"1402\":1,\"1435\":1,\"1449\":1,\"1450\":1,\"1577\":1,\"1578\":1,\"1612\":1,\"1626\":1,\"1627\":1,\"1754\":1,\"1755\":1,\"1789\":1,\"1803\":1,\"1804\":1,\"1931\":1,\"1932\":1,\"1966\":1,\"1980\":1,\"1981\":1,\"2108\":1,\"2109\":1,\"2143\":1,\"2157\":1,\"2158\":1,\"2285\":1,\"2286\":1,\"2320\":1,\"2344\":1,\"2345\":1,\"2447\":1,\"2504\":1,\"2505\":1,\"2539\":1,\"2563\":1,\"2564\":1,\"2666\":1,\"2723\":1,\"2724\":1,\"2758\":1,\"2782\":1,\"2783\":1,\"2885\":1,\"2942\":1,\"2943\":1,\"2977\":1,\"3001\":1,\"3002\":1,\"3104\":1,\"3161\":1,\"3162\":1,\"3196\":1,\"3289\":1,\"3290\":1,\"3323\":1,\"3326\":1,\"3327\":1,\"3382\":1,\"3383\":1,\"3417\":1,\"3420\":1,\"3421\":1}}],[\"muss\",{\"1\":{\"16\":1}}],[\"much\",{\"1\":{\"78\":1,\"126\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"653\":1,\"669\":1,\"699\":1,\"715\":1,\"745\":1,\"761\":1,\"791\":1,\"807\":1,\"837\":1,\"853\":1,\"883\":1,\"899\":1}}],[\"multiline\",{\"1\":{\"160\":2}}],[\"multicatch\",{\"1\":{\"159\":2}}],[\"multi\",{\"1\":{\"26\":1,\"116\":1,\"117\":1,\"118\":1,\"141\":1,\"142\":1,\"333\":1,\"347\":1}}],[\"multiple\",{\"0\":{\"381\":1},\"1\":{\"0\":1,\"88\":1,\"98\":1,\"99\":1,\"117\":1,\"159\":5,\"169\":1,\"347\":1,\"383\":1,\"399\":1,\"451\":1,\"905\":1,\"920\":1,\"922\":1,\"1049\":1,\"1051\":1,\"1355\":1,\"1357\":1,\"1531\":1,\"1533\":1,\"1708\":1,\"1710\":1,\"1885\":1,\"1887\":1,\"2062\":1,\"2064\":1,\"2239\":1,\"2241\":1,\"2327\":1,\"2329\":1,\"2454\":1,\"2456\":1,\"2546\":1,\"2548\":1,\"2673\":1,\"2675\":1,\"2765\":1,\"2767\":1,\"2892\":1,\"2894\":1,\"2984\":1,\"2986\":1,\"3111\":1,\"3113\":1,\"3203\":1,\"3205\":1,\"3332\":1,\"3334\":1}}],[\"moving\",{\"1\":{\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"most\",{\"1\":{\"332\":1,\"395\":1,\"397\":1,\"399\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"mostly\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"mounts\",{\"1\":{\"451\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"905\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1}}],[\"mounted\",{\"1\":{\"448\":1,\"902\":1}}],[\"mount\",{\"1\":{\"304\":2,\"307\":2}}],[\"mod\",{\"1\":{\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1045\":1,\"1139\":1,\"1438\":1,\"1615\":1,\"1792\":1,\"1969\":1,\"2146\":1,\"2323\":1,\"2450\":1,\"2542\":1,\"2669\":1,\"2761\":1,\"2888\":1,\"2980\":1,\"3107\":1,\"3199\":1,\"3328\":1,\"3422\":1}}],[\"modifies\",{\"1\":{\"1045\":1,\"1139\":1,\"1438\":1,\"1615\":1,\"1792\":1,\"1969\":1,\"2146\":1,\"2323\":1,\"2450\":1,\"2542\":1,\"2669\":1,\"2761\":1,\"2888\":1,\"2980\":1,\"3107\":1,\"3199\":1,\"3328\":1,\"3422\":1}}],[\"modified\",{\"1\":{\"460\":1,\"914\":1,\"1025\":1,\"1118\":1,\"1420\":1,\"1596\":1,\"1773\":1,\"1950\":1,\"2127\":1,\"2304\":1,\"2432\":1,\"2523\":1,\"2651\":1,\"2742\":1,\"2870\":1,\"2961\":1,\"3089\":1,\"3180\":1,\"3308\":1,\"3401\":1}}],[\"modification\",{\"1\":{\"352\":1}}],[\"modify\",{\"0\":{\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1},\"1\":{\"218\":1,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":1,\"304\":3,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"329\":1,\"335\":1,\"364\":3,\"390\":4,\"433\":1,\"442\":2,\"443\":2,\"461\":1,\"462\":1,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"510\":1,\"511\":1,\"530\":2,\"531\":2,\"536\":1,\"537\":1,\"560\":2,\"561\":2,\"566\":1,\"567\":1,\"590\":2,\"591\":2,\"596\":1,\"597\":1,\"620\":2,\"621\":2,\"626\":1,\"627\":1,\"666\":2,\"667\":2,\"672\":1,\"673\":1,\"712\":2,\"713\":2,\"718\":1,\"719\":1,\"758\":2,\"759\":2,\"764\":1,\"765\":1,\"795\":1,\"804\":2,\"805\":2,\"810\":1,\"811\":1,\"841\":1,\"850\":2,\"851\":2,\"856\":1,\"857\":1,\"887\":1,\"896\":2,\"897\":2,\"915\":1,\"916\":1,\"969\":1,\"1020\":1,\"1113\":1,\"1179\":1,\"1223\":1,\"1291\":1,\"1330\":1,\"1415\":1,\"1463\":1,\"1502\":1,\"1591\":1,\"1640\":1,\"1679\":1,\"1768\":1,\"1817\":1,\"1856\":1,\"1945\":1,\"1994\":1,\"2033\":1,\"2122\":1,\"2171\":1,\"2210\":1,\"2299\":1,\"2358\":1,\"2400\":1,\"2518\":1,\"2577\":1,\"2619\":1,\"2737\":1,\"2796\":1,\"2838\":1,\"2956\":1,\"3015\":1,\"3057\":1,\"3175\":1,\"3252\":1,\"3303\":1,\"3396\":1}}],[\"modifying\",{\"0\":{\"373\":1},\"1\":{\"37\":1,\"99\":1,\"169\":1,\"302\":1,\"305\":1,\"308\":1,\"311\":1,\"314\":1,\"349\":1,\"352\":1,\"369\":1,\"452\":1,\"454\":1,\"460\":1,\"509\":1,\"535\":1,\"565\":1,\"595\":1,\"625\":1,\"671\":1,\"717\":1,\"763\":1,\"809\":1,\"855\":1,\"906\":1,\"908\":1,\"914\":1}}],[\"mode\",{\"1\":{\"170\":2}}],[\"modeling\",{\"1\":{\"402\":1}}],[\"modeled\",{\"1\":{\"323\":1,\"354\":1,\"371\":1}}],[\"modeler\",{\"1\":{\"103\":1,\"319\":1,\"394\":1,\"402\":2}}],[\"modelling\",{\"1\":{\"96\":2}}],[\"models\",{\"1\":{\"78\":1,\"94\":1,\"96\":1,\"98\":1,\"102\":1,\"103\":1,\"331\":2}}],[\"model\",{\"1\":{\"74\":1,\"95\":1,\"96\":2,\"103\":2,\"127\":1,\"332\":1,\"334\":1,\"335\":1,\"347\":2,\"364\":1,\"371\":1,\"374\":1}}],[\"module\",{\"1\":{\"81\":2,\"152\":3,\"153\":3,\"154\":2,\"159\":1,\"332\":2,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"modul\",{\"1\":{\"14\":1}}],[\"more\",{\"0\":{\"68\":1},\"1\":{\"30\":1,\"38\":1,\"42\":1,\"43\":1,\"44\":1,\"45\":1,\"46\":1,\"47\":1,\"48\":1,\"49\":1,\"50\":1,\"51\":1,\"52\":1,\"53\":1,\"54\":1,\"55\":1,\"56\":1,\"57\":1,\"58\":1,\"59\":1,\"60\":1,\"61\":1,\"62\":1,\"63\":1,\"64\":1,\"65\":1,\"66\":1,\"67\":1,\"74\":1,\"78\":1,\"89\":1,\"90\":1,\"91\":1,\"92\":1,\"96\":1,\"99\":1,\"109\":1,\"110\":1,\"112\":1,\"113\":1,\"126\":1,\"130\":1,\"162\":1,\"163\":1,\"169\":1,\"205\":1,\"228\":1,\"249\":1,\"284\":1,\"295\":1,\"319\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"347\":1,\"373\":1,\"405\":1,\"412\":1,\"415\":2,\"417\":3,\"419\":1,\"430\":1,\"439\":1,\"445\":1,\"460\":1,\"478\":1,\"484\":1,\"501\":1,\"507\":1,\"527\":1,\"533\":1,\"557\":1,\"563\":1,\"587\":1,\"593\":1,\"617\":1,\"623\":1,\"629\":1,\"636\":1,\"639\":2,\"641\":3,\"643\":1,\"663\":1,\"669\":1,\"675\":1,\"682\":1,\"685\":2,\"687\":3,\"689\":1,\"709\":1,\"715\":1,\"721\":1,\"728\":1,\"731\":2,\"733\":3,\"735\":1,\"755\":1,\"761\":1,\"767\":1,\"774\":1,\"777\":2,\"779\":3,\"781\":1,\"792\":1,\"801\":1,\"807\":1,\"813\":1,\"820\":1,\"823\":2,\"825\":3,\"827\":1,\"838\":1,\"847\":1,\"853\":1,\"859\":1,\"866\":1,\"869\":2,\"871\":3,\"873\":1,\"884\":1,\"893\":1,\"899\":1,\"914\":1,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1064\":1,\"1106\":1,\"1108\":1,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3347\":1,\"3389\":1,\"3391\":1}}],[\"monitoring\",{\"1\":{\"26\":1}}],[\"montags\",{\"1\":{\"14\":1,\"41\":1}}],[\"mar\",{\"1\":{\"457\":4,\"911\":4}}],[\"marks\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"marketplace\",{\"1\":{\"430\":2,\"431\":1,\"792\":2,\"793\":1,\"838\":2,\"839\":1,\"884\":2,\"885\":1}}],[\"markdown\",{\"1\":{\"346\":1}}],[\"martin\",{\"1\":{\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"match\",{\"1\":{\"359\":1,\"360\":1,\"385\":1,\"386\":1,\"924\":1,\"928\":2,\"995\":1,\"1053\":1,\"1056\":1,\"1057\":2,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1359\":1,\"1362\":1,\"1363\":2,\"1390\":1,\"1524\":1,\"1535\":1,\"1538\":1,\"1539\":2,\"1566\":1,\"1701\":1,\"1712\":1,\"1715\":1,\"1716\":2,\"1743\":1,\"1878\":1,\"1889\":1,\"1892\":1,\"1893\":2,\"1920\":1,\"2055\":1,\"2066\":1,\"2069\":1,\"2070\":2,\"2097\":1,\"2232\":1,\"2243\":1,\"2246\":1,\"2247\":2,\"2274\":1,\"2331\":1,\"2335\":2,\"2426\":1,\"2458\":1,\"2461\":1,\"2462\":2,\"2493\":1,\"2550\":1,\"2554\":2,\"2645\":1,\"2677\":1,\"2680\":1,\"2681\":2,\"2712\":1,\"2769\":1,\"2773\":2,\"2864\":1,\"2896\":1,\"2899\":1,\"2900\":2,\"2931\":1,\"2988\":1,\"2992\":2,\"3083\":1,\"3115\":1,\"3118\":1,\"3119\":2,\"3150\":1,\"3207\":1,\"3211\":2,\"3278\":1,\"3336\":1,\"3339\":1,\"3340\":2,\"3371\":1}}],[\"matching\",{\"0\":{\"383\":1,\"921\":1,\"1050\":1,\"1356\":1,\"1532\":1,\"1709\":1,\"1886\":1,\"2063\":1,\"2240\":1,\"2328\":1,\"2455\":1,\"2547\":1,\"2674\":1,\"2766\":1,\"2893\":1,\"2985\":1,\"3112\":1,\"3204\":1,\"3333\":1},\"1\":{\"356\":1,\"361\":1,\"362\":1,\"387\":1,\"388\":1,\"920\":2,\"1049\":2,\"1355\":2,\"1531\":2,\"1708\":2,\"1885\":2,\"2062\":2,\"2239\":2,\"2327\":2,\"2454\":2,\"2546\":2,\"2673\":2,\"2765\":2,\"2892\":2,\"2984\":2,\"3111\":2,\"3203\":2,\"3332\":2}}],[\"matched\",{\"1\":{\"921\":1,\"923\":3,\"925\":1,\"928\":2,\"995\":1,\"1050\":1,\"1052\":3,\"1054\":1,\"1057\":2,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1356\":1,\"1358\":3,\"1360\":1,\"1363\":2,\"1390\":1,\"1524\":1,\"1532\":1,\"1534\":3,\"1536\":1,\"1539\":2,\"1566\":1,\"1701\":1,\"1709\":1,\"1711\":3,\"1713\":1,\"1716\":2,\"1743\":1,\"1878\":1,\"1886\":1,\"1888\":3,\"1890\":1,\"1893\":2,\"1920\":1,\"2055\":1,\"2063\":1,\"2065\":3,\"2067\":1,\"2070\":2,\"2097\":1,\"2232\":1,\"2240\":1,\"2242\":3,\"2244\":1,\"2247\":2,\"2274\":1,\"2328\":1,\"2330\":3,\"2332\":1,\"2335\":2,\"2426\":1,\"2455\":1,\"2457\":3,\"2459\":1,\"2462\":2,\"2493\":1,\"2547\":1,\"2549\":3,\"2551\":1,\"2554\":2,\"2645\":1,\"2674\":1,\"2676\":3,\"2678\":1,\"2681\":2,\"2712\":1,\"2766\":1,\"2768\":3,\"2770\":1,\"2773\":2,\"2864\":1,\"2893\":1,\"2895\":3,\"2897\":1,\"2900\":2,\"2931\":1,\"2985\":1,\"2987\":3,\"2989\":1,\"2992\":2,\"3083\":1,\"3112\":1,\"3114\":3,\"3116\":1,\"3119\":2,\"3150\":1,\"3204\":1,\"3206\":3,\"3208\":1,\"3211\":2,\"3278\":1,\"3333\":1,\"3335\":3,\"3337\":1,\"3340\":2,\"3371\":1}}],[\"matches\",{\"1\":{\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"922\":1,\"1051\":1,\"1357\":1,\"1533\":1,\"1710\":1,\"1887\":1,\"2064\":1,\"2241\":1,\"2329\":1,\"2456\":1,\"2548\":1,\"2675\":1,\"2767\":1,\"2894\":1,\"2986\":1,\"3113\":1,\"3205\":1,\"3334\":1}}],[\"matcherfactory\",{\"1\":{\"147\":1}}],[\"maxpoolsize\",{\"0\":{\"983\":1,\"1516\":1,\"1693\":1,\"1870\":1,\"2047\":1,\"2224\":1,\"2414\":1,\"2633\":1,\"2852\":1,\"3071\":1,\"3266\":1},\"1\":{\"983\":1,\"1516\":1,\"1693\":1,\"1870\":1,\"2047\":1,\"2224\":1,\"2414\":1,\"2633\":1,\"2852\":1,\"3071\":1,\"3266\":1}}],[\"maximum\",{\"1\":{\"341\":1}}],[\"maximilian\",{\"1\":{\"14\":1,\"83\":1}}],[\"max\",{\"0\":{\"209\":1,\"234\":1,\"960\":1,\"986\":1,\"1170\":1,\"1193\":1,\"1321\":1,\"1344\":1,\"1493\":1,\"1519\":1,\"1670\":1,\"1696\":1,\"1847\":1,\"1873\":1,\"2024\":1,\"2050\":1,\"2201\":1,\"2227\":1,\"2391\":1,\"2417\":1,\"2610\":1,\"2636\":1,\"2829\":1,\"2855\":1,\"3048\":1,\"3074\":1,\"3243\":1,\"3269\":1},\"1\":{\"209\":1,\"234\":1,\"960\":1,\"983\":2,\"986\":1,\"1170\":1,\"1193\":1,\"1321\":1,\"1344\":1,\"1493\":1,\"1516\":2,\"1519\":1,\"1670\":1,\"1693\":2,\"1696\":1,\"1847\":1,\"1870\":2,\"1873\":1,\"2024\":1,\"2047\":2,\"2050\":1,\"2201\":1,\"2224\":2,\"2227\":1,\"2391\":1,\"2414\":2,\"2417\":1,\"2610\":1,\"2633\":2,\"2636\":1,\"2829\":1,\"2852\":2,\"2855\":1,\"3048\":1,\"3071\":2,\"3074\":1,\"3243\":1,\"3266\":2,\"3269\":1}}],[\"map\",{\"1\":{\"170\":1}}],[\"mac\",{\"1\":{\"395\":1,\"400\":1}}],[\"macos\",{\"1\":{\"137\":2}}],[\"machines\",{\"0\":{\"282\":1,\"293\":1,\"436\":1,\"475\":1,\"498\":1,\"524\":1,\"554\":1,\"584\":1,\"614\":1,\"660\":1,\"706\":1,\"752\":1,\"798\":1,\"844\":1,\"890\":1}}],[\"machine\",{\"1\":{\"134\":1,\"135\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2}}],[\"machbarkeit\",{\"1\":{\"14\":1}}],[\"maven\",{\"0\":{\"161\":1,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1,\"397\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1},\"1\":{\"133\":1,\"134\":2,\"135\":2,\"141\":2,\"142\":1,\"143\":1,\"156\":1,\"162\":6,\"163\":1,\"319\":1,\"331\":1,\"337\":1,\"338\":2,\"346\":1,\"351\":1,\"352\":1,\"366\":1,\"367\":2,\"376\":1,\"377\":1,\"392\":1,\"393\":2,\"394\":1,\"397\":3,\"398\":4,\"407\":1,\"413\":2,\"631\":1,\"637\":2,\"677\":1,\"683\":2,\"723\":1,\"729\":2,\"769\":1,\"775\":2,\"815\":1,\"821\":2,\"861\":1,\"867\":2}}],[\"made\",{\"1\":{\"126\":1,\"177\":1,\"236\":1,\"253\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1,\"934\":1,\"988\":1,\"1070\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3217\":1,\"3271\":1,\"3353\":1}}],[\"masterpatientindexclientstubfactory\",{\"1\":{\"231\":1}}],[\"masterpatientindexclient\",{\"1\":{\"152\":1}}],[\"masterpatientindexclientpdqfactory\",{\"1\":{\"152\":1}}],[\"masterpatientindexclientfactory\",{\"1\":{\"152\":3}}],[\"master\",{\"1\":{\"99\":1,\"152\":1,\"157\":4,\"169\":1,\"231\":1}}],[\"makers\",{\"1\":{\"118\":1}}],[\"makes\",{\"1\":{\"95\":1}}],[\"make\",{\"1\":{\"85\":1,\"102\":1,\"134\":1,\"135\":1,\"304\":3,\"307\":3,\"310\":1,\"338\":1,\"390\":1,\"404\":1,\"411\":1,\"417\":2,\"418\":1,\"433\":1,\"628\":1,\"635\":1,\"641\":2,\"642\":1,\"674\":1,\"681\":1,\"687\":2,\"688\":1,\"720\":1,\"727\":1,\"733\":2,\"734\":1,\"766\":1,\"773\":1,\"779\":2,\"780\":1,\"795\":1,\"812\":1,\"819\":1,\"825\":2,\"826\":1,\"841\":1,\"858\":1,\"865\":1,\"871\":2,\"872\":1,\"887\":1}}],[\"making\",{\"1\":{\"38\":1,\"98\":1}}],[\"major\",{\"1\":{\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2}}],[\"mandatory\",{\"1\":{\"347\":1,\"383\":1}}],[\"mandatorily\",{\"1\":{\"95\":1}}],[\"manually\",{\"1\":{\"356\":1}}],[\"manual\",{\"0\":{\"134\":1,\"135\":1,\"137\":1,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1},\"1\":{\"138\":1,\"141\":1,\"142\":1,\"434\":3,\"459\":1,\"473\":3,\"496\":3,\"522\":3,\"552\":3,\"564\":1,\"582\":3,\"594\":1,\"612\":3,\"624\":1,\"658\":3,\"670\":1,\"704\":3,\"716\":1,\"750\":3,\"762\":1,\"796\":3,\"808\":1,\"842\":3,\"854\":1,\"888\":3,\"913\":1}}],[\"managing\",{\"0\":{\"381\":1},\"1\":{\"415\":1,\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"639\":1,\"653\":1,\"685\":1,\"699\":1,\"731\":1,\"745\":1,\"777\":1,\"791\":1,\"823\":1,\"837\":1,\"869\":1,\"883\":1}}],[\"managment\",{\"0\":{\"86\":1}}],[\"managed\",{\"1\":{\"427\":1,\"460\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1,\"914\":1}}],[\"manage\",{\"1\":{\"397\":1}}],[\"managers\",{\"1\":{\"117\":1}}],[\"manages\",{\"1\":{\"79\":1}}],[\"management\",{\"0\":{\"426\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"834\":1,\"880\":1},\"1\":{\"14\":2,\"16\":1,\"26\":1,\"81\":1,\"98\":1,\"129\":1,\"413\":1,\"425\":1,\"427\":2,\"429\":2,\"468\":1,\"469\":1,\"470\":3,\"472\":1,\"491\":1,\"492\":1,\"493\":3,\"495\":1,\"517\":1,\"518\":1,\"519\":3,\"521\":1,\"543\":1,\"544\":1,\"545\":2,\"547\":4,\"573\":1,\"574\":1,\"575\":2,\"577\":2,\"603\":1,\"604\":1,\"605\":2,\"607\":2,\"637\":1,\"649\":1,\"650\":1,\"651\":2,\"653\":2,\"683\":1,\"695\":1,\"696\":1,\"697\":2,\"699\":2,\"729\":1,\"741\":1,\"742\":1,\"743\":2,\"745\":2,\"775\":1,\"787\":1,\"788\":1,\"789\":2,\"791\":2,\"821\":1,\"833\":1,\"835\":2,\"837\":2,\"867\":1,\"879\":1,\"881\":2,\"883\":2}}],[\"many\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"670\":2,\"716\":2,\"762\":2,\"808\":2,\"854\":2,\"913\":2}}],[\"manner\",{\"1\":{\"38\":1}}],[\"main\",{\"0\":{\"332\":1},\"1\":{\"85\":1,\"139\":1,\"141\":5,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"331\":2,\"332\":1,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1,\"408\":1,\"442\":1,\"462\":2,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"511\":2,\"530\":1,\"531\":1,\"537\":2,\"560\":1,\"561\":1,\"567\":2,\"590\":1,\"597\":2,\"620\":1,\"627\":2,\"632\":1,\"666\":1,\"673\":2,\"678\":1,\"712\":1,\"719\":2,\"724\":1,\"758\":1,\"765\":2,\"770\":1,\"804\":1,\"811\":2,\"816\":1,\"850\":1,\"857\":2,\"862\":1,\"896\":1,\"916\":2}}],[\"maintaining\",{\"1\":{\"10\":1,\"117\":1}}],[\"maintain\",{\"0\":{\"424\":1,\"467\":1,\"490\":1,\"516\":1,\"542\":1,\"572\":1,\"602\":1,\"648\":1,\"694\":1,\"740\":1,\"786\":1,\"832\":1,\"878\":1},\"1\":{\"5\":1,\"37\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"mailonerrorlogeventdebugloglocation\",{\"0\":{\"218\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1},\"1\":{\"218\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1}}],[\"mailonerrorlogeventbuffersize\",{\"0\":{\"217\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1},\"1\":{\"217\":1,\"968\":1,\"1178\":1,\"1329\":1,\"1501\":1,\"1678\":1,\"1855\":1,\"2032\":1,\"2209\":1,\"2399\":1,\"2618\":1,\"2837\":1,\"3056\":1,\"3251\":1}}],[\"mailbox\",{\"1\":{\"88\":1,\"89\":2}}],[\"mail\",{\"0\":{\"212\":1,\"213\":1,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":2,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"963\":1,\"964\":1,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":2,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":2,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":2,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":2,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":2,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":2,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":2,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":2,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":2,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":2,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":2,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":2,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":2,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1},\"1\":{\"37\":1,\"71\":1,\"73\":1,\"212\":2,\"213\":4,\"214\":2,\"215\":2,\"216\":1,\"217\":2,\"218\":2,\"219\":3,\"220\":1,\"221\":2,\"222\":1,\"223\":2,\"224\":1,\"225\":2,\"226\":2,\"227\":2,\"228\":2,\"229\":2,\"230\":1,\"428\":1,\"455\":2,\"470\":1,\"471\":1,\"493\":1,\"494\":1,\"519\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"836\":1,\"882\":1,\"909\":2,\"923\":2,\"928\":2,\"963\":2,\"964\":4,\"965\":2,\"966\":2,\"967\":1,\"968\":2,\"969\":2,\"970\":3,\"971\":1,\"972\":2,\"973\":1,\"974\":2,\"975\":1,\"976\":2,\"977\":2,\"978\":2,\"979\":2,\"980\":2,\"981\":1,\"1052\":2,\"1057\":2,\"1173\":2,\"1174\":4,\"1175\":2,\"1176\":2,\"1177\":1,\"1178\":2,\"1179\":2,\"1180\":3,\"1181\":1,\"1182\":2,\"1183\":1,\"1184\":2,\"1185\":1,\"1186\":2,\"1187\":2,\"1188\":2,\"1189\":2,\"1190\":2,\"1191\":1,\"1324\":2,\"1325\":4,\"1326\":2,\"1327\":2,\"1328\":1,\"1329\":2,\"1330\":2,\"1331\":3,\"1332\":1,\"1333\":2,\"1334\":1,\"1335\":2,\"1336\":1,\"1337\":2,\"1338\":2,\"1339\":2,\"1340\":2,\"1341\":2,\"1342\":1,\"1358\":2,\"1363\":2,\"1496\":2,\"1497\":4,\"1498\":2,\"1499\":2,\"1500\":1,\"1501\":2,\"1502\":2,\"1503\":3,\"1504\":1,\"1505\":2,\"1506\":1,\"1507\":2,\"1508\":1,\"1509\":2,\"1510\":2,\"1511\":2,\"1512\":2,\"1513\":2,\"1514\":1,\"1534\":2,\"1539\":2,\"1673\":2,\"1674\":4,\"1675\":2,\"1676\":2,\"1677\":1,\"1678\":2,\"1679\":2,\"1680\":3,\"1681\":1,\"1682\":2,\"1683\":1,\"1684\":2,\"1685\":1,\"1686\":2,\"1687\":2,\"1688\":2,\"1689\":2,\"1690\":2,\"1691\":1,\"1711\":2,\"1716\":2,\"1850\":2,\"1851\":4,\"1852\":2,\"1853\":2,\"1854\":1,\"1855\":2,\"1856\":2,\"1857\":3,\"1858\":1,\"1859\":2,\"1860\":1,\"1861\":2,\"1862\":1,\"1863\":2,\"1864\":2,\"1865\":2,\"1866\":2,\"1867\":2,\"1868\":1,\"1888\":2,\"1893\":2,\"2027\":2,\"2028\":4,\"2029\":2,\"2030\":2,\"2031\":1,\"2032\":2,\"2033\":2,\"2034\":3,\"2035\":1,\"2036\":2,\"2037\":1,\"2038\":2,\"2039\":1,\"2040\":2,\"2041\":2,\"2042\":2,\"2043\":2,\"2044\":2,\"2045\":1,\"2065\":2,\"2070\":2,\"2204\":2,\"2205\":4,\"2206\":2,\"2207\":2,\"2208\":1,\"2209\":2,\"2210\":2,\"2211\":3,\"2212\":1,\"2213\":2,\"2214\":1,\"2215\":2,\"2216\":1,\"2217\":2,\"2218\":2,\"2219\":2,\"2220\":2,\"2221\":2,\"2222\":1,\"2242\":2,\"2247\":2,\"2330\":2,\"2335\":2,\"2394\":2,\"2395\":4,\"2396\":2,\"2397\":2,\"2398\":1,\"2399\":2,\"2400\":2,\"2401\":3,\"2402\":1,\"2403\":2,\"2404\":1,\"2405\":2,\"2406\":1,\"2407\":2,\"2408\":2,\"2409\":2,\"2410\":2,\"2411\":2,\"2412\":1,\"2457\":2,\"2462\":2,\"2549\":2,\"2554\":2,\"2613\":2,\"2614\":4,\"2615\":2,\"2616\":2,\"2617\":1,\"2618\":2,\"2619\":2,\"2620\":3,\"2621\":1,\"2622\":2,\"2623\":1,\"2624\":2,\"2625\":1,\"2626\":2,\"2627\":2,\"2628\":2,\"2629\":2,\"2630\":2,\"2631\":1,\"2676\":2,\"2681\":2,\"2768\":2,\"2773\":2,\"2832\":2,\"2833\":4,\"2834\":2,\"2835\":2,\"2836\":1,\"2837\":2,\"2838\":2,\"2839\":3,\"2840\":1,\"2841\":2,\"2842\":1,\"2843\":2,\"2844\":1,\"2845\":2,\"2846\":2,\"2847\":2,\"2848\":2,\"2849\":2,\"2850\":1,\"2895\":2,\"2900\":2,\"2987\":2,\"2992\":2,\"3051\":2,\"3052\":4,\"3053\":2,\"3054\":2,\"3055\":1,\"3056\":2,\"3057\":2,\"3058\":3,\"3059\":1,\"3060\":2,\"3061\":1,\"3062\":2,\"3063\":1,\"3064\":2,\"3065\":2,\"3066\":2,\"3067\":2,\"3068\":2,\"3069\":1,\"3114\":2,\"3119\":2,\"3206\":2,\"3211\":2,\"3246\":2,\"3247\":4,\"3248\":2,\"3249\":2,\"3250\":1,\"3251\":2,\"3252\":2,\"3253\":3,\"3254\":1,\"3255\":2,\"3256\":1,\"3257\":2,\"3258\":1,\"3259\":2,\"3260\":2,\"3261\":2,\"3262\":2,\"3263\":2,\"3264\":1,\"3335\":2,\"3340\":2}}],[\"mails\",{\"1\":{\"37\":1,\"40\":1,\"217\":1,\"218\":1,\"222\":1,\"224\":1,\"968\":1,\"969\":1,\"973\":1,\"975\":1,\"1178\":1,\"1179\":1,\"1183\":1,\"1185\":1,\"1329\":1,\"1330\":1,\"1334\":1,\"1336\":1,\"1501\":1,\"1502\":1,\"1506\":1,\"1508\":1,\"1678\":1,\"1679\":1,\"1683\":1,\"1685\":1,\"1855\":1,\"1856\":1,\"1860\":1,\"1862\":1,\"2032\":1,\"2033\":1,\"2037\":1,\"2039\":1,\"2209\":1,\"2210\":1,\"2214\":1,\"2216\":1,\"2399\":1,\"2400\":1,\"2404\":1,\"2406\":1,\"2618\":1,\"2619\":1,\"2623\":1,\"2625\":1,\"2837\":1,\"2838\":1,\"2842\":1,\"2844\":1,\"3056\":1,\"3057\":1,\"3061\":1,\"3063\":1,\"3251\":1,\"3252\":1,\"3256\":1,\"3258\":1}}],[\"may\",{\"0\":{\"115\":1},\"1\":{\"1\":1,\"95\":1,\"186\":1,\"381\":1,\"413\":1,\"452\":1,\"454\":1,\"457\":5,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1,\"906\":1,\"908\":1,\"911\":5,\"941\":1,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"1041\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1135\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3324\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3418\":1}}],[\"mention\",{\"1\":{\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"mentioned\",{\"1\":{\"89\":1,\"97\":1,\"456\":1,\"910\":1}}],[\"meta>\",{\"1\":{\"348\":1}}],[\"metadata\",{\"1\":{\"348\":1}}],[\"meta\",{\"1\":{\"152\":1,\"153\":1,\"332\":1,\"348\":1}}],[\"metaphor\",{\"1\":{\"88\":1}}],[\"methods\",{\"1\":{\"147\":1,\"149\":1,\"150\":1,\"333\":1,\"348\":1}}],[\"method\",{\"1\":{\"147\":4,\"148\":2,\"149\":2,\"150\":1,\"152\":1,\"153\":1,\"154\":4,\"159\":27,\"160\":3,\"335\":1,\"338\":1,\"342\":2,\"352\":1,\"367\":1,\"373\":1,\"377\":1,\"393\":1,\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"meets\",{\"1\":{\"109\":1}}],[\"messaging\",{\"1\":{\"347\":1}}],[\"messagename\",{\"1\":{\"364\":1,\"390\":1}}],[\"messages\",{\"0\":{\"381\":1},\"1\":{\"106\":1,\"130\":1,\"184\":1,\"185\":1,\"217\":1,\"943\":1,\"944\":1,\"968\":1,\"1154\":1,\"1155\":1,\"1178\":1,\"1305\":1,\"1306\":1,\"1329\":1,\"1477\":1,\"1478\":1,\"1501\":1,\"1654\":1,\"1655\":1,\"1678\":1,\"1831\":1,\"1832\":1,\"1855\":1,\"2008\":1,\"2009\":1,\"2032\":1,\"2185\":1,\"2186\":1,\"2209\":1,\"2374\":1,\"2375\":1,\"2399\":1,\"2593\":1,\"2594\":1,\"2618\":1,\"2812\":1,\"2813\":1,\"2837\":1,\"3031\":1,\"3032\":1,\"3056\":1,\"3226\":1,\"3227\":1,\"3251\":1}}],[\"messageevents\",{\"1\":{\"97\":1}}],[\"message\",{\"0\":{\"184\":1,\"185\":1,\"186\":1,\"323\":1,\"353\":1,\"354\":1,\"356\":1,\"359\":1,\"385\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1},\"1\":{\"97\":6,\"106\":3,\"107\":3,\"184\":1,\"185\":1,\"186\":1,\"290\":1,\"301\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"323\":1,\"325\":2,\"332\":1,\"334\":1,\"335\":2,\"338\":5,\"347\":5,\"349\":2,\"352\":5,\"354\":2,\"356\":8,\"359\":4,\"363\":2,\"364\":10,\"367\":2,\"379\":3,\"381\":4,\"383\":3,\"385\":4,\"389\":2,\"390\":7,\"393\":7,\"443\":1,\"462\":2,\"482\":1,\"505\":1,\"511\":2,\"531\":1,\"537\":2,\"561\":1,\"567\":2,\"591\":1,\"597\":2,\"621\":1,\"627\":2,\"667\":1,\"673\":2,\"713\":1,\"719\":2,\"759\":1,\"765\":2,\"805\":1,\"811\":2,\"851\":1,\"857\":2,\"897\":1,\"916\":2,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"mesh\",{\"1\":{\"91\":2}}],[\"meantime\",{\"1\":{\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"meaningful\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"meaning\",{\"1\":{\"347\":1}}],[\"means\",{\"1\":{\"89\":1,\"95\":1,\"97\":1,\"102\":1,\"109\":1,\"154\":1,\"209\":1,\"234\":1,\"960\":1,\"986\":1,\"990\":1,\"1170\":1,\"1193\":1,\"1321\":1,\"1344\":1,\"1493\":1,\"1519\":1,\"1523\":1,\"1670\":1,\"1696\":1,\"1700\":1,\"1847\":1,\"1873\":1,\"1877\":1,\"2024\":1,\"2050\":1,\"2054\":1,\"2201\":1,\"2227\":1,\"2231\":1,\"2391\":1,\"2417\":1,\"2421\":1,\"2610\":1,\"2636\":1,\"2640\":1,\"2829\":1,\"2855\":1,\"2859\":1,\"3048\":1,\"3074\":1,\"3078\":1,\"3243\":1,\"3269\":1,\"3273\":1}}],[\"measurereport\",{\"1\":{\"97\":1}}],[\"measure\",{\"1\":{\"97\":1}}],[\"mechanism\",{\"1\":{\"90\":1,\"332\":1}}],[\"mechanisms\",{\"1\":{\"33\":1}}],[\"members\",{\"1\":{\"116\":1,\"118\":1,\"159\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"member\",{\"1\":{\"85\":1,\"159\":3,\"280\":1,\"291\":1,\"346\":1,\"414\":1,\"473\":1,\"496\":1,\"522\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"memorial\",{\"1\":{\"1\":2}}],[\"melden\",{\"1\":{\"22\":1}}],[\"medics\",{\"0\":{\"137\":1}}],[\"medic\",{\"1\":{\"78\":1}}],[\"medicine\",{\"0\":{\"129\":1},\"1\":{\"26\":1,\"77\":2,\"79\":1,\"81\":1,\"124\":1,\"129\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"medical\",{\"0\":{\"78\":1,\"81\":1},\"1\":{\"0\":1,\"1\":2,\"6\":1,\"26\":1,\"29\":1,\"78\":3,\"79\":1,\"81\":1,\"82\":2,\"89\":1,\"90\":2,\"91\":1,\"94\":1,\"98\":5,\"99\":1,\"116\":1,\"117\":2,\"118\":1,\"120\":1,\"127\":3,\"169\":1,\"174\":1,\"232\":1,\"238\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"medizininformatik\",{\"1\":{\"17\":1,\"116\":1,\"433\":1,\"550\":2,\"580\":2,\"610\":3,\"656\":3,\"702\":3,\"748\":4,\"795\":1,\"841\":1,\"887\":1}}],[\"merging\",{\"1\":{\"6\":1,\"127\":1}}],[\"merged\",{\"1\":{\"157\":3,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"merge\",{\"1\":{\"0\":1,\"98\":1,\"141\":3,\"157\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"migration\",{\"1\":{\"930\":2,\"1066\":2,\"1143\":2,\"1234\":2,\"1294\":2,\"1372\":2,\"1466\":2,\"1548\":2,\"1643\":2,\"1725\":2,\"1820\":2,\"1902\":2,\"1997\":2,\"2079\":2,\"2174\":2,\"2256\":2,\"2361\":2,\"2471\":2,\"2580\":2,\"2690\":2,\"2799\":2,\"2909\":2,\"3018\":2,\"3128\":2,\"3213\":2,\"3349\":2}}],[\"migrations\",{\"1\":{\"175\":1,\"176\":1,\"251\":1,\"252\":1,\"932\":1,\"933\":1,\"1068\":1,\"1069\":1,\"1145\":1,\"1146\":1,\"1236\":1,\"1237\":1,\"1296\":1,\"1297\":1,\"1374\":1,\"1375\":1,\"1468\":1,\"1469\":1,\"1550\":1,\"1551\":1,\"1645\":1,\"1646\":1,\"1727\":1,\"1728\":1,\"1822\":1,\"1823\":1,\"1904\":1,\"1905\":1,\"1999\":1,\"2000\":1,\"2081\":1,\"2082\":1,\"2176\":1,\"2177\":1,\"2258\":1,\"2259\":1,\"2363\":1,\"2364\":1,\"2473\":1,\"2474\":1,\"2582\":1,\"2583\":1,\"2692\":1,\"2693\":1,\"2801\":1,\"2802\":1,\"2911\":1,\"2912\":1,\"3020\":1,\"3021\":1,\"3130\":1,\"3131\":1,\"3215\":1,\"3216\":1,\"3351\":1,\"3352\":1}}],[\"migrate\",{\"1\":{\"509\":1,\"535\":1,\"565\":2,\"595\":1,\"625\":1,\"671\":1,\"717\":1,\"763\":1,\"809\":1}}],[\"might\",{\"1\":{\"283\":1,\"294\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"minor\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"minutes\",{\"1\":{\"390\":1,\"393\":1,\"931\":2,\"1067\":2,\"1144\":2,\"1235\":2,\"1295\":2,\"1373\":2,\"1467\":2,\"1549\":2,\"1644\":2,\"1726\":2,\"1821\":2,\"1903\":2,\"1998\":2,\"2080\":2,\"2175\":2,\"2257\":2,\"2362\":2,\"2472\":2,\"2581\":2,\"2691\":2,\"2800\":2,\"2910\":2,\"3019\":2,\"3129\":2,\"3214\":2,\"3350\":2}}],[\"minimal\",{\"1\":{\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"minimum\",{\"1\":{\"319\":1,\"341\":1,\"394\":1,\"403\":1}}],[\"ministry\",{\"1\":{\"0\":1,\"6\":1,\"98\":2,\"116\":1,\"126\":1}}],[\"min\",{\"1\":{\"282\":2,\"289\":3,\"290\":3,\"293\":2,\"300\":3,\"301\":3,\"436\":2,\"442\":3,\"443\":3,\"475\":2,\"481\":3,\"482\":3,\"498\":2,\"504\":3,\"505\":3,\"524\":2,\"530\":3,\"531\":3,\"554\":2,\"560\":3,\"561\":3,\"584\":2,\"590\":3,\"591\":3,\"614\":2,\"620\":3,\"621\":3,\"660\":2,\"666\":3,\"667\":3,\"706\":2,\"712\":3,\"713\":3,\"752\":2,\"758\":3,\"759\":3,\"798\":2,\"804\":3,\"805\":3,\"844\":2,\"850\":3,\"851\":3,\"890\":2,\"896\":3,\"897\":3}}],[\"mimie\",{\"1\":{\"225\":1,\"976\":1,\"1186\":1,\"1337\":1,\"1509\":1,\"1686\":1,\"1863\":1,\"2040\":1,\"2217\":1,\"2407\":1,\"2626\":1,\"2845\":1,\"3064\":1,\"3259\":1}}],[\"mime\",{\"1\":{\"37\":1,\"40\":1,\"224\":2,\"289\":1,\"300\":1,\"457\":4,\"481\":1,\"911\":4,\"975\":2,\"1044\":4,\"1138\":4,\"1185\":2,\"1336\":2,\"1508\":2,\"1685\":2,\"1862\":2,\"2039\":2,\"2216\":2,\"2406\":2,\"2625\":2,\"2844\":2,\"3063\":2,\"3258\":2,\"3327\":4,\"3421\":4}}],[\"milliseconds\",{\"1\":{\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"210\":1,\"235\":1,\"247\":1,\"248\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"961\":1,\"987\":1,\"1011\":1,\"1012\":1,\"1062\":1,\"1063\":1,\"1104\":1,\"1105\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1171\":1,\"1194\":1,\"1214\":1,\"1215\":1,\"1230\":1,\"1231\":1,\"1282\":1,\"1283\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1322\":1,\"1345\":1,\"1368\":1,\"1369\":1,\"1406\":1,\"1407\":1,\"1454\":1,\"1455\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1494\":1,\"1520\":1,\"1544\":1,\"1545\":1,\"1582\":1,\"1583\":1,\"1631\":1,\"1632\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1671\":1,\"1697\":1,\"1721\":1,\"1722\":1,\"1759\":1,\"1760\":1,\"1808\":1,\"1809\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1848\":1,\"1874\":1,\"1898\":1,\"1899\":1,\"1936\":1,\"1937\":1,\"1985\":1,\"1986\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2025\":1,\"2051\":1,\"2075\":1,\"2076\":1,\"2113\":1,\"2114\":1,\"2162\":1,\"2163\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2202\":1,\"2228\":1,\"2252\":1,\"2253\":1,\"2290\":1,\"2291\":1,\"2349\":1,\"2350\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2392\":1,\"2418\":1,\"2467\":1,\"2468\":1,\"2509\":1,\"2510\":1,\"2568\":1,\"2569\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2611\":1,\"2637\":1,\"2686\":1,\"2687\":1,\"2728\":1,\"2729\":1,\"2787\":1,\"2788\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2830\":1,\"2856\":1,\"2905\":1,\"2906\":1,\"2947\":1,\"2948\":1,\"3006\":1,\"3007\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3049\":1,\"3075\":1,\"3124\":1,\"3125\":1,\"3166\":1,\"3167\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3244\":1,\"3270\":1,\"3294\":1,\"3295\":1,\"3345\":1,\"3346\":1,\"3387\":1,\"3388\":1}}],[\"million\",{\"1\":{\"126\":2}}],[\"missing\",{\"0\":{\"381\":1},\"1\":{\"159\":1}}],[\"mii\",{\"0\":{\"550\":1,\"580\":1,\"610\":1,\"656\":1,\"702\":1,\"748\":1},\"1\":{\"16\":2,\"17\":1,\"20\":4,\"73\":1,\"81\":3,\"116\":1,\"117\":1,\"120\":1,\"419\":2,\"429\":1,\"431\":4,\"433\":4,\"472\":1,\"473\":2,\"485\":1,\"495\":1,\"496\":2,\"508\":1,\"521\":1,\"522\":2,\"534\":1,\"547\":1,\"550\":1,\"577\":1,\"580\":1,\"607\":1,\"610\":3,\"643\":2,\"653\":1,\"656\":4,\"689\":2,\"699\":1,\"702\":4,\"735\":2,\"745\":1,\"748\":6,\"781\":2,\"791\":1,\"793\":4,\"795\":4,\"827\":2,\"837\":1,\"839\":4,\"841\":4,\"873\":2,\"883\":1,\"885\":4,\"887\":4}}],[\"mitigate\",{\"1\":{\"36\":1}}],[\"mittagspause\",{\"1\":{\"14\":1}}],[\"mit\",{\"1\":{\"14\":2,\"16\":1,\"17\":1}}],[\"mie\",{\"0\":{\"115\":1},\"1\":{\"1\":2,\"121\":1}}],[\"middleware\",{\"1\":{\"0\":1,\"5\":1,\"6\":1,\"98\":1,\"102\":1,\"128\":2}}],[\"rfc\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"rp\",{\"1\":{\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"566\":1,\"567\":1,\"596\":1,\"597\":1,\"626\":1,\"627\":1,\"672\":1,\"673\":1,\"718\":1,\"719\":1,\"764\":1,\"765\":1,\"810\":1,\"811\":1,\"856\":1,\"857\":1,\"915\":1,\"916\":1}}],[\"rsa\",{\"1\":{\"290\":1,\"301\":1,\"457\":9,\"911\":9,\"1044\":6,\"1138\":6,\"3327\":6,\"3421\":6}}],[\"rbrace\",{\"1\":{\"160\":1}}],[\"rc\",{\"1\":{\"142\":4}}],[\"rm\",{\"1\":{\"136\":1,\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"rdp\",{\"1\":{\"129\":1,\"431\":1,\"551\":1,\"581\":1,\"611\":1,\"657\":1,\"703\":1,\"749\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"random\",{\"1\":{\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"442\":3,\"443\":3,\"444\":2,\"481\":3,\"482\":3,\"483\":2,\"504\":3,\"505\":3,\"506\":2,\"530\":3,\"531\":3,\"532\":2,\"560\":3,\"561\":3,\"562\":2,\"590\":3,\"591\":3,\"592\":2,\"620\":3,\"621\":3,\"622\":2,\"666\":3,\"667\":3,\"668\":2,\"712\":3,\"713\":3,\"714\":2,\"758\":3,\"759\":3,\"760\":2,\"804\":3,\"805\":3,\"806\":2,\"850\":3,\"851\":3,\"852\":2,\"896\":3,\"897\":3,\"898\":2}}],[\"range\",{\"1\":{\"9\":1}}],[\"ram\",{\"1\":{\"282\":2,\"293\":2,\"319\":1,\"394\":1,\"403\":1,\"436\":2,\"475\":2,\"498\":2,\"524\":2,\"554\":2,\"584\":2,\"614\":2,\"660\":2,\"706\":2,\"752\":2,\"798\":2,\"844\":2,\"890\":2}}],[\"ramp\",{\"1\":{\"157\":1}}],[\"rarely\",{\"1\":{\"127\":1}}],[\"rule\",{\"1\":{\"359\":2,\"360\":2,\"385\":2,\"386\":2,\"920\":2,\"922\":1,\"1049\":2,\"1051\":1,\"1357\":1,\"1533\":1,\"1710\":1,\"1887\":1,\"2064\":1,\"2241\":1,\"2327\":2,\"2329\":1,\"2454\":2,\"2456\":1,\"2546\":2,\"2548\":1,\"2673\":2,\"2675\":1,\"2765\":2,\"2767\":1,\"2892\":2,\"2894\":1,\"2984\":2,\"2986\":1,\"3111\":2,\"3113\":1,\"3203\":2,\"3205\":1,\"3332\":2,\"3334\":1}}],[\"ruleset\",{\"1\":{\"409\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1}}],[\"rules\",{\"1\":{\"95\":1,\"348\":3,\"358\":2,\"384\":2}}],[\"run\",{\"1\":{\"99\":1,\"110\":2,\"136\":2,\"141\":2,\"142\":2,\"165\":2,\"169\":1,\"175\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":1,\"224\":1,\"225\":1,\"228\":1,\"241\":1,\"242\":1,\"243\":1,\"249\":1,\"251\":1,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"327\":43,\"399\":1,\"403\":1,\"412\":1,\"442\":1,\"443\":2,\"447\":3,\"448\":1,\"449\":2,\"461\":10,\"462\":5,\"481\":1,\"482\":2,\"504\":1,\"505\":2,\"530\":1,\"531\":2,\"560\":1,\"561\":2,\"590\":1,\"591\":2,\"620\":1,\"621\":2,\"636\":1,\"666\":1,\"667\":2,\"682\":1,\"712\":1,\"713\":2,\"728\":1,\"758\":1,\"759\":2,\"774\":1,\"804\":1,\"805\":2,\"820\":1,\"850\":1,\"851\":2,\"866\":1,\"896\":1,\"897\":2,\"901\":3,\"902\":1,\"903\":2,\"915\":10,\"916\":5,\"932\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"975\":1,\"976\":1,\"979\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1027\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1121\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1423\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1599\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1776\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1953\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2130\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2307\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2434\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2526\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2653\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2745\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2872\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2964\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3091\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3183\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3310\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3404\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"running\",{\"1\":{\"33\":1,\"137\":2,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"346\":1,\"410\":1,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"634\":1,\"673\":2,\"680\":1,\"719\":2,\"726\":1,\"765\":2,\"772\":1,\"811\":2,\"818\":1,\"857\":2,\"864\":1,\"916\":2}}],[\"runs\",{\"1\":{\"0\":1,\"32\":1,\"88\":1}}],[\"right\",{\"1\":{\"91\":2}}],[\"risks\",{\"1\":{\"36\":1}}],[\"r\",{\"1\":{\"26\":6,\"318\":1}}],[\"root\",{\"0\":{\"450\":1,\"904\":1},\"1\":{\"134\":1,\"135\":1,\"159\":2,\"205\":1,\"228\":1,\"249\":1,\"277\":1,\"290\":1,\"301\":1,\"304\":3,\"307\":3,\"310\":1,\"338\":3,\"433\":2,\"441\":2,\"442\":1,\"450\":1,\"452\":1,\"453\":4,\"454\":1,\"455\":5,\"457\":14,\"458\":3,\"460\":1,\"461\":1,\"462\":1,\"795\":2,\"841\":2,\"887\":2,\"895\":2,\"896\":1,\"904\":1,\"906\":1,\"907\":4,\"908\":1,\"909\":5,\"911\":14,\"912\":3,\"914\":1,\"915\":1,\"916\":1,\"957\":2,\"979\":2,\"1013\":2,\"1026\":2,\"1027\":4,\"1037\":1,\"1038\":1,\"1040\":2,\"1041\":2,\"1064\":2,\"1106\":2,\"1120\":2,\"1121\":4,\"1131\":1,\"1132\":1,\"1134\":2,\"1135\":2,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1264\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1422\":2,\"1423\":4,\"1435\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1598\":2,\"1599\":4,\"1609\":1,\"1612\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1775\":2,\"1776\":4,\"1786\":1,\"1789\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1952\":2,\"1953\":4,\"1963\":1,\"1966\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2129\":2,\"2130\":4,\"2140\":1,\"2143\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2306\":2,\"2307\":4,\"2317\":1,\"2320\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2433\":2,\"2434\":4,\"2444\":1,\"2447\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2525\":2,\"2526\":4,\"2536\":1,\"2539\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2652\":2,\"2653\":4,\"2663\":1,\"2666\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2744\":2,\"2745\":4,\"2755\":1,\"2758\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2871\":2,\"2872\":4,\"2882\":1,\"2885\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"2963\":2,\"2964\":4,\"2974\":1,\"2977\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3090\":2,\"3091\":4,\"3101\":1,\"3104\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3182\":2,\"3183\":4,\"3193\":1,\"3196\":1,\"3240\":2,\"3262\":2,\"3296\":2,\"3309\":2,\"3310\":4,\"3320\":1,\"3321\":1,\"3323\":2,\"3324\":2,\"3347\":2,\"3389\":2,\"3403\":2,\"3404\":4,\"3414\":1,\"3415\":1,\"3417\":2,\"3418\":2}}],[\"routing\",{\"1\":{\"100\":1,\"170\":1}}],[\"routine\",{\"1\":{\"0\":1,\"32\":1,\"98\":1,\"127\":1}}],[\"role|dsf\",{\"1\":{\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2462\":2,\"2681\":2,\"2900\":2,\"3119\":2,\"3340\":2}}],[\"rolecreate\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"roleconfig\",{\"0\":{\"992\":1,\"1085\":1,\"1249\":1,\"1388\":1,\"1564\":1,\"1741\":1,\"1918\":1,\"2095\":1,\"2272\":1,\"2423\":1,\"2490\":1,\"2642\":1,\"2709\":1,\"2861\":1,\"2928\":1,\"3080\":1,\"3147\":1,\"3275\":1,\"3368\":1},\"1\":{\"442\":1,\"481\":2,\"504\":1,\"530\":1,\"536\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":3,\"928\":3,\"992\":1,\"1049\":3,\"1057\":3,\"1085\":1,\"1249\":1,\"1355\":3,\"1363\":3,\"1388\":1,\"1531\":3,\"1539\":3,\"1564\":1,\"1708\":3,\"1716\":3,\"1741\":1,\"1885\":3,\"1893\":3,\"1918\":1,\"2062\":3,\"2070\":3,\"2095\":1,\"2239\":3,\"2247\":3,\"2272\":1,\"2327\":3,\"2335\":3,\"2423\":1,\"2454\":3,\"2462\":3,\"2490\":1,\"2546\":3,\"2554\":3,\"2642\":1,\"2673\":3,\"2681\":3,\"2709\":1,\"2765\":3,\"2773\":3,\"2861\":1,\"2892\":3,\"2900\":3,\"2928\":1,\"2984\":3,\"2992\":3,\"3080\":1,\"3111\":3,\"3119\":3,\"3147\":1,\"3203\":3,\"3211\":3,\"3275\":1,\"3332\":3,\"3340\":3,\"3368\":1}}],[\"role\",{\"0\":{\"924\":1,\"926\":1,\"927\":1,\"1053\":1,\"1055\":1,\"1056\":1,\"1359\":1,\"1361\":1,\"1362\":1,\"1535\":1,\"1537\":1,\"1538\":1,\"1712\":1,\"1714\":1,\"1715\":1,\"1889\":1,\"1891\":1,\"1892\":1,\"2066\":1,\"2068\":1,\"2069\":1,\"2243\":1,\"2245\":1,\"2246\":1,\"2331\":1,\"2333\":1,\"2334\":1,\"2458\":1,\"2460\":1,\"2461\":1,\"2550\":1,\"2552\":1,\"2553\":1,\"2677\":1,\"2679\":1,\"2680\":1,\"2769\":1,\"2771\":1,\"2772\":1,\"2896\":1,\"2898\":1,\"2899\":1,\"2988\":1,\"2990\":1,\"2991\":1,\"3115\":1,\"3117\":1,\"3118\":1,\"3207\":1,\"3209\":1,\"3210\":1,\"3336\":1,\"3338\":1,\"3339\":1},\"1\":{\"348\":1,\"361\":10,\"362\":5,\"387\":10,\"388\":5,\"389\":10,\"418\":1,\"481\":1,\"536\":3,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1,\"920\":3,\"921\":1,\"924\":3,\"926\":1,\"928\":8,\"992\":1,\"1049\":3,\"1050\":1,\"1053\":3,\"1055\":1,\"1056\":2,\"1057\":10,\"1085\":1,\"1249\":1,\"1355\":3,\"1356\":1,\"1359\":3,\"1361\":1,\"1362\":2,\"1363\":10,\"1388\":1,\"1531\":3,\"1532\":1,\"1535\":3,\"1537\":1,\"1538\":2,\"1539\":10,\"1564\":1,\"1708\":3,\"1709\":1,\"1712\":3,\"1714\":1,\"1715\":2,\"1716\":10,\"1741\":1,\"1885\":3,\"1886\":1,\"1889\":3,\"1891\":1,\"1892\":2,\"1893\":10,\"1918\":1,\"2062\":3,\"2063\":1,\"2066\":3,\"2068\":1,\"2069\":2,\"2070\":10,\"2095\":1,\"2239\":3,\"2240\":1,\"2243\":3,\"2245\":1,\"2246\":2,\"2247\":10,\"2272\":1,\"2327\":3,\"2328\":1,\"2331\":3,\"2333\":1,\"2335\":8,\"2423\":1,\"2454\":3,\"2455\":1,\"2458\":3,\"2460\":1,\"2461\":2,\"2462\":10,\"2490\":1,\"2546\":3,\"2547\":1,\"2550\":3,\"2552\":1,\"2554\":8,\"2642\":1,\"2673\":3,\"2674\":1,\"2677\":3,\"2679\":1,\"2680\":2,\"2681\":10,\"2709\":1,\"2765\":3,\"2766\":1,\"2769\":3,\"2771\":1,\"2773\":8,\"2861\":1,\"2892\":3,\"2893\":1,\"2896\":3,\"2898\":1,\"2899\":2,\"2900\":10,\"2928\":1,\"2984\":3,\"2985\":1,\"2988\":3,\"2990\":1,\"2992\":8,\"3080\":1,\"3111\":3,\"3112\":1,\"3115\":3,\"3117\":1,\"3118\":2,\"3119\":10,\"3147\":1,\"3203\":3,\"3204\":1,\"3207\":3,\"3209\":1,\"3211\":8,\"3275\":1,\"3332\":3,\"3333\":1,\"3336\":3,\"3338\":1,\"3339\":2,\"3340\":10,\"3368\":1}}],[\"roles\",{\"0\":{\"925\":1,\"1054\":1,\"1360\":1,\"1536\":1,\"1713\":1,\"1890\":1,\"2067\":1,\"2244\":1,\"2332\":1,\"2459\":1,\"2551\":1,\"2678\":1,\"2770\":1,\"2897\":1,\"2989\":1,\"3116\":1,\"3208\":1,\"3337\":1},\"1\":{\"85\":2,\"233\":1,\"399\":1,\"536\":1,\"920\":7,\"921\":1,\"922\":1,\"925\":1,\"926\":1,\"927\":1,\"985\":1,\"1024\":1,\"1049\":7,\"1050\":1,\"1051\":1,\"1054\":1,\"1055\":1,\"1056\":1,\"1117\":1,\"1192\":1,\"1343\":1,\"1355\":7,\"1356\":1,\"1357\":1,\"1360\":1,\"1361\":1,\"1362\":1,\"1388\":1,\"1419\":1,\"1518\":1,\"1531\":7,\"1532\":1,\"1533\":1,\"1536\":1,\"1537\":1,\"1538\":1,\"1595\":1,\"1695\":1,\"1708\":7,\"1709\":1,\"1710\":1,\"1713\":1,\"1714\":1,\"1715\":1,\"1772\":1,\"1872\":1,\"1885\":7,\"1886\":1,\"1887\":1,\"1890\":1,\"1891\":1,\"1892\":1,\"1949\":1,\"2049\":1,\"2062\":7,\"2063\":1,\"2064\":1,\"2067\":1,\"2068\":1,\"2069\":1,\"2126\":1,\"2226\":1,\"2239\":7,\"2240\":1,\"2241\":1,\"2244\":1,\"2245\":1,\"2246\":1,\"2303\":1,\"2327\":7,\"2328\":1,\"2329\":1,\"2332\":1,\"2333\":1,\"2334\":1,\"2416\":1,\"2431\":1,\"2454\":7,\"2455\":1,\"2456\":1,\"2459\":1,\"2460\":1,\"2461\":1,\"2522\":1,\"2546\":7,\"2547\":1,\"2548\":1,\"2551\":1,\"2552\":1,\"2553\":1,\"2635\":1,\"2650\":1,\"2673\":7,\"2674\":1,\"2675\":1,\"2678\":1,\"2679\":1,\"2680\":1,\"2741\":1,\"2765\":7,\"2766\":1,\"2767\":1,\"2770\":1,\"2771\":1,\"2772\":1,\"2854\":1,\"2869\":1,\"2892\":7,\"2893\":1,\"2894\":1,\"2897\":1,\"2898\":1,\"2899\":1,\"2960\":1,\"2984\":7,\"2985\":1,\"2986\":1,\"2989\":1,\"2990\":1,\"2991\":1,\"3073\":1,\"3088\":1,\"3111\":7,\"3112\":1,\"3113\":1,\"3116\":1,\"3117\":1,\"3118\":1,\"3179\":1,\"3203\":7,\"3204\":1,\"3205\":1,\"3208\":1,\"3209\":1,\"3210\":1,\"3268\":1,\"3307\":1,\"3332\":7,\"3333\":1,\"3334\":1,\"3337\":1,\"3338\":1,\"3339\":1,\"3400\":1}}],[\"rollout\",{\"1\":{\"81\":1}}],[\"rolf\",{\"1\":{\"1\":3}}],[\"robust\",{\"1\":{\"10\":1}}],[\"refine\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"referenced\",{\"1\":{\"446\":1,\"447\":1,\"900\":1,\"901\":1}}],[\"reference\",{\"1\":{\"159\":10,\"419\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"643\":1,\"670\":2,\"689\":1,\"716\":2,\"735\":1,\"762\":2,\"781\":1,\"808\":2,\"827\":1,\"854\":2,\"873\":1,\"913\":2}}],[\"referenceextractorimpl\",{\"1\":{\"148\":1}}],[\"referenceextractor\",{\"1\":{\"148\":1}}],[\"references\",{\"0\":{\"148\":1},\"1\":{\"95\":2,\"159\":1}}],[\"refer\",{\"1\":{\"95\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"regardless\",{\"1\":{\"361\":2,\"362\":1,\"387\":2,\"388\":1}}],[\"registrations\",{\"1\":{\"146\":1}}],[\"registry\",{\"0\":{\"137\":1,\"161\":1},\"1\":{\"143\":1,\"398\":1}}],[\"registered\",{\"1\":{\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"register\",{\"1\":{\"126\":1,\"147\":1,\"149\":1,\"150\":1,\"335\":1}}],[\"reqiures\",{\"1\":{\"219\":1,\"229\":1,\"970\":1,\"980\":1,\"1180\":1,\"1190\":1,\"1331\":1,\"1341\":1,\"1503\":1,\"1513\":1,\"1680\":1,\"1690\":1,\"1857\":1,\"1867\":1,\"2034\":1,\"2044\":1,\"2211\":1,\"2221\":1,\"2401\":1,\"2411\":1,\"2620\":1,\"2630\":1,\"2839\":1,\"2849\":1,\"3058\":1,\"3068\":1,\"3253\":1,\"3263\":1}}],[\"req\",{\"1\":{\"170\":2}}],[\"require\",{\"1\":{\"311\":1,\"314\":1,\"352\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"997\":1,\"1045\":1,\"1090\":1,\"1139\":1,\"1199\":1,\"1253\":1,\"1350\":1,\"1392\":1,\"1438\":1,\"1526\":1,\"1568\":1,\"1615\":1,\"1703\":1,\"1745\":1,\"1792\":1,\"1880\":1,\"1922\":1,\"1969\":1,\"2057\":1,\"2099\":1,\"2146\":1,\"2234\":1,\"2276\":1,\"2323\":1,\"2428\":1,\"2450\":1,\"2495\":1,\"2542\":1,\"2647\":1,\"2669\":1,\"2714\":1,\"2761\":1,\"2866\":1,\"2888\":1,\"2933\":1,\"2980\":1,\"3085\":1,\"3107\":1,\"3152\":1,\"3199\":1,\"3280\":1,\"3328\":1,\"3373\":1,\"3422\":1}}],[\"required\",{\"1\":{\"174\":1,\"175\":1,\"176\":1,\"177\":1,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":1,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":1,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":1,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":1,\"252\":1,\"253\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"269\":1,\"270\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"286\":1,\"290\":1,\"297\":1,\"301\":1,\"332\":1,\"400\":1,\"415\":1,\"433\":1,\"443\":1,\"455\":1,\"459\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"564\":1,\"591\":1,\"594\":1,\"621\":1,\"624\":1,\"639\":1,\"667\":1,\"670\":1,\"685\":1,\"713\":1,\"716\":1,\"731\":1,\"759\":1,\"762\":1,\"777\":1,\"795\":1,\"805\":1,\"808\":1,\"823\":1,\"841\":1,\"851\":1,\"854\":1,\"869\":1,\"887\":1,\"897\":1,\"909\":1,\"913\":1,\"930\":1,\"931\":1,\"932\":1,\"933\":1,\"934\":1,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":1,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":1,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":1,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":1,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":1,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1031\":1,\"1032\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":1,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":1,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1125\":1,\"1126\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1143\":1,\"1144\":1,\"1145\":1,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":1,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":1,\"1199\":1,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":1,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":1,\"1253\":1,\"1254\":1,\"1256\":1,\"1257\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":1,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":1,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":1,\"1350\":1,\"1351\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":1,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":1,\"1392\":1,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1427\":1,\"1428\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":1,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":1,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":1,\"1526\":1,\"1527\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":1,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":1,\"1568\":1,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1603\":1,\"1604\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":1,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":1,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":1,\"1703\":1,\"1704\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":1,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":1,\"1745\":1,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1780\":1,\"1781\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":1,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":1,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":1,\"1880\":1,\"1881\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":1,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":1,\"1922\":1,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1957\":1,\"1958\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":1,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":1,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":1,\"2057\":1,\"2058\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":1,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":1,\"2099\":1,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2134\":1,\"2135\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":1,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":1,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":1,\"2234\":1,\"2235\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":1,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":1,\"2276\":1,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2311\":1,\"2312\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":1,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":1,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":1,\"2428\":1,\"2429\":1,\"2438\":1,\"2439\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":1,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":1,\"2495\":1,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2530\":1,\"2531\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":1,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":1,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":1,\"2647\":1,\"2648\":1,\"2657\":1,\"2658\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":1,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":1,\"2714\":1,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2749\":1,\"2750\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":1,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":1,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":1,\"2866\":1,\"2867\":1,\"2876\":1,\"2877\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":1,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":1,\"2933\":1,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2968\":1,\"2969\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":1,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":1,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":1,\"3085\":1,\"3086\":1,\"3095\":1,\"3096\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":1,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":1,\"3152\":1,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3187\":1,\"3188\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3213\":1,\"3214\":1,\"3215\":1,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":1,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":1,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3314\":1,\"3315\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":1,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":1,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1,\"3408\":1,\"3409\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3420\":1,\"3421\":1,\"3422\":1}}],[\"requires\",{\"1\":{\"117\":1,\"212\":1,\"213\":1,\"217\":1,\"218\":1,\"222\":1,\"223\":1,\"228\":1,\"963\":1,\"964\":1,\"968\":1,\"969\":1,\"973\":1,\"974\":1,\"979\":1,\"996\":1,\"998\":1,\"1002\":1,\"1003\":1,\"1005\":1,\"1024\":1,\"1089\":1,\"1091\":1,\"1095\":1,\"1096\":1,\"1098\":1,\"1117\":1,\"1173\":1,\"1174\":1,\"1178\":1,\"1179\":1,\"1183\":1,\"1184\":1,\"1189\":1,\"1198\":1,\"1200\":1,\"1205\":1,\"1206\":1,\"1208\":1,\"1252\":1,\"1254\":1,\"1273\":1,\"1274\":1,\"1276\":1,\"1324\":1,\"1325\":1,\"1329\":1,\"1330\":1,\"1334\":1,\"1335\":1,\"1340\":1,\"1349\":1,\"1351\":1,\"1391\":1,\"1393\":1,\"1397\":1,\"1398\":1,\"1400\":1,\"1419\":1,\"1445\":1,\"1446\":1,\"1448\":1,\"1496\":1,\"1497\":1,\"1501\":1,\"1502\":1,\"1506\":1,\"1507\":1,\"1512\":1,\"1525\":1,\"1527\":1,\"1567\":1,\"1569\":1,\"1573\":1,\"1574\":1,\"1576\":1,\"1595\":1,\"1622\":1,\"1623\":1,\"1625\":1,\"1673\":1,\"1674\":1,\"1678\":1,\"1679\":1,\"1683\":1,\"1684\":1,\"1689\":1,\"1702\":1,\"1704\":1,\"1744\":1,\"1746\":1,\"1750\":1,\"1751\":1,\"1753\":1,\"1772\":1,\"1799\":1,\"1800\":1,\"1802\":1,\"1850\":1,\"1851\":1,\"1855\":1,\"1856\":1,\"1860\":1,\"1861\":1,\"1866\":1,\"1879\":1,\"1881\":1,\"1921\":1,\"1923\":1,\"1927\":1,\"1928\":1,\"1930\":1,\"1949\":1,\"1976\":1,\"1977\":1,\"1979\":1,\"2027\":1,\"2028\":1,\"2032\":1,\"2033\":1,\"2037\":1,\"2038\":1,\"2043\":1,\"2056\":1,\"2058\":1,\"2098\":1,\"2100\":1,\"2104\":1,\"2105\":1,\"2107\":1,\"2126\":1,\"2153\":1,\"2154\":1,\"2156\":1,\"2204\":1,\"2205\":1,\"2209\":1,\"2210\":1,\"2214\":1,\"2215\":1,\"2220\":1,\"2233\":1,\"2235\":1,\"2275\":1,\"2277\":1,\"2281\":1,\"2282\":1,\"2284\":1,\"2303\":1,\"2340\":1,\"2341\":1,\"2343\":1,\"2394\":1,\"2395\":1,\"2399\":1,\"2400\":1,\"2404\":1,\"2405\":1,\"2410\":1,\"2427\":1,\"2429\":1,\"2431\":1,\"2494\":1,\"2496\":1,\"2500\":1,\"2501\":1,\"2503\":1,\"2522\":1,\"2559\":1,\"2560\":1,\"2562\":1,\"2613\":1,\"2614\":1,\"2618\":1,\"2619\":1,\"2623\":1,\"2624\":1,\"2629\":1,\"2646\":1,\"2648\":1,\"2650\":1,\"2713\":1,\"2715\":1,\"2719\":1,\"2720\":1,\"2722\":1,\"2741\":1,\"2778\":1,\"2779\":1,\"2781\":1,\"2832\":1,\"2833\":1,\"2837\":1,\"2838\":1,\"2842\":1,\"2843\":1,\"2848\":1,\"2865\":1,\"2867\":1,\"2869\":1,\"2932\":1,\"2934\":1,\"2938\":1,\"2939\":1,\"2941\":1,\"2960\":1,\"2997\":1,\"2998\":1,\"3000\":1,\"3051\":1,\"3052\":1,\"3056\":1,\"3057\":1,\"3061\":1,\"3062\":1,\"3067\":1,\"3084\":1,\"3086\":1,\"3088\":1,\"3151\":1,\"3153\":1,\"3157\":1,\"3158\":1,\"3160\":1,\"3179\":1,\"3246\":1,\"3247\":1,\"3251\":1,\"3252\":1,\"3256\":1,\"3257\":1,\"3262\":1,\"3279\":1,\"3281\":1,\"3285\":1,\"3286\":1,\"3288\":1,\"3307\":1,\"3372\":1,\"3374\":1,\"3378\":1,\"3379\":1,\"3381\":1,\"3400\":1}}],[\"requirements\",{\"1\":{\"82\":1,\"94\":1,\"403\":1,\"410\":1,\"428\":1,\"546\":1,\"576\":1,\"606\":1,\"634\":1,\"652\":1,\"680\":1,\"698\":1,\"726\":1,\"744\":1,\"772\":1,\"790\":1,\"818\":1,\"836\":1,\"864\":1,\"882\":1}}],[\"requester\",{\"0\":{\"361\":1,\"387\":1},\"1\":{\"348\":1,\"361\":1,\"363\":1,\"364\":1,\"387\":1,\"389\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"requested\",{\"1\":{\"90\":2,\"97\":1,\"363\":1,\"389\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1}}],[\"requests\",{\"0\":{\"111\":1,\"166\":1},\"1\":{\"90\":2,\"128\":1,\"156\":1,\"190\":1,\"192\":1,\"195\":1,\"196\":1,\"198\":1,\"199\":1,\"201\":1,\"204\":1,\"244\":1,\"246\":1,\"250\":1,\"407\":1,\"414\":1,\"415\":5,\"419\":2,\"631\":1,\"638\":1,\"639\":5,\"643\":2,\"677\":1,\"684\":1,\"685\":5,\"689\":2,\"723\":1,\"730\":1,\"731\":5,\"735\":2,\"769\":1,\"776\":1,\"777\":5,\"781\":2,\"815\":1,\"822\":1,\"823\":5,\"827\":2,\"861\":1,\"868\":1,\"869\":5,\"873\":2,\"947\":1,\"953\":1,\"956\":1,\"1065\":1,\"1079\":1,\"1162\":1,\"1165\":1,\"1233\":1,\"1313\":1,\"1316\":1,\"1371\":1,\"1486\":1,\"1489\":1,\"1547\":1,\"1663\":1,\"1666\":1,\"1724\":1,\"1840\":1,\"1843\":1,\"1901\":1,\"2017\":1,\"2020\":1,\"2078\":1,\"2194\":1,\"2197\":1,\"2255\":1,\"2378\":1,\"2384\":1,\"2387\":1,\"2470\":1,\"2484\":1,\"2597\":1,\"2603\":1,\"2606\":1,\"2689\":1,\"2703\":1,\"2816\":1,\"2822\":1,\"2825\":1,\"2908\":1,\"2922\":1,\"3035\":1,\"3041\":1,\"3044\":1,\"3127\":1,\"3141\":1,\"3230\":1,\"3236\":1,\"3239\":1,\"3348\":1,\"3362\":1}}],[\"requesting\",{\"1\":{\"89\":1,\"107\":3,\"261\":1,\"333\":1,\"941\":1,\"1077\":1,\"2372\":1,\"2482\":1,\"2591\":1,\"2701\":1,\"2810\":1,\"2920\":1,\"3029\":1,\"3139\":1,\"3224\":1,\"3360\":1}}],[\"request\",{\"0\":{\"2\":1,\"87\":1,\"276\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1,\"1039\":1,\"1133\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3416\":1},\"1\":{\"37\":1,\"71\":1,\"75\":1,\"141\":1,\"170\":2,\"276\":1,\"290\":1,\"333\":1,\"334\":2,\"357\":2,\"414\":3,\"417\":2,\"419\":1,\"444\":1,\"452\":1,\"454\":1,\"461\":5,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"638\":3,\"641\":2,\"643\":1,\"668\":1,\"684\":3,\"687\":2,\"689\":1,\"714\":1,\"730\":3,\"733\":2,\"735\":1,\"760\":1,\"776\":3,\"779\":2,\"781\":1,\"806\":1,\"822\":3,\"825\":2,\"827\":1,\"852\":1,\"868\":3,\"871\":2,\"873\":1,\"898\":1,\"906\":1,\"908\":1,\"915\":5,\"1004\":1,\"1097\":1,\"1207\":1,\"1263\":1,\"1275\":1,\"1399\":1,\"1434\":1,\"1447\":1,\"1575\":1,\"1611\":1,\"1624\":1,\"1752\":1,\"1788\":1,\"1801\":1,\"1929\":1,\"1965\":1,\"1978\":1,\"2106\":1,\"2142\":1,\"2155\":1,\"2283\":1,\"2319\":1,\"2342\":1,\"2446\":1,\"2502\":1,\"2538\":1,\"2561\":1,\"2665\":1,\"2721\":1,\"2757\":1,\"2780\":1,\"2884\":1,\"2940\":1,\"2976\":1,\"2999\":1,\"3103\":1,\"3159\":1,\"3195\":1,\"3287\":1,\"3380\":1}}],[\"reviewing\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"review\",{\"1\":{\"414\":1,\"415\":2,\"416\":2,\"419\":1,\"638\":1,\"639\":2,\"640\":2,\"643\":1,\"684\":1,\"685\":2,\"686\":2,\"689\":1,\"730\":1,\"731\":2,\"732\":2,\"735\":1,\"776\":1,\"777\":2,\"778\":2,\"781\":1,\"822\":1,\"823\":2,\"824\":2,\"827\":1,\"868\":1,\"869\":2,\"870\":2,\"873\":1}}],[\"rev\",{\"1\":{\"147\":3}}],[\"reverse\",{\"0\":{\"92\":1,\"100\":1,\"170\":1,\"268\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1028\":1,\"1122\":1,\"1255\":1,\"1424\":1,\"1600\":1,\"1777\":1,\"1954\":1,\"2131\":1,\"2308\":1,\"2435\":1,\"2527\":1,\"2654\":1,\"2746\":1,\"2873\":1,\"2965\":1,\"3092\":1,\"3184\":1,\"3311\":1,\"3405\":1},\"1\":{\"99\":3,\"100\":2,\"169\":3,\"170\":2,\"171\":1,\"269\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"289\":1,\"300\":1,\"331\":1,\"425\":2,\"442\":1,\"481\":1,\"491\":1,\"504\":1,\"517\":1,\"530\":1,\"543\":1,\"560\":1,\"573\":1,\"590\":1,\"603\":1,\"620\":1,\"649\":1,\"666\":1,\"695\":2,\"712\":1,\"741\":2,\"758\":1,\"787\":2,\"804\":1,\"833\":2,\"850\":1,\"879\":2,\"896\":1,\"1001\":1,\"1024\":2,\"1031\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1094\":1,\"1117\":2,\"1125\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1141\":1,\"1204\":1,\"1256\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1272\":1,\"1396\":1,\"1419\":2,\"1427\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1444\":1,\"1572\":1,\"1595\":2,\"1603\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1621\":1,\"1749\":1,\"1772\":2,\"1780\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1798\":1,\"1926\":1,\"1949\":2,\"1957\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1975\":1,\"2103\":1,\"2126\":2,\"2134\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2152\":1,\"2280\":1,\"2303\":2,\"2311\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2339\":1,\"2431\":2,\"2438\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2499\":1,\"2522\":2,\"2530\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2558\":1,\"2650\":2,\"2657\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2718\":1,\"2741\":2,\"2749\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2777\":1,\"2869\":2,\"2876\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2937\":1,\"2960\":2,\"2968\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2996\":1,\"3088\":2,\"3095\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3156\":1,\"3179\":2,\"3187\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3284\":1,\"3307\":2,\"3314\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3377\":1,\"3400\":2,\"3408\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1}}],[\"retire\",{\"1\":{\"237\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"retired\",{\"0\":{\"237\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1},\"1\":{\"237\":2,\"989\":2,\"1196\":2,\"1347\":2,\"1522\":2,\"1699\":2,\"1876\":2,\"2053\":2,\"2230\":2,\"2420\":2,\"2639\":2,\"2858\":2,\"3077\":2,\"3272\":2}}],[\"retries\",{\"1\":{\"209\":2,\"210\":1,\"234\":2,\"235\":1,\"327\":1,\"536\":1,\"537\":1,\"960\":2,\"961\":1,\"986\":2,\"987\":1,\"1170\":2,\"1171\":1,\"1193\":2,\"1194\":1,\"1321\":2,\"1322\":1,\"1344\":2,\"1345\":1,\"1493\":2,\"1494\":1,\"1519\":2,\"1520\":1,\"1670\":2,\"1671\":1,\"1696\":2,\"1697\":1,\"1847\":2,\"1848\":1,\"1873\":2,\"1874\":1,\"2024\":2,\"2025\":1,\"2050\":2,\"2051\":1,\"2201\":2,\"2202\":1,\"2227\":2,\"2228\":1,\"2391\":2,\"2392\":1,\"2417\":2,\"2418\":1,\"2610\":2,\"2611\":1,\"2636\":2,\"2637\":1,\"2829\":2,\"2830\":1,\"2855\":2,\"2856\":1,\"3048\":2,\"3049\":1,\"3074\":2,\"3075\":1,\"3243\":2,\"3244\":1,\"3269\":2,\"3270\":1}}],[\"retry\",{\"0\":{\"209\":1,\"210\":1,\"234\":1,\"235\":1,\"960\":1,\"961\":1,\"986\":1,\"987\":1,\"1170\":1,\"1171\":1,\"1193\":1,\"1194\":1,\"1321\":1,\"1322\":1,\"1344\":1,\"1345\":1,\"1493\":1,\"1494\":1,\"1519\":1,\"1520\":1,\"1670\":1,\"1671\":1,\"1696\":1,\"1697\":1,\"1847\":1,\"1848\":1,\"1873\":1,\"1874\":1,\"2024\":1,\"2025\":1,\"2050\":1,\"2051\":1,\"2201\":1,\"2202\":1,\"2227\":1,\"2228\":1,\"2391\":1,\"2392\":1,\"2417\":1,\"2418\":1,\"2610\":1,\"2611\":1,\"2636\":1,\"2637\":1,\"2829\":1,\"2830\":1,\"2855\":1,\"2856\":1,\"3048\":1,\"3049\":1,\"3074\":1,\"3075\":1,\"3243\":1,\"3244\":1,\"3269\":1,\"3270\":1},\"1\":{\"209\":1,\"210\":1,\"234\":1,\"235\":1,\"960\":1,\"961\":1,\"986\":1,\"987\":1,\"1170\":1,\"1171\":1,\"1193\":1,\"1194\":1,\"1321\":1,\"1322\":1,\"1344\":1,\"1345\":1,\"1493\":1,\"1494\":1,\"1519\":1,\"1520\":1,\"1670\":1,\"1671\":1,\"1696\":1,\"1697\":1,\"1847\":1,\"1848\":1,\"1873\":1,\"1874\":1,\"2024\":1,\"2025\":1,\"2050\":1,\"2051\":1,\"2201\":1,\"2202\":1,\"2227\":1,\"2228\":1,\"2391\":1,\"2392\":1,\"2417\":1,\"2418\":1,\"2610\":1,\"2611\":1,\"2636\":1,\"2637\":1,\"2829\":1,\"2830\":1,\"2855\":1,\"2856\":1,\"3048\":1,\"3049\":1,\"3074\":1,\"3075\":1,\"3243\":1,\"3244\":1,\"3269\":1,\"3270\":1}}],[\"retrospective\",{\"1\":{\"117\":1}}],[\"returned\",{\"1\":{\"264\":1,\"338\":1,\"348\":1,\"367\":1,\"393\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1}}],[\"returns\",{\"1\":{\"154\":1}}],[\"return\",{\"1\":{\"154\":1,\"159\":1,\"325\":1,\"379\":1,\"383\":2}}],[\"returning\",{\"1\":{\"152\":1,\"153\":1}}],[\"reto\",{\"1\":{\"83\":1}}],[\"redirect\",{\"1\":{\"114\":1,\"122\":1}}],[\"reminder\",{\"1\":{\"433\":1,\"795\":1,\"841\":1,\"887\":1}}],[\"remarks\",{\"1\":{\"318\":2}}],[\"removing\",{\"1\":{\"352\":1,\"537\":2}}],[\"remove\",{\"1\":{\"141\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"304\":2,\"307\":2,\"442\":1,\"443\":1,\"461\":1,\"462\":1,\"481\":2,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"536\":2,\"537\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"915\":1,\"916\":1}}],[\"removed\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"304\":1,\"307\":1,\"310\":1,\"457\":3,\"460\":1,\"911\":3,\"914\":1}}],[\"remote\",{\"0\":{\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"954\":1,\"955\":1,\"956\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3237\":1,\"3238\":1,\"3239\":1},\"1\":{\"0\":1,\"32\":1,\"113\":1,\"168\":1,\"187\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":2,\"203\":2,\"204\":2,\"205\":1,\"241\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"321\":1,\"340\":1,\"341\":1,\"342\":2,\"356\":1,\"361\":6,\"363\":2,\"387\":6,\"389\":1,\"416\":1,\"453\":1,\"455\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1,\"907\":1,\"909\":1,\"948\":1,\"954\":2,\"955\":2,\"956\":2,\"957\":1,\"1015\":1,\"1059\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1108\":1,\"1157\":1,\"1163\":2,\"1164\":2,\"1165\":2,\"1166\":1,\"1218\":1,\"1227\":1,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1286\":1,\"1308\":1,\"1314\":2,\"1315\":2,\"1316\":2,\"1317\":1,\"1365\":1,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1410\":1,\"1458\":1,\"1481\":1,\"1487\":2,\"1488\":2,\"1489\":2,\"1490\":1,\"1541\":1,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1586\":1,\"1635\":1,\"1658\":1,\"1664\":2,\"1665\":2,\"1666\":2,\"1667\":1,\"1718\":1,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1763\":1,\"1812\":1,\"1835\":1,\"1841\":2,\"1842\":2,\"1843\":2,\"1844\":1,\"1895\":1,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1940\":1,\"1989\":1,\"2012\":1,\"2018\":2,\"2019\":2,\"2020\":2,\"2021\":1,\"2072\":1,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2117\":1,\"2166\":1,\"2189\":1,\"2195\":2,\"2196\":2,\"2197\":2,\"2198\":1,\"2249\":1,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2294\":1,\"2353\":1,\"2379\":1,\"2385\":2,\"2386\":2,\"2387\":2,\"2388\":1,\"2464\":1,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2513\":1,\"2572\":1,\"2598\":1,\"2604\":2,\"2605\":2,\"2606\":2,\"2607\":1,\"2683\":1,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2732\":1,\"2791\":1,\"2817\":1,\"2823\":2,\"2824\":2,\"2825\":2,\"2826\":1,\"2902\":1,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2951\":1,\"3010\":1,\"3036\":1,\"3042\":2,\"3043\":2,\"3044\":2,\"3045\":1,\"3121\":1,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3170\":1,\"3231\":1,\"3237\":2,\"3238\":2,\"3239\":2,\"3240\":1,\"3298\":1,\"3342\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3391\":1}}],[\"remediations\",{\"1\":{\"38\":1}}],[\"recreating\",{\"1\":{\"302\":1,\"305\":1,\"308\":1,\"311\":1,\"314\":1,\"352\":1,\"460\":1,\"509\":1,\"535\":1,\"565\":1,\"595\":1,\"625\":1,\"671\":1,\"717\":1,\"763\":1,\"809\":1,\"855\":1,\"914\":1}}],[\"recipient\",{\"0\":{\"362\":1,\"388\":1},\"1\":{\"226\":2,\"227\":2,\"335\":1,\"348\":1,\"362\":1,\"363\":1,\"364\":1,\"388\":1,\"389\":1,\"977\":2,\"978\":2,\"1187\":2,\"1188\":2,\"1338\":2,\"1339\":2,\"1510\":2,\"1511\":2,\"1687\":2,\"1688\":2,\"1864\":2,\"1865\":2,\"2041\":2,\"2042\":2,\"2218\":2,\"2219\":2,\"2408\":2,\"2409\":2,\"2627\":2,\"2628\":2,\"2846\":2,\"2847\":2,\"3065\":2,\"3066\":2,\"3260\":2,\"3261\":2}}],[\"received\",{\"1\":{\"262\":1,\"286\":1,\"297\":1,\"381\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"receive\",{\"1\":{\"94\":1,\"106\":2,\"107\":1,\"128\":1,\"206\":1,\"211\":1,\"356\":1,\"359\":1,\"385\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"receipt\",{\"1\":{\"38\":1}}],[\"recommand\",{\"1\":{\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"recommendation\",{\"1\":{\"174\":1,\"175\":1,\"177\":1,\"179\":1,\"180\":1,\"182\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"193\":1,\"194\":1,\"196\":1,\"199\":1,\"202\":1,\"203\":1,\"205\":1,\"208\":1,\"212\":1,\"213\":1,\"214\":1,\"219\":1,\"224\":1,\"225\":1,\"228\":1,\"229\":1,\"231\":1,\"232\":1,\"233\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"247\":1,\"248\":1,\"249\":1,\"251\":1,\"253\":1,\"255\":1,\"257\":1,\"258\":1,\"262\":1,\"263\":1,\"265\":1,\"266\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"930\":1,\"932\":1,\"934\":1,\"936\":1,\"937\":1,\"939\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"970\":1,\"975\":1,\"976\":1,\"979\":1,\"980\":1,\"985\":1,\"988\":1,\"989\":1,\"993\":1,\"996\":1,\"998\":1,\"1002\":1,\"1003\":1,\"1005\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1045\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1066\":1,\"1068\":1,\"1070\":1,\"1072\":1,\"1074\":1,\"1075\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1086\":1,\"1089\":1,\"1091\":1,\"1095\":1,\"1096\":1,\"1098\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1139\":1,\"1143\":1,\"1145\":1,\"1147\":1,\"1149\":1,\"1150\":1,\"1152\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1166\":1,\"1169\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1180\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1190\":1,\"1192\":1,\"1195\":1,\"1196\":1,\"1198\":1,\"1200\":1,\"1205\":1,\"1206\":1,\"1208\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1232\":1,\"1234\":1,\"1236\":1,\"1238\":1,\"1240\":1,\"1242\":1,\"1243\":1,\"1246\":1,\"1247\":1,\"1250\":1,\"1252\":1,\"1254\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1273\":1,\"1274\":1,\"1276\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1294\":1,\"1296\":1,\"1298\":1,\"1300\":1,\"1301\":1,\"1303\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1317\":1,\"1320\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1331\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1341\":1,\"1343\":1,\"1346\":1,\"1347\":1,\"1349\":1,\"1351\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1370\":1,\"1372\":1,\"1374\":1,\"1376\":1,\"1378\":1,\"1380\":1,\"1381\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1388\":1,\"1389\":1,\"1391\":1,\"1393\":1,\"1397\":1,\"1398\":1,\"1400\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1445\":1,\"1446\":1,\"1448\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1466\":1,\"1468\":1,\"1470\":1,\"1472\":1,\"1473\":1,\"1475\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1503\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1513\":1,\"1518\":1,\"1521\":1,\"1522\":1,\"1525\":1,\"1527\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1546\":1,\"1548\":1,\"1550\":1,\"1552\":1,\"1554\":1,\"1556\":1,\"1557\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1565\":1,\"1567\":1,\"1569\":1,\"1573\":1,\"1574\":1,\"1576\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1622\":1,\"1623\":1,\"1625\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1643\":1,\"1645\":1,\"1647\":1,\"1649\":1,\"1650\":1,\"1652\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1680\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1690\":1,\"1695\":1,\"1698\":1,\"1699\":1,\"1702\":1,\"1704\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1723\":1,\"1725\":1,\"1727\":1,\"1729\":1,\"1731\":1,\"1733\":1,\"1734\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1742\":1,\"1744\":1,\"1746\":1,\"1750\":1,\"1751\":1,\"1753\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1799\":1,\"1800\":1,\"1802\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1820\":1,\"1822\":1,\"1824\":1,\"1826\":1,\"1827\":1,\"1829\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1857\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1867\":1,\"1872\":1,\"1875\":1,\"1876\":1,\"1879\":1,\"1881\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1900\":1,\"1902\":1,\"1904\":1,\"1906\":1,\"1908\":1,\"1910\":1,\"1911\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1919\":1,\"1921\":1,\"1923\":1,\"1927\":1,\"1928\":1,\"1930\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"1976\":1,\"1977\":1,\"1979\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1997\":1,\"1999\":1,\"2001\":1,\"2003\":1,\"2004\":1,\"2006\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2034\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2044\":1,\"2049\":1,\"2052\":1,\"2053\":1,\"2056\":1,\"2058\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2077\":1,\"2079\":1,\"2081\":1,\"2083\":1,\"2085\":1,\"2087\":1,\"2088\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2096\":1,\"2098\":1,\"2100\":1,\"2104\":1,\"2105\":1,\"2107\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2153\":1,\"2154\":1,\"2156\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2174\":1,\"2176\":1,\"2178\":1,\"2180\":1,\"2181\":1,\"2183\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2211\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2221\":1,\"2226\":1,\"2229\":1,\"2230\":1,\"2233\":1,\"2235\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2254\":1,\"2256\":1,\"2258\":1,\"2260\":1,\"2262\":1,\"2264\":1,\"2265\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2273\":1,\"2275\":1,\"2277\":1,\"2281\":1,\"2282\":1,\"2284\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2340\":1,\"2341\":1,\"2343\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2361\":1,\"2363\":1,\"2365\":1,\"2367\":1,\"2368\":1,\"2370\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2401\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2411\":1,\"2416\":1,\"2419\":1,\"2420\":1,\"2424\":1,\"2427\":1,\"2429\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2467\":1,\"2468\":1,\"2469\":1,\"2471\":1,\"2473\":1,\"2475\":1,\"2477\":1,\"2479\":1,\"2480\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2491\":1,\"2494\":1,\"2496\":1,\"2500\":1,\"2501\":1,\"2503\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2559\":1,\"2560\":1,\"2562\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2580\":1,\"2582\":1,\"2584\":1,\"2586\":1,\"2587\":1,\"2589\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2620\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2630\":1,\"2635\":1,\"2638\":1,\"2639\":1,\"2643\":1,\"2646\":1,\"2648\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2686\":1,\"2687\":1,\"2688\":1,\"2690\":1,\"2692\":1,\"2694\":1,\"2696\":1,\"2698\":1,\"2699\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2710\":1,\"2713\":1,\"2715\":1,\"2719\":1,\"2720\":1,\"2722\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2778\":1,\"2779\":1,\"2781\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2799\":1,\"2801\":1,\"2803\":1,\"2805\":1,\"2806\":1,\"2808\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2839\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2849\":1,\"2854\":1,\"2857\":1,\"2858\":1,\"2862\":1,\"2865\":1,\"2867\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2905\":1,\"2906\":1,\"2907\":1,\"2909\":1,\"2911\":1,\"2913\":1,\"2915\":1,\"2917\":1,\"2918\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2929\":1,\"2932\":1,\"2934\":1,\"2938\":1,\"2939\":1,\"2941\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"2997\":1,\"2998\":1,\"3000\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3018\":1,\"3020\":1,\"3022\":1,\"3024\":1,\"3025\":1,\"3027\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3058\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3068\":1,\"3073\":1,\"3076\":1,\"3077\":1,\"3081\":1,\"3084\":1,\"3086\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3124\":1,\"3125\":1,\"3126\":1,\"3128\":1,\"3130\":1,\"3132\":1,\"3134\":1,\"3136\":1,\"3137\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3148\":1,\"3151\":1,\"3153\":1,\"3157\":1,\"3158\":1,\"3160\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3213\":1,\"3215\":1,\"3217\":1,\"3219\":1,\"3220\":1,\"3222\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3253\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3263\":1,\"3268\":1,\"3271\":1,\"3272\":1,\"3276\":1,\"3279\":1,\"3281\":1,\"3285\":1,\"3286\":1,\"3288\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3328\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3349\":1,\"3351\":1,\"3353\":1,\"3355\":1,\"3357\":1,\"3358\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3369\":1,\"3372\":1,\"3374\":1,\"3378\":1,\"3379\":1,\"3381\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3422\":1}}],[\"recommend\",{\"1\":{\"93\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"401\":1,\"402\":1,\"419\":1,\"422\":2,\"423\":1,\"461\":1,\"462\":1,\"465\":2,\"466\":1,\"488\":2,\"489\":1,\"510\":1,\"511\":1,\"514\":2,\"515\":1,\"536\":1,\"537\":1,\"540\":2,\"541\":1,\"566\":1,\"567\":1,\"570\":2,\"571\":1,\"596\":1,\"597\":1,\"600\":2,\"601\":1,\"626\":1,\"627\":1,\"643\":1,\"646\":2,\"647\":1,\"672\":1,\"673\":1,\"689\":1,\"692\":2,\"693\":1,\"718\":1,\"719\":1,\"735\":1,\"738\":2,\"739\":1,\"764\":1,\"765\":1,\"781\":1,\"784\":2,\"785\":1,\"810\":1,\"811\":1,\"827\":1,\"830\":2,\"831\":1,\"856\":1,\"857\":1,\"873\":1,\"876\":2,\"877\":1,\"915\":1,\"916\":1}}],[\"recommended\",{\"1\":{\"33\":1,\"100\":1,\"170\":1,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"442\":3,\"443\":3,\"448\":1,\"481\":3,\"482\":3,\"504\":3,\"505\":3,\"530\":3,\"531\":3,\"560\":3,\"561\":3,\"590\":3,\"591\":3,\"620\":3,\"621\":3,\"666\":3,\"667\":3,\"712\":3,\"713\":3,\"758\":3,\"759\":3,\"804\":3,\"805\":3,\"850\":3,\"851\":3,\"896\":3,\"897\":3,\"902\":1}}],[\"recognizing\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"recognize\",{\"1\":{\"38\":1}}],[\"recognition\",{\"1\":{\"38\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"recording\",{\"1\":{\"318\":1}}],[\"recorded\",{\"0\":{\"27\":1,\"122\":1}}],[\"record\",{\"1\":{\"0\":1,\"26\":1,\"29\":1,\"32\":1,\"99\":2,\"117\":1,\"169\":2,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"reply\",{\"1\":{\"221\":2,\"273\":1,\"274\":1,\"383\":1,\"972\":2,\"1035\":1,\"1036\":1,\"1129\":1,\"1130\":1,\"1182\":2,\"1260\":1,\"1261\":1,\"1333\":2,\"1431\":1,\"1432\":1,\"1505\":2,\"1607\":1,\"1608\":1,\"1682\":2,\"1784\":1,\"1785\":1,\"1859\":2,\"1961\":1,\"1962\":1,\"2036\":2,\"2138\":1,\"2139\":1,\"2213\":2,\"2315\":1,\"2316\":1,\"2403\":2,\"2442\":1,\"2443\":1,\"2534\":1,\"2535\":1,\"2622\":2,\"2661\":1,\"2662\":1,\"2753\":1,\"2754\":1,\"2841\":2,\"2880\":1,\"2881\":1,\"2972\":1,\"2973\":1,\"3060\":2,\"3099\":1,\"3100\":1,\"3191\":1,\"3192\":1,\"3255\":2,\"3318\":1,\"3319\":1,\"3412\":1,\"3413\":1}}],[\"replytoaddresses\",{\"0\":{\"221\":1,\"972\":1,\"1182\":1,\"1333\":1,\"1505\":1,\"1682\":1,\"1859\":1,\"2036\":1,\"2213\":1,\"2403\":1,\"2622\":1,\"2841\":1,\"3060\":1,\"3255\":1},\"1\":{\"221\":1,\"972\":1,\"1182\":1,\"1333\":1,\"1505\":1,\"1682\":1,\"1859\":1,\"2036\":1,\"2213\":1,\"2403\":1,\"2622\":1,\"2841\":1,\"3060\":1,\"3255\":1}}],[\"replies\",{\"1\":{\"195\":1,\"204\":1,\"250\":1,\"953\":1,\"956\":1,\"1065\":1,\"1162\":1,\"1165\":1,\"1233\":1,\"1313\":1,\"1316\":1,\"1371\":1,\"1486\":1,\"1489\":1,\"1547\":1,\"1663\":1,\"1666\":1,\"1724\":1,\"1840\":1,\"1843\":1,\"1901\":1,\"2017\":1,\"2020\":1,\"2078\":1,\"2194\":1,\"2197\":1,\"2255\":1,\"2384\":1,\"2387\":1,\"2470\":1,\"2603\":1,\"2606\":1,\"2689\":1,\"2822\":1,\"2825\":1,\"2908\":1,\"3041\":1,\"3044\":1,\"3127\":1,\"3236\":1,\"3239\":1,\"3348\":1}}],[\"replacing\",{\"0\":{\"451\":1,\"905\":1},\"1\":{\"154\":1,\"302\":2,\"305\":1,\"308\":1,\"537\":2}}],[\"replaced\",{\"1\":{\"154\":1,\"348\":1,\"451\":1,\"905\":1}}],[\"replace\",{\"1\":{\"142\":1,\"162\":1,\"163\":1,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"303\":2,\"304\":11,\"306\":1,\"307\":11,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"364\":1,\"398\":1,\"442\":3,\"443\":3,\"459\":1,\"461\":1,\"462\":1,\"481\":3,\"482\":3,\"504\":3,\"505\":3,\"510\":1,\"511\":1,\"530\":3,\"531\":3,\"536\":1,\"537\":1,\"560\":3,\"561\":3,\"564\":1,\"566\":1,\"567\":1,\"590\":3,\"591\":3,\"594\":1,\"596\":1,\"597\":1,\"620\":3,\"621\":3,\"624\":1,\"626\":1,\"627\":1,\"666\":3,\"667\":3,\"670\":1,\"672\":1,\"673\":1,\"712\":3,\"713\":3,\"716\":1,\"718\":1,\"719\":1,\"758\":3,\"759\":3,\"762\":1,\"764\":1,\"765\":1,\"804\":3,\"805\":3,\"808\":1,\"810\":1,\"811\":1,\"850\":3,\"851\":3,\"854\":1,\"856\":1,\"857\":1,\"896\":3,\"897\":3,\"913\":1,\"915\":1,\"916\":1}}],[\"reproduction\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"reproduce\",{\"1\":{\"37\":1,\"38\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"represented\",{\"1\":{\"356\":1}}],[\"representation\",{\"1\":{\"104\":1}}],[\"repo\",{\"1\":{\"99\":1,\"169\":1}}],[\"repository>\",{\"1\":{\"162\":1}}],[\"repository\",{\"1\":{\"37\":1,\"91\":1,\"99\":2,\"127\":1,\"128\":1,\"130\":1,\"134\":1,\"135\":1,\"152\":1,\"169\":2,\"232\":2,\"318\":1,\"414\":1,\"417\":2,\"638\":1,\"641\":2,\"684\":1,\"687\":2,\"730\":1,\"733\":2,\"776\":1,\"779\":2,\"822\":1,\"825\":2,\"868\":1,\"871\":2}}],[\"repositories>\",{\"1\":{\"162\":1}}],[\"repositories\",{\"1\":{\"0\":1,\"32\":1,\"416\":2,\"640\":2,\"686\":2,\"732\":2,\"778\":2,\"824\":2,\"870\":2}}],[\"reported\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"reports\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"reporting\",{\"1\":{\"35\":1,\"36\":1,\"39\":1,\"128\":1,\"397\":1}}],[\"report\",{\"0\":{\"37\":1},\"1\":{\"20\":1,\"38\":1,\"39\":1,\"75\":1,\"419\":4,\"431\":1,\"550\":2,\"580\":2,\"610\":2,\"643\":4,\"656\":2,\"689\":4,\"702\":2,\"735\":4,\"748\":2,\"781\":4,\"793\":1,\"827\":4,\"839\":1,\"873\":4,\"885\":1}}],[\"relevant\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"released\",{\"1\":{\"141\":1,\"142\":1,\"431\":2,\"537\":1,\"793\":2,\"839\":2,\"885\":2}}],[\"releases>\",{\"1\":{\"162\":1}}],[\"releases\",{\"0\":{\"171\":1},\"1\":{\"31\":1,\"283\":1,\"290\":7,\"294\":1,\"301\":2,\"396\":1,\"419\":3,\"433\":1,\"549\":2,\"550\":2,\"551\":1,\"579\":2,\"580\":2,\"581\":1,\"609\":2,\"610\":3,\"611\":1,\"643\":3,\"655\":2,\"656\":3,\"657\":1,\"689\":3,\"701\":2,\"702\":3,\"703\":1,\"735\":3,\"747\":2,\"748\":4,\"749\":1,\"781\":3,\"795\":1,\"827\":3,\"841\":1,\"873\":3,\"887\":1}}],[\"release\",{\"0\":{\"140\":1,\"141\":1,\"142\":1,\"348\":1},\"1\":{\"20\":2,\"38\":1,\"42\":2,\"43\":1,\"44\":2,\"46\":2,\"47\":1,\"48\":2,\"49\":1,\"50\":2,\"51\":1,\"52\":2,\"53\":1,\"54\":2,\"55\":1,\"56\":2,\"57\":1,\"58\":2,\"59\":1,\"60\":2,\"61\":1,\"62\":2,\"63\":1,\"64\":2,\"65\":1,\"66\":2,\"67\":1,\"131\":1,\"141\":7,\"142\":6,\"157\":3,\"158\":2,\"283\":2,\"290\":1,\"294\":2,\"301\":1,\"304\":12,\"307\":12,\"310\":3,\"313\":1,\"316\":1,\"348\":1,\"408\":1,\"409\":1,\"413\":1,\"416\":1,\"437\":2,\"457\":3,\"459\":1,\"460\":1,\"476\":2,\"485\":1,\"499\":2,\"508\":1,\"525\":2,\"534\":1,\"555\":2,\"564\":1,\"585\":2,\"594\":1,\"615\":2,\"624\":1,\"632\":1,\"633\":1,\"637\":1,\"640\":1,\"661\":2,\"670\":1,\"678\":1,\"679\":1,\"683\":1,\"686\":1,\"707\":2,\"716\":1,\"724\":1,\"725\":1,\"729\":1,\"732\":1,\"753\":2,\"762\":1,\"770\":1,\"771\":1,\"775\":1,\"778\":1,\"799\":2,\"808\":1,\"816\":1,\"817\":1,\"821\":1,\"824\":1,\"845\":2,\"854\":1,\"862\":1,\"863\":1,\"867\":1,\"870\":1,\"891\":2,\"911\":3,\"913\":1,\"914\":1}}],[\"relies\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"reliably\",{\"1\":{\"98\":1}}],[\"reliability\",{\"1\":{\"5\":1,\"11\":1}}],[\"relying\",{\"1\":{\"127\":1}}],[\"relative\",{\"1\":{\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1}}],[\"relationship\",{\"1\":{\"371\":1,\"383\":1}}],[\"relationships\",{\"1\":{\"98\":1,\"383\":1}}],[\"related\",{\"1\":{\"37\":1,\"81\":1}}],[\"reader\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"ready\",{\"1\":{\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"readable\",{\"1\":{\"290\":1,\"301\":1,\"433\":1,\"795\":1,\"841\":1,\"887\":1}}],[\"reading\",{\"1\":{\"194\":1,\"203\":1,\"248\":1,\"264\":1,\"348\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1,\"952\":1,\"955\":1,\"1063\":1,\"1084\":1,\"1161\":1,\"1164\":1,\"1231\":1,\"1248\":1,\"1312\":1,\"1315\":1,\"1369\":1,\"1387\":1,\"1485\":1,\"1488\":1,\"1545\":1,\"1563\":1,\"1662\":1,\"1665\":1,\"1722\":1,\"1740\":1,\"1839\":1,\"1842\":1,\"1899\":1,\"1917\":1,\"2016\":1,\"2019\":1,\"2076\":1,\"2094\":1,\"2193\":1,\"2196\":1,\"2253\":1,\"2271\":1,\"2383\":1,\"2386\":1,\"2468\":1,\"2489\":1,\"2602\":1,\"2605\":1,\"2687\":1,\"2708\":1,\"2821\":1,\"2824\":1,\"2906\":1,\"2927\":1,\"3040\":1,\"3043\":1,\"3125\":1,\"3146\":1,\"3235\":1,\"3238\":1,\"3346\":1,\"3367\":1}}],[\"read\",{\"0\":{\"194\":1,\"203\":1,\"248\":1,\"952\":1,\"955\":1,\"1063\":1,\"1161\":1,\"1164\":1,\"1231\":1,\"1312\":1,\"1315\":1,\"1369\":1,\"1485\":1,\"1488\":1,\"1545\":1,\"1662\":1,\"1665\":1,\"1722\":1,\"1839\":1,\"1842\":1,\"1899\":1,\"2016\":1,\"2019\":1,\"2076\":1,\"2193\":1,\"2196\":1,\"2253\":1,\"2383\":1,\"2386\":1,\"2468\":1,\"2602\":1,\"2605\":1,\"2687\":1,\"2821\":1,\"2824\":1,\"2906\":1,\"3040\":1,\"3043\":1,\"3125\":1,\"3235\":1,\"3238\":1,\"3346\":1},\"1\":{\"86\":1,\"90\":2,\"96\":1,\"145\":1,\"162\":1,\"194\":1,\"203\":1,\"207\":1,\"231\":1,\"232\":1,\"248\":1,\"260\":1,\"327\":9,\"348\":7,\"349\":1,\"373\":2,\"398\":2,\"426\":1,\"428\":2,\"442\":2,\"446\":2,\"447\":2,\"469\":1,\"471\":2,\"481\":2,\"492\":1,\"494\":2,\"504\":2,\"518\":1,\"520\":2,\"530\":2,\"544\":1,\"546\":2,\"560\":2,\"574\":1,\"576\":2,\"590\":2,\"604\":1,\"606\":2,\"620\":2,\"650\":1,\"652\":2,\"666\":2,\"696\":1,\"698\":2,\"712\":2,\"742\":1,\"744\":2,\"758\":2,\"788\":1,\"790\":2,\"804\":2,\"834\":1,\"836\":2,\"850\":2,\"880\":1,\"882\":2,\"896\":2,\"900\":2,\"901\":2,\"920\":2,\"952\":1,\"955\":1,\"959\":1,\"1049\":4,\"1055\":1,\"1057\":5,\"1063\":1,\"1080\":1,\"1161\":1,\"1164\":1,\"1168\":1,\"1231\":1,\"1245\":1,\"1312\":1,\"1315\":1,\"1319\":1,\"1355\":4,\"1361\":1,\"1363\":5,\"1369\":1,\"1383\":1,\"1485\":1,\"1488\":1,\"1492\":1,\"1531\":4,\"1537\":1,\"1539\":5,\"1545\":1,\"1559\":1,\"1662\":1,\"1665\":1,\"1669\":1,\"1708\":4,\"1714\":1,\"1716\":5,\"1722\":1,\"1736\":1,\"1839\":1,\"1842\":1,\"1846\":1,\"1885\":4,\"1891\":1,\"1893\":5,\"1899\":1,\"1913\":1,\"2016\":1,\"2019\":1,\"2023\":1,\"2062\":4,\"2068\":1,\"2070\":5,\"2076\":1,\"2090\":1,\"2193\":1,\"2196\":1,\"2200\":1,\"2239\":4,\"2245\":1,\"2247\":5,\"2253\":1,\"2267\":1,\"2327\":2,\"2383\":1,\"2386\":1,\"2390\":1,\"2454\":4,\"2460\":1,\"2462\":5,\"2468\":1,\"2485\":1,\"2546\":2,\"2602\":1,\"2605\":1,\"2609\":1,\"2673\":4,\"2679\":1,\"2681\":5,\"2687\":1,\"2704\":1,\"2765\":2,\"2821\":1,\"2824\":1,\"2828\":1,\"2892\":4,\"2898\":1,\"2900\":5,\"2906\":1,\"2923\":1,\"2984\":2,\"3040\":1,\"3043\":1,\"3047\":1,\"3111\":4,\"3117\":1,\"3119\":5,\"3125\":1,\"3142\":1,\"3203\":2,\"3235\":1,\"3238\":1,\"3242\":1,\"3332\":4,\"3338\":1,\"3340\":5,\"3346\":1,\"3363\":1}}],[\"reasons\",{\"1\":{\"91\":1}}],[\"reason\",{\"1\":{\"37\":1}}],[\"reach\",{\"1\":{\"12\":1,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"244\":1,\"245\":1,\"246\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"realms\",{\"1\":{\"1014\":1,\"1027\":1,\"1107\":1,\"1121\":1,\"1217\":1,\"1285\":1,\"1409\":1,\"1423\":1,\"1457\":1,\"1585\":1,\"1599\":1,\"1634\":1,\"1762\":1,\"1776\":1,\"1811\":1,\"1939\":1,\"1953\":1,\"1988\":1,\"2116\":1,\"2130\":1,\"2165\":1,\"2293\":1,\"2307\":1,\"2352\":1,\"2434\":1,\"2512\":1,\"2526\":1,\"2571\":1,\"2653\":1,\"2731\":1,\"2745\":1,\"2790\":1,\"2872\":1,\"2950\":1,\"2964\":1,\"3009\":1,\"3091\":1,\"3169\":1,\"3183\":1,\"3297\":1,\"3310\":1,\"3390\":1,\"3404\":1}}],[\"realm\",{\"0\":{\"1014\":1,\"1107\":1,\"1217\":1,\"1285\":1,\"1409\":1,\"1457\":1,\"1585\":1,\"1634\":1,\"1762\":1,\"1811\":1,\"1939\":1,\"1988\":1,\"2116\":1,\"2165\":1,\"2293\":1,\"2352\":1,\"2512\":1,\"2571\":1,\"2731\":1,\"2790\":1,\"2950\":1,\"3009\":1,\"3169\":1,\"3297\":1,\"3390\":1},\"1\":{\"1002\":1,\"1005\":1,\"1014\":3,\"1025\":1,\"1027\":1,\"1095\":1,\"1098\":1,\"1107\":3,\"1118\":1,\"1119\":1,\"1121\":1,\"1205\":1,\"1208\":1,\"1217\":3,\"1273\":1,\"1276\":1,\"1285\":3,\"1397\":1,\"1400\":1,\"1409\":3,\"1420\":1,\"1421\":1,\"1423\":1,\"1445\":1,\"1448\":1,\"1457\":3,\"1573\":1,\"1576\":1,\"1585\":3,\"1596\":1,\"1597\":1,\"1599\":1,\"1622\":1,\"1625\":1,\"1634\":3,\"1750\":1,\"1753\":1,\"1762\":3,\"1773\":1,\"1774\":1,\"1776\":1,\"1799\":1,\"1802\":1,\"1811\":3,\"1927\":1,\"1930\":1,\"1939\":3,\"1950\":1,\"1951\":1,\"1953\":1,\"1976\":1,\"1979\":1,\"1988\":3,\"2104\":1,\"2107\":1,\"2116\":3,\"2127\":1,\"2128\":1,\"2130\":1,\"2153\":1,\"2156\":1,\"2165\":3,\"2281\":1,\"2284\":1,\"2293\":3,\"2304\":1,\"2305\":1,\"2307\":1,\"2340\":1,\"2343\":1,\"2352\":3,\"2432\":1,\"2434\":1,\"2500\":1,\"2503\":1,\"2512\":3,\"2523\":1,\"2524\":1,\"2526\":1,\"2559\":1,\"2562\":1,\"2571\":3,\"2651\":1,\"2653\":1,\"2719\":1,\"2722\":1,\"2731\":3,\"2742\":1,\"2743\":1,\"2745\":1,\"2778\":1,\"2781\":1,\"2790\":3,\"2870\":1,\"2872\":1,\"2938\":1,\"2941\":1,\"2950\":3,\"2961\":1,\"2962\":1,\"2964\":1,\"2997\":1,\"3000\":1,\"3009\":3,\"3089\":1,\"3091\":1,\"3157\":1,\"3160\":1,\"3169\":3,\"3180\":1,\"3181\":1,\"3183\":1,\"3285\":1,\"3288\":1,\"3297\":3,\"3308\":1,\"3310\":1,\"3378\":1,\"3381\":1,\"3390\":3,\"3401\":1,\"3402\":1,\"3404\":1}}],[\"realistic\",{\"1\":{\"103\":1}}],[\"real\",{\"1\":{\"5\":1,\"11\":1,\"117\":3,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"re\",{\"1\":{\"12\":3,\"417\":3,\"418\":1,\"419\":1,\"641\":3,\"642\":1,\"643\":1,\"687\":3,\"688\":1,\"689\":1,\"733\":3,\"734\":1,\"735\":1,\"779\":3,\"780\":1,\"781\":1,\"825\":3,\"826\":1,\"827\":1,\"871\":3,\"872\":1,\"873\":1}}],[\"result\",{\"1\":{\"381\":1}}],[\"resultset\",{\"1\":{\"153\":1}}],[\"results\",{\"1\":{\"128\":1,\"356\":1,\"357\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"resulting\",{\"1\":{\"81\":1,\"120\":1}}],[\"restrict\",{\"1\":{\"348\":1}}],[\"restriction\",{\"1\":{\"348\":1}}],[\"restricted\",{\"1\":{\"10\":1}}],[\"restart\",{\"1\":{\"303\":2,\"304\":2,\"306\":2,\"307\":2,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"327\":8,\"461\":2,\"462\":1,\"510\":2,\"511\":1,\"536\":2,\"537\":1,\"566\":2,\"567\":1,\"596\":2,\"597\":1,\"626\":2,\"627\":1,\"672\":2,\"673\":1,\"718\":2,\"719\":1,\"764\":2,\"765\":1,\"810\":2,\"811\":1,\"856\":2,\"857\":1,\"915\":2,\"916\":1}}],[\"restful\",{\"1\":{\"95\":1}}],[\"rest\",{\"1\":{\"94\":1,\"134\":1,\"135\":1,\"146\":1,\"148\":2,\"153\":1,\"289\":1,\"300\":1,\"536\":1,\"1049\":1,\"1055\":1,\"1117\":2,\"1355\":1,\"1361\":1,\"1419\":2,\"1531\":1,\"1537\":1,\"1595\":2,\"1708\":1,\"1714\":1,\"1772\":2,\"1885\":1,\"1891\":1,\"1949\":2,\"2062\":1,\"2068\":1,\"2126\":2,\"2239\":1,\"2245\":1,\"2303\":2,\"2454\":1,\"2460\":1,\"2522\":2,\"2673\":1,\"2679\":1,\"2741\":2,\"2892\":1,\"2898\":1,\"2960\":2,\"3111\":1,\"3117\":1,\"3179\":2,\"3332\":1,\"3338\":1,\"3400\":2}}],[\"response\",{\"0\":{\"206\":1,\"958\":1,\"1167\":1,\"1318\":1,\"1491\":1,\"1668\":1,\"1845\":1,\"2022\":1,\"2199\":1,\"2389\":1,\"2608\":1,\"2827\":1,\"3046\":1,\"3241\":1},\"1\":{\"107\":1,\"206\":2,\"261\":2,\"381\":2,\"393\":1,\"958\":2,\"1167\":2,\"1318\":2,\"1491\":2,\"1668\":2,\"1845\":2,\"2022\":2,\"2199\":2,\"2389\":2,\"2608\":2,\"2827\":2,\"3046\":2,\"3241\":2}}],[\"responsibly\",{\"1\":{\"39\":1}}],[\"responsible\",{\"0\":{\"36\":1},\"1\":{\"35\":1,\"36\":1,\"88\":1,\"428\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"836\":1,\"882\":1}}],[\"respectively\",{\"1\":{\"348\":1,\"354\":1}}],[\"respective\",{\"1\":{\"81\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"547\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"resource\",{\"0\":{\"148\":1,\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1},\"1\":{\"89\":2,\"95\":1,\"99\":2,\"143\":1,\"144\":1,\"145\":2,\"146\":1,\"147\":6,\"149\":2,\"150\":6,\"151\":2,\"160\":1,\"169\":2,\"194\":1,\"203\":1,\"248\":1,\"290\":1,\"301\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"331\":1,\"333\":2,\"334\":1,\"338\":7,\"345\":1,\"347\":2,\"348\":2,\"352\":2,\"356\":2,\"364\":1,\"367\":7,\"377\":2,\"381\":2,\"393\":8,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"952\":1,\"955\":1,\"993\":2,\"1056\":1,\"1063\":1,\"1086\":2,\"1161\":1,\"1164\":1,\"1231\":1,\"1250\":2,\"1312\":1,\"1315\":1,\"1362\":1,\"1369\":1,\"1389\":2,\"1485\":1,\"1488\":1,\"1538\":1,\"1545\":1,\"1565\":2,\"1662\":1,\"1665\":1,\"1715\":1,\"1722\":1,\"1742\":2,\"1839\":1,\"1842\":1,\"1892\":1,\"1899\":1,\"1919\":2,\"2016\":1,\"2019\":1,\"2069\":1,\"2076\":1,\"2096\":2,\"2193\":1,\"2196\":1,\"2246\":1,\"2253\":1,\"2273\":2,\"2383\":1,\"2386\":1,\"2424\":2,\"2461\":1,\"2468\":1,\"2491\":2,\"2602\":1,\"2605\":1,\"2643\":2,\"2680\":1,\"2687\":1,\"2710\":2,\"2821\":1,\"2824\":1,\"2862\":2,\"2899\":1,\"2906\":1,\"2929\":2,\"3040\":1,\"3043\":1,\"3081\":2,\"3118\":1,\"3125\":1,\"3148\":2,\"3235\":1,\"3238\":1,\"3276\":2,\"3339\":1,\"3346\":1,\"3369\":2}}],[\"resources\",{\"0\":{\"144\":1,\"333\":1,\"356\":1},\"1\":{\"5\":1,\"85\":2,\"89\":1,\"90\":4,\"95\":5,\"97\":2,\"99\":8,\"102\":1,\"109\":2,\"127\":1,\"138\":1,\"141\":1,\"142\":1,\"145\":4,\"147\":1,\"152\":1,\"153\":1,\"159\":3,\"160\":1,\"169\":8,\"206\":1,\"207\":1,\"211\":1,\"260\":1,\"264\":1,\"285\":1,\"289\":5,\"290\":5,\"296\":1,\"300\":5,\"301\":5,\"303\":8,\"304\":1,\"307\":1,\"310\":1,\"331\":5,\"332\":2,\"333\":2,\"334\":3,\"338\":1,\"347\":3,\"348\":7,\"349\":1,\"352\":1,\"357\":1,\"358\":1,\"364\":1,\"367\":2,\"377\":1,\"384\":1,\"390\":1,\"393\":2,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"958\":1,\"959\":1,\"962\":1,\"1056\":1,\"1080\":1,\"1084\":1,\"1167\":1,\"1168\":1,\"1172\":1,\"1245\":1,\"1248\":1,\"1318\":1,\"1319\":1,\"1323\":1,\"1362\":1,\"1383\":1,\"1387\":1,\"1491\":1,\"1492\":1,\"1495\":1,\"1538\":1,\"1559\":1,\"1563\":1,\"1668\":1,\"1669\":1,\"1672\":1,\"1715\":1,\"1736\":1,\"1740\":1,\"1845\":1,\"1846\":1,\"1849\":1,\"1892\":1,\"1913\":1,\"1917\":1,\"2022\":1,\"2023\":1,\"2026\":1,\"2069\":1,\"2090\":1,\"2094\":1,\"2199\":1,\"2200\":1,\"2203\":1,\"2246\":1,\"2267\":1,\"2271\":1,\"2389\":1,\"2390\":1,\"2393\":1,\"2461\":1,\"2485\":1,\"2489\":1,\"2608\":1,\"2609\":1,\"2612\":1,\"2680\":1,\"2704\":1,\"2708\":1,\"2827\":1,\"2828\":1,\"2831\":1,\"2899\":1,\"2923\":1,\"2927\":1,\"3046\":1,\"3047\":1,\"3050\":1,\"3118\":1,\"3142\":1,\"3146\":1,\"3241\":1,\"3242\":1,\"3245\":1,\"3339\":1,\"3363\":1,\"3367\":1}}],[\"resolution\",{\"1\":{\"38\":1}}],[\"resolves\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1}}],[\"resolved\",{\"1\":{\"38\":1}}],[\"resolve\",{\"0\":{\"148\":1},\"1\":{\"38\":2,\"208\":1,\"263\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"researcher\",{\"1\":{\"98\":1,\"126\":1}}],[\"researchers\",{\"1\":{\"36\":1,\"127\":2}}],[\"researchstudy\",{\"1\":{\"97\":1}}],[\"research\",{\"1\":{\"0\":2,\"5\":2,\"6\":2,\"9\":1,\"11\":1,\"12\":3,\"26\":3,\"29\":1,\"32\":1,\"77\":4,\"81\":1,\"82\":2,\"85\":1,\"91\":3,\"98\":8,\"102\":1,\"116\":4,\"117\":4,\"120\":1,\"126\":2,\"127\":4,\"129\":3,\"130\":1}}],[\"r4\",{\"1\":{\"0\":1,\"5\":1,\"6\":1,\"9\":1,\"32\":1,\"88\":1,\"102\":1,\"127\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"08\",{\"1\":{\"457\":2,\"458\":3,\"793\":1,\"839\":1,\"911\":2,\"912\":3}}],[\"07\",{\"1\":{\"457\":1,\"911\":1}}],[\"03\",{\"1\":{\"457\":1,\"911\":1}}],[\"09\",{\"1\":{\"457\":5,\"911\":5}}],[\"01zz1802a\",{\"1\":{\"82\":1}}],[\"01zz1802e\",{\"1\":{\"82\":1}}],[\"01zz2307c\",{\"1\":{\"81\":1}}],[\"01zz2307b\",{\"1\":{\"81\":1}}],[\"01zz2307a\",{\"1\":{\"81\":1}}],[\"01\",{\"1\":{\"41\":1,\"431\":1,\"457\":1,\"885\":1,\"911\":1}}],[\"00474993fa261b0225f93c5a66aa6fcc\",{\"1\":{\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"00\",{\"1\":{\"14\":8,\"41\":2}}],[\"0\",{\"0\":{\"30\":1,\"31\":1,\"42\":1,\"44\":2,\"46\":1,\"48\":1,\"50\":1,\"56\":1,\"58\":1,\"64\":1,\"66\":1,\"173\":1,\"240\":1,\"268\":1,\"302\":4,\"305\":4,\"308\":3,\"311\":1,\"314\":1,\"423\":1,\"434\":1,\"459\":1,\"460\":1,\"466\":1,\"473\":2,\"485\":1,\"489\":1,\"496\":1,\"508\":1,\"515\":1,\"522\":1,\"534\":1,\"535\":1,\"541\":1,\"552\":1,\"564\":1,\"565\":1,\"571\":1,\"594\":1,\"595\":1,\"601\":1,\"624\":1,\"647\":1,\"658\":1,\"670\":1,\"693\":1,\"704\":1,\"716\":1,\"717\":1,\"739\":1,\"762\":1,\"763\":1,\"785\":1,\"808\":1,\"831\":1,\"842\":1,\"854\":1,\"877\":1,\"888\":1,\"913\":1,\"914\":1},\"1\":{\"0\":1,\"5\":1,\"6\":1,\"20\":8,\"21\":2,\"30\":1,\"32\":1,\"42\":5,\"44\":7,\"46\":4,\"48\":4,\"50\":4,\"52\":4,\"54\":4,\"56\":4,\"58\":5,\"60\":4,\"62\":3,\"64\":4,\"66\":5,\"88\":1,\"98\":1,\"99\":3,\"102\":1,\"116\":1,\"117\":1,\"121\":1,\"127\":1,\"138\":1,\"139\":1,\"145\":2,\"154\":2,\"157\":2,\"159\":13,\"162\":6,\"163\":2,\"169\":3,\"170\":2,\"171\":2,\"220\":1,\"280\":1,\"289\":8,\"290\":28,\"291\":1,\"300\":8,\"301\":13,\"302\":10,\"303\":40,\"304\":100,\"305\":20,\"306\":16,\"307\":88,\"308\":9,\"309\":12,\"310\":26,\"311\":5,\"312\":11,\"313\":13,\"314\":7,\"315\":12,\"316\":14,\"327\":35,\"347\":2,\"357\":4,\"398\":6,\"400\":6,\"421\":1,\"423\":2,\"425\":2,\"431\":26,\"433\":8,\"434\":1,\"437\":2,\"442\":2,\"443\":2,\"459\":8,\"460\":2,\"461\":6,\"462\":8,\"464\":1,\"466\":2,\"468\":3,\"473\":2,\"476\":2,\"481\":4,\"482\":4,\"485\":4,\"487\":1,\"489\":2,\"491\":2,\"496\":2,\"499\":2,\"504\":2,\"505\":2,\"508\":4,\"509\":5,\"510\":8,\"511\":9,\"513\":1,\"515\":2,\"517\":2,\"522\":2,\"525\":2,\"530\":2,\"531\":2,\"534\":4,\"535\":4,\"536\":6,\"537\":20,\"539\":1,\"541\":2,\"543\":2,\"552\":1,\"555\":2,\"560\":2,\"561\":2,\"564\":8,\"565\":9,\"566\":6,\"567\":8,\"569\":1,\"571\":2,\"573\":1,\"582\":1,\"585\":2,\"594\":8,\"595\":6,\"596\":2,\"597\":1,\"599\":1,\"601\":2,\"603\":1,\"612\":1,\"615\":2,\"624\":8,\"625\":5,\"645\":1,\"647\":2,\"649\":2,\"658\":1,\"661\":2,\"666\":2,\"667\":2,\"670\":8,\"671\":6,\"672\":4,\"673\":7,\"691\":1,\"693\":2,\"695\":2,\"704\":1,\"707\":2,\"712\":2,\"713\":2,\"716\":8,\"717\":7,\"718\":6,\"719\":8,\"737\":1,\"739\":2,\"741\":1,\"750\":1,\"753\":2,\"762\":8,\"763\":6,\"764\":2,\"765\":1,\"783\":1,\"785\":2,\"787\":1,\"793\":20,\"795\":8,\"796\":1,\"799\":2,\"808\":8,\"809\":5,\"829\":1,\"831\":2,\"833\":2,\"839\":20,\"841\":8,\"842\":1,\"845\":2,\"850\":2,\"851\":2,\"854\":8,\"855\":1,\"856\":4,\"857\":7,\"875\":1,\"877\":2,\"879\":2,\"885\":26,\"887\":8,\"888\":1,\"891\":2,\"896\":2,\"897\":2,\"913\":8,\"914\":2,\"915\":6,\"916\":8,\"920\":1,\"924\":1,\"928\":2,\"971\":1,\"985\":1,\"990\":1,\"999\":6,\"1021\":2,\"1024\":1,\"1049\":1,\"1053\":1,\"1057\":2,\"1092\":6,\"1114\":2,\"1117\":1,\"1181\":1,\"1202\":6,\"1224\":2,\"1270\":6,\"1292\":2,\"1332\":1,\"1355\":1,\"1359\":1,\"1363\":2,\"1394\":6,\"1416\":2,\"1419\":1,\"1423\":1,\"1442\":6,\"1464\":2,\"1504\":1,\"1518\":1,\"1523\":1,\"1531\":1,\"1535\":1,\"1539\":2,\"1570\":6,\"1592\":2,\"1595\":1,\"1599\":1,\"1619\":6,\"1641\":2,\"1681\":1,\"1695\":1,\"1700\":1,\"1708\":1,\"1712\":1,\"1716\":2,\"1747\":6,\"1769\":2,\"1772\":1,\"1776\":1,\"1796\":6,\"1818\":2,\"1858\":1,\"1872\":1,\"1877\":1,\"1885\":1,\"1889\":1,\"1893\":2,\"1924\":6,\"1946\":2,\"1949\":1,\"1973\":6,\"1995\":2,\"2035\":1,\"2049\":1,\"2054\":1,\"2062\":1,\"2066\":1,\"2070\":2,\"2101\":6,\"2123\":2,\"2126\":1,\"2150\":6,\"2172\":2,\"2212\":1,\"2226\":1,\"2231\":1,\"2239\":1,\"2243\":1,\"2247\":2,\"2278\":6,\"2300\":2,\"2303\":1,\"2307\":1,\"2327\":1,\"2331\":1,\"2335\":2,\"2337\":6,\"2359\":2,\"2402\":1,\"2416\":1,\"2421\":1,\"2431\":1,\"2434\":1,\"2454\":1,\"2458\":1,\"2462\":2,\"2497\":6,\"2519\":2,\"2522\":1,\"2526\":1,\"2546\":1,\"2550\":1,\"2554\":2,\"2556\":6,\"2578\":2,\"2621\":1,\"2635\":1,\"2640\":1,\"2650\":1,\"2673\":1,\"2677\":1,\"2681\":2,\"2716\":6,\"2738\":2,\"2741\":1,\"2765\":1,\"2769\":1,\"2773\":2,\"2775\":6,\"2797\":2,\"2840\":1,\"2854\":1,\"2859\":1,\"2869\":1,\"2892\":1,\"2896\":1,\"2900\":2,\"2935\":6,\"2957\":2,\"2960\":1,\"2984\":1,\"2988\":1,\"2992\":2,\"2994\":6,\"3016\":2,\"3059\":1,\"3073\":1,\"3078\":1,\"3088\":1,\"3111\":1,\"3115\":1,\"3119\":2,\"3154\":6,\"3176\":2,\"3179\":1,\"3203\":1,\"3207\":1,\"3211\":2,\"3254\":1,\"3268\":1,\"3273\":1,\"3282\":6,\"3304\":2,\"3307\":1,\"3332\":1,\"3336\":1,\"3340\":2,\"3375\":6,\"3397\":2,\"3400\":1}}],[\"23\",{\"1\":{\"327\":1,\"457\":13,\"911\":13}}],[\"27\",{\"1\":{\"303\":1,\"306\":1,\"309\":1,\"312\":1,\"315\":1}}],[\"278\",{\"1\":{\"26\":3}}],[\"2101\",{\"1\":{\"289\":3,\"300\":3,\"442\":3,\"481\":3,\"504\":3,\"530\":3,\"560\":3,\"590\":3,\"620\":3,\"666\":3,\"712\":3,\"758\":3,\"804\":3,\"850\":3,\"896\":3}}],[\"2147483647\",{\"1\":{\"159\":1}}],[\"2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c\",{\"1\":{\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"24\",{\"1\":{\"105\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"2034\",{\"1\":{\"458\":3,\"912\":3}}],[\"2030\",{\"1\":{\"457\":2,\"911\":2}}],[\"2038\",{\"1\":{\"457\":2,\"911\":2}}],[\"2031\",{\"1\":{\"457\":3,\"911\":3}}],[\"2033\",{\"1\":{\"457\":6,\"911\":6}}],[\"2036\",{\"1\":{\"457\":4,\"911\":4}}],[\"2039\",{\"1\":{\"457\":4,\"911\":4}}],[\"2045\",{\"1\":{\"457\":4,\"911\":4}}],[\"2019\",{\"1\":{\"458\":6,\"912\":6,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"201\",{\"1\":{\"338\":1}}],[\"2018\",{\"0\":{\"82\":1}}],[\"2009\",{\"1\":{\"457\":2,\"911\":2,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"2000\",{\"1\":{\"193\":1,\"247\":1,\"951\":1,\"1062\":1,\"1160\":1,\"1230\":1,\"1311\":1,\"1368\":1,\"1484\":1,\"1544\":1,\"1661\":1,\"1721\":1,\"1838\":1,\"1898\":1,\"2015\":1,\"2075\":1,\"2192\":1,\"2252\":1,\"2382\":1,\"2467\":1,\"2601\":1,\"2686\":1,\"2820\":1,\"2905\":1,\"3039\":1,\"3124\":1,\"3234\":1,\"3345\":1}}],[\"2001\",{\"1\":{\"162\":1,\"398\":1}}],[\"20\",{\"1\":{\"41\":1,\"264\":1,\"282\":2,\"293\":2,\"327\":9,\"436\":2,\"457\":1,\"475\":2,\"498\":2,\"524\":2,\"554\":2,\"584\":2,\"614\":2,\"660\":2,\"706\":2,\"752\":2,\"798\":2,\"844\":2,\"890\":2,\"911\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1}}],[\"2029\",{\"1\":{\"457\":2,\"911\":2}}],[\"2026\",{\"0\":{\"81\":1}}],[\"2025\",{\"1\":{\"41\":1,\"431\":1,\"885\":1}}],[\"2020\",{\"0\":{\"29\":1},\"1\":{\"129\":1}}],[\"2022\",{\"0\":{\"28\":1,\"82\":1},\"1\":{\"26\":2,\"121\":1,\"129\":1,\"318\":1}}],[\"2021\",{\"1\":{\"26\":4,\"457\":4,\"911\":4}}],[\"2024\",{\"1\":{\"14\":1,\"26\":2,\"793\":1,\"839\":1}}],[\"2023\",{\"0\":{\"81\":1,\"115\":1},\"1\":{\"1\":1,\"26\":2,\"121\":1}}],[\"28\",{\"1\":{\"26\":1,\"269\":1,\"327\":3,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1}}],[\"283\",{\"1\":{\"26\":1}}],[\"25\",{\"1\":{\"126\":1}}],[\"256\",{\"1\":{\"26\":1}}],[\"252\",{\"1\":{\"26\":1}}],[\"29\",{\"1\":{\"304\":2}}],[\"296\",{\"1\":{\"26\":1}}],[\"294\",{\"1\":{\"26\":1}}],[\"2202\",{\"1\":{\"290\":3,\"301\":3,\"443\":3,\"482\":3,\"505\":3,\"531\":3,\"561\":3,\"591\":3,\"621\":3,\"667\":3,\"713\":3,\"759\":3,\"805\":3,\"851\":3,\"897\":3}}],[\"22\",{\"1\":{\"14\":1,\"431\":1,\"457\":3,\"885\":1,\"911\":3}}],[\"2bjson\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"2b\",{\"1\":{\"14\":1,\"81\":1}}],[\"2\",{\"0\":{\"48\":1,\"54\":1,\"62\":1,\"314\":1,\"322\":1,\"343\":1,\"344\":1,\"522\":1,\"565\":1,\"612\":1,\"671\":1,\"796\":1,\"855\":1},\"1\":{\"0\":1,\"5\":1,\"6\":1,\"20\":1,\"32\":1,\"48\":1,\"54\":1,\"56\":1,\"62\":1,\"64\":1,\"88\":1,\"98\":2,\"99\":1,\"102\":1,\"116\":1,\"117\":1,\"127\":1,\"159\":2,\"160\":5,\"169\":1,\"171\":1,\"283\":1,\"294\":1,\"304\":2,\"307\":2,\"310\":2,\"311\":1,\"312\":4,\"313\":7,\"314\":2,\"315\":3,\"316\":2,\"322\":1,\"325\":1,\"326\":1,\"327\":1,\"328\":1,\"338\":2,\"339\":1,\"342\":2,\"343\":1,\"351\":1,\"352\":1,\"353\":1,\"356\":1,\"367\":1,\"368\":1,\"377\":1,\"378\":1,\"393\":1,\"403\":1,\"428\":1,\"431\":4,\"457\":3,\"458\":2,\"471\":1,\"494\":1,\"517\":1,\"520\":1,\"530\":2,\"531\":2,\"535\":1,\"536\":4,\"537\":8,\"546\":1,\"565\":3,\"566\":2,\"567\":1,\"576\":1,\"595\":2,\"606\":1,\"620\":2,\"621\":2,\"625\":3,\"626\":4,\"627\":7,\"652\":1,\"671\":3,\"672\":2,\"673\":1,\"698\":1,\"717\":2,\"744\":1,\"763\":2,\"787\":1,\"790\":1,\"793\":2,\"804\":2,\"805\":2,\"809\":3,\"810\":4,\"811\":7,\"836\":1,\"839\":2,\"855\":1,\"856\":2,\"857\":1,\"882\":1,\"885\":4,\"911\":3,\"912\":2,\"920\":1,\"923\":1,\"924\":1,\"928\":2,\"931\":2,\"1024\":1,\"1027\":1,\"1044\":1,\"1049\":1,\"1052\":1,\"1053\":1,\"1057\":2,\"1067\":2,\"1117\":1,\"1121\":1,\"1138\":1,\"1144\":2,\"1235\":2,\"1295\":2,\"1355\":1,\"1358\":1,\"1359\":1,\"1363\":2,\"1373\":2,\"1419\":1,\"1467\":2,\"1531\":1,\"1534\":1,\"1535\":1,\"1539\":2,\"1549\":2,\"1595\":1,\"1599\":1,\"1644\":2,\"1708\":1,\"1711\":1,\"1712\":1,\"1716\":2,\"1726\":2,\"1772\":1,\"1821\":2,\"1885\":1,\"1888\":1,\"1889\":1,\"1893\":2,\"1903\":2,\"1949\":1,\"1998\":2,\"2062\":1,\"2065\":1,\"2066\":1,\"2070\":2,\"2080\":2,\"2126\":1,\"2130\":1,\"2175\":2,\"2239\":1,\"2242\":1,\"2243\":1,\"2247\":2,\"2257\":2,\"2303\":1,\"2327\":1,\"2330\":1,\"2331\":1,\"2335\":2,\"2362\":2,\"2431\":1,\"2454\":1,\"2457\":1,\"2458\":1,\"2462\":2,\"2472\":2,\"2522\":1,\"2546\":1,\"2549\":1,\"2550\":1,\"2554\":2,\"2581\":2,\"2650\":1,\"2673\":1,\"2676\":1,\"2677\":1,\"2681\":2,\"2691\":2,\"2741\":1,\"2765\":1,\"2768\":1,\"2769\":1,\"2773\":2,\"2800\":2,\"2869\":1,\"2872\":1,\"2892\":1,\"2895\":1,\"2896\":1,\"2900\":2,\"2910\":2,\"2960\":1,\"2964\":1,\"2984\":1,\"2987\":1,\"2988\":1,\"2992\":2,\"3019\":2,\"3088\":1,\"3091\":1,\"3111\":1,\"3114\":1,\"3115\":1,\"3119\":2,\"3129\":2,\"3179\":1,\"3183\":1,\"3203\":1,\"3206\":1,\"3207\":1,\"3211\":2,\"3214\":2,\"3307\":1,\"3310\":1,\"3327\":1,\"3332\":1,\"3335\":1,\"3336\":1,\"3340\":2,\"3350\":2,\"3400\":1,\"3404\":1,\"3421\":1}}],[\"bb22\",{\"1\":{\"289\":2,\"300\":2}}],[\"black\",{\"1\":{\"356\":1}}],[\"blank\",{\"1\":{\"159\":15,\"160\":3}}],[\"blaze\",{\"1\":{\"17\":1,\"21\":1}}],[\"block\",{\"1\":{\"159\":13,\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"920\":2,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"995\":1,\"1049\":2,\"1088\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1355\":2,\"1388\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1531\":2,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1708\":2,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1885\":2,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2062\":2,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2239\":2,\"2274\":1,\"2327\":2,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2426\":1,\"2454\":2,\"2493\":1,\"2546\":2,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2645\":1,\"2673\":2,\"2712\":1,\"2765\":2,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2864\":1,\"2892\":2,\"2931\":1,\"2984\":2,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3083\":1,\"3111\":2,\"3150\":1,\"3203\":2,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3278\":1,\"3332\":2,\"3371\":1}}],[\"bloom\",{\"1\":{\"99\":1,\"169\":1}}],[\"blue\",{\"1\":{\"88\":1,\"429\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"bmbf\",{\"1\":{\"81\":1,\"116\":1}}],[\"breakpoint\",{\"1\":{\"342\":1}}],[\"breaks\",{\"1\":{\"159\":1,\"160\":1}}],[\"browsing\",{\"1\":{\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"462\":1,\"511\":1,\"537\":1,\"567\":1,\"597\":1,\"627\":1,\"673\":1,\"719\":1,\"765\":1,\"811\":1,\"857\":1,\"916\":1}}],[\"browsers\",{\"0\":{\"457\":1,\"911\":1},\"1\":{\"134\":1,\"135\":1,\"338\":1,\"427\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"browser\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"99\":1,\"119\":1,\"169\":1,\"338\":1,\"400\":1,\"429\":1,\"470\":1,\"493\":1,\"519\":1,\"536\":1,\"545\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"braces\",{\"1\":{\"159\":1,\"160\":1,\"372\":1}}],[\"brace\",{\"1\":{\"159\":27,\"160\":3}}],[\"brackets\",{\"1\":{\"159\":2}}],[\"bracket\",{\"1\":{\"159\":18}}],[\"branches\",{\"1\":{\"408\":2,\"409\":1,\"632\":2,\"633\":1,\"678\":2,\"679\":1,\"724\":2,\"725\":1,\"770\":2,\"771\":1,\"816\":2,\"817\":1,\"862\":2,\"863\":1}}],[\"branch\",{\"0\":{\"158\":1,\"409\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1},\"1\":{\"74\":1,\"141\":7,\"142\":3,\"157\":3,\"318\":1,\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"branching\",{\"0\":{\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1},\"1\":{\"74\":1,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"bridge\",{\"1\":{\"96\":1,\"327\":3}}],[\"booleanvalue\",{\"1\":{\"373\":1}}],[\"boolean\",{\"1\":{\"373\":3,\"374\":1}}],[\"boarding\",{\"0\":{\"286\":1,\"297\":1,\"445\":1,\"484\":1,\"507\":1,\"533\":1,\"563\":1,\"593\":1,\"623\":1,\"669\":1,\"715\":1,\"761\":1,\"807\":1,\"853\":1,\"899\":1},\"1\":{\"286\":2,\"297\":2,\"445\":1,\"484\":1,\"507\":1,\"533\":1,\"563\":1,\"593\":1,\"623\":1,\"669\":1,\"715\":1,\"761\":1,\"807\":1,\"853\":1,\"899\":1}}],[\"body\",{\"1\":{\"159\":15}}],[\"boxes\",{\"1\":{\"103\":1}}],[\"box\",{\"1\":{\"95\":1}}],[\"both\",{\"1\":{\"37\":1,\"94\":1,\"109\":1,\"283\":1,\"294\":1,\"333\":1,\"344\":1,\"383\":1,\"390\":1,\"437\":1,\"444\":1,\"476\":1,\"483\":1,\"499\":1,\"506\":1,\"525\":1,\"532\":1,\"555\":1,\"562\":1,\"585\":1,\"592\":1,\"615\":1,\"622\":1,\"661\":1,\"668\":1,\"707\":1,\"714\":1,\"753\":1,\"760\":1,\"799\":1,\"806\":1,\"845\":1,\"852\":1,\"891\":1,\"898\":1}}],[\"boundaries\",{\"1\":{\"0\":1,\"6\":1,\"98\":1,\"127\":1,\"159\":2,\"399\":1}}],[\"bpm\",{\"1\":{\"357\":1}}],[\"bpmn\",{\"0\":{\"96\":1,\"97\":1,\"103\":1,\"154\":1,\"318\":1,\"357\":1,\"402\":1},\"1\":{\"0\":2,\"5\":1,\"6\":1,\"28\":1,\"32\":2,\"88\":1,\"90\":1,\"93\":2,\"96\":2,\"97\":5,\"98\":1,\"99\":2,\"102\":1,\"103\":3,\"116\":1,\"117\":1,\"127\":1,\"143\":1,\"169\":2,\"184\":1,\"185\":1,\"186\":2,\"319\":1,\"320\":1,\"323\":1,\"329\":1,\"331\":2,\"332\":4,\"334\":2,\"335\":1,\"347\":4,\"354\":1,\"356\":4,\"357\":2,\"364\":3,\"371\":2,\"372\":3,\"381\":1,\"390\":3,\"394\":1,\"402\":1,\"943\":1,\"944\":1,\"945\":2,\"946\":2,\"1154\":1,\"1155\":1,\"1156\":2,\"1305\":1,\"1306\":1,\"1307\":2,\"1477\":1,\"1478\":1,\"1479\":2,\"1480\":2,\"1654\":1,\"1655\":1,\"1656\":2,\"1657\":2,\"1831\":1,\"1832\":1,\"1833\":2,\"1834\":2,\"2008\":1,\"2009\":1,\"2010\":2,\"2011\":2,\"2185\":1,\"2186\":1,\"2187\":2,\"2188\":2,\"2374\":1,\"2375\":1,\"2376\":2,\"2377\":2,\"2593\":1,\"2594\":1,\"2595\":2,\"2596\":2,\"2812\":1,\"2813\":1,\"2814\":2,\"2815\":2,\"3031\":1,\"3032\":1,\"3033\":2,\"3034\":2,\"3226\":1,\"3227\":1,\"3228\":2,\"3229\":2}}],[\"bpe`\",{\"1\":{\"310\":1}}],[\"bpejettyserverhttps\",{\"1\":{\"134\":1}}],[\"bpe\",{\"0\":{\"90\":1,\"173\":1,\"174\":1,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":2,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"290\":1,\"301\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"443\":1,\"454\":1,\"455\":1,\"462\":1,\"482\":1,\"505\":1,\"511\":1,\"531\":1,\"537\":1,\"561\":1,\"567\":1,\"591\":1,\"597\":1,\"621\":1,\"627\":1,\"667\":1,\"673\":1,\"713\":1,\"719\":1,\"759\":1,\"765\":1,\"805\":1,\"811\":1,\"851\":1,\"857\":1,\"897\":1,\"908\":1,\"909\":1,\"916\":1,\"917\":1,\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"934\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":2,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"1028\":1,\"1142\":1,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":2,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1267\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":2,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1439\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":2,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1616\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":2,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1793\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":2,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1970\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":2,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2147\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":2,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2324\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":2,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2435\":1,\"2543\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":2,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2654\":1,\"2762\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":2,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2873\":1,\"2981\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":2,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3092\":1,\"3200\":1,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":2,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3311\":1},\"1\":{\"32\":1,\"88\":2,\"90\":7,\"96\":1,\"99\":5,\"102\":1,\"109\":1,\"113\":2,\"134\":7,\"135\":4,\"139\":2,\"152\":3,\"153\":3,\"154\":3,\"163\":2,\"168\":1,\"169\":5,\"171\":1,\"174\":1,\"175\":3,\"176\":2,\"177\":3,\"178\":2,\"179\":3,\"180\":3,\"181\":3,\"182\":3,\"183\":3,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":3,\"189\":2,\"190\":3,\"191\":2,\"192\":2,\"193\":1,\"194\":1,\"195\":1,\"196\":3,\"197\":2,\"198\":2,\"199\":2,\"200\":2,\"201\":2,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":2,\"213\":4,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":4,\"219\":3,\"220\":1,\"221\":1,\"222\":1,\"223\":2,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":2,\"229\":2,\"230\":1,\"231\":1,\"232\":1,\"233\":2,\"234\":1,\"235\":1,\"236\":3,\"237\":2,\"238\":1,\"265\":1,\"266\":1,\"282\":1,\"284\":1,\"285\":4,\"288\":1,\"290\":39,\"293\":1,\"295\":1,\"296\":4,\"299\":1,\"301\":38,\"304\":57,\"307\":46,\"310\":22,\"313\":13,\"316\":13,\"327\":120,\"331\":1,\"332\":8,\"333\":1,\"338\":8,\"341\":4,\"342\":2,\"348\":1,\"349\":1,\"352\":5,\"356\":2,\"357\":1,\"362\":2,\"367\":11,\"377\":6,\"383\":1,\"388\":2,\"393\":15,\"425\":2,\"427\":1,\"431\":1,\"433\":6,\"436\":1,\"438\":1,\"439\":4,\"441\":1,\"443\":24,\"444\":5,\"446\":1,\"447\":2,\"449\":1,\"450\":2,\"455\":2,\"459\":5,\"462\":15,\"470\":1,\"475\":1,\"477\":1,\"478\":4,\"480\":1,\"482\":25,\"483\":5,\"485\":3,\"491\":1,\"493\":1,\"498\":1,\"500\":1,\"501\":4,\"503\":1,\"505\":25,\"506\":5,\"508\":3,\"511\":11,\"517\":1,\"519\":1,\"524\":1,\"526\":1,\"527\":4,\"529\":1,\"531\":25,\"532\":5,\"534\":3,\"537\":12,\"543\":1,\"545\":1,\"554\":1,\"556\":1,\"557\":4,\"559\":1,\"561\":25,\"562\":5,\"564\":5,\"567\":11,\"573\":1,\"575\":1,\"584\":1,\"586\":1,\"587\":4,\"589\":1,\"591\":24,\"592\":5,\"594\":5,\"597\":11,\"603\":1,\"605\":1,\"614\":1,\"616\":1,\"617\":4,\"619\":1,\"621\":24,\"622\":5,\"624\":5,\"627\":11,\"649\":1,\"651\":1,\"660\":1,\"662\":1,\"663\":4,\"665\":1,\"667\":24,\"668\":5,\"670\":5,\"673\":11,\"695\":2,\"697\":1,\"706\":1,\"708\":1,\"709\":4,\"711\":1,\"713\":24,\"714\":5,\"716\":5,\"719\":11,\"741\":2,\"743\":1,\"752\":1,\"754\":1,\"755\":4,\"757\":1,\"759\":24,\"760\":5,\"762\":5,\"765\":11,\"787\":2,\"789\":1,\"793\":1,\"795\":6,\"798\":1,\"800\":1,\"801\":4,\"803\":1,\"805\":24,\"806\":5,\"808\":5,\"811\":11,\"833\":2,\"835\":1,\"839\":1,\"841\":6,\"844\":1,\"846\":1,\"847\":4,\"849\":1,\"851\":24,\"852\":5,\"854\":5,\"857\":11,\"879\":2,\"881\":1,\"885\":1,\"887\":6,\"890\":1,\"892\":1,\"893\":4,\"895\":1,\"897\":24,\"898\":5,\"900\":1,\"901\":2,\"903\":1,\"904\":2,\"909\":2,\"913\":5,\"916\":15,\"920\":5,\"927\":1,\"928\":3,\"930\":1,\"931\":1,\"932\":3,\"933\":2,\"934\":3,\"935\":2,\"936\":3,\"937\":3,\"938\":3,\"939\":3,\"940\":3,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":3,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":2,\"964\":4,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":4,\"970\":3,\"971\":1,\"972\":1,\"973\":1,\"974\":2,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":2,\"980\":2,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":2,\"986\":1,\"987\":1,\"988\":3,\"989\":2,\"990\":1,\"991\":4,\"992\":1,\"993\":1,\"994\":1,\"997\":1,\"1020\":2,\"1024\":4,\"1025\":2,\"1026\":1,\"1027\":2,\"1031\":1,\"1032\":1,\"1037\":1,\"1090\":1,\"1113\":2,\"1141\":1,\"1143\":1,\"1144\":1,\"1145\":3,\"1146\":2,\"1147\":3,\"1148\":2,\"1149\":3,\"1150\":3,\"1151\":3,\"1152\":3,\"1153\":3,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":3,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":2,\"1174\":4,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":4,\"1180\":3,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":2,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":2,\"1190\":2,\"1191\":1,\"1192\":2,\"1193\":1,\"1194\":1,\"1195\":3,\"1196\":2,\"1199\":1,\"1223\":2,\"1253\":1,\"1291\":2,\"1294\":1,\"1295\":1,\"1296\":3,\"1297\":2,\"1298\":3,\"1299\":2,\"1300\":3,\"1301\":3,\"1302\":3,\"1303\":3,\"1304\":3,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":3,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":2,\"1325\":4,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":4,\"1331\":3,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":2,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":2,\"1341\":2,\"1342\":1,\"1343\":2,\"1344\":1,\"1345\":1,\"1346\":3,\"1347\":2,\"1350\":1,\"1392\":1,\"1415\":2,\"1463\":2,\"1466\":1,\"1467\":1,\"1468\":3,\"1469\":2,\"1470\":3,\"1471\":2,\"1472\":3,\"1473\":3,\"1474\":3,\"1475\":3,\"1476\":3,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":3,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":2,\"1497\":4,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":4,\"1503\":3,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":2,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":2,\"1513\":2,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":2,\"1519\":1,\"1520\":1,\"1521\":3,\"1522\":2,\"1523\":1,\"1526\":1,\"1568\":1,\"1591\":2,\"1640\":2,\"1643\":1,\"1644\":1,\"1645\":3,\"1646\":2,\"1647\":3,\"1648\":2,\"1649\":3,\"1650\":3,\"1651\":3,\"1652\":3,\"1653\":3,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":3,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":2,\"1674\":4,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":4,\"1680\":3,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":2,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":2,\"1690\":2,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":2,\"1696\":1,\"1697\":1,\"1698\":3,\"1699\":2,\"1700\":1,\"1703\":1,\"1745\":1,\"1768\":2,\"1817\":2,\"1820\":1,\"1821\":1,\"1822\":3,\"1823\":2,\"1824\":3,\"1825\":2,\"1826\":3,\"1827\":3,\"1828\":3,\"1829\":3,\"1830\":3,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":3,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":2,\"1851\":4,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":4,\"1857\":3,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":2,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":2,\"1867\":2,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":2,\"1873\":1,\"1874\":1,\"1875\":3,\"1876\":2,\"1877\":1,\"1880\":1,\"1922\":1,\"1945\":2,\"1994\":2,\"1997\":1,\"1998\":1,\"1999\":3,\"2000\":2,\"2001\":3,\"2002\":2,\"2003\":3,\"2004\":3,\"2005\":3,\"2006\":3,\"2007\":3,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":3,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":2,\"2028\":4,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":4,\"2034\":3,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":2,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":2,\"2044\":2,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":2,\"2050\":1,\"2051\":1,\"2052\":3,\"2053\":2,\"2054\":1,\"2057\":1,\"2099\":1,\"2122\":2,\"2171\":2,\"2174\":1,\"2175\":1,\"2176\":3,\"2177\":2,\"2178\":3,\"2179\":2,\"2180\":3,\"2181\":3,\"2182\":3,\"2183\":3,\"2184\":3,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":3,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":2,\"2205\":4,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":4,\"2211\":3,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":2,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":2,\"2221\":2,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":2,\"2227\":1,\"2228\":1,\"2229\":3,\"2230\":2,\"2231\":1,\"2234\":1,\"2276\":1,\"2299\":2,\"2327\":5,\"2334\":1,\"2335\":3,\"2358\":2,\"2361\":1,\"2362\":1,\"2363\":3,\"2364\":2,\"2365\":3,\"2366\":2,\"2367\":3,\"2368\":3,\"2369\":3,\"2370\":3,\"2371\":3,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":3,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":2,\"2395\":4,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":4,\"2401\":3,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":2,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":2,\"2411\":2,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":2,\"2417\":1,\"2418\":1,\"2419\":3,\"2420\":2,\"2421\":1,\"2422\":4,\"2423\":1,\"2424\":1,\"2425\":1,\"2428\":1,\"2431\":4,\"2432\":2,\"2433\":1,\"2434\":2,\"2438\":1,\"2439\":1,\"2444\":1,\"2495\":1,\"2518\":2,\"2546\":5,\"2553\":1,\"2554\":3,\"2577\":2,\"2580\":1,\"2581\":1,\"2582\":3,\"2583\":2,\"2584\":3,\"2585\":2,\"2586\":3,\"2587\":3,\"2588\":3,\"2589\":3,\"2590\":3,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":3,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":2,\"2614\":4,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":4,\"2620\":3,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":2,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":2,\"2630\":2,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":2,\"2636\":1,\"2637\":1,\"2638\":3,\"2639\":2,\"2640\":1,\"2641\":4,\"2642\":1,\"2643\":1,\"2644\":1,\"2647\":1,\"2650\":4,\"2651\":2,\"2652\":1,\"2653\":2,\"2657\":1,\"2658\":1,\"2663\":1,\"2714\":1,\"2737\":2,\"2765\":5,\"2772\":1,\"2773\":3,\"2796\":2,\"2799\":1,\"2800\":1,\"2801\":3,\"2802\":2,\"2803\":3,\"2804\":2,\"2805\":3,\"2806\":3,\"2807\":3,\"2808\":3,\"2809\":3,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":3,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":2,\"2833\":4,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":4,\"2839\":3,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":2,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":2,\"2849\":2,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":2,\"2855\":1,\"2856\":1,\"2857\":3,\"2858\":2,\"2859\":1,\"2860\":4,\"2861\":1,\"2862\":1,\"2863\":1,\"2866\":1,\"2869\":4,\"2870\":2,\"2871\":1,\"2872\":2,\"2876\":1,\"2877\":1,\"2882\":1,\"2933\":1,\"2956\":2,\"2984\":5,\"2991\":1,\"2992\":3,\"3015\":2,\"3018\":1,\"3019\":1,\"3020\":3,\"3021\":2,\"3022\":3,\"3023\":2,\"3024\":3,\"3025\":3,\"3026\":3,\"3027\":3,\"3028\":3,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":3,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":2,\"3052\":4,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":4,\"3058\":3,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":2,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":2,\"3068\":2,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":2,\"3074\":1,\"3075\":1,\"3076\":3,\"3077\":2,\"3078\":1,\"3079\":4,\"3080\":1,\"3081\":1,\"3082\":1,\"3085\":1,\"3088\":4,\"3089\":2,\"3090\":1,\"3091\":2,\"3095\":1,\"3096\":1,\"3101\":1,\"3152\":1,\"3175\":2,\"3203\":5,\"3210\":1,\"3211\":3,\"3213\":1,\"3214\":1,\"3215\":3,\"3216\":2,\"3217\":3,\"3218\":2,\"3219\":3,\"3220\":3,\"3221\":3,\"3222\":3,\"3223\":3,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":3,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":2,\"3247\":4,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":4,\"3253\":3,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":2,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":2,\"3263\":2,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":2,\"3269\":1,\"3270\":1,\"3271\":3,\"3272\":2,\"3273\":1,\"3274\":4,\"3275\":1,\"3276\":1,\"3277\":1,\"3280\":1,\"3303\":2,\"3307\":4,\"3308\":2,\"3309\":1,\"3310\":2,\"3314\":1,\"3315\":1,\"3320\":1,\"3373\":1,\"3396\":2}}],[\"böhringer\",{\"1\":{\"26\":1}}],[\"b\",{\"1\":{\"17\":2,\"26\":1,\"103\":1,\"284\":1,\"288\":1,\"289\":5,\"290\":1,\"295\":1,\"299\":1,\"300\":5,\"301\":1,\"438\":1,\"441\":1,\"442\":2,\"443\":1,\"477\":1,\"480\":1,\"481\":2,\"482\":1,\"500\":1,\"503\":1,\"504\":2,\"505\":1,\"526\":1,\"529\":1,\"530\":2,\"531\":1,\"556\":1,\"559\":1,\"560\":2,\"561\":1,\"586\":1,\"589\":1,\"590\":2,\"591\":1,\"616\":1,\"619\":1,\"620\":2,\"621\":1,\"662\":1,\"665\":1,\"666\":2,\"667\":1,\"708\":1,\"711\":1,\"712\":2,\"713\":1,\"754\":1,\"757\":1,\"758\":2,\"759\":1,\"800\":1,\"803\":1,\"804\":2,\"805\":1,\"846\":1,\"849\":1,\"850\":2,\"851\":1,\"892\":1,\"895\":1,\"896\":2,\"897\":1}}],[\"busy\",{\"1\":{\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1}}],[\"business\",{\"0\":{\"90\":1,\"113\":1,\"168\":1,\"383\":1},\"1\":{\"0\":1,\"8\":1,\"26\":1,\"32\":1,\"88\":3,\"96\":3,\"97\":2,\"99\":3,\"110\":1,\"113\":1,\"117\":1,\"152\":1,\"153\":1,\"165\":1,\"168\":1,\"169\":3,\"332\":1,\"333\":1,\"347\":1,\"356\":1,\"383\":2,\"431\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"built\",{\"1\":{\"427\":2,\"470\":2,\"493\":2,\"519\":2,\"545\":2,\"575\":2,\"605\":2,\"651\":2,\"697\":2,\"743\":2,\"789\":2,\"835\":2,\"881\":2}}],[\"buildable\",{\"1\":{\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1}}],[\"buildinforeaderimpl\",{\"1\":{\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2}}],[\"building\",{\"1\":{\"118\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"build\",{\"0\":{\"131\":1,\"132\":1,\"133\":1,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1},\"1\":{\"31\":1,\"131\":1,\"134\":2,\"135\":5,\"141\":4,\"142\":3,\"280\":1,\"291\":1,\"318\":1,\"331\":1,\"337\":2,\"338\":2,\"346\":2,\"351\":2,\"352\":1,\"366\":2,\"367\":2,\"376\":2,\"377\":1,\"392\":2,\"393\":2,\"397\":1,\"405\":1,\"413\":1,\"417\":1,\"629\":1,\"637\":1,\"641\":1,\"675\":1,\"683\":1,\"687\":1,\"721\":1,\"729\":1,\"733\":1,\"767\":1,\"775\":1,\"779\":1,\"813\":1,\"821\":1,\"825\":1,\"859\":1,\"867\":1,\"871\":1}}],[\"but\",{\"1\":{\"97\":1,\"237\":1,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"341\":1,\"348\":1,\"356\":1,\"383\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"989\":1,\"1024\":1,\"1117\":1,\"1196\":1,\"1347\":1,\"1419\":1,\"1522\":1,\"1595\":1,\"1699\":1,\"1772\":1,\"1876\":1,\"1949\":1,\"2053\":1,\"2126\":1,\"2230\":1,\"2303\":1,\"2420\":1,\"2431\":1,\"2522\":1,\"2639\":1,\"2650\":1,\"2741\":1,\"2858\":1,\"2869\":1,\"2960\":1,\"3077\":1,\"3088\":1,\"3179\":1,\"3272\":1,\"3307\":1,\"3400\":1}}],[\"bundle\",{\"0\":{\"262\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1},\"1\":{\"97\":1,\"240\":1,\"262\":3,\"303\":8,\"327\":6,\"338\":1,\"367\":1,\"393\":1,\"1081\":3,\"1246\":3,\"1384\":3,\"1560\":3,\"1737\":3,\"1914\":3,\"2091\":3,\"2268\":3,\"2486\":3,\"2705\":3,\"2924\":3,\"3143\":3,\"3364\":3}}],[\"bundles\",{\"1\":{\"17\":2,\"290\":1,\"301\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"bugs\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"bug\",{\"1\":{\"75\":1,\"419\":6,\"643\":6,\"689\":6,\"735\":6,\"781\":6,\"827\":6,\"873\":6}}],[\"big\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"bidirectional\",{\"1\":{\"383\":1}}],[\"bin\",{\"1\":{\"283\":2,\"294\":2,\"458\":3,\"912\":3}}],[\"bind\",{\"1\":{\"170\":1,\"304\":8,\"307\":2,\"327\":21,\"451\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"905\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1}}],[\"binaryauthorizationrule\",{\"1\":{\"149\":1}}],[\"binary\",{\"1\":{\"97\":1,\"109\":1,\"159\":4,\"160\":2}}],[\"bilateral\",{\"1\":{\"102\":1}}],[\"birth\",{\"1\":{\"99\":1,\"169\":1}}],[\"bit\",{\"1\":{\"99\":1,\"169\":1,\"290\":1,\"301\":1}}],[\"bitte\",{\"1\":{\"14\":1}}],[\"bio\",{\"1\":{\"117\":1,\"120\":1}}],[\"biobanking\",{\"1\":{\"79\":1}}],[\"biomedical\",{\"1\":{\"0\":1,\"5\":1,\"6\":1,\"12\":1,\"26\":1,\"32\":1,\"78\":1,\"116\":1}}],[\"bialke\",{\"1\":{\"26\":2}}],[\"bis\",{\"1\":{\"18\":1}}],[\"bietet\",{\"1\":{\"16\":1}}],[\"balance\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"bar\",{\"1\":{\"207\":1,\"260\":1,\"289\":4,\"290\":2,\"300\":5,\"301\":2,\"442\":4,\"443\":2,\"481\":4,\"482\":2,\"504\":4,\"505\":2,\"530\":4,\"531\":2,\"560\":4,\"561\":2,\"590\":4,\"591\":2,\"620\":4,\"621\":2,\"666\":4,\"667\":2,\"712\":4,\"713\":2,\"758\":4,\"759\":2,\"804\":4,\"805\":2,\"850\":4,\"851\":2,\"896\":4,\"897\":2,\"959\":1,\"991\":1,\"995\":1,\"1080\":1,\"1088\":1,\"1168\":1,\"1197\":1,\"1245\":1,\"1251\":1,\"1319\":1,\"1348\":1,\"1383\":1,\"1390\":1,\"1492\":1,\"1524\":1,\"1559\":1,\"1566\":1,\"1669\":1,\"1701\":1,\"1736\":1,\"1743\":1,\"1846\":1,\"1878\":1,\"1913\":1,\"1920\":1,\"2023\":1,\"2055\":1,\"2090\":1,\"2097\":1,\"2200\":1,\"2232\":1,\"2267\":1,\"2274\":1,\"2390\":1,\"2422\":1,\"2426\":1,\"2485\":1,\"2493\":1,\"2609\":1,\"2641\":1,\"2645\":1,\"2704\":1,\"2712\":1,\"2828\":1,\"2860\":1,\"2864\":1,\"2923\":1,\"2931\":1,\"3047\":1,\"3079\":1,\"3083\":1,\"3142\":1,\"3150\":1,\"3242\":1,\"3274\":1,\"3278\":1,\"3363\":1,\"3371\":1}}],[\"bat\",{\"1\":{\"135\":1}}],[\"bahls\",{\"1\":{\"26\":1}}],[\"base<\",{\"1\":{\"163\":1}}],[\"base\",{\"0\":{\"207\":1,\"260\":1,\"331\":1,\"959\":1,\"991\":1,\"1014\":1,\"1080\":1,\"1107\":1,\"1168\":1,\"1217\":1,\"1245\":1,\"1285\":1,\"1319\":1,\"1383\":1,\"1409\":1,\"1457\":1,\"1492\":1,\"1559\":1,\"1585\":1,\"1634\":1,\"1669\":1,\"1736\":1,\"1762\":1,\"1811\":1,\"1846\":1,\"1913\":1,\"1939\":1,\"1988\":1,\"2023\":1,\"2090\":1,\"2116\":1,\"2165\":1,\"2200\":1,\"2267\":1,\"2293\":1,\"2352\":1,\"2390\":1,\"2422\":1,\"2485\":1,\"2512\":1,\"2571\":1,\"2609\":1,\"2641\":1,\"2704\":1,\"2731\":1,\"2790\":1,\"2828\":1,\"2860\":1,\"2923\":1,\"2950\":1,\"3009\":1,\"3047\":1,\"3079\":1,\"3142\":1,\"3169\":1,\"3242\":1,\"3274\":1,\"3297\":1,\"3363\":1,\"3390\":1},\"1\":{\"139\":1,\"163\":1,\"207\":2,\"260\":2,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"304\":3,\"307\":2,\"310\":1,\"327\":6,\"329\":1,\"332\":2,\"347\":3,\"442\":1,\"443\":1,\"481\":2,\"482\":1,\"504\":2,\"505\":1,\"530\":2,\"531\":1,\"560\":2,\"561\":1,\"590\":2,\"591\":1,\"620\":2,\"621\":1,\"666\":2,\"667\":1,\"712\":2,\"713\":1,\"758\":2,\"759\":1,\"804\":2,\"805\":1,\"850\":2,\"851\":1,\"896\":1,\"897\":1,\"959\":2,\"991\":2,\"1002\":1,\"1005\":1,\"1014\":2,\"1025\":2,\"1027\":1,\"1080\":2,\"1095\":1,\"1098\":1,\"1107\":2,\"1118\":2,\"1119\":1,\"1121\":1,\"1168\":2,\"1205\":1,\"1208\":1,\"1217\":2,\"1245\":2,\"1273\":1,\"1276\":1,\"1285\":2,\"1319\":2,\"1383\":2,\"1397\":1,\"1400\":1,\"1409\":2,\"1420\":2,\"1421\":1,\"1423\":1,\"1445\":1,\"1448\":1,\"1457\":2,\"1492\":2,\"1559\":2,\"1573\":1,\"1576\":1,\"1585\":2,\"1596\":2,\"1597\":1,\"1599\":1,\"1622\":1,\"1625\":1,\"1634\":2,\"1669\":2,\"1736\":2,\"1750\":1,\"1753\":1,\"1762\":2,\"1773\":2,\"1774\":1,\"1776\":1,\"1799\":1,\"1802\":1,\"1811\":2,\"1846\":2,\"1913\":2,\"1927\":1,\"1930\":1,\"1939\":2,\"1950\":2,\"1951\":1,\"1953\":1,\"1976\":1,\"1979\":1,\"1988\":2,\"2023\":2,\"2090\":2,\"2104\":1,\"2107\":1,\"2116\":2,\"2127\":2,\"2128\":1,\"2130\":1,\"2153\":1,\"2156\":1,\"2165\":2,\"2200\":2,\"2267\":2,\"2281\":1,\"2284\":1,\"2293\":2,\"2304\":2,\"2305\":1,\"2307\":1,\"2340\":1,\"2343\":1,\"2352\":2,\"2390\":2,\"2422\":2,\"2432\":2,\"2434\":1,\"2485\":2,\"2500\":1,\"2503\":1,\"2512\":2,\"2523\":2,\"2524\":1,\"2526\":1,\"2559\":1,\"2562\":1,\"2571\":2,\"2609\":2,\"2641\":2,\"2651\":2,\"2653\":1,\"2704\":2,\"2719\":1,\"2722\":1,\"2731\":2,\"2742\":2,\"2743\":1,\"2745\":1,\"2778\":1,\"2781\":1,\"2790\":2,\"2828\":2,\"2860\":2,\"2870\":2,\"2872\":1,\"2923\":2,\"2938\":1,\"2941\":1,\"2950\":2,\"2961\":2,\"2962\":1,\"2964\":1,\"2997\":1,\"3000\":1,\"3009\":2,\"3047\":2,\"3079\":2,\"3089\":2,\"3091\":1,\"3142\":2,\"3157\":1,\"3160\":1,\"3169\":2,\"3180\":2,\"3181\":1,\"3183\":1,\"3242\":2,\"3274\":2,\"3285\":1,\"3288\":1,\"3297\":2,\"3308\":2,\"3310\":1,\"3363\":2,\"3378\":1,\"3381\":1,\"3390\":2,\"3401\":2,\"3402\":1,\"3404\":1}}],[\"based\",{\"0\":{\"325\":1,\"378\":1,\"379\":1},\"1\":{\"0\":1,\"26\":1,\"32\":1,\"88\":1,\"95\":1,\"99\":2,\"117\":1,\"127\":1,\"130\":1,\"147\":1,\"152\":1,\"169\":2,\"324\":1,\"332\":1,\"346\":1,\"364\":1,\"369\":1,\"374\":2,\"377\":1,\"381\":1,\"390\":4,\"393\":1,\"399\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"basically\",{\"1\":{\"96\":1,\"102\":1}}],[\"basic\",{\"1\":{\"93\":1,\"94\":1,\"113\":1,\"126\":1,\"153\":1,\"168\":1,\"395\":1,\"458\":6,\"912\":6,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"basics\",{\"0\":{\"93\":1,\"109\":1},\"1\":{\"24\":1,\"89\":1}}],[\"basis\",{\"1\":{\"82\":1}}],[\"backup\",{\"1\":{\"303\":3,\"304\":3,\"306\":3,\"307\":3,\"309\":3,\"310\":3,\"312\":3,\"313\":3,\"315\":3,\"316\":3,\"459\":1,\"461\":3,\"462\":3,\"485\":1,\"508\":1,\"510\":3,\"511\":3,\"534\":1,\"536\":3,\"537\":3,\"564\":1,\"566\":3,\"567\":3,\"594\":1,\"596\":3,\"597\":3,\"624\":1,\"626\":3,\"627\":3,\"670\":1,\"672\":3,\"673\":3,\"716\":1,\"718\":3,\"719\":3,\"762\":1,\"764\":3,\"765\":3,\"808\":1,\"810\":3,\"811\":3,\"854\":1,\"856\":3,\"857\":3,\"913\":1,\"915\":3,\"916\":3}}],[\"backend\",{\"1\":{\"170\":2,\"327\":18}}],[\"background\",{\"1\":{\"102\":1}}],[\"back\",{\"0\":{\"1003\":1,\"1004\":1,\"1096\":1,\"1097\":1,\"1206\":1,\"1207\":1,\"1274\":1,\"1275\":1,\"1398\":1,\"1399\":1,\"1446\":1,\"1447\":1,\"1574\":1,\"1575\":1,\"1623\":1,\"1624\":1,\"1751\":1,\"1752\":1,\"1800\":1,\"1801\":1,\"1928\":1,\"1929\":1,\"1977\":1,\"1978\":1,\"2105\":1,\"2106\":1,\"2154\":1,\"2155\":1,\"2282\":1,\"2283\":1,\"2341\":1,\"2342\":1,\"2501\":1,\"2502\":1,\"2560\":1,\"2561\":1,\"2720\":1,\"2721\":1,\"2779\":1,\"2780\":1,\"2939\":1,\"2940\":1,\"2998\":1,\"2999\":1,\"3158\":1,\"3159\":1,\"3286\":1,\"3287\":1,\"3379\":1,\"3380\":1},\"1\":{\"13\":1,\"128\":1,\"157\":2,\"159\":2,\"160\":2,\"356\":1,\"379\":1,\"1003\":3,\"1004\":3,\"1024\":1,\"1025\":4,\"1027\":1,\"1096\":3,\"1097\":3,\"1117\":1,\"1118\":4,\"1121\":1,\"1206\":3,\"1207\":3,\"1274\":3,\"1275\":3,\"1398\":3,\"1399\":3,\"1419\":1,\"1420\":4,\"1423\":1,\"1446\":3,\"1447\":3,\"1574\":3,\"1575\":3,\"1595\":1,\"1596\":4,\"1599\":1,\"1623\":3,\"1624\":3,\"1751\":3,\"1752\":3,\"1772\":1,\"1773\":4,\"1776\":1,\"1800\":3,\"1801\":3,\"1928\":3,\"1929\":3,\"1949\":1,\"1950\":4,\"1953\":1,\"1977\":3,\"1978\":3,\"2105\":3,\"2106\":3,\"2126\":1,\"2127\":4,\"2130\":1,\"2154\":3,\"2155\":3,\"2282\":3,\"2283\":3,\"2303\":1,\"2304\":4,\"2307\":1,\"2341\":3,\"2342\":3,\"2431\":1,\"2432\":4,\"2434\":1,\"2501\":3,\"2502\":3,\"2522\":1,\"2523\":4,\"2526\":1,\"2560\":3,\"2561\":3,\"2650\":1,\"2651\":4,\"2653\":1,\"2720\":3,\"2721\":3,\"2741\":1,\"2742\":4,\"2745\":1,\"2779\":3,\"2780\":3,\"2869\":1,\"2870\":4,\"2872\":1,\"2939\":3,\"2940\":3,\"2960\":1,\"2961\":4,\"2964\":1,\"2998\":3,\"2999\":3,\"3088\":1,\"3089\":4,\"3091\":1,\"3158\":3,\"3159\":3,\"3179\":1,\"3180\":4,\"3183\":1,\"3286\":3,\"3287\":3,\"3307\":1,\"3308\":4,\"3310\":1,\"3379\":3,\"3380\":3,\"3400\":1,\"3401\":4,\"3404\":1}}],[\"bearer\",{\"0\":{\"1005\":1,\"1098\":1,\"1119\":1,\"1208\":1,\"1276\":1,\"1400\":1,\"1421\":1,\"1448\":1,\"1576\":1,\"1597\":1,\"1625\":1,\"1753\":1,\"1774\":1,\"1802\":1,\"1930\":1,\"1951\":1,\"1979\":1,\"2107\":1,\"2128\":1,\"2156\":1,\"2284\":1,\"2305\":1,\"2343\":1,\"2503\":1,\"2524\":1,\"2562\":1,\"2722\":1,\"2743\":1,\"2781\":1,\"2941\":1,\"2962\":1,\"3000\":1,\"3160\":1,\"3181\":1,\"3288\":1,\"3381\":1,\"3402\":1},\"1\":{\"1005\":2,\"1027\":1,\"1098\":2,\"1117\":1,\"1119\":2,\"1121\":1,\"1208\":2,\"1276\":2,\"1400\":2,\"1419\":1,\"1421\":2,\"1423\":1,\"1448\":2,\"1576\":2,\"1595\":1,\"1597\":2,\"1599\":1,\"1625\":2,\"1753\":2,\"1772\":1,\"1774\":2,\"1776\":1,\"1802\":2,\"1930\":2,\"1949\":1,\"1951\":2,\"1953\":1,\"1979\":2,\"2107\":2,\"2126\":1,\"2128\":2,\"2130\":1,\"2156\":2,\"2284\":2,\"2303\":1,\"2305\":2,\"2307\":1,\"2343\":2,\"2434\":1,\"2503\":2,\"2522\":1,\"2524\":2,\"2526\":1,\"2562\":2,\"2653\":1,\"2722\":2,\"2741\":1,\"2743\":2,\"2745\":1,\"2781\":2,\"2872\":1,\"2941\":2,\"2960\":1,\"2962\":2,\"2964\":1,\"3000\":2,\"3091\":1,\"3160\":2,\"3179\":1,\"3181\":2,\"3183\":1,\"3288\":2,\"3310\":1,\"3381\":2,\"3400\":1,\"3402\":2,\"3404\":1}}],[\"beans\",{\"1\":{\"332\":2,\"390\":1}}],[\"bean\",{\"1\":{\"147\":3,\"149\":2,\"150\":2,\"154\":1,\"332\":1,\"335\":1}}],[\"beantragen\",{\"1\":{\"16\":1}}],[\"benefit\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"benefits\",{\"0\":{\"7\":1,\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1},\"1\":{\"97\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"berlin\",{\"1\":{\"327\":8,\"461\":1,\"462\":1,\"915\":1,\"916\":1}}],[\"bereits\",{\"1\":{\"15\":1}}],[\"besides\",{\"1\":{\"265\":1,\"266\":1}}],[\"best\",{\"1\":{\"35\":1}}],[\"bestandteil\",{\"1\":{\"15\":1}}],[\"beginning\",{\"1\":{\"159\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1}}],[\"behind\",{\"1\":{\"139\":1}}],[\"become\",{\"1\":{\"117\":1}}],[\"because\",{\"1\":{\"96\":1,\"97\":1,\"381\":2}}],[\"before\",{\"1\":{\"90\":1,\"93\":1,\"136\":1,\"156\":1,\"159\":108,\"160\":2,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"407\":1,\"415\":1,\"416\":1,\"419\":1,\"459\":1,\"461\":1,\"462\":1,\"510\":1,\"511\":1,\"536\":1,\"537\":1,\"564\":1,\"566\":1,\"567\":1,\"594\":1,\"596\":1,\"597\":1,\"624\":1,\"626\":1,\"627\":1,\"631\":1,\"639\":1,\"640\":1,\"643\":1,\"670\":1,\"672\":1,\"673\":1,\"677\":1,\"685\":1,\"686\":1,\"689\":1,\"716\":1,\"718\":1,\"719\":1,\"723\":1,\"731\":1,\"732\":1,\"735\":1,\"762\":1,\"764\":1,\"765\":1,\"769\":1,\"777\":1,\"778\":1,\"781\":1,\"808\":1,\"810\":1,\"811\":1,\"815\":1,\"823\":1,\"824\":1,\"827\":1,\"854\":1,\"856\":1,\"857\":1,\"861\":1,\"869\":1,\"870\":1,\"873\":1,\"913\":1,\"915\":1,\"916\":1}}],[\"befinden\",{\"1\":{\"16\":1}}],[\"been\",{\"1\":{\"88\":1,\"89\":1,\"98\":1,\"127\":1,\"414\":1,\"460\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1,\"914\":1}}],[\"belonging\",{\"1\":{\"348\":1,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"belongs\",{\"1\":{\"78\":1,\"442\":2,\"481\":2,\"504\":2,\"530\":2,\"560\":2,\"590\":2,\"620\":2,\"666\":2,\"712\":2,\"758\":2,\"804\":2,\"850\":2,\"896\":2}}],[\"below\",{\"1\":{\"100\":1,\"170\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"431\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"548\":1,\"560\":1,\"561\":1,\"578\":1,\"590\":1,\"591\":1,\"608\":1,\"620\":1,\"621\":1,\"654\":1,\"666\":1,\"667\":1,\"700\":1,\"712\":1,\"713\":1,\"746\":1,\"758\":1,\"759\":1,\"793\":1,\"804\":1,\"805\":1,\"839\":1,\"850\":1,\"851\":1,\"885\":1,\"896\":1,\"897\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"believe\",{\"1\":{\"37\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"beliebiger\",{\"1\":{\"17\":1}}],[\"being\",{\"1\":{\"99\":1,\"109\":1,\"169\":1,\"222\":1,\"223\":1,\"381\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1,\"973\":1,\"974\":1,\"1183\":1,\"1184\":1,\"1334\":1,\"1335\":1,\"1506\":1,\"1507\":1,\"1683\":1,\"1684\":1,\"1860\":1,\"1861\":1,\"2037\":1,\"2038\":1,\"2214\":1,\"2215\":1,\"2404\":1,\"2405\":1,\"2623\":1,\"2624\":1,\"2842\":1,\"2843\":1,\"3061\":1,\"3062\":1,\"3256\":1,\"3257\":1}}],[\"beizutreten\",{\"1\":{\"41\":1}}],[\"beitritt\",{\"1\":{\"14\":1}}],[\"better\",{\"1\":{\"81\":1,\"129\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"between\",{\"1\":{\"32\":1,\"77\":1,\"94\":2,\"95\":1,\"96\":2,\"97\":2,\"98\":3,\"104\":1,\"109\":1,\"159\":11,\"210\":1,\"235\":1,\"247\":1,\"277\":1,\"323\":1,\"325\":1,\"354\":3,\"356\":2,\"379\":1,\"383\":2,\"415\":1,\"441\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"639\":1,\"670\":1,\"685\":1,\"716\":1,\"731\":1,\"762\":1,\"777\":1,\"808\":1,\"823\":1,\"854\":1,\"869\":1,\"895\":1,\"913\":1,\"961\":1,\"987\":1,\"1040\":1,\"1041\":1,\"1062\":1,\"1134\":1,\"1135\":1,\"1171\":1,\"1194\":1,\"1230\":1,\"1264\":1,\"1322\":1,\"1345\":1,\"1368\":1,\"1435\":1,\"1494\":1,\"1520\":1,\"1544\":1,\"1612\":1,\"1671\":1,\"1697\":1,\"1721\":1,\"1789\":1,\"1848\":1,\"1874\":1,\"1898\":1,\"1966\":1,\"2025\":1,\"2051\":1,\"2075\":1,\"2143\":1,\"2202\":1,\"2228\":1,\"2252\":1,\"2320\":1,\"2392\":1,\"2418\":1,\"2447\":1,\"2467\":1,\"2539\":1,\"2611\":1,\"2637\":1,\"2666\":1,\"2686\":1,\"2758\":1,\"2830\":1,\"2856\":1,\"2885\":1,\"2905\":1,\"2977\":1,\"3049\":1,\"3075\":1,\"3104\":1,\"3124\":1,\"3196\":1,\"3244\":1,\"3270\":1,\"3323\":1,\"3324\":1,\"3345\":1,\"3417\":1,\"3418\":1}}],[\"betrieb\",{\"1\":{\"14\":1}}],[\"bedarf\",{\"1\":{\"15\":1}}],[\"be\",{\"1\":{\"8\":1,\"9\":2,\"37\":1,\"82\":1,\"85\":1,\"88\":2,\"90\":3,\"91\":2,\"94\":2,\"95\":6,\"96\":2,\"97\":1,\"98\":2,\"99\":2,\"100\":2,\"103\":1,\"104\":1,\"109\":1,\"110\":1,\"116\":1,\"117\":3,\"120\":2,\"126\":1,\"130\":2,\"138\":3,\"139\":2,\"147\":2,\"152\":3,\"153\":3,\"154\":7,\"156\":1,\"157\":2,\"169\":2,\"170\":2,\"184\":1,\"185\":1,\"186\":2,\"209\":1,\"212\":1,\"213\":1,\"217\":1,\"218\":1,\"222\":1,\"223\":1,\"224\":1,\"228\":1,\"233\":2,\"234\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"271\":1,\"272\":1,\"276\":1,\"277\":1,\"283\":1,\"285\":2,\"288\":2,\"290\":1,\"294\":1,\"296\":2,\"299\":2,\"301\":1,\"303\":1,\"318\":1,\"319\":1,\"324\":2,\"332\":4,\"334\":1,\"338\":4,\"341\":3,\"345\":1,\"346\":2,\"347\":3,\"348\":3,\"349\":1,\"352\":1,\"354\":1,\"356\":4,\"357\":2,\"358\":2,\"359\":1,\"360\":1,\"361\":2,\"362\":1,\"363\":1,\"364\":2,\"367\":1,\"369\":2,\"371\":4,\"372\":1,\"374\":1,\"377\":1,\"381\":1,\"382\":1,\"383\":2,\"384\":2,\"385\":1,\"386\":1,\"387\":2,\"388\":1,\"389\":1,\"390\":1,\"393\":1,\"394\":1,\"395\":1,\"397\":1,\"399\":2,\"400\":1,\"401\":2,\"402\":1,\"407\":1,\"415\":2,\"419\":2,\"427\":3,\"432\":1,\"434\":1,\"439\":2,\"441\":2,\"446\":2,\"451\":1,\"457\":3,\"459\":2,\"460\":1,\"470\":3,\"473\":1,\"478\":2,\"480\":2,\"481\":2,\"485\":2,\"493\":3,\"496\":1,\"501\":2,\"503\":2,\"508\":2,\"519\":3,\"522\":1,\"527\":2,\"529\":2,\"534\":2,\"545\":3,\"552\":1,\"557\":2,\"559\":2,\"564\":2,\"575\":3,\"582\":1,\"587\":2,\"589\":2,\"594\":2,\"605\":3,\"612\":1,\"617\":2,\"619\":2,\"624\":2,\"631\":1,\"639\":2,\"643\":2,\"651\":3,\"658\":1,\"663\":2,\"665\":2,\"670\":2,\"677\":1,\"685\":2,\"689\":2,\"697\":3,\"704\":1,\"709\":2,\"711\":2,\"716\":2,\"723\":1,\"731\":2,\"735\":2,\"743\":3,\"750\":1,\"755\":2,\"757\":2,\"762\":2,\"769\":1,\"777\":2,\"781\":2,\"789\":3,\"794\":1,\"796\":1,\"801\":2,\"803\":2,\"808\":2,\"815\":1,\"823\":2,\"827\":2,\"835\":3,\"840\":1,\"842\":1,\"847\":2,\"849\":2,\"854\":2,\"861\":1,\"869\":2,\"873\":2,\"881\":3,\"886\":1,\"888\":1,\"893\":2,\"895\":2,\"900\":2,\"905\":1,\"911\":3,\"913\":2,\"914\":1,\"920\":7,\"921\":2,\"923\":3,\"924\":1,\"925\":1,\"941\":2,\"942\":2,\"943\":1,\"944\":1,\"945\":2,\"946\":2,\"947\":2,\"960\":1,\"963\":1,\"964\":1,\"968\":1,\"969\":1,\"973\":1,\"974\":1,\"975\":1,\"979\":1,\"985\":2,\"986\":1,\"989\":1,\"1002\":1,\"1003\":2,\"1005\":1,\"1006\":1,\"1007\":1,\"1024\":3,\"1025\":2,\"1026\":2,\"1033\":1,\"1034\":1,\"1039\":1,\"1040\":1,\"1043\":1,\"1044\":1,\"1049\":7,\"1050\":2,\"1052\":3,\"1053\":1,\"1054\":1,\"1056\":1,\"1077\":2,\"1078\":2,\"1079\":2,\"1083\":1,\"1095\":1,\"1096\":2,\"1098\":1,\"1099\":1,\"1100\":1,\"1117\":3,\"1118\":2,\"1120\":2,\"1127\":1,\"1128\":1,\"1133\":1,\"1134\":1,\"1137\":1,\"1138\":1,\"1154\":1,\"1155\":1,\"1156\":2,\"1170\":1,\"1173\":1,\"1174\":1,\"1178\":1,\"1179\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1189\":1,\"1192\":2,\"1193\":1,\"1196\":1,\"1205\":1,\"1206\":2,\"1208\":1,\"1209\":1,\"1210\":1,\"1258\":1,\"1259\":1,\"1263\":1,\"1264\":1,\"1273\":1,\"1274\":2,\"1276\":1,\"1277\":1,\"1278\":1,\"1305\":1,\"1306\":1,\"1307\":2,\"1321\":1,\"1324\":1,\"1325\":1,\"1329\":1,\"1330\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1340\":1,\"1343\":2,\"1344\":1,\"1347\":1,\"1355\":6,\"1356\":2,\"1358\":3,\"1359\":1,\"1360\":1,\"1362\":1,\"1386\":1,\"1388\":1,\"1397\":1,\"1398\":2,\"1400\":1,\"1401\":1,\"1402\":1,\"1419\":3,\"1420\":2,\"1422\":2,\"1429\":1,\"1430\":1,\"1434\":1,\"1435\":1,\"1445\":1,\"1446\":2,\"1448\":1,\"1449\":1,\"1450\":1,\"1477\":1,\"1478\":1,\"1479\":2,\"1480\":2,\"1493\":1,\"1496\":1,\"1497\":1,\"1501\":1,\"1502\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1512\":1,\"1518\":2,\"1519\":1,\"1522\":1,\"1531\":6,\"1532\":2,\"1534\":3,\"1535\":1,\"1536\":1,\"1538\":1,\"1562\":1,\"1573\":1,\"1574\":2,\"1576\":1,\"1577\":1,\"1578\":1,\"1595\":3,\"1596\":2,\"1598\":2,\"1605\":1,\"1606\":1,\"1611\":1,\"1612\":1,\"1622\":1,\"1623\":2,\"1625\":1,\"1626\":1,\"1627\":1,\"1654\":1,\"1655\":1,\"1656\":2,\"1657\":2,\"1670\":1,\"1673\":1,\"1674\":1,\"1678\":1,\"1679\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1689\":1,\"1695\":2,\"1696\":1,\"1699\":1,\"1708\":6,\"1709\":2,\"1711\":3,\"1712\":1,\"1713\":1,\"1715\":1,\"1739\":1,\"1750\":1,\"1751\":2,\"1753\":1,\"1754\":1,\"1755\":1,\"1772\":3,\"1773\":2,\"1775\":2,\"1782\":1,\"1783\":1,\"1788\":1,\"1789\":1,\"1799\":1,\"1800\":2,\"1802\":1,\"1803\":1,\"1804\":1,\"1831\":1,\"1832\":1,\"1833\":2,\"1834\":2,\"1847\":1,\"1850\":1,\"1851\":1,\"1855\":1,\"1856\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1866\":1,\"1872\":2,\"1873\":1,\"1876\":1,\"1885\":6,\"1886\":2,\"1888\":3,\"1889\":1,\"1890\":1,\"1892\":1,\"1916\":1,\"1927\":1,\"1928\":2,\"1930\":1,\"1931\":1,\"1932\":1,\"1949\":3,\"1950\":2,\"1952\":2,\"1959\":1,\"1960\":1,\"1965\":1,\"1966\":1,\"1976\":1,\"1977\":2,\"1979\":1,\"1980\":1,\"1981\":1,\"2008\":1,\"2009\":1,\"2010\":2,\"2011\":2,\"2024\":1,\"2027\":1,\"2028\":1,\"2032\":1,\"2033\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2043\":1,\"2049\":2,\"2050\":1,\"2053\":1,\"2062\":6,\"2063\":2,\"2065\":3,\"2066\":1,\"2067\":1,\"2069\":1,\"2093\":1,\"2104\":1,\"2105\":2,\"2107\":1,\"2108\":1,\"2109\":1,\"2126\":3,\"2127\":2,\"2129\":2,\"2136\":1,\"2137\":1,\"2142\":1,\"2143\":1,\"2153\":1,\"2154\":2,\"2156\":1,\"2157\":1,\"2158\":1,\"2185\":1,\"2186\":1,\"2187\":2,\"2188\":2,\"2201\":1,\"2204\":1,\"2205\":1,\"2209\":1,\"2210\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2220\":1,\"2226\":2,\"2227\":1,\"2230\":1,\"2239\":6,\"2240\":2,\"2242\":3,\"2243\":1,\"2244\":1,\"2246\":1,\"2270\":1,\"2281\":1,\"2282\":2,\"2284\":1,\"2285\":1,\"2286\":1,\"2303\":3,\"2304\":2,\"2306\":2,\"2313\":1,\"2314\":1,\"2319\":1,\"2320\":1,\"2327\":7,\"2328\":2,\"2330\":3,\"2331\":1,\"2332\":1,\"2340\":1,\"2341\":2,\"2343\":1,\"2344\":1,\"2345\":1,\"2372\":2,\"2373\":2,\"2374\":1,\"2375\":1,\"2376\":2,\"2377\":2,\"2378\":2,\"2391\":1,\"2394\":1,\"2395\":1,\"2399\":1,\"2400\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2410\":1,\"2416\":2,\"2417\":1,\"2420\":1,\"2431\":3,\"2432\":2,\"2433\":2,\"2440\":1,\"2441\":1,\"2446\":1,\"2447\":1,\"2454\":7,\"2455\":2,\"2457\":3,\"2458\":1,\"2459\":1,\"2461\":1,\"2482\":2,\"2483\":2,\"2484\":2,\"2488\":1,\"2500\":1,\"2501\":2,\"2503\":1,\"2504\":1,\"2505\":1,\"2522\":3,\"2523\":2,\"2525\":2,\"2532\":1,\"2533\":1,\"2538\":1,\"2539\":1,\"2546\":7,\"2547\":2,\"2549\":3,\"2550\":1,\"2551\":1,\"2559\":1,\"2560\":2,\"2562\":1,\"2563\":1,\"2564\":1,\"2591\":2,\"2592\":2,\"2593\":1,\"2594\":1,\"2595\":2,\"2596\":2,\"2597\":2,\"2610\":1,\"2613\":1,\"2614\":1,\"2618\":1,\"2619\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2629\":1,\"2635\":2,\"2636\":1,\"2639\":1,\"2650\":3,\"2651\":2,\"2652\":2,\"2659\":1,\"2660\":1,\"2665\":1,\"2666\":1,\"2673\":7,\"2674\":2,\"2676\":3,\"2677\":1,\"2678\":1,\"2680\":1,\"2701\":2,\"2702\":2,\"2703\":2,\"2707\":1,\"2719\":1,\"2720\":2,\"2722\":1,\"2723\":1,\"2724\":1,\"2741\":3,\"2742\":2,\"2744\":2,\"2751\":1,\"2752\":1,\"2757\":1,\"2758\":1,\"2765\":7,\"2766\":2,\"2768\":3,\"2769\":1,\"2770\":1,\"2778\":1,\"2779\":2,\"2781\":1,\"2782\":1,\"2783\":1,\"2810\":2,\"2811\":2,\"2812\":1,\"2813\":1,\"2814\":2,\"2815\":2,\"2816\":2,\"2829\":1,\"2832\":1,\"2833\":1,\"2837\":1,\"2838\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2848\":1,\"2854\":2,\"2855\":1,\"2858\":1,\"2869\":3,\"2870\":2,\"2871\":2,\"2878\":1,\"2879\":1,\"2884\":1,\"2885\":1,\"2892\":7,\"2893\":2,\"2895\":3,\"2896\":1,\"2897\":1,\"2899\":1,\"2920\":2,\"2921\":2,\"2922\":2,\"2926\":1,\"2938\":1,\"2939\":2,\"2941\":1,\"2942\":1,\"2943\":1,\"2960\":3,\"2961\":2,\"2963\":2,\"2970\":1,\"2971\":1,\"2976\":1,\"2977\":1,\"2984\":7,\"2985\":2,\"2987\":3,\"2988\":1,\"2989\":1,\"2997\":1,\"2998\":2,\"3000\":1,\"3001\":1,\"3002\":1,\"3029\":2,\"3030\":2,\"3031\":1,\"3032\":1,\"3033\":2,\"3034\":2,\"3035\":2,\"3048\":1,\"3051\":1,\"3052\":1,\"3056\":1,\"3057\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3067\":1,\"3073\":2,\"3074\":1,\"3077\":1,\"3088\":3,\"3089\":2,\"3090\":2,\"3097\":1,\"3098\":1,\"3103\":1,\"3104\":1,\"3111\":7,\"3112\":2,\"3114\":3,\"3115\":1,\"3116\":1,\"3118\":1,\"3139\":2,\"3140\":2,\"3141\":2,\"3145\":1,\"3157\":1,\"3158\":2,\"3160\":1,\"3161\":1,\"3162\":1,\"3179\":3,\"3180\":2,\"3182\":2,\"3189\":1,\"3190\":1,\"3195\":1,\"3196\":1,\"3203\":7,\"3204\":2,\"3206\":3,\"3207\":1,\"3208\":1,\"3224\":2,\"3225\":2,\"3226\":1,\"3227\":1,\"3228\":2,\"3229\":2,\"3230\":2,\"3243\":1,\"3246\":1,\"3247\":1,\"3251\":1,\"3252\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3262\":1,\"3268\":2,\"3269\":1,\"3272\":1,\"3285\":1,\"3286\":2,\"3288\":1,\"3289\":1,\"3290\":1,\"3307\":3,\"3308\":2,\"3309\":2,\"3316\":1,\"3317\":1,\"3322\":1,\"3323\":1,\"3326\":1,\"3327\":1,\"3332\":7,\"3333\":2,\"3335\":3,\"3336\":1,\"3337\":1,\"3339\":1,\"3360\":2,\"3361\":2,\"3362\":2,\"3366\":1,\"3378\":1,\"3379\":2,\"3381\":1,\"3382\":1,\"3383\":1,\"3400\":3,\"3401\":2,\"3403\":2,\"3410\":1,\"3411\":1,\"3416\":1,\"3417\":1,\"3420\":1,\"3421\":1}}],[\"by=\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"by\",{\"0\":{\"108\":1,\"154\":1,\"457\":1,\"911\":1},\"1\":{\"0\":2,\"1\":1,\"5\":1,\"6\":1,\"8\":1,\"32\":1,\"33\":2,\"88\":1,\"90\":1,\"95\":1,\"96\":1,\"97\":1,\"98\":2,\"99\":4,\"100\":1,\"109\":1,\"110\":2,\"116\":2,\"117\":2,\"126\":1,\"127\":1,\"143\":1,\"147\":1,\"149\":1,\"150\":1,\"152\":2,\"153\":2,\"163\":1,\"165\":2,\"169\":4,\"170\":1,\"175\":1,\"208\":1,\"251\":1,\"263\":1,\"264\":1,\"285\":1,\"289\":2,\"290\":2,\"296\":1,\"300\":2,\"301\":2,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"318\":1,\"332\":2,\"333\":1,\"334\":1,\"338\":4,\"341\":1,\"344\":1,\"345\":1,\"346\":1,\"347\":2,\"348\":4,\"349\":3,\"352\":3,\"354\":1,\"356\":4,\"363\":1,\"367\":4,\"369\":1,\"377\":3,\"383\":1,\"389\":1,\"390\":1,\"393\":4,\"405\":1,\"419\":2,\"427\":1,\"433\":2,\"438\":1,\"439\":2,\"442\":1,\"443\":1,\"444\":3,\"450\":1,\"451\":1,\"459\":1,\"460\":2,\"462\":1,\"470\":1,\"477\":1,\"478\":2,\"481\":2,\"482\":1,\"483\":3,\"485\":1,\"493\":1,\"500\":1,\"501\":2,\"504\":2,\"505\":1,\"506\":3,\"508\":1,\"511\":1,\"519\":1,\"526\":1,\"527\":2,\"530\":2,\"531\":1,\"532\":3,\"534\":1,\"537\":3,\"545\":1,\"556\":1,\"557\":2,\"560\":2,\"561\":1,\"562\":3,\"564\":1,\"567\":1,\"575\":1,\"586\":1,\"587\":2,\"590\":2,\"591\":1,\"592\":3,\"594\":1,\"597\":1,\"605\":1,\"616\":1,\"617\":2,\"620\":2,\"621\":1,\"622\":3,\"624\":1,\"627\":1,\"629\":1,\"643\":2,\"651\":1,\"662\":1,\"663\":2,\"666\":2,\"667\":1,\"668\":3,\"670\":1,\"673\":1,\"675\":1,\"689\":2,\"697\":1,\"708\":1,\"709\":2,\"712\":2,\"713\":1,\"714\":3,\"716\":1,\"719\":1,\"721\":1,\"735\":2,\"743\":1,\"754\":1,\"755\":2,\"758\":2,\"759\":1,\"760\":3,\"762\":1,\"765\":1,\"767\":1,\"781\":2,\"789\":1,\"795\":2,\"800\":1,\"801\":2,\"804\":2,\"805\":1,\"806\":3,\"808\":1,\"811\":1,\"813\":1,\"827\":2,\"835\":1,\"841\":2,\"846\":1,\"847\":2,\"850\":2,\"851\":1,\"852\":3,\"854\":1,\"857\":1,\"859\":1,\"873\":2,\"881\":1,\"887\":2,\"892\":1,\"893\":2,\"896\":1,\"897\":1,\"898\":3,\"904\":1,\"905\":1,\"913\":1,\"914\":2,\"916\":1,\"928\":1,\"932\":1,\"1004\":1,\"1024\":2,\"1025\":1,\"1057\":1,\"1068\":1,\"1082\":1,\"1084\":1,\"1097\":1,\"1117\":2,\"1118\":1,\"1145\":1,\"1169\":1,\"1207\":1,\"1236\":1,\"1247\":1,\"1248\":1,\"1275\":1,\"1296\":1,\"1320\":1,\"1363\":1,\"1374\":1,\"1385\":1,\"1387\":1,\"1399\":1,\"1419\":2,\"1420\":1,\"1447\":1,\"1468\":1,\"1539\":1,\"1550\":1,\"1561\":1,\"1563\":1,\"1575\":1,\"1595\":2,\"1596\":1,\"1624\":1,\"1645\":1,\"1716\":1,\"1727\":1,\"1738\":1,\"1740\":1,\"1752\":1,\"1772\":2,\"1773\":1,\"1801\":1,\"1822\":1,\"1893\":1,\"1904\":1,\"1915\":1,\"1917\":1,\"1929\":1,\"1949\":2,\"1950\":1,\"1978\":1,\"1999\":1,\"2070\":1,\"2081\":1,\"2092\":1,\"2094\":1,\"2106\":1,\"2126\":2,\"2127\":1,\"2155\":1,\"2176\":1,\"2247\":1,\"2258\":1,\"2269\":1,\"2271\":1,\"2283\":1,\"2303\":2,\"2304\":1,\"2335\":1,\"2342\":1,\"2363\":1,\"2431\":2,\"2432\":1,\"2462\":1,\"2473\":1,\"2487\":1,\"2489\":1,\"2502\":1,\"2522\":2,\"2523\":1,\"2554\":1,\"2561\":1,\"2582\":1,\"2650\":2,\"2651\":1,\"2681\":1,\"2692\":1,\"2706\":1,\"2708\":1,\"2721\":1,\"2741\":2,\"2742\":1,\"2773\":1,\"2780\":1,\"2801\":1,\"2869\":2,\"2870\":1,\"2900\":1,\"2911\":1,\"2925\":1,\"2927\":1,\"2940\":1,\"2960\":2,\"2961\":1,\"2992\":1,\"2999\":1,\"3020\":1,\"3088\":2,\"3089\":1,\"3119\":1,\"3130\":1,\"3144\":1,\"3146\":1,\"3159\":1,\"3179\":2,\"3180\":1,\"3211\":1,\"3215\":1,\"3287\":1,\"3307\":2,\"3308\":1,\"3340\":1,\"3351\":1,\"3365\":1,\"3367\":1,\"3380\":1,\"3400\":2,\"3401\":1}}],[\"tz\",{\"1\":{\"327\":8,\"461\":1,\"462\":1,\"915\":1,\"916\":1}}],[\"typo\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"typically\",{\"1\":{\"270\":1,\"356\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1,\"1032\":1,\"1126\":1,\"1257\":1,\"1428\":1,\"1604\":1,\"1781\":1,\"1958\":1,\"2135\":1,\"2312\":1,\"2439\":1,\"2531\":1,\"2658\":1,\"2750\":1,\"2877\":1,\"2969\":1,\"3096\":1,\"3188\":1,\"3315\":1,\"3409\":1}}],[\"type=websocket\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"type\",{\"1\":{\"147\":2,\"152\":1,\"153\":1,\"154\":1,\"159\":45,\"170\":1,\"304\":6,\"327\":22,\"349\":1}}],[\"types\",{\"1\":{\"9\":1,\"333\":1,\"925\":1,\"1054\":1,\"1360\":1,\"1536\":1,\"1713\":1,\"1890\":1,\"2067\":1,\"2244\":1,\"2332\":1,\"2459\":1,\"2551\":1,\"2678\":1,\"2770\":1,\"2897\":1,\"2989\":1,\"3116\":1,\"3208\":1,\"3337\":1}}],[\"tit\",{\"1\":{\"236\":1,\"988\":1,\"1195\":1,\"1346\":1,\"1521\":1,\"1698\":1,\"1875\":1,\"2052\":1,\"2229\":1,\"2419\":1,\"2638\":1,\"2857\":1,\"3076\":1,\"3271\":1}}],[\"timeout\",{\"0\":{\"193\":1,\"194\":1,\"202\":1,\"203\":1,\"247\":1,\"248\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"951\":1,\"952\":1,\"954\":1,\"955\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1062\":1,\"1063\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1160\":1,\"1161\":1,\"1163\":1,\"1164\":1,\"1230\":1,\"1231\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1311\":1,\"1312\":1,\"1314\":1,\"1315\":1,\"1368\":1,\"1369\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1484\":1,\"1485\":1,\"1487\":1,\"1488\":1,\"1544\":1,\"1545\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1661\":1,\"1662\":1,\"1664\":1,\"1665\":1,\"1721\":1,\"1722\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1838\":1,\"1839\":1,\"1841\":1,\"1842\":1,\"1898\":1,\"1899\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"2015\":1,\"2016\":1,\"2018\":1,\"2019\":1,\"2075\":1,\"2076\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2192\":1,\"2193\":1,\"2195\":1,\"2196\":1,\"2252\":1,\"2253\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2382\":1,\"2383\":1,\"2385\":1,\"2386\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2467\":1,\"2468\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2601\":1,\"2602\":1,\"2604\":1,\"2605\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2686\":1,\"2687\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2820\":1,\"2821\":1,\"2823\":1,\"2824\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2905\":1,\"2906\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3039\":1,\"3040\":1,\"3042\":1,\"3043\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3124\":1,\"3125\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3234\":1,\"3235\":1,\"3237\":1,\"3238\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3345\":1,\"3346\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1},\"1\":{\"170\":3,\"193\":3,\"194\":3,\"202\":3,\"203\":3,\"247\":3,\"248\":3,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"327\":1,\"536\":1,\"537\":1,\"951\":3,\"952\":3,\"954\":3,\"955\":3,\"1011\":1,\"1012\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1062\":3,\"1063\":3,\"1104\":1,\"1105\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1160\":3,\"1161\":3,\"1163\":3,\"1164\":3,\"1214\":1,\"1215\":1,\"1230\":3,\"1231\":3,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1282\":1,\"1283\":1,\"1311\":3,\"1312\":3,\"1314\":3,\"1315\":3,\"1368\":3,\"1369\":3,\"1406\":1,\"1407\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1454\":1,\"1455\":1,\"1484\":3,\"1485\":3,\"1487\":3,\"1488\":3,\"1544\":3,\"1545\":3,\"1582\":1,\"1583\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1631\":1,\"1632\":1,\"1661\":3,\"1662\":3,\"1664\":3,\"1665\":3,\"1721\":3,\"1722\":3,\"1759\":1,\"1760\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1808\":1,\"1809\":1,\"1838\":3,\"1839\":3,\"1841\":3,\"1842\":3,\"1898\":3,\"1899\":3,\"1936\":1,\"1937\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1985\":1,\"1986\":1,\"2015\":3,\"2016\":3,\"2018\":3,\"2019\":3,\"2075\":3,\"2076\":3,\"2113\":1,\"2114\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2162\":1,\"2163\":1,\"2192\":3,\"2193\":3,\"2195\":3,\"2196\":3,\"2252\":3,\"2253\":3,\"2290\":1,\"2291\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2349\":1,\"2350\":1,\"2382\":3,\"2383\":3,\"2385\":3,\"2386\":3,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2467\":3,\"2468\":3,\"2509\":1,\"2510\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2568\":1,\"2569\":1,\"2601\":3,\"2602\":3,\"2604\":3,\"2605\":3,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2686\":3,\"2687\":3,\"2728\":1,\"2729\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2787\":1,\"2788\":1,\"2820\":3,\"2821\":3,\"2823\":3,\"2824\":3,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2905\":3,\"2906\":3,\"2947\":1,\"2948\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3006\":1,\"3007\":1,\"3039\":3,\"3040\":3,\"3042\":3,\"3043\":3,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3124\":3,\"3125\":3,\"3166\":1,\"3167\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3234\":3,\"3235\":3,\"3237\":3,\"3238\":3,\"3294\":1,\"3295\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3345\":3,\"3346\":3,\"3387\":1,\"3388\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1}}],[\"timer\",{\"0\":{\"382\":1},\"1\":{\"105\":2,\"381\":1,\"382\":2,\"390\":1}}],[\"time\",{\"1\":{\"97\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"356\":1,\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1,\"931\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1067\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1144\":1,\"1235\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1295\":1,\"1373\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1467\":1,\"1549\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1644\":1,\"1726\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1821\":1,\"1903\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1998\":1,\"2080\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2175\":1,\"2257\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2362\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2472\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2581\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2691\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2800\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2910\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"3019\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3129\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3214\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3350\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1}}],[\"timely\",{\"1\":{\"38\":1,\"94\":1}}],[\"txt\",{\"1\":{\"137\":2}}],[\"ttp\",{\"0\":{\"137\":1},\"1\":{\"141\":1,\"142\":1,\"290\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"tcs\",{\"1\":{\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"284\":1,\"295\":1,\"438\":2,\"460\":1,\"477\":2,\"500\":2,\"526\":2,\"556\":2,\"586\":2,\"616\":2,\"662\":2,\"708\":2,\"754\":2,\"800\":2,\"846\":2,\"892\":2,\"914\":1}}],[\"tcp\",{\"1\":{\"100\":1,\"170\":5}}],[\"tmf\",{\"1\":{\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"284\":1,\"295\":1,\"318\":1,\"438\":1,\"457\":1,\"458\":2,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"662\":1,\"708\":1,\"754\":1,\"800\":1,\"846\":1,\"892\":1,\"911\":1,\"912\":2}}],[\"tlsv13\",{\"1\":{\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"tls\",{\"1\":{\"100\":1,\"109\":1,\"170\":1,\"212\":1,\"213\":1,\"219\":1,\"228\":1,\"229\":1,\"230\":1,\"276\":1,\"285\":2,\"290\":1,\"296\":2,\"301\":1,\"438\":4,\"439\":2,\"443\":1,\"455\":1,\"456\":2,\"457\":6,\"460\":1,\"477\":4,\"478\":2,\"482\":1,\"500\":4,\"501\":2,\"505\":1,\"526\":4,\"527\":2,\"531\":1,\"556\":4,\"557\":2,\"561\":1,\"586\":4,\"587\":2,\"591\":1,\"616\":4,\"617\":2,\"621\":1,\"662\":4,\"663\":2,\"667\":1,\"708\":4,\"709\":2,\"713\":1,\"754\":4,\"755\":2,\"759\":1,\"800\":4,\"801\":2,\"805\":1,\"846\":4,\"847\":2,\"851\":1,\"892\":4,\"893\":2,\"897\":1,\"909\":1,\"910\":2,\"911\":6,\"914\":1,\"963\":1,\"964\":1,\"970\":1,\"979\":1,\"980\":1,\"981\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1039\":1,\"1044\":4,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1133\":1,\"1138\":4,\"1173\":1,\"1174\":1,\"1180\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1263\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1324\":1,\"1325\":1,\"1331\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1434\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1496\":1,\"1497\":1,\"1503\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1611\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1673\":1,\"1674\":1,\"1680\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1788\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1850\":1,\"1851\":1,\"1857\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1965\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"2027\":1,\"2028\":1,\"2034\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2142\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2204\":1,\"2205\":1,\"2211\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2319\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2394\":1,\"2395\":1,\"2401\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2446\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2538\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2613\":1,\"2614\":1,\"2620\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2665\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2757\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2832\":1,\"2833\":1,\"2839\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2884\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2976\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3051\":1,\"3052\":1,\"3058\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3103\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3195\":1,\"3246\":1,\"3247\":1,\"3253\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3322\":1,\"3327\":4,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3416\":1,\"3421\":4}}],[\"two\",{\"1\":{\"97\":2,\"99\":1,\"103\":1,\"154\":1,\"169\":1,\"210\":1,\"235\":1,\"284\":1,\"289\":1,\"295\":1,\"300\":1,\"322\":1,\"344\":1,\"345\":1,\"354\":1,\"356\":2,\"367\":1,\"374\":1,\"381\":1,\"383\":1,\"390\":2,\"393\":1,\"408\":1,\"438\":1,\"477\":1,\"481\":1,\"500\":1,\"504\":1,\"526\":1,\"530\":1,\"556\":1,\"560\":1,\"586\":1,\"590\":1,\"616\":1,\"620\":1,\"632\":1,\"662\":1,\"666\":1,\"678\":1,\"708\":1,\"712\":1,\"724\":1,\"754\":1,\"758\":1,\"770\":1,\"800\":1,\"804\":1,\"816\":1,\"846\":1,\"850\":1,\"862\":1,\"892\":1,\"925\":1,\"928\":1,\"961\":1,\"987\":1,\"1054\":1,\"1057\":2,\"1171\":1,\"1194\":1,\"1322\":1,\"1345\":1,\"1363\":2,\"1494\":1,\"1520\":1,\"1539\":2,\"1671\":1,\"1697\":1,\"1716\":2,\"1848\":1,\"1874\":1,\"1893\":2,\"2025\":1,\"2051\":1,\"2070\":2,\"2202\":1,\"2228\":1,\"2247\":2,\"2332\":1,\"2335\":1,\"2392\":1,\"2418\":1,\"2459\":1,\"2462\":2,\"2551\":1,\"2554\":1,\"2611\":1,\"2637\":1,\"2678\":1,\"2681\":2,\"2770\":1,\"2773\":1,\"2830\":1,\"2856\":1,\"2897\":1,\"2900\":2,\"2989\":1,\"2992\":1,\"3049\":1,\"3075\":1,\"3116\":1,\"3119\":2,\"3208\":1,\"3211\":1,\"3244\":1,\"3270\":1,\"3337\":1,\"3340\":2}}],[\"trying\",{\"1\":{\"344\":1}}],[\"try\",{\"1\":{\"159\":9}}],[\"true\",{\"1\":{\"159\":28,\"160\":18,\"184\":1,\"185\":1,\"186\":1,\"195\":1,\"204\":1,\"222\":1,\"223\":1,\"230\":1,\"250\":1,\"327\":9,\"349\":1,\"356\":1,\"930\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"953\":1,\"956\":1,\"973\":1,\"974\":1,\"981\":1,\"993\":1,\"1002\":1,\"1003\":2,\"1005\":1,\"1025\":2,\"1027\":3,\"1065\":1,\"1066\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1086\":1,\"1095\":1,\"1096\":2,\"1098\":1,\"1118\":2,\"1119\":1,\"1121\":3,\"1143\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1183\":1,\"1184\":1,\"1191\":1,\"1205\":1,\"1206\":2,\"1208\":1,\"1233\":1,\"1234\":1,\"1250\":1,\"1273\":1,\"1274\":2,\"1276\":1,\"1294\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1334\":1,\"1335\":1,\"1342\":1,\"1371\":1,\"1372\":1,\"1389\":1,\"1397\":1,\"1398\":2,\"1400\":1,\"1420\":2,\"1421\":1,\"1423\":3,\"1445\":1,\"1446\":2,\"1448\":1,\"1466\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1486\":1,\"1489\":1,\"1506\":1,\"1507\":1,\"1514\":1,\"1547\":1,\"1548\":1,\"1565\":1,\"1573\":1,\"1574\":2,\"1576\":1,\"1596\":2,\"1597\":1,\"1599\":3,\"1622\":1,\"1623\":2,\"1625\":1,\"1643\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1663\":1,\"1666\":1,\"1683\":1,\"1684\":1,\"1691\":1,\"1724\":1,\"1725\":1,\"1742\":1,\"1750\":1,\"1751\":2,\"1753\":1,\"1773\":2,\"1774\":1,\"1776\":3,\"1799\":1,\"1800\":2,\"1802\":1,\"1820\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1840\":1,\"1843\":1,\"1860\":1,\"1861\":1,\"1868\":1,\"1901\":1,\"1902\":1,\"1919\":1,\"1927\":1,\"1928\":2,\"1930\":1,\"1950\":2,\"1951\":1,\"1953\":3,\"1976\":1,\"1977\":2,\"1979\":1,\"1997\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2017\":1,\"2020\":1,\"2037\":1,\"2038\":1,\"2045\":1,\"2078\":1,\"2079\":1,\"2096\":1,\"2104\":1,\"2105\":2,\"2107\":1,\"2127\":2,\"2128\":1,\"2130\":3,\"2153\":1,\"2154\":2,\"2156\":1,\"2174\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2194\":1,\"2197\":1,\"2214\":1,\"2215\":1,\"2222\":1,\"2255\":1,\"2256\":1,\"2273\":1,\"2281\":1,\"2282\":2,\"2284\":1,\"2304\":2,\"2305\":1,\"2307\":3,\"2340\":1,\"2341\":2,\"2343\":1,\"2361\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2384\":1,\"2387\":1,\"2404\":1,\"2405\":1,\"2412\":1,\"2424\":1,\"2432\":2,\"2434\":3,\"2470\":1,\"2471\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2491\":1,\"2500\":1,\"2501\":2,\"2503\":1,\"2523\":2,\"2524\":1,\"2526\":3,\"2559\":1,\"2560\":2,\"2562\":1,\"2580\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2603\":1,\"2606\":1,\"2623\":1,\"2624\":1,\"2631\":1,\"2643\":1,\"2651\":2,\"2653\":3,\"2689\":1,\"2690\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2710\":1,\"2719\":1,\"2720\":2,\"2722\":1,\"2742\":2,\"2743\":1,\"2745\":3,\"2778\":1,\"2779\":2,\"2781\":1,\"2799\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2822\":1,\"2825\":1,\"2842\":1,\"2843\":1,\"2850\":1,\"2862\":1,\"2870\":2,\"2872\":3,\"2908\":1,\"2909\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2929\":1,\"2938\":1,\"2939\":2,\"2941\":1,\"2961\":2,\"2962\":1,\"2964\":3,\"2997\":1,\"2998\":2,\"3000\":1,\"3018\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3041\":1,\"3044\":1,\"3061\":1,\"3062\":1,\"3069\":1,\"3081\":1,\"3089\":2,\"3091\":3,\"3127\":1,\"3128\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3148\":1,\"3157\":1,\"3158\":2,\"3160\":1,\"3180\":2,\"3181\":1,\"3183\":3,\"3213\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3236\":1,\"3239\":1,\"3256\":1,\"3257\":1,\"3264\":1,\"3276\":1,\"3285\":1,\"3286\":2,\"3288\":1,\"3308\":2,\"3310\":3,\"3348\":1,\"3349\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3369\":1,\"3378\":1,\"3379\":2,\"3381\":1,\"3401\":2,\"3402\":1,\"3404\":3}}],[\"trust\",{\"0\":{\"205\":1,\"228\":1,\"249\":1,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1064\":1,\"1106\":1,\"1108\":1,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2469\":1,\"2511\":1,\"2513\":1,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2688\":1,\"2730\":1,\"2732\":1,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2907\":1,\"2949\":1,\"2951\":1,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3126\":1,\"3168\":1,\"3170\":1,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3347\":1,\"3389\":1,\"3391\":1},\"1\":{\"85\":1,\"94\":1,\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"205\":2,\"228\":2,\"249\":2,\"284\":1,\"295\":1,\"327\":20,\"415\":1,\"438\":1,\"453\":3,\"455\":4,\"457\":2,\"458\":9,\"459\":1,\"460\":1,\"461\":5,\"462\":5,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"564\":1,\"586\":1,\"594\":1,\"616\":1,\"624\":1,\"639\":1,\"662\":1,\"670\":1,\"685\":1,\"708\":1,\"716\":1,\"731\":1,\"754\":1,\"762\":1,\"777\":1,\"800\":1,\"808\":1,\"823\":1,\"846\":1,\"854\":1,\"869\":1,\"892\":1,\"907\":3,\"909\":4,\"911\":2,\"912\":9,\"913\":1,\"914\":1,\"915\":5,\"916\":5,\"957\":2,\"979\":2,\"1013\":2,\"1015\":2,\"1026\":1,\"1027\":1,\"1044\":3,\"1064\":2,\"1106\":2,\"1108\":2,\"1120\":1,\"1121\":1,\"1138\":3,\"1166\":2,\"1189\":2,\"1216\":2,\"1218\":2,\"1232\":2,\"1284\":2,\"1286\":2,\"1317\":2,\"1340\":2,\"1370\":2,\"1408\":2,\"1410\":2,\"1422\":1,\"1423\":1,\"1456\":2,\"1458\":2,\"1490\":2,\"1512\":2,\"1546\":2,\"1584\":2,\"1586\":2,\"1598\":1,\"1599\":1,\"1633\":2,\"1635\":2,\"1667\":2,\"1689\":2,\"1723\":2,\"1761\":2,\"1763\":2,\"1775\":1,\"1776\":1,\"1810\":2,\"1812\":2,\"1844\":2,\"1866\":2,\"1900\":2,\"1938\":2,\"1940\":2,\"1952\":1,\"1953\":1,\"1987\":2,\"1989\":2,\"2021\":2,\"2043\":2,\"2077\":2,\"2115\":2,\"2117\":2,\"2129\":1,\"2130\":1,\"2164\":2,\"2166\":2,\"2198\":2,\"2220\":2,\"2254\":2,\"2292\":2,\"2294\":2,\"2306\":1,\"2307\":1,\"2351\":2,\"2353\":2,\"2388\":2,\"2410\":2,\"2433\":1,\"2434\":1,\"2469\":2,\"2511\":2,\"2513\":2,\"2525\":1,\"2526\":1,\"2570\":2,\"2572\":2,\"2607\":2,\"2629\":2,\"2652\":1,\"2653\":1,\"2688\":2,\"2730\":2,\"2732\":2,\"2744\":1,\"2745\":1,\"2789\":2,\"2791\":2,\"2826\":2,\"2848\":2,\"2871\":1,\"2872\":1,\"2907\":2,\"2949\":2,\"2951\":2,\"2963\":1,\"2964\":1,\"3008\":2,\"3010\":2,\"3045\":2,\"3067\":2,\"3090\":1,\"3091\":1,\"3126\":2,\"3168\":2,\"3170\":2,\"3182\":1,\"3183\":1,\"3240\":2,\"3262\":2,\"3296\":2,\"3298\":2,\"3309\":1,\"3310\":1,\"3327\":3,\"3347\":2,\"3389\":2,\"3391\":2,\"3403\":1,\"3404\":1,\"3421\":3}}],[\"trusted\",{\"0\":{\"451\":1,\"456\":1,\"457\":1,\"905\":1,\"910\":1,\"911\":1},\"1\":{\"82\":1,\"205\":1,\"228\":1,\"249\":1,\"327\":3,\"338\":1,\"415\":2,\"450\":1,\"451\":1,\"460\":1,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2,\"904\":1,\"905\":1,\"914\":1,\"957\":1,\"979\":1,\"1013\":1,\"1015\":1,\"1026\":2,\"1064\":1,\"1106\":1,\"1108\":1,\"1120\":2,\"1166\":1,\"1189\":1,\"1216\":1,\"1218\":1,\"1232\":1,\"1284\":1,\"1286\":1,\"1317\":1,\"1340\":1,\"1370\":1,\"1408\":1,\"1410\":1,\"1422\":2,\"1456\":1,\"1458\":1,\"1490\":1,\"1512\":1,\"1546\":1,\"1584\":1,\"1586\":1,\"1598\":2,\"1633\":1,\"1635\":1,\"1667\":1,\"1689\":1,\"1723\":1,\"1761\":1,\"1763\":1,\"1775\":2,\"1810\":1,\"1812\":1,\"1844\":1,\"1866\":1,\"1900\":1,\"1938\":1,\"1940\":1,\"1952\":2,\"1987\":1,\"1989\":1,\"2021\":1,\"2043\":1,\"2077\":1,\"2115\":1,\"2117\":1,\"2129\":2,\"2164\":1,\"2166\":1,\"2198\":1,\"2220\":1,\"2254\":1,\"2292\":1,\"2294\":1,\"2306\":2,\"2351\":1,\"2353\":1,\"2388\":1,\"2410\":1,\"2433\":2,\"2469\":1,\"2511\":1,\"2513\":1,\"2525\":2,\"2570\":1,\"2572\":1,\"2607\":1,\"2629\":1,\"2652\":2,\"2688\":1,\"2730\":1,\"2732\":1,\"2744\":2,\"2789\":1,\"2791\":1,\"2826\":1,\"2848\":1,\"2871\":2,\"2907\":1,\"2949\":1,\"2951\":1,\"2963\":2,\"3008\":1,\"3010\":1,\"3045\":1,\"3067\":1,\"3090\":2,\"3126\":1,\"3168\":1,\"3170\":1,\"3182\":2,\"3240\":1,\"3262\":1,\"3296\":1,\"3298\":1,\"3309\":2,\"3347\":1,\"3389\":1,\"3391\":1,\"3403\":2}}],[\"troubles\",{\"1\":{\"136\":1}}],[\"troubleshooting\",{\"0\":{\"136\":1}}],[\"trivy\",{\"1\":{\"141\":1,\"142\":1}}],[\"triangle\",{\"1\":{\"128\":2}}],[\"triggered\",{\"1\":{\"364\":1}}],[\"triggering\",{\"1\":{\"354\":1}}],[\"triggers\",{\"1\":{\"145\":2}}],[\"trigger\",{\"1\":{\"99\":1,\"145\":1,\"169\":1,\"323\":1,\"354\":1,\"390\":1,\"393\":1}}],[\"track\",{\"1\":{\"415\":1,\"417\":1,\"639\":1,\"641\":1,\"685\":1,\"687\":1,\"731\":1,\"733\":1,\"777\":1,\"779\":1,\"823\":1,\"825\":1,\"869\":1,\"871\":1}}],[\"traffic\",{\"1\":{\"100\":1,\"170\":1}}],[\"transport\",{\"1\":{\"109\":1,\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"transmit\",{\"1\":{\"94\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"transit\",{\"1\":{\"81\":2}}],[\"transformation\",{\"1\":{\"78\":1}}],[\"transferred\",{\"1\":{\"91\":2,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"transfers\",{\"1\":{\"91\":1}}],[\"transfer\",{\"0\":{\"130\":1},\"1\":{\"1\":1,\"20\":1,\"26\":1,\"91\":1,\"128\":1,\"130\":2,\"285\":4,\"286\":2,\"296\":4,\"297\":2,\"304\":4,\"307\":4,\"431\":1,\"610\":2,\"656\":2,\"702\":2,\"748\":2,\"793\":1,\"839\":1,\"885\":1}}],[\"tutorialexamplestarter\",{\"1\":{\"338\":3,\"342\":1,\"349\":1,\"352\":2,\"367\":1,\"377\":1,\"393\":1}}],[\"tutorialconfig\",{\"1\":{\"332\":1,\"335\":1,\"346\":1,\"349\":2,\"364\":1}}],[\"tutorialprocessplugindefinition\",{\"1\":{\"332\":3,\"349\":1,\"364\":1,\"390\":1}}],[\"tutorials\",{\"0\":{\"121\":1}}],[\"tutorial\",{\"0\":{\"317\":1,\"331\":1},\"1\":{\"28\":1,\"31\":1,\"116\":4,\"117\":3,\"118\":1,\"119\":1,\"121\":1,\"318\":2,\"319\":1,\"320\":1,\"327\":1,\"329\":2,\"331\":4,\"332\":1,\"333\":1,\"337\":1,\"338\":6,\"341\":1,\"342\":2,\"346\":1,\"348\":1,\"349\":3,\"351\":1,\"352\":3,\"366\":1,\"367\":6,\"374\":1,\"376\":1,\"377\":4,\"392\":1,\"393\":10,\"394\":1,\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1}}],[\"tar\",{\"1\":{\"289\":9,\"290\":9,\"300\":9,\"301\":9,\"303\":17,\"442\":4,\"443\":4,\"481\":4,\"482\":4,\"504\":4,\"505\":4,\"530\":4,\"531\":4,\"560\":4,\"561\":4,\"590\":4,\"591\":4,\"620\":4,\"621\":4,\"666\":4,\"667\":4,\"712\":4,\"713\":4,\"758\":4,\"759\":4,\"804\":4,\"805\":4,\"850\":4,\"851\":4,\"896\":4,\"897\":4}}],[\"targets\",{\"1\":{\"347\":1,\"451\":1,\"905\":1}}],[\"target\",{\"0\":{\"118\":1},\"1\":{\"118\":1,\"269\":1,\"285\":1,\"296\":1,\"304\":6,\"327\":22,\"333\":1,\"346\":1,\"364\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1}}],[\"table\",{\"1\":{\"160\":1}}],[\"tab\",{\"1\":{\"159\":1,\"160\":1}}],[\"tabulation\",{\"1\":{\"159\":2}}],[\"tabs\",{\"1\":{\"159\":1}}],[\"tag>\",{\"1\":{\"348\":1}}],[\"tags\",{\"1\":{\"159\":5,\"160\":1}}],[\"tag\",{\"1\":{\"141\":3,\"142\":3,\"159\":2,\"290\":7,\"301\":2,\"348\":5}}],[\"tasked\",{\"1\":{\"118\":1}}],[\"tasks\",{\"0\":{\"335\":1,\"342\":1,\"349\":1,\"364\":1,\"374\":1,\"390\":1},\"1\":{\"99\":1,\"109\":1,\"169\":1}}],[\"taskresource\",{\"1\":{\"97\":2}}],[\"taskresources\",{\"1\":{\"97\":1}}],[\"task\",{\"0\":{\"154\":1,\"209\":1,\"210\":1,\"211\":1,\"333\":1,\"347\":1,\"356\":1,\"357\":1,\"360\":1,\"386\":1,\"960\":1,\"961\":1,\"962\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3243\":1,\"3244\":1,\"3245\":1},\"1\":{\"89\":3,\"90\":2,\"97\":1,\"99\":3,\"143\":1,\"154\":7,\"169\":3,\"209\":1,\"210\":1,\"211\":2,\"290\":1,\"301\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"332\":1,\"333\":4,\"334\":1,\"335\":2,\"338\":7,\"345\":1,\"347\":6,\"348\":7,\"349\":2,\"352\":3,\"354\":1,\"356\":3,\"357\":1,\"359\":1,\"360\":1,\"363\":1,\"364\":2,\"367\":7,\"374\":1,\"377\":2,\"381\":3,\"383\":2,\"385\":1,\"386\":1,\"389\":1,\"390\":4,\"393\":9,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"960\":1,\"961\":1,\"962\":2,\"990\":1,\"1170\":1,\"1171\":1,\"1172\":2,\"1321\":1,\"1322\":1,\"1323\":2,\"1493\":1,\"1494\":1,\"1495\":2,\"1523\":1,\"1670\":1,\"1671\":1,\"1672\":2,\"1700\":1,\"1847\":1,\"1848\":1,\"1849\":2,\"1877\":1,\"2024\":1,\"2025\":1,\"2026\":2,\"2054\":1,\"2201\":1,\"2202\":1,\"2203\":2,\"2231\":1,\"2391\":1,\"2392\":1,\"2393\":2,\"2421\":1,\"2610\":1,\"2611\":1,\"2612\":2,\"2640\":1,\"2829\":1,\"2830\":1,\"2831\":2,\"2859\":1,\"3048\":1,\"3049\":1,\"3050\":2,\"3078\":1,\"3243\":1,\"3244\":1,\"3245\":2,\"3273\":1}}],[\"talks\",{\"0\":{\"25\":1,\"27\":1,\"122\":1}}],[\"taken\",{\"1\":{\"152\":1,\"153\":1}}],[\"takes\",{\"1\":{\"139\":1}}],[\"take\",{\"0\":{\"2\":1,\"87\":1},\"1\":{\"33\":1,\"35\":1,\"71\":1,\"162\":1,\"163\":1,\"322\":1,\"329\":1,\"334\":1,\"341\":1,\"344\":1,\"348\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"570\":1,\"571\":1,\"600\":1,\"601\":1,\"646\":1,\"647\":1,\"692\":1,\"693\":1,\"738\":1,\"739\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"telesec\",{\"1\":{\"457\":1,\"911\":1}}],[\"tell\",{\"1\":{\"338\":1}}],[\"text\",{\"1\":{\"446\":1,\"900\":1}}],[\"template\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"temporarily\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1,\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1}}],[\"tee\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"ternary\",{\"1\":{\"160\":1}}],[\"terminating\",{\"1\":{\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1}}],[\"terminate\",{\"1\":{\"99\":1,\"100\":1,\"169\":1,\"170\":1}}],[\"terminology\",{\"1\":{\"94\":1,\"95\":1,\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"terminverschiebung\",{\"1\":{\"41\":1}}],[\"termins\",{\"1\":{\"16\":1}}],[\"termin\",{\"1\":{\"15\":1}}],[\"techniques\",{\"1\":{\"94\":1}}],[\"technical\",{\"0\":{\"128\":1},\"1\":{\"82\":2,\"98\":1,\"116\":1,\"117\":1,\"130\":1,\"381\":1}}],[\"technischen\",{\"1\":{\"14\":1}}],[\"technische\",{\"1\":{\"14\":1,\"41\":1}}],[\"technologies\",{\"1\":{\"77\":1}}],[\"technol\",{\"1\":{\"26\":10}}],[\"testca\",{\"1\":{\"134\":1,\"135\":1,\"338\":1}}],[\"tests\",{\"0\":{\"337\":1,\"338\":1,\"351\":1,\"352\":1,\"366\":1,\"367\":1,\"376\":1,\"377\":1,\"392\":1,\"393\":1},\"1\":{\"105\":1,\"141\":1,\"142\":1,\"151\":2,\"331\":1,\"404\":1,\"628\":1,\"674\":1,\"720\":1,\"766\":1,\"812\":1,\"858\":1}}],[\"testsystem\",{\"1\":{\"17\":1}}],[\"testing\",{\"0\":{\"134\":1,\"135\":1,\"137\":1},\"1\":{\"37\":1,\"104\":1,\"320\":1,\"329\":1,\"419\":3,\"643\":3,\"689\":3,\"735\":3,\"781\":3,\"827\":3,\"873\":3,\"1016\":2,\"1017\":2,\"1018\":2,\"1019\":2,\"1020\":1,\"1109\":2,\"1110\":2,\"1111\":2,\"1112\":2,\"1113\":1,\"1219\":2,\"1220\":2,\"1221\":2,\"1222\":2,\"1223\":1,\"1287\":2,\"1288\":2,\"1289\":2,\"1290\":2,\"1291\":1,\"1411\":2,\"1412\":2,\"1413\":2,\"1414\":2,\"1415\":1,\"1459\":2,\"1460\":2,\"1461\":2,\"1462\":2,\"1463\":1,\"1587\":2,\"1588\":2,\"1589\":2,\"1590\":2,\"1591\":1,\"1636\":2,\"1637\":2,\"1638\":2,\"1639\":2,\"1640\":1,\"1764\":2,\"1765\":2,\"1766\":2,\"1767\":2,\"1768\":1,\"1813\":2,\"1814\":2,\"1815\":2,\"1816\":2,\"1817\":1,\"1941\":2,\"1942\":2,\"1943\":2,\"1944\":2,\"1945\":1,\"1990\":2,\"1991\":2,\"1992\":2,\"1993\":2,\"1994\":1,\"2118\":2,\"2119\":2,\"2120\":2,\"2121\":2,\"2122\":1,\"2167\":2,\"2168\":2,\"2169\":2,\"2170\":2,\"2171\":1,\"2295\":2,\"2296\":2,\"2297\":2,\"2298\":2,\"2299\":1,\"2354\":2,\"2355\":2,\"2356\":2,\"2357\":2,\"2358\":1,\"2514\":2,\"2515\":2,\"2516\":2,\"2517\":2,\"2518\":1,\"2573\":2,\"2574\":2,\"2575\":2,\"2576\":2,\"2577\":1,\"2733\":2,\"2734\":2,\"2735\":2,\"2736\":2,\"2737\":1,\"2792\":2,\"2793\":2,\"2794\":2,\"2795\":2,\"2796\":1,\"2952\":2,\"2953\":2,\"2954\":2,\"2955\":2,\"2956\":1,\"3011\":2,\"3012\":2,\"3013\":2,\"3014\":2,\"3015\":1,\"3171\":2,\"3172\":2,\"3173\":2,\"3174\":2,\"3175\":1,\"3299\":2,\"3300\":2,\"3301\":2,\"3302\":2,\"3303\":1,\"3392\":2,\"3393\":2,\"3394\":2,\"3395\":2,\"3396\":1}}],[\"testinfrastruktur\",{\"1\":{\"14\":1}}],[\"testdaten\",{\"1\":{\"17\":1}}],[\"test\",{\"0\":{\"131\":1,\"132\":1,\"139\":1,\"151\":1,\"331\":1,\"400\":1},\"1\":{\"16\":7,\"20\":1,\"31\":1,\"102\":1,\"107\":1,\"117\":1,\"131\":2,\"134\":8,\"135\":12,\"137\":2,\"138\":4,\"139\":4,\"141\":1,\"142\":1,\"151\":2,\"223\":1,\"289\":4,\"290\":5,\"300\":4,\"301\":5,\"303\":9,\"304\":3,\"306\":1,\"307\":3,\"309\":1,\"310\":3,\"312\":1,\"313\":2,\"315\":1,\"316\":2,\"327\":7,\"331\":4,\"337\":1,\"338\":12,\"341\":1,\"342\":4,\"349\":1,\"351\":1,\"352\":6,\"354\":5,\"364\":3,\"366\":1,\"367\":18,\"376\":1,\"377\":10,\"379\":4,\"392\":1,\"393\":25,\"399\":2,\"403\":1,\"412\":2,\"428\":1,\"429\":2,\"431\":1,\"459\":1,\"462\":1,\"470\":1,\"471\":1,\"493\":1,\"494\":1,\"511\":1,\"519\":1,\"520\":1,\"536\":1,\"537\":2,\"546\":1,\"547\":2,\"564\":1,\"567\":1,\"576\":1,\"577\":2,\"594\":1,\"597\":1,\"606\":1,\"607\":2,\"624\":1,\"627\":1,\"636\":2,\"652\":1,\"653\":2,\"670\":1,\"673\":1,\"682\":2,\"698\":1,\"699\":2,\"716\":1,\"719\":1,\"728\":2,\"744\":1,\"745\":2,\"762\":1,\"765\":1,\"774\":2,\"790\":1,\"791\":2,\"793\":1,\"808\":1,\"811\":1,\"820\":2,\"836\":1,\"837\":2,\"839\":1,\"854\":1,\"857\":1,\"866\":2,\"882\":1,\"883\":2,\"885\":1,\"913\":1,\"916\":1,\"928\":2,\"974\":1,\"994\":2,\"995\":1,\"1014\":1,\"1027\":1,\"1057\":2,\"1087\":2,\"1088\":1,\"1107\":1,\"1121\":1,\"1184\":1,\"1197\":1,\"1217\":1,\"1251\":1,\"1285\":1,\"1335\":1,\"1348\":1,\"1363\":2,\"1390\":1,\"1409\":1,\"1423\":1,\"1457\":1,\"1507\":1,\"1524\":1,\"1539\":2,\"1566\":1,\"1585\":1,\"1599\":1,\"1634\":1,\"1684\":1,\"1701\":1,\"1716\":2,\"1743\":1,\"1762\":1,\"1776\":1,\"1811\":1,\"1861\":1,\"1878\":1,\"1893\":2,\"1920\":1,\"1939\":1,\"1953\":1,\"1988\":1,\"2038\":1,\"2055\":1,\"2070\":2,\"2097\":1,\"2116\":1,\"2130\":1,\"2165\":1,\"2215\":1,\"2232\":1,\"2247\":2,\"2274\":1,\"2293\":1,\"2307\":1,\"2335\":2,\"2352\":1,\"2405\":1,\"2425\":2,\"2426\":1,\"2434\":1,\"2462\":2,\"2492\":2,\"2493\":1,\"2512\":1,\"2526\":1,\"2554\":2,\"2571\":1,\"2624\":1,\"2644\":2,\"2645\":1,\"2653\":1,\"2681\":2,\"2711\":2,\"2712\":1,\"2731\":1,\"2745\":1,\"2773\":2,\"2790\":1,\"2843\":1,\"2863\":2,\"2864\":1,\"2872\":1,\"2900\":2,\"2930\":2,\"2931\":1,\"2950\":1,\"2964\":1,\"2992\":2,\"3009\":1,\"3062\":1,\"3082\":2,\"3083\":1,\"3091\":1,\"3119\":2,\"3149\":2,\"3150\":1,\"3169\":1,\"3183\":1,\"3211\":2,\"3257\":1,\"3277\":2,\"3278\":1,\"3297\":1,\"3310\":1,\"3340\":2,\"3370\":2,\"3371\":1,\"3390\":1,\"3404\":1}}],[\"testen\",{\"1\":{\"15\":1}}],[\"teilnahme\",{\"1\":{\"14\":1}}],[\"team\",{\"0\":{\"83\":1},\"1\":{\"12\":1,\"35\":1,\"38\":1,\"83\":1,\"113\":1,\"168\":1,\"415\":1,\"417\":1,\"639\":1,\"641\":1,\"685\":1,\"687\":1,\"731\":1,\"733\":1,\"777\":1,\"779\":1,\"823\":1,\"825\":1,\"869\":1,\"871\":1}}],[\"t\",{\"1\":{\"12\":1,\"26\":6,\"97\":1,\"145\":1,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"417\":1,\"444\":1,\"457\":1,\"481\":1,\"483\":1,\"506\":1,\"532\":1,\"536\":1,\"562\":1,\"592\":1,\"622\":1,\"641\":1,\"668\":1,\"687\":1,\"714\":1,\"733\":1,\"760\":1,\"779\":1,\"806\":1,\"825\":1,\"852\":1,\"871\":1,\"898\":1,\"911\":1,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"thoroughly\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"thorough\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"those\",{\"1\":{\"116\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"thumprint\",{\"1\":{\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"thumbprint\",{\"0\":{\"922\":1,\"1051\":1,\"1083\":1,\"1357\":1,\"1386\":1,\"1533\":1,\"1562\":1,\"1710\":1,\"1739\":1,\"1887\":1,\"1916\":1,\"2064\":1,\"2093\":1,\"2241\":1,\"2270\":1,\"2329\":1,\"2456\":1,\"2488\":1,\"2548\":1,\"2675\":1,\"2707\":1,\"2767\":1,\"2894\":1,\"2926\":1,\"2986\":1,\"3113\":1,\"3145\":1,\"3205\":1,\"3334\":1,\"3366\":1},\"1\":{\"265\":2,\"266\":2,\"289\":4,\"300\":4,\"442\":1,\"481\":4,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":1,\"921\":1,\"922\":1,\"928\":1,\"1049\":2,\"1050\":1,\"1051\":1,\"1057\":1,\"1083\":3,\"1355\":2,\"1356\":1,\"1357\":1,\"1363\":1,\"1386\":3,\"1531\":2,\"1532\":1,\"1533\":1,\"1539\":1,\"1562\":3,\"1708\":2,\"1709\":1,\"1710\":1,\"1716\":1,\"1739\":3,\"1885\":2,\"1886\":1,\"1887\":1,\"1893\":1,\"1916\":3,\"2062\":2,\"2063\":1,\"2064\":1,\"2070\":1,\"2093\":3,\"2239\":2,\"2240\":1,\"2241\":1,\"2247\":1,\"2270\":3,\"2327\":1,\"2328\":1,\"2329\":1,\"2335\":1,\"2454\":2,\"2455\":1,\"2456\":1,\"2462\":1,\"2488\":3,\"2546\":1,\"2547\":1,\"2548\":1,\"2554\":1,\"2673\":2,\"2674\":1,\"2675\":1,\"2681\":1,\"2707\":3,\"2765\":1,\"2766\":1,\"2767\":1,\"2773\":1,\"2892\":2,\"2893\":1,\"2894\":1,\"2900\":1,\"2926\":3,\"2984\":1,\"2985\":1,\"2986\":1,\"2992\":1,\"3111\":2,\"3112\":1,\"3113\":1,\"3119\":1,\"3145\":3,\"3203\":1,\"3204\":1,\"3205\":1,\"3211\":1,\"3332\":2,\"3333\":1,\"3334\":1,\"3340\":1,\"3366\":3}}],[\"thumbprints\",{\"0\":{\"265\":1,\"266\":1},\"1\":{\"265\":2,\"266\":2,\"289\":6,\"300\":6,\"327\":12,\"481\":1,\"920\":2,\"922\":2,\"1049\":2,\"1051\":2,\"1355\":2,\"1357\":2,\"1531\":2,\"1533\":2,\"1708\":2,\"1710\":2,\"1885\":2,\"1887\":2,\"2062\":2,\"2064\":2,\"2239\":2,\"2241\":2,\"2327\":2,\"2329\":2,\"2454\":2,\"2456\":2,\"2546\":2,\"2548\":2,\"2673\":2,\"2675\":2,\"2765\":2,\"2767\":2,\"2892\":2,\"2894\":2,\"2984\":2,\"2986\":2,\"3111\":2,\"3113\":2,\"3203\":2,\"3205\":2,\"3332\":2,\"3334\":2}}],[\"thus\",{\"1\":{\"98\":1}}],[\"think\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"thirdly\",{\"1\":{\"85\":1}}],[\"third\",{\"1\":{\"82\":1,\"134\":1,\"135\":1,\"323\":1,\"354\":1,\"379\":1,\"393\":1,\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"this\",{\"1\":{\"0\":1,\"8\":1,\"9\":1,\"13\":1,\"32\":1,\"35\":1,\"36\":1,\"37\":1,\"39\":2,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"89\":1,\"90\":2,\"91\":1,\"94\":1,\"95\":2,\"96\":2,\"97\":1,\"100\":1,\"102\":2,\"103\":1,\"105\":1,\"106\":1,\"107\":1,\"109\":1,\"114\":1,\"116\":3,\"117\":2,\"118\":1,\"122\":1,\"127\":3,\"128\":2,\"135\":1,\"144\":1,\"154\":3,\"162\":2,\"163\":2,\"170\":1,\"184\":1,\"185\":1,\"186\":1,\"247\":1,\"260\":1,\"280\":2,\"286\":1,\"288\":2,\"289\":2,\"291\":2,\"297\":1,\"299\":2,\"300\":2,\"318\":2,\"319\":1,\"320\":1,\"324\":1,\"329\":2,\"331\":1,\"332\":4,\"333\":3,\"340\":1,\"341\":2,\"344\":1,\"347\":1,\"348\":4,\"356\":2,\"357\":1,\"359\":1,\"360\":1,\"369\":1,\"379\":1,\"381\":2,\"383\":2,\"385\":1,\"386\":1,\"394\":1,\"398\":1,\"399\":1,\"400\":1,\"408\":1,\"410\":1,\"411\":1,\"412\":1,\"413\":2,\"415\":4,\"417\":1,\"419\":2,\"427\":1,\"441\":2,\"446\":1,\"459\":1,\"460\":1,\"469\":1,\"470\":1,\"473\":1,\"480\":2,\"492\":1,\"493\":1,\"496\":1,\"503\":2,\"518\":1,\"519\":1,\"522\":1,\"529\":2,\"544\":1,\"545\":1,\"559\":2,\"564\":1,\"574\":1,\"575\":1,\"589\":2,\"594\":1,\"604\":1,\"605\":1,\"619\":2,\"624\":1,\"632\":1,\"634\":1,\"635\":1,\"636\":1,\"637\":2,\"639\":4,\"641\":1,\"643\":2,\"650\":1,\"651\":1,\"665\":2,\"670\":1,\"678\":1,\"680\":1,\"681\":1,\"682\":1,\"683\":2,\"685\":4,\"687\":1,\"689\":2,\"696\":1,\"697\":1,\"711\":2,\"716\":1,\"724\":1,\"726\":1,\"727\":1,\"728\":1,\"729\":2,\"731\":4,\"733\":1,\"735\":2,\"742\":1,\"743\":1,\"757\":2,\"762\":1,\"770\":1,\"772\":1,\"773\":1,\"774\":1,\"775\":2,\"777\":4,\"779\":1,\"781\":2,\"788\":1,\"789\":1,\"803\":2,\"808\":1,\"816\":1,\"818\":1,\"819\":1,\"820\":1,\"821\":2,\"823\":4,\"825\":1,\"827\":2,\"835\":1,\"849\":2,\"854\":1,\"862\":1,\"864\":1,\"865\":1,\"866\":1,\"867\":2,\"869\":4,\"871\":1,\"873\":2,\"881\":1,\"895\":2,\"900\":1,\"913\":1,\"914\":1,\"920\":1,\"922\":1,\"928\":2,\"930\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1026\":1,\"1049\":1,\"1051\":1,\"1057\":2,\"1062\":1,\"1066\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1120\":1,\"1143\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1230\":1,\"1234\":1,\"1245\":1,\"1294\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1355\":1,\"1357\":1,\"1363\":2,\"1368\":1,\"1372\":1,\"1383\":1,\"1422\":1,\"1466\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1531\":1,\"1533\":1,\"1539\":2,\"1544\":1,\"1548\":1,\"1559\":1,\"1598\":1,\"1643\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1708\":1,\"1710\":1,\"1716\":2,\"1721\":1,\"1725\":1,\"1736\":1,\"1775\":1,\"1820\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1885\":1,\"1887\":1,\"1893\":2,\"1898\":1,\"1902\":1,\"1913\":1,\"1952\":1,\"1997\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2062\":1,\"2064\":1,\"2070\":2,\"2075\":1,\"2079\":1,\"2090\":1,\"2129\":1,\"2174\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2239\":1,\"2241\":1,\"2247\":2,\"2252\":1,\"2256\":1,\"2267\":1,\"2306\":1,\"2327\":1,\"2329\":1,\"2335\":2,\"2361\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2433\":1,\"2454\":1,\"2456\":1,\"2462\":2,\"2467\":1,\"2471\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2525\":1,\"2546\":1,\"2548\":1,\"2554\":2,\"2580\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2652\":1,\"2673\":1,\"2675\":1,\"2681\":2,\"2686\":1,\"2690\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2744\":1,\"2765\":1,\"2767\":1,\"2773\":2,\"2799\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2871\":1,\"2892\":1,\"2894\":1,\"2900\":2,\"2905\":1,\"2909\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2963\":1,\"2984\":1,\"2986\":1,\"2992\":2,\"3018\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3090\":1,\"3111\":1,\"3113\":1,\"3119\":2,\"3124\":1,\"3128\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3182\":1,\"3203\":1,\"3205\":1,\"3211\":2,\"3213\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3309\":1,\"3332\":1,\"3334\":1,\"3340\":2,\"3345\":1,\"3349\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3403\":1}}],[\"threads\",{\"0\":{\"990\":1,\"1523\":1,\"1700\":1,\"1877\":1,\"2054\":1,\"2231\":1,\"2421\":1,\"2640\":1,\"2859\":1,\"3078\":1,\"3273\":1},\"1\":{\"983\":1,\"984\":1,\"990\":2,\"1516\":1,\"1517\":1,\"1523\":2,\"1693\":1,\"1694\":1,\"1700\":2,\"1870\":1,\"1871\":1,\"1877\":2,\"2047\":1,\"2048\":1,\"2054\":2,\"2224\":1,\"2225\":1,\"2231\":2,\"2414\":1,\"2415\":1,\"2421\":2,\"2633\":1,\"2634\":1,\"2640\":2,\"2852\":1,\"2853\":1,\"2859\":2,\"3071\":1,\"3072\":1,\"3078\":2,\"3266\":1,\"3267\":1,\"3273\":2}}],[\"three\",{\"1\":{\"82\":1,\"88\":1,\"139\":1,\"325\":1,\"331\":3,\"347\":2,\"379\":1,\"390\":1,\"393\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"thrilled\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"thru\",{\"1\":{\"342\":1}}],[\"throw\",{\"1\":{\"159\":1,\"390\":2}}],[\"throws\",{\"1\":{\"159\":6,\"160\":2}}],[\"through\",{\"1\":{\"5\":1,\"12\":1,\"82\":1,\"144\":1,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"244\":1,\"245\":1,\"246\":1,\"348\":2}}],[\"thank\",{\"1\":{\"83\":1,\"419\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"643\":1,\"653\":1,\"669\":1,\"689\":1,\"699\":1,\"715\":1,\"735\":1,\"745\":1,\"761\":1,\"781\":1,\"791\":1,\"807\":1,\"827\":1,\"837\":1,\"853\":1,\"873\":1,\"883\":1,\"899\":1}}],[\"than\",{\"1\":{\"37\":1,\"289\":1,\"300\":1,\"372\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"that\",{\"1\":{\"8\":1,\"10\":1,\"33\":1,\"35\":1,\"75\":1,\"81\":1,\"85\":3,\"89\":3,\"91\":1,\"94\":1,\"95\":1,\"96\":2,\"97\":2,\"98\":1,\"102\":2,\"104\":1,\"106\":1,\"109\":2,\"117\":1,\"120\":1,\"152\":1,\"153\":1,\"154\":2,\"162\":1,\"174\":1,\"208\":1,\"231\":1,\"232\":1,\"233\":2,\"237\":2,\"238\":1,\"263\":1,\"265\":1,\"266\":1,\"289\":3,\"290\":5,\"300\":3,\"301\":5,\"318\":1,\"322\":1,\"332\":1,\"335\":1,\"337\":1,\"338\":8,\"344\":1,\"347\":2,\"349\":1,\"351\":1,\"352\":5,\"363\":1,\"366\":1,\"367\":5,\"372\":1,\"376\":1,\"377\":1,\"381\":1,\"389\":1,\"392\":1,\"393\":7,\"398\":1,\"400\":1,\"408\":2,\"414\":1,\"417\":2,\"418\":1,\"427\":1,\"439\":1,\"442\":2,\"443\":4,\"447\":1,\"459\":1,\"470\":1,\"478\":1,\"481\":3,\"482\":5,\"493\":1,\"501\":1,\"504\":3,\"505\":5,\"519\":1,\"527\":1,\"530\":3,\"531\":5,\"545\":1,\"557\":1,\"560\":3,\"561\":5,\"564\":1,\"575\":1,\"587\":1,\"590\":3,\"591\":4,\"594\":1,\"605\":1,\"617\":1,\"620\":3,\"621\":4,\"624\":1,\"632\":2,\"638\":1,\"641\":2,\"642\":1,\"651\":1,\"663\":1,\"666\":3,\"667\":4,\"670\":1,\"678\":2,\"684\":1,\"687\":2,\"688\":1,\"697\":1,\"709\":1,\"712\":3,\"713\":4,\"716\":1,\"724\":2,\"730\":1,\"733\":2,\"734\":1,\"743\":1,\"755\":1,\"758\":3,\"759\":4,\"762\":1,\"770\":2,\"776\":1,\"779\":2,\"780\":1,\"789\":1,\"801\":1,\"804\":3,\"805\":4,\"808\":1,\"816\":2,\"822\":1,\"825\":2,\"826\":1,\"835\":1,\"847\":1,\"850\":3,\"851\":4,\"854\":1,\"862\":2,\"868\":1,\"871\":2,\"872\":1,\"881\":1,\"893\":1,\"896\":2,\"897\":4,\"901\":1,\"913\":1,\"928\":1,\"985\":2,\"989\":2,\"997\":1,\"1037\":1,\"1056\":1,\"1057\":1,\"1082\":1,\"1090\":1,\"1131\":1,\"1169\":1,\"1192\":2,\"1196\":2,\"1199\":1,\"1247\":1,\"1253\":1,\"1320\":1,\"1343\":2,\"1347\":2,\"1350\":1,\"1362\":1,\"1363\":1,\"1385\":1,\"1392\":1,\"1518\":2,\"1522\":2,\"1526\":1,\"1538\":1,\"1539\":1,\"1561\":1,\"1568\":1,\"1609\":1,\"1695\":2,\"1699\":2,\"1703\":1,\"1715\":1,\"1716\":1,\"1738\":1,\"1745\":1,\"1786\":1,\"1872\":2,\"1876\":2,\"1880\":1,\"1892\":1,\"1893\":1,\"1915\":1,\"1922\":1,\"1963\":1,\"2049\":2,\"2053\":2,\"2057\":1,\"2069\":1,\"2070\":1,\"2092\":1,\"2099\":1,\"2140\":1,\"2226\":2,\"2230\":2,\"2234\":1,\"2246\":1,\"2247\":1,\"2269\":1,\"2276\":1,\"2317\":1,\"2335\":1,\"2416\":2,\"2420\":2,\"2428\":1,\"2444\":1,\"2461\":1,\"2462\":1,\"2487\":1,\"2495\":1,\"2536\":1,\"2554\":1,\"2635\":2,\"2639\":2,\"2647\":1,\"2663\":1,\"2680\":1,\"2681\":1,\"2706\":1,\"2714\":1,\"2755\":1,\"2773\":1,\"2854\":2,\"2858\":2,\"2866\":1,\"2882\":1,\"2899\":1,\"2900\":1,\"2925\":1,\"2933\":1,\"2974\":1,\"2992\":1,\"3073\":2,\"3077\":2,\"3085\":1,\"3101\":1,\"3118\":1,\"3119\":1,\"3144\":1,\"3152\":1,\"3193\":1,\"3211\":1,\"3268\":2,\"3272\":2,\"3280\":1,\"3320\":1,\"3339\":1,\"3340\":1,\"3365\":1,\"3373\":1,\"3414\":1}}],[\"they\",{\"1\":{\"95\":1,\"346\":1,\"347\":1,\"348\":1,\"357\":1,\"414\":1,\"415\":2,\"438\":1,\"477\":1,\"500\":1,\"526\":1,\"556\":1,\"586\":1,\"616\":1,\"638\":1,\"639\":2,\"662\":1,\"684\":1,\"685\":2,\"708\":1,\"730\":1,\"731\":2,\"754\":1,\"776\":1,\"777\":2,\"800\":1,\"822\":1,\"823\":2,\"846\":1,\"868\":1,\"869\":2,\"892\":1}}],[\"then\",{\"1\":{\"91\":1,\"154\":1,\"157\":1,\"159\":2,\"180\":1,\"258\":1,\"305\":1,\"354\":1,\"367\":1,\"381\":1,\"429\":1,\"438\":1,\"445\":1,\"472\":2,\"477\":1,\"484\":1,\"495\":2,\"500\":1,\"507\":1,\"521\":2,\"526\":1,\"533\":1,\"547\":2,\"556\":1,\"563\":1,\"577\":1,\"586\":1,\"593\":1,\"607\":1,\"616\":1,\"623\":1,\"653\":1,\"662\":1,\"669\":1,\"699\":1,\"708\":1,\"715\":1,\"745\":1,\"754\":1,\"761\":1,\"791\":1,\"800\":1,\"807\":1,\"837\":1,\"846\":1,\"853\":1,\"883\":1,\"892\":1,\"899\":1,\"937\":1,\"1075\":1,\"1150\":1,\"1243\":1,\"1301\":1,\"1381\":1,\"1473\":1,\"1557\":1,\"1650\":1,\"1734\":1,\"1827\":1,\"1911\":1,\"2004\":1,\"2088\":1,\"2181\":1,\"2265\":1,\"2368\":1,\"2480\":1,\"2587\":1,\"2699\":1,\"2806\":1,\"2918\":1,\"3025\":1,\"3137\":1,\"3220\":1,\"3358\":1}}],[\"their\",{\"1\":{\"85\":2,\"98\":1,\"120\":1,\"341\":1,\"347\":1,\"361\":2,\"362\":1,\"387\":2,\"388\":1,\"404\":1,\"415\":3,\"628\":1,\"639\":3,\"674\":1,\"685\":3,\"720\":1,\"731\":3,\"766\":1,\"777\":3,\"812\":1,\"823\":3,\"858\":1,\"869\":3}}],[\"theme\",{\"0\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1},\"1\":{\"994\":2,\"1087\":2,\"2425\":2,\"2492\":2,\"2644\":2,\"2711\":2,\"2863\":2,\"2930\":2,\"3082\":2,\"3149\":2,\"3277\":2,\"3370\":2}}],[\"them\",{\"1\":{\"85\":1,\"97\":1,\"120\":1,\"138\":1,\"344\":1,\"367\":1,\"377\":1,\"393\":1,\"416\":1,\"419\":1,\"444\":1,\"459\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"564\":1,\"592\":1,\"594\":1,\"622\":1,\"624\":1,\"640\":1,\"643\":1,\"668\":1,\"670\":1,\"686\":1,\"689\":1,\"714\":1,\"716\":1,\"732\":1,\"735\":1,\"760\":1,\"762\":1,\"778\":1,\"781\":1,\"806\":1,\"808\":1,\"824\":1,\"827\":1,\"852\":1,\"854\":1,\"870\":1,\"873\":1,\"898\":1,\"913\":1}}],[\"thereby\",{\"1\":{\"371\":1}}],[\"therefore\",{\"1\":{\"94\":2,\"346\":1,\"348\":1,\"367\":1,\"377\":1,\"393\":1,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"there\",{\"1\":{\"33\":1,\"97\":3,\"109\":1,\"127\":1,\"417\":2,\"418\":1,\"444\":1,\"459\":2,\"483\":1,\"485\":1,\"506\":1,\"508\":1,\"532\":1,\"534\":1,\"562\":1,\"564\":2,\"592\":1,\"594\":2,\"622\":1,\"624\":2,\"641\":2,\"642\":1,\"668\":1,\"670\":2,\"687\":2,\"688\":1,\"714\":1,\"716\":2,\"733\":2,\"734\":1,\"760\":1,\"762\":2,\"779\":2,\"780\":1,\"806\":1,\"808\":2,\"825\":2,\"826\":1,\"852\":1,\"854\":2,\"871\":2,\"872\":1,\"898\":1,\"913\":2,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"these\",{\"1\":{\"10\":1,\"85\":1,\"90\":1,\"93\":1,\"94\":1,\"95\":1,\"96\":1,\"97\":2,\"103\":1,\"128\":1,\"186\":1,\"334\":1,\"347\":1,\"415\":1,\"448\":1,\"509\":1,\"535\":1,\"565\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1,\"902\":1,\"945\":1,\"946\":1,\"1156\":1,\"1307\":1,\"1479\":1,\"1480\":1,\"1656\":1,\"1657\":1,\"1833\":1,\"1834\":1,\"2010\":1,\"2011\":1,\"2187\":1,\"2188\":1,\"2376\":1,\"2377\":1,\"2595\":1,\"2596\":1,\"2814\":1,\"2815\":1,\"3033\":1,\"3034\":1,\"3228\":1,\"3229\":1}}],[\"the\",{\"0\":{\"12\":1,\"82\":2,\"127\":1,\"130\":1,\"138\":1,\"161\":1,\"358\":1,\"384\":1,\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1},\"1\":{\"0\":9,\"1\":4,\"6\":4,\"9\":1,\"10\":2,\"12\":4,\"13\":1,\"26\":5,\"28\":1,\"29\":1,\"30\":2,\"32\":5,\"33\":17,\"35\":1,\"36\":2,\"37\":11,\"38\":4,\"40\":3,\"42\":3,\"43\":1,\"44\":3,\"45\":1,\"46\":3,\"47\":1,\"48\":3,\"49\":1,\"50\":3,\"51\":1,\"52\":3,\"53\":1,\"54\":3,\"55\":1,\"56\":3,\"57\":1,\"58\":3,\"59\":1,\"60\":3,\"61\":1,\"62\":3,\"63\":1,\"64\":3,\"65\":1,\"66\":3,\"67\":1,\"74\":4,\"75\":2,\"76\":1,\"77\":3,\"78\":5,\"79\":3,\"81\":28,\"82\":11,\"83\":1,\"85\":7,\"86\":1,\"88\":11,\"89\":5,\"90\":17,\"91\":12,\"92\":1,\"93\":6,\"94\":15,\"95\":6,\"96\":5,\"97\":21,\"98\":17,\"99\":21,\"100\":1,\"102\":9,\"103\":4,\"104\":4,\"105\":5,\"106\":2,\"107\":4,\"109\":11,\"110\":5,\"112\":5,\"113\":7,\"116\":10,\"117\":18,\"118\":1,\"119\":2,\"120\":9,\"126\":6,\"127\":5,\"128\":5,\"129\":8,\"130\":8,\"134\":10,\"135\":15,\"136\":4,\"138\":10,\"139\":11,\"141\":1,\"142\":1,\"143\":1,\"144\":2,\"147\":11,\"148\":3,\"149\":2,\"152\":25,\"153\":22,\"154\":9,\"156\":3,\"157\":2,\"162\":5,\"163\":5,\"165\":5,\"167\":5,\"168\":6,\"169\":21,\"170\":1,\"174\":2,\"175\":3,\"176\":3,\"177\":7,\"178\":4,\"179\":3,\"180\":3,\"181\":4,\"182\":3,\"183\":3,\"186\":1,\"188\":1,\"189\":1,\"190\":2,\"191\":2,\"192\":2,\"193\":2,\"194\":2,\"195\":1,\"196\":2,\"197\":2,\"198\":2,\"199\":3,\"200\":2,\"201\":3,\"202\":1,\"203\":1,\"206\":1,\"207\":2,\"208\":5,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":1,\"218\":4,\"219\":1,\"223\":1,\"225\":1,\"228\":2,\"229\":1,\"231\":2,\"232\":2,\"233\":2,\"234\":1,\"235\":1,\"236\":4,\"237\":1,\"238\":2,\"240\":1,\"242\":1,\"243\":1,\"244\":3,\"245\":2,\"246\":3,\"247\":1,\"248\":1,\"251\":3,\"252\":3,\"253\":7,\"254\":4,\"255\":3,\"256\":4,\"257\":3,\"258\":3,\"259\":3,\"260\":1,\"261\":3,\"262\":6,\"263\":5,\"264\":2,\"265\":2,\"266\":2,\"269\":2,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"275\":1,\"276\":3,\"277\":5,\"278\":1,\"279\":1,\"283\":1,\"284\":1,\"285\":11,\"286\":4,\"288\":3,\"289\":41,\"290\":48,\"294\":1,\"295\":1,\"296\":11,\"297\":4,\"299\":3,\"300\":41,\"301\":47,\"302\":5,\"303\":9,\"304\":38,\"305\":7,\"306\":4,\"307\":38,\"308\":5,\"309\":4,\"310\":25,\"311\":7,\"312\":4,\"313\":14,\"314\":7,\"315\":4,\"316\":14,\"318\":6,\"319\":3,\"320\":3,\"321\":3,\"322\":1,\"323\":2,\"324\":2,\"325\":2,\"329\":5,\"331\":10,\"332\":27,\"333\":5,\"334\":7,\"335\":12,\"337\":2,\"338\":60,\"340\":2,\"341\":11,\"342\":9,\"344\":2,\"345\":2,\"346\":23,\"347\":9,\"348\":17,\"349\":27,\"351\":2,\"352\":36,\"354\":7,\"356\":10,\"357\":9,\"358\":6,\"359\":1,\"360\":1,\"361\":7,\"362\":8,\"363\":3,\"364\":34,\"366\":2,\"367\":55,\"369\":2,\"371\":3,\"372\":6,\"373\":5,\"374\":9,\"376\":2,\"377\":29,\"379\":1,\"381\":12,\"382\":4,\"383\":10,\"384\":6,\"385\":1,\"386\":1,\"387\":7,\"388\":8,\"389\":3,\"390\":30,\"392\":2,\"393\":75,\"394\":2,\"395\":1,\"396\":3,\"397\":2,\"398\":5,\"399\":3,\"400\":4,\"401\":3,\"402\":2,\"403\":2,\"404\":3,\"405\":2,\"407\":6,\"408\":3,\"409\":1,\"410\":1,\"413\":4,\"414\":3,\"415\":7,\"416\":3,\"417\":1,\"418\":1,\"419\":9,\"422\":11,\"423\":8,\"426\":1,\"427\":8,\"428\":3,\"429\":7,\"430\":1,\"431\":5,\"433\":5,\"434\":4,\"437\":3,\"438\":2,\"439\":8,\"441\":5,\"442\":48,\"443\":34,\"444\":7,\"445\":1,\"446\":10,\"447\":9,\"448\":1,\"450\":3,\"451\":1,\"452\":8,\"453\":5,\"454\":8,\"455\":6,\"459\":24,\"460\":9,\"461\":5,\"462\":12,\"465\":9,\"466\":8,\"469\":3,\"470\":9,\"471\":1,\"472\":5,\"473\":7,\"476\":3,\"477\":2,\"478\":8,\"480\":3,\"481\":51,\"482\":36,\"483\":7,\"484\":1,\"485\":7,\"488\":9,\"489\":8,\"492\":3,\"493\":9,\"494\":1,\"495\":5,\"496\":7,\"499\":3,\"500\":2,\"501\":8,\"503\":3,\"504\":49,\"505\":37,\"506\":7,\"507\":1,\"508\":7,\"509\":3,\"510\":5,\"511\":12,\"514\":9,\"515\":8,\"518\":3,\"519\":9,\"520\":1,\"521\":5,\"522\":7,\"525\":3,\"526\":2,\"527\":8,\"529\":3,\"530\":49,\"531\":37,\"532\":7,\"533\":1,\"534\":7,\"535\":3,\"536\":11,\"537\":23,\"540\":9,\"541\":8,\"544\":3,\"545\":8,\"546\":3,\"547\":10,\"552\":4,\"555\":3,\"556\":2,\"557\":8,\"559\":3,\"560\":49,\"561\":37,\"562\":7,\"563\":1,\"564\":24,\"565\":3,\"566\":5,\"567\":12,\"570\":9,\"571\":8,\"574\":3,\"575\":8,\"576\":3,\"577\":7,\"582\":4,\"585\":3,\"586\":2,\"587\":8,\"589\":3,\"590\":49,\"591\":34,\"592\":7,\"593\":1,\"594\":24,\"595\":3,\"596\":5,\"597\":12,\"600\":9,\"601\":8,\"604\":3,\"605\":8,\"606\":3,\"607\":7,\"612\":4,\"615\":3,\"616\":2,\"617\":8,\"619\":3,\"620\":49,\"621\":34,\"622\":7,\"623\":1,\"624\":24,\"625\":3,\"626\":5,\"627\":12,\"628\":3,\"629\":2,\"631\":6,\"632\":3,\"633\":1,\"634\":1,\"637\":4,\"638\":3,\"639\":7,\"640\":3,\"641\":1,\"642\":1,\"643\":9,\"646\":11,\"647\":8,\"650\":3,\"651\":8,\"652\":3,\"653\":7,\"658\":4,\"661\":3,\"662\":2,\"663\":8,\"665\":3,\"666\":49,\"667\":34,\"668\":7,\"669\":1,\"670\":24,\"671\":3,\"672\":5,\"673\":12,\"674\":3,\"675\":2,\"677\":6,\"678\":3,\"679\":1,\"680\":1,\"683\":4,\"684\":3,\"685\":7,\"686\":3,\"687\":1,\"688\":1,\"689\":9,\"692\":11,\"693\":8,\"696\":3,\"697\":8,\"698\":3,\"699\":7,\"704\":4,\"707\":3,\"708\":2,\"709\":8,\"711\":3,\"712\":49,\"713\":34,\"714\":7,\"715\":1,\"716\":24,\"717\":3,\"718\":5,\"719\":12,\"720\":3,\"721\":2,\"723\":6,\"724\":3,\"725\":1,\"726\":1,\"729\":4,\"730\":3,\"731\":7,\"732\":3,\"733\":1,\"734\":1,\"735\":9,\"738\":11,\"739\":8,\"742\":3,\"743\":8,\"744\":3,\"745\":7,\"750\":4,\"753\":3,\"754\":2,\"755\":8,\"757\":3,\"758\":49,\"759\":34,\"760\":7,\"761\":1,\"762\":24,\"763\":3,\"764\":5,\"765\":12,\"766\":3,\"767\":2,\"769\":6,\"770\":3,\"771\":1,\"772\":1,\"775\":4,\"776\":3,\"777\":7,\"778\":3,\"779\":1,\"780\":1,\"781\":9,\"784\":11,\"785\":8,\"788\":3,\"789\":8,\"790\":3,\"791\":7,\"792\":1,\"793\":5,\"795\":5,\"796\":4,\"799\":3,\"800\":2,\"801\":8,\"803\":3,\"804\":49,\"805\":34,\"806\":7,\"807\":1,\"808\":24,\"809\":3,\"810\":5,\"811\":12,\"812\":3,\"813\":2,\"815\":6,\"816\":3,\"817\":1,\"818\":1,\"821\":4,\"822\":3,\"823\":7,\"824\":3,\"825\":1,\"826\":1,\"827\":9,\"830\":11,\"831\":8,\"834\":1,\"835\":8,\"836\":3,\"837\":7,\"838\":1,\"839\":5,\"841\":5,\"842\":4,\"845\":3,\"846\":2,\"847\":8,\"849\":3,\"850\":49,\"851\":34,\"852\":7,\"853\":1,\"854\":24,\"855\":3,\"856\":5,\"857\":12,\"858\":3,\"859\":2,\"861\":6,\"862\":3,\"863\":1,\"864\":1,\"867\":4,\"868\":3,\"869\":7,\"870\":3,\"871\":1,\"872\":1,\"873\":9,\"876\":11,\"877\":8,\"880\":1,\"881\":8,\"882\":3,\"883\":7,\"884\":1,\"885\":5,\"887\":5,\"888\":4,\"891\":3,\"892\":2,\"893\":8,\"895\":5,\"896\":48,\"897\":34,\"898\":7,\"899\":1,\"900\":10,\"901\":9,\"902\":1,\"904\":3,\"905\":1,\"906\":8,\"907\":5,\"908\":8,\"909\":6,\"913\":24,\"914\":9,\"915\":5,\"916\":12,\"920\":15,\"921\":1,\"922\":4,\"923\":7,\"924\":1,\"926\":2,\"927\":1,\"928\":3,\"930\":1,\"932\":2,\"933\":2,\"934\":6,\"935\":3,\"936\":2,\"937\":2,\"938\":3,\"939\":2,\"940\":2,\"941\":2,\"942\":1,\"945\":1,\"946\":1,\"947\":1,\"949\":1,\"950\":1,\"951\":1,\"952\":1,\"953\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":1,\"969\":4,\"970\":1,\"974\":1,\"976\":1,\"979\":2,\"980\":1,\"983\":1,\"984\":1,\"985\":2,\"986\":1,\"987\":1,\"988\":4,\"989\":1,\"991\":2,\"994\":1,\"1004\":1,\"1008\":1,\"1009\":2,\"1010\":2,\"1013\":1,\"1024\":5,\"1025\":4,\"1026\":4,\"1031\":2,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1038\":1,\"1039\":3,\"1040\":6,\"1041\":4,\"1042\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1049\":19,\"1050\":1,\"1051\":4,\"1052\":7,\"1053\":1,\"1055\":2,\"1056\":9,\"1057\":3,\"1060\":1,\"1061\":1,\"1066\":1,\"1068\":2,\"1069\":2,\"1070\":6,\"1071\":3,\"1072\":2,\"1073\":3,\"1074\":2,\"1075\":2,\"1076\":2,\"1077\":2,\"1078\":1,\"1079\":1,\"1081\":5,\"1082\":4,\"1083\":3,\"1084\":1,\"1087\":1,\"1097\":1,\"1101\":1,\"1102\":2,\"1103\":2,\"1106\":1,\"1117\":6,\"1118\":4,\"1119\":2,\"1120\":4,\"1125\":2,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1132\":1,\"1133\":3,\"1134\":6,\"1135\":4,\"1136\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1143\":1,\"1145\":3,\"1146\":3,\"1147\":7,\"1148\":4,\"1149\":3,\"1150\":3,\"1151\":4,\"1152\":3,\"1153\":3,\"1156\":1,\"1158\":1,\"1159\":1,\"1160\":2,\"1161\":2,\"1162\":1,\"1163\":1,\"1164\":1,\"1167\":1,\"1168\":2,\"1169\":5,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1179\":4,\"1180\":1,\"1184\":1,\"1186\":1,\"1189\":2,\"1190\":1,\"1192\":2,\"1193\":1,\"1194\":1,\"1195\":4,\"1196\":1,\"1207\":1,\"1211\":1,\"1212\":2,\"1213\":2,\"1216\":1,\"1228\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1234\":1,\"1236\":3,\"1237\":3,\"1238\":7,\"1239\":4,\"1240\":3,\"1241\":4,\"1242\":3,\"1243\":3,\"1244\":3,\"1245\":1,\"1246\":6,\"1247\":5,\"1248\":2,\"1256\":2,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1262\":1,\"1263\":3,\"1264\":5,\"1265\":1,\"1266\":1,\"1275\":1,\"1279\":1,\"1280\":2,\"1281\":2,\"1284\":1,\"1294\":1,\"1296\":3,\"1297\":3,\"1298\":7,\"1299\":4,\"1300\":3,\"1301\":3,\"1302\":4,\"1303\":3,\"1304\":3,\"1307\":1,\"1309\":1,\"1310\":1,\"1311\":2,\"1312\":2,\"1313\":1,\"1314\":1,\"1315\":1,\"1318\":1,\"1319\":2,\"1320\":5,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1330\":4,\"1331\":1,\"1335\":1,\"1337\":1,\"1340\":2,\"1341\":1,\"1343\":2,\"1344\":1,\"1345\":1,\"1346\":4,\"1347\":1,\"1355\":17,\"1356\":1,\"1357\":4,\"1358\":7,\"1359\":1,\"1361\":2,\"1362\":9,\"1363\":3,\"1366\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1372\":1,\"1374\":3,\"1375\":3,\"1376\":7,\"1377\":4,\"1378\":3,\"1379\":4,\"1380\":3,\"1381\":3,\"1382\":3,\"1383\":1,\"1384\":6,\"1385\":5,\"1386\":3,\"1387\":2,\"1399\":1,\"1403\":1,\"1404\":2,\"1405\":2,\"1408\":1,\"1419\":6,\"1420\":4,\"1421\":2,\"1422\":4,\"1427\":2,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1433\":1,\"1434\":3,\"1435\":5,\"1436\":1,\"1437\":1,\"1438\":1,\"1447\":1,\"1451\":1,\"1452\":2,\"1453\":2,\"1456\":1,\"1466\":1,\"1468\":3,\"1469\":3,\"1470\":7,\"1471\":4,\"1472\":3,\"1473\":3,\"1474\":4,\"1475\":3,\"1476\":3,\"1479\":1,\"1480\":1,\"1482\":1,\"1483\":1,\"1484\":2,\"1485\":2,\"1486\":1,\"1487\":1,\"1488\":1,\"1491\":1,\"1492\":2,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1502\":4,\"1503\":1,\"1507\":1,\"1509\":1,\"1512\":2,\"1513\":1,\"1516\":1,\"1517\":1,\"1518\":2,\"1519\":1,\"1520\":1,\"1521\":4,\"1522\":1,\"1531\":17,\"1532\":1,\"1533\":4,\"1534\":7,\"1535\":1,\"1537\":2,\"1538\":9,\"1539\":3,\"1542\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1548\":1,\"1550\":3,\"1551\":3,\"1552\":7,\"1553\":4,\"1554\":3,\"1555\":4,\"1556\":3,\"1557\":3,\"1558\":3,\"1559\":1,\"1560\":6,\"1561\":5,\"1562\":3,\"1563\":2,\"1575\":1,\"1579\":1,\"1580\":2,\"1581\":2,\"1584\":1,\"1595\":6,\"1596\":4,\"1597\":2,\"1598\":4,\"1603\":2,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1610\":1,\"1611\":3,\"1612\":5,\"1613\":1,\"1614\":1,\"1615\":1,\"1624\":1,\"1628\":1,\"1629\":2,\"1630\":2,\"1633\":1,\"1643\":1,\"1645\":3,\"1646\":3,\"1647\":7,\"1648\":4,\"1649\":3,\"1650\":3,\"1651\":4,\"1652\":3,\"1653\":3,\"1656\":1,\"1657\":1,\"1659\":1,\"1660\":1,\"1661\":2,\"1662\":2,\"1663\":1,\"1664\":1,\"1665\":1,\"1668\":1,\"1669\":2,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1679\":4,\"1680\":1,\"1684\":1,\"1686\":1,\"1689\":2,\"1690\":1,\"1693\":1,\"1694\":1,\"1695\":2,\"1696\":1,\"1697\":1,\"1698\":4,\"1699\":1,\"1708\":17,\"1709\":1,\"1710\":4,\"1711\":7,\"1712\":1,\"1714\":2,\"1715\":9,\"1716\":3,\"1719\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1725\":1,\"1727\":3,\"1728\":3,\"1729\":7,\"1730\":4,\"1731\":3,\"1732\":4,\"1733\":3,\"1734\":3,\"1735\":3,\"1736\":1,\"1737\":6,\"1738\":5,\"1739\":3,\"1740\":2,\"1752\":1,\"1756\":1,\"1757\":2,\"1758\":2,\"1761\":1,\"1772\":6,\"1773\":4,\"1774\":2,\"1775\":4,\"1780\":2,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1787\":1,\"1788\":3,\"1789\":5,\"1790\":1,\"1791\":1,\"1792\":1,\"1801\":1,\"1805\":1,\"1806\":2,\"1807\":2,\"1810\":1,\"1820\":1,\"1822\":3,\"1823\":3,\"1824\":7,\"1825\":4,\"1826\":3,\"1827\":3,\"1828\":4,\"1829\":3,\"1830\":3,\"1833\":1,\"1834\":1,\"1836\":1,\"1837\":1,\"1838\":2,\"1839\":2,\"1840\":1,\"1841\":1,\"1842\":1,\"1845\":1,\"1846\":2,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1856\":4,\"1857\":1,\"1861\":1,\"1863\":1,\"1866\":2,\"1867\":1,\"1870\":1,\"1871\":1,\"1872\":2,\"1873\":1,\"1874\":1,\"1875\":4,\"1876\":1,\"1885\":17,\"1886\":1,\"1887\":4,\"1888\":7,\"1889\":1,\"1891\":2,\"1892\":9,\"1893\":3,\"1896\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1902\":1,\"1904\":3,\"1905\":3,\"1906\":7,\"1907\":4,\"1908\":3,\"1909\":4,\"1910\":3,\"1911\":3,\"1912\":3,\"1913\":1,\"1914\":6,\"1915\":5,\"1916\":3,\"1917\":2,\"1929\":1,\"1933\":1,\"1934\":2,\"1935\":2,\"1938\":1,\"1949\":6,\"1950\":4,\"1951\":2,\"1952\":4,\"1957\":2,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1964\":1,\"1965\":3,\"1966\":5,\"1967\":1,\"1968\":1,\"1969\":1,\"1978\":1,\"1982\":1,\"1983\":2,\"1984\":2,\"1987\":1,\"1997\":1,\"1999\":3,\"2000\":3,\"2001\":7,\"2002\":4,\"2003\":3,\"2004\":3,\"2005\":4,\"2006\":3,\"2007\":3,\"2010\":1,\"2011\":1,\"2013\":1,\"2014\":1,\"2015\":2,\"2016\":2,\"2017\":1,\"2018\":1,\"2019\":1,\"2022\":1,\"2023\":2,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2033\":4,\"2034\":1,\"2038\":1,\"2040\":1,\"2043\":2,\"2044\":1,\"2047\":1,\"2048\":1,\"2049\":2,\"2050\":1,\"2051\":1,\"2052\":4,\"2053\":1,\"2062\":17,\"2063\":1,\"2064\":4,\"2065\":7,\"2066\":1,\"2068\":2,\"2069\":9,\"2070\":3,\"2073\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2079\":1,\"2081\":3,\"2082\":3,\"2083\":7,\"2084\":4,\"2085\":3,\"2086\":4,\"2087\":3,\"2088\":3,\"2089\":3,\"2090\":1,\"2091\":6,\"2092\":5,\"2093\":3,\"2094\":2,\"2106\":1,\"2110\":1,\"2111\":2,\"2112\":2,\"2115\":1,\"2126\":6,\"2127\":4,\"2128\":2,\"2129\":4,\"2134\":2,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2141\":1,\"2142\":3,\"2143\":5,\"2144\":1,\"2145\":1,\"2146\":1,\"2155\":1,\"2159\":1,\"2160\":2,\"2161\":2,\"2164\":1,\"2174\":1,\"2176\":3,\"2177\":3,\"2178\":7,\"2179\":4,\"2180\":3,\"2181\":3,\"2182\":4,\"2183\":3,\"2184\":3,\"2187\":1,\"2188\":1,\"2190\":1,\"2191\":1,\"2192\":2,\"2193\":2,\"2194\":1,\"2195\":1,\"2196\":1,\"2199\":1,\"2200\":2,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2210\":4,\"2211\":1,\"2215\":1,\"2217\":1,\"2220\":2,\"2221\":1,\"2224\":1,\"2225\":1,\"2226\":2,\"2227\":1,\"2228\":1,\"2229\":4,\"2230\":1,\"2239\":17,\"2240\":1,\"2241\":4,\"2242\":7,\"2243\":1,\"2245\":2,\"2246\":9,\"2247\":3,\"2250\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2256\":1,\"2258\":3,\"2259\":3,\"2260\":7,\"2261\":4,\"2262\":3,\"2263\":4,\"2264\":3,\"2265\":3,\"2266\":3,\"2267\":1,\"2268\":6,\"2269\":5,\"2270\":3,\"2271\":2,\"2283\":1,\"2287\":1,\"2288\":2,\"2289\":2,\"2292\":1,\"2303\":6,\"2304\":4,\"2305\":2,\"2306\":4,\"2311\":2,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2318\":1,\"2319\":3,\"2320\":5,\"2321\":1,\"2322\":1,\"2323\":1,\"2327\":15,\"2328\":1,\"2329\":4,\"2330\":7,\"2331\":1,\"2333\":2,\"2334\":1,\"2335\":3,\"2342\":1,\"2346\":1,\"2347\":2,\"2348\":2,\"2351\":1,\"2361\":1,\"2363\":3,\"2364\":3,\"2365\":6,\"2366\":4,\"2367\":2,\"2368\":2,\"2369\":4,\"2370\":2,\"2371\":2,\"2372\":2,\"2373\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2380\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2400\":4,\"2401\":1,\"2405\":1,\"2407\":1,\"2410\":2,\"2411\":1,\"2414\":1,\"2415\":1,\"2416\":2,\"2417\":1,\"2418\":1,\"2419\":4,\"2420\":1,\"2422\":2,\"2425\":1,\"2431\":5,\"2432\":4,\"2433\":4,\"2438\":2,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2445\":1,\"2446\":3,\"2447\":5,\"2448\":1,\"2449\":1,\"2450\":1,\"2454\":19,\"2455\":1,\"2456\":4,\"2457\":7,\"2458\":1,\"2460\":2,\"2461\":9,\"2462\":3,\"2465\":1,\"2466\":1,\"2471\":1,\"2473\":3,\"2474\":3,\"2475\":6,\"2476\":4,\"2477\":2,\"2478\":4,\"2479\":2,\"2480\":2,\"2481\":2,\"2482\":2,\"2483\":1,\"2484\":1,\"2486\":5,\"2487\":4,\"2488\":3,\"2489\":1,\"2492\":1,\"2502\":1,\"2506\":1,\"2507\":2,\"2508\":2,\"2511\":1,\"2522\":6,\"2523\":4,\"2524\":2,\"2525\":4,\"2530\":2,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2537\":1,\"2538\":3,\"2539\":5,\"2540\":1,\"2541\":1,\"2542\":1,\"2546\":15,\"2547\":1,\"2548\":4,\"2549\":7,\"2550\":1,\"2552\":2,\"2553\":1,\"2554\":3,\"2561\":1,\"2565\":1,\"2566\":2,\"2567\":2,\"2570\":1,\"2580\":1,\"2582\":3,\"2583\":3,\"2584\":6,\"2585\":4,\"2586\":2,\"2587\":2,\"2588\":4,\"2589\":2,\"2590\":2,\"2591\":2,\"2592\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2599\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2619\":4,\"2620\":1,\"2624\":1,\"2626\":1,\"2629\":2,\"2630\":1,\"2633\":1,\"2634\":1,\"2635\":2,\"2636\":1,\"2637\":1,\"2638\":4,\"2639\":1,\"2641\":2,\"2644\":1,\"2650\":5,\"2651\":4,\"2652\":4,\"2657\":2,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2664\":1,\"2665\":3,\"2666\":5,\"2667\":1,\"2668\":1,\"2669\":1,\"2673\":19,\"2674\":1,\"2675\":4,\"2676\":7,\"2677\":1,\"2679\":2,\"2680\":9,\"2681\":3,\"2684\":1,\"2685\":1,\"2690\":1,\"2692\":3,\"2693\":3,\"2694\":6,\"2695\":4,\"2696\":2,\"2697\":4,\"2698\":2,\"2699\":2,\"2700\":2,\"2701\":2,\"2702\":1,\"2703\":1,\"2705\":5,\"2706\":4,\"2707\":3,\"2708\":1,\"2711\":1,\"2721\":1,\"2725\":1,\"2726\":2,\"2727\":2,\"2730\":1,\"2741\":6,\"2742\":4,\"2743\":2,\"2744\":4,\"2749\":2,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2756\":1,\"2757\":3,\"2758\":5,\"2759\":1,\"2760\":1,\"2761\":1,\"2765\":15,\"2766\":1,\"2767\":4,\"2768\":7,\"2769\":1,\"2771\":2,\"2772\":1,\"2773\":3,\"2780\":1,\"2784\":1,\"2785\":2,\"2786\":2,\"2789\":1,\"2799\":1,\"2801\":3,\"2802\":3,\"2803\":6,\"2804\":4,\"2805\":2,\"2806\":2,\"2807\":4,\"2808\":2,\"2809\":2,\"2810\":2,\"2811\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2818\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2838\":4,\"2839\":1,\"2843\":1,\"2845\":1,\"2848\":2,\"2849\":1,\"2852\":1,\"2853\":1,\"2854\":2,\"2855\":1,\"2856\":1,\"2857\":4,\"2858\":1,\"2860\":2,\"2863\":1,\"2869\":5,\"2870\":4,\"2871\":4,\"2876\":2,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2883\":1,\"2884\":3,\"2885\":5,\"2886\":1,\"2887\":1,\"2888\":1,\"2892\":19,\"2893\":1,\"2894\":4,\"2895\":7,\"2896\":1,\"2898\":2,\"2899\":9,\"2900\":3,\"2903\":1,\"2904\":1,\"2909\":1,\"2911\":3,\"2912\":3,\"2913\":6,\"2914\":4,\"2915\":2,\"2916\":4,\"2917\":2,\"2918\":2,\"2919\":2,\"2920\":2,\"2921\":1,\"2922\":1,\"2924\":5,\"2925\":4,\"2926\":3,\"2927\":1,\"2930\":1,\"2940\":1,\"2944\":1,\"2945\":2,\"2946\":2,\"2949\":1,\"2960\":6,\"2961\":4,\"2962\":2,\"2963\":4,\"2968\":2,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2975\":1,\"2976\":3,\"2977\":5,\"2978\":1,\"2979\":1,\"2980\":1,\"2984\":15,\"2985\":1,\"2986\":4,\"2987\":7,\"2988\":1,\"2990\":2,\"2991\":1,\"2992\":3,\"2999\":1,\"3003\":1,\"3004\":2,\"3005\":2,\"3008\":1,\"3018\":1,\"3020\":3,\"3021\":3,\"3022\":6,\"3023\":4,\"3024\":2,\"3025\":2,\"3026\":4,\"3027\":2,\"3028\":2,\"3029\":2,\"3030\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3037\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3057\":4,\"3058\":1,\"3062\":1,\"3064\":1,\"3067\":2,\"3068\":1,\"3071\":1,\"3072\":1,\"3073\":2,\"3074\":1,\"3075\":1,\"3076\":4,\"3077\":1,\"3079\":2,\"3082\":1,\"3088\":5,\"3089\":4,\"3090\":4,\"3095\":2,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3102\":1,\"3103\":3,\"3104\":5,\"3105\":1,\"3106\":1,\"3107\":1,\"3111\":19,\"3112\":1,\"3113\":4,\"3114\":7,\"3115\":1,\"3117\":2,\"3118\":9,\"3119\":3,\"3122\":1,\"3123\":1,\"3128\":1,\"3130\":3,\"3131\":3,\"3132\":6,\"3133\":4,\"3134\":2,\"3135\":4,\"3136\":2,\"3137\":2,\"3138\":2,\"3139\":2,\"3140\":1,\"3141\":1,\"3143\":5,\"3144\":4,\"3145\":3,\"3146\":1,\"3149\":1,\"3159\":1,\"3163\":1,\"3164\":2,\"3165\":2,\"3168\":1,\"3179\":6,\"3180\":4,\"3181\":2,\"3182\":4,\"3187\":2,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3194\":1,\"3195\":3,\"3196\":5,\"3197\":1,\"3198\":1,\"3199\":1,\"3203\":15,\"3204\":1,\"3205\":4,\"3206\":7,\"3207\":1,\"3209\":2,\"3210\":1,\"3211\":3,\"3213\":1,\"3215\":2,\"3216\":2,\"3217\":6,\"3218\":3,\"3219\":2,\"3220\":2,\"3221\":3,\"3222\":2,\"3223\":2,\"3224\":2,\"3225\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3232\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3236\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3252\":4,\"3253\":1,\"3257\":1,\"3259\":1,\"3262\":2,\"3263\":1,\"3266\":1,\"3267\":1,\"3268\":2,\"3269\":1,\"3270\":1,\"3271\":4,\"3272\":1,\"3274\":2,\"3277\":1,\"3287\":1,\"3291\":1,\"3292\":2,\"3293\":2,\"3296\":1,\"3307\":5,\"3308\":4,\"3309\":4,\"3314\":2,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3321\":1,\"3322\":3,\"3323\":6,\"3324\":4,\"3325\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3332\":19,\"3333\":1,\"3334\":4,\"3335\":7,\"3336\":1,\"3338\":2,\"3339\":9,\"3340\":3,\"3343\":1,\"3344\":1,\"3349\":1,\"3351\":2,\"3352\":2,\"3353\":6,\"3354\":3,\"3355\":2,\"3356\":3,\"3357\":2,\"3358\":2,\"3359\":2,\"3360\":2,\"3361\":1,\"3362\":1,\"3364\":5,\"3365\":4,\"3366\":3,\"3367\":1,\"3370\":1,\"3380\":1,\"3384\":1,\"3385\":2,\"3386\":2,\"3389\":1,\"3400\":6,\"3401\":4,\"3402\":2,\"3403\":4,\"3408\":2,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1,\"3415\":1,\"3416\":3,\"3417\":6,\"3418\":4,\"3419\":1,\"3420\":1,\"3421\":1,\"3422\":1}}],[\"too\",{\"1\":{\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"tool\",{\"0\":{\"139\":1},\"1\":{\"16\":1,\"131\":1,\"139\":1,\"413\":1,\"427\":1,\"429\":2,\"470\":2,\"472\":1,\"493\":2,\"495\":1,\"519\":2,\"521\":1,\"545\":1,\"547\":3,\"575\":1,\"577\":2,\"605\":1,\"607\":2,\"637\":1,\"651\":1,\"653\":2,\"683\":1,\"697\":1,\"699\":2,\"729\":1,\"743\":1,\"745\":2,\"775\":1,\"789\":1,\"791\":2,\"821\":1,\"835\":1,\"837\":2,\"867\":1,\"881\":1,\"883\":2}}],[\"tools\",{\"1\":{\"14\":2,\"18\":1,\"33\":1,\"40\":1,\"134\":4,\"135\":4,\"138\":2,\"139\":2,\"346\":1,\"547\":1}}],[\"todo\",{\"1\":{\"289\":7,\"290\":2,\"300\":8,\"301\":2,\"304\":8,\"307\":2,\"442\":3,\"443\":1,\"481\":5,\"482\":2,\"504\":3,\"505\":2,\"530\":3,\"531\":2,\"536\":1,\"560\":3,\"561\":2,\"590\":3,\"591\":1,\"620\":3,\"621\":1,\"666\":3,\"667\":1,\"712\":3,\"713\":1,\"758\":3,\"759\":1,\"804\":3,\"805\":1,\"850\":3,\"851\":1,\"896\":3,\"897\":1}}],[\"today\",{\"1\":{\"12\":1}}],[\"toaddressescc\",{\"0\":{\"227\":1,\"978\":1,\"1188\":1,\"1339\":1,\"1511\":1,\"1688\":1,\"1865\":1,\"2042\":1,\"2219\":1,\"2409\":1,\"2628\":1,\"2847\":1,\"3066\":1,\"3261\":1},\"1\":{\"227\":1,\"978\":1,\"1188\":1,\"1339\":1,\"1511\":1,\"1688\":1,\"1865\":1,\"2042\":1,\"2219\":1,\"2409\":1,\"2628\":1,\"2847\":1,\"3066\":1,\"3261\":1}}],[\"toaddresses\",{\"0\":{\"226\":1,\"977\":1,\"1187\":1,\"1338\":1,\"1510\":1,\"1687\":1,\"1864\":1,\"2041\":1,\"2218\":1,\"2408\":1,\"2627\":1,\"2846\":1,\"3065\":1,\"3260\":1},\"1\":{\"226\":1,\"977\":1,\"1187\":1,\"1338\":1,\"1510\":1,\"1687\":1,\"1864\":1,\"2041\":1,\"2218\":1,\"2408\":1,\"2627\":1,\"2846\":1,\"3065\":1,\"3260\":1}}],[\"tokens\",{\"1\":{\"923\":1,\"924\":1,\"928\":2,\"1025\":1,\"1052\":1,\"1053\":1,\"1057\":2,\"1118\":1,\"1358\":1,\"1359\":1,\"1363\":2,\"1420\":1,\"1534\":1,\"1535\":1,\"1539\":2,\"1596\":1,\"1711\":1,\"1712\":1,\"1716\":2,\"1773\":1,\"1888\":1,\"1889\":1,\"1893\":2,\"1950\":1,\"2065\":1,\"2066\":1,\"2070\":2,\"2127\":1,\"2242\":1,\"2243\":1,\"2247\":2,\"2304\":1,\"2330\":1,\"2331\":1,\"2335\":2,\"2432\":1,\"2457\":1,\"2458\":1,\"2462\":2,\"2523\":1,\"2549\":1,\"2550\":1,\"2554\":2,\"2651\":1,\"2676\":1,\"2677\":1,\"2681\":2,\"2742\":1,\"2768\":1,\"2769\":1,\"2773\":2,\"2870\":1,\"2895\":1,\"2896\":1,\"2900\":2,\"2961\":1,\"2987\":1,\"2988\":1,\"2992\":2,\"3089\":1,\"3114\":1,\"3115\":1,\"3119\":2,\"3180\":1,\"3206\":1,\"3207\":1,\"3211\":2,\"3308\":1,\"3335\":1,\"3336\":1,\"3340\":2,\"3401\":1}}],[\"token\",{\"0\":{\"924\":2,\"1005\":1,\"1053\":2,\"1098\":1,\"1119\":1,\"1208\":1,\"1276\":1,\"1359\":2,\"1400\":1,\"1421\":1,\"1448\":1,\"1535\":2,\"1576\":1,\"1597\":1,\"1625\":1,\"1712\":2,\"1753\":1,\"1774\":1,\"1802\":1,\"1889\":2,\"1930\":1,\"1951\":1,\"1979\":1,\"2066\":2,\"2107\":1,\"2128\":1,\"2156\":1,\"2243\":2,\"2284\":1,\"2305\":1,\"2331\":2,\"2343\":1,\"2458\":2,\"2503\":1,\"2524\":1,\"2550\":2,\"2562\":1,\"2677\":2,\"2722\":1,\"2743\":1,\"2769\":2,\"2781\":1,\"2896\":2,\"2941\":1,\"2962\":1,\"2988\":2,\"3000\":1,\"3115\":2,\"3160\":1,\"3181\":1,\"3207\":2,\"3288\":1,\"3336\":2,\"3381\":1,\"3402\":1},\"1\":{\"162\":4,\"398\":4,\"921\":2,\"923\":1,\"924\":2,\"928\":2,\"1005\":2,\"1027\":1,\"1050\":2,\"1052\":1,\"1053\":2,\"1057\":2,\"1098\":2,\"1117\":1,\"1119\":2,\"1121\":1,\"1208\":2,\"1276\":2,\"1356\":2,\"1358\":1,\"1359\":2,\"1363\":2,\"1400\":2,\"1419\":1,\"1421\":2,\"1423\":1,\"1448\":2,\"1532\":2,\"1534\":1,\"1535\":2,\"1539\":2,\"1576\":2,\"1595\":1,\"1597\":2,\"1599\":1,\"1625\":2,\"1709\":2,\"1711\":1,\"1712\":2,\"1716\":2,\"1753\":2,\"1772\":1,\"1774\":2,\"1776\":1,\"1802\":2,\"1886\":2,\"1888\":1,\"1889\":2,\"1893\":2,\"1930\":2,\"1949\":1,\"1951\":2,\"1953\":1,\"1979\":2,\"2063\":2,\"2065\":1,\"2066\":2,\"2070\":2,\"2107\":2,\"2126\":1,\"2128\":2,\"2130\":1,\"2156\":2,\"2240\":2,\"2242\":1,\"2243\":2,\"2247\":2,\"2284\":2,\"2303\":1,\"2305\":2,\"2307\":1,\"2328\":2,\"2330\":1,\"2331\":2,\"2335\":2,\"2343\":2,\"2434\":1,\"2455\":2,\"2457\":1,\"2458\":2,\"2462\":2,\"2503\":2,\"2522\":1,\"2524\":2,\"2526\":1,\"2547\":2,\"2549\":1,\"2550\":2,\"2554\":2,\"2562\":2,\"2653\":1,\"2674\":2,\"2676\":1,\"2677\":2,\"2681\":2,\"2722\":2,\"2741\":1,\"2743\":2,\"2745\":1,\"2766\":2,\"2768\":1,\"2769\":2,\"2773\":2,\"2781\":2,\"2872\":1,\"2893\":2,\"2895\":1,\"2896\":2,\"2900\":2,\"2941\":2,\"2960\":1,\"2962\":2,\"2964\":1,\"2985\":2,\"2987\":1,\"2988\":2,\"2992\":2,\"3000\":2,\"3091\":1,\"3112\":2,\"3114\":1,\"3115\":2,\"3119\":2,\"3160\":2,\"3179\":1,\"3181\":2,\"3183\":1,\"3204\":2,\"3206\":1,\"3207\":2,\"3211\":2,\"3288\":2,\"3310\":1,\"3333\":2,\"3335\":1,\"3336\":2,\"3340\":2,\"3381\":2,\"3400\":1,\"3402\":2,\"3404\":1}}],[\"together\",{\"1\":{\"81\":1,\"82\":1,\"91\":1,\"94\":1,\"102\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"topics\",{\"1\":{\"81\":1}}],[\"topic\",{\"0\":{\"117\":1},\"1\":{\"37\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"torch\",{\"1\":{\"14\":2,\"21\":1}}],[\"towards\",{\"1\":{\"12\":1}}],[\"to\",{\"0\":{\"13\":1,\"35\":1,\"37\":1,\"73\":1,\"162\":1,\"302\":1,\"305\":1,\"308\":1},\"1\":{\"0\":7,\"1\":1,\"5\":3,\"6\":3,\"9\":4,\"10\":1,\"12\":7,\"13\":1,\"28\":1,\"30\":1,\"32\":4,\"33\":6,\"35\":1,\"36\":3,\"37\":4,\"38\":3,\"39\":2,\"42\":1,\"43\":3,\"44\":1,\"45\":3,\"46\":1,\"47\":3,\"48\":1,\"49\":3,\"50\":1,\"51\":3,\"52\":1,\"53\":3,\"54\":1,\"55\":3,\"56\":1,\"57\":3,\"58\":1,\"59\":3,\"60\":1,\"61\":3,\"62\":1,\"63\":3,\"64\":1,\"65\":3,\"66\":1,\"67\":3,\"71\":1,\"72\":1,\"75\":3,\"78\":1,\"81\":3,\"82\":2,\"85\":7,\"86\":1,\"88\":1,\"89\":1,\"90\":6,\"91\":4,\"93\":1,\"94\":3,\"95\":2,\"96\":1,\"97\":11,\"98\":9,\"99\":11,\"100\":1,\"102\":6,\"103\":1,\"105\":1,\"106\":3,\"107\":3,\"110\":2,\"112\":2,\"113\":2,\"114\":1,\"116\":2,\"117\":6,\"120\":3,\"122\":1,\"126\":2,\"127\":8,\"128\":4,\"129\":2,\"130\":2,\"134\":3,\"135\":5,\"138\":5,\"139\":3,\"141\":1,\"142\":1,\"144\":2,\"145\":3,\"146\":2,\"147\":11,\"148\":2,\"149\":2,\"150\":6,\"151\":2,\"152\":7,\"153\":7,\"154\":5,\"156\":3,\"157\":1,\"159\":10,\"160\":3,\"162\":3,\"163\":2,\"165\":2,\"167\":1,\"168\":2,\"169\":11,\"170\":1,\"173\":1,\"174\":5,\"175\":3,\"176\":2,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"184\":2,\"185\":2,\"186\":2,\"187\":2,\"188\":2,\"189\":2,\"190\":1,\"195\":3,\"196\":1,\"199\":1,\"204\":3,\"205\":3,\"206\":1,\"207\":1,\"210\":1,\"211\":1,\"212\":3,\"213\":3,\"214\":2,\"217\":3,\"218\":2,\"219\":1,\"221\":2,\"222\":3,\"223\":3,\"224\":3,\"225\":2,\"228\":3,\"230\":2,\"231\":4,\"232\":4,\"235\":1,\"236\":1,\"238\":4,\"240\":1,\"241\":2,\"242\":2,\"243\":2,\"244\":1,\"249\":3,\"250\":3,\"251\":3,\"252\":2,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"265\":1,\"266\":1,\"271\":2,\"272\":2,\"273\":1,\"274\":1,\"275\":2,\"276\":3,\"277\":1,\"278\":1,\"279\":1,\"285\":4,\"286\":3,\"289\":9,\"290\":16,\"296\":4,\"297\":3,\"300\":9,\"301\":15,\"302\":2,\"303\":1,\"304\":4,\"305\":4,\"306\":1,\"307\":4,\"308\":2,\"309\":1,\"310\":4,\"311\":2,\"312\":1,\"313\":2,\"314\":3,\"315\":1,\"316\":2,\"318\":2,\"319\":2,\"320\":1,\"321\":2,\"322\":3,\"325\":1,\"329\":1,\"331\":3,\"332\":9,\"333\":2,\"334\":6,\"335\":3,\"338\":21,\"340\":2,\"341\":4,\"342\":2,\"344\":4,\"345\":1,\"346\":4,\"347\":4,\"348\":7,\"349\":9,\"352\":10,\"354\":3,\"356\":7,\"357\":6,\"358\":3,\"361\":4,\"362\":2,\"364\":5,\"367\":15,\"371\":2,\"373\":1,\"374\":3,\"377\":8,\"379\":4,\"381\":4,\"383\":6,\"384\":3,\"387\":4,\"388\":2,\"390\":10,\"393\":19,\"394\":2,\"395\":2,\"397\":1,\"398\":3,\"399\":3,\"402\":1,\"403\":1,\"404\":1,\"407\":3,\"408\":2,\"409\":1,\"410\":1,\"412\":2,\"413\":1,\"414\":2,\"415\":3,\"416\":4,\"417\":9,\"418\":2,\"419\":16,\"422\":4,\"423\":3,\"427\":6,\"428\":1,\"429\":5,\"430\":1,\"431\":1,\"433\":1,\"434\":1,\"439\":5,\"442\":15,\"443\":9,\"444\":3,\"445\":3,\"446\":2,\"447\":2,\"448\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"459\":10,\"460\":4,\"461\":1,\"462\":2,\"465\":3,\"466\":3,\"470\":8,\"471\":1,\"472\":4,\"473\":1,\"478\":5,\"481\":17,\"482\":9,\"483\":3,\"484\":3,\"485\":6,\"488\":3,\"489\":3,\"493\":8,\"494\":1,\"495\":4,\"496\":1,\"501\":5,\"504\":15,\"505\":9,\"506\":3,\"507\":3,\"508\":6,\"509\":2,\"510\":1,\"511\":2,\"514\":3,\"515\":3,\"519\":8,\"520\":1,\"521\":4,\"522\":1,\"527\":5,\"530\":15,\"531\":9,\"532\":3,\"533\":3,\"534\":6,\"535\":2,\"536\":3,\"537\":4,\"540\":3,\"541\":3,\"545\":8,\"546\":1,\"547\":6,\"552\":1,\"557\":5,\"560\":15,\"561\":9,\"562\":3,\"563\":3,\"564\":10,\"565\":5,\"566\":1,\"567\":2,\"570\":3,\"571\":3,\"575\":6,\"576\":1,\"577\":5,\"582\":1,\"587\":5,\"590\":15,\"591\":9,\"592\":3,\"593\":3,\"594\":10,\"595\":4,\"596\":1,\"597\":2,\"600\":3,\"601\":3,\"605\":6,\"606\":1,\"607\":5,\"612\":1,\"617\":5,\"620\":15,\"621\":9,\"622\":3,\"623\":3,\"624\":10,\"625\":4,\"626\":1,\"627\":2,\"628\":1,\"631\":3,\"632\":2,\"633\":1,\"634\":1,\"636\":2,\"637\":1,\"638\":2,\"639\":3,\"640\":4,\"641\":9,\"642\":2,\"643\":16,\"646\":4,\"647\":3,\"651\":6,\"652\":1,\"653\":5,\"658\":1,\"663\":5,\"666\":15,\"667\":9,\"668\":3,\"669\":3,\"670\":10,\"671\":4,\"672\":1,\"673\":2,\"674\":1,\"677\":3,\"678\":2,\"679\":1,\"680\":1,\"682\":2,\"683\":1,\"684\":2,\"685\":3,\"686\":4,\"687\":9,\"688\":2,\"689\":16,\"692\":4,\"693\":3,\"697\":6,\"698\":1,\"699\":5,\"704\":1,\"709\":5,\"712\":15,\"713\":9,\"714\":3,\"715\":3,\"716\":10,\"717\":4,\"718\":1,\"719\":2,\"720\":1,\"723\":3,\"724\":2,\"725\":1,\"726\":1,\"728\":2,\"729\":1,\"730\":2,\"731\":3,\"732\":4,\"733\":9,\"734\":2,\"735\":16,\"738\":4,\"739\":3,\"743\":6,\"744\":1,\"745\":5,\"750\":1,\"755\":5,\"758\":15,\"759\":9,\"760\":3,\"761\":3,\"762\":10,\"763\":4,\"764\":1,\"765\":2,\"766\":1,\"769\":3,\"770\":2,\"771\":1,\"772\":1,\"774\":2,\"775\":1,\"776\":2,\"777\":3,\"778\":4,\"779\":9,\"780\":2,\"781\":16,\"784\":4,\"785\":3,\"789\":6,\"790\":1,\"791\":5,\"792\":1,\"793\":1,\"795\":1,\"796\":1,\"801\":5,\"804\":15,\"805\":9,\"806\":3,\"807\":3,\"808\":10,\"809\":4,\"810\":1,\"811\":2,\"812\":1,\"815\":3,\"816\":2,\"817\":1,\"818\":1,\"820\":2,\"821\":1,\"822\":2,\"823\":3,\"824\":4,\"825\":9,\"826\":2,\"827\":16,\"830\":4,\"831\":3,\"835\":6,\"836\":1,\"837\":5,\"838\":1,\"839\":1,\"841\":1,\"842\":1,\"847\":5,\"850\":15,\"851\":9,\"852\":3,\"853\":3,\"854\":10,\"855\":1,\"856\":1,\"857\":2,\"858\":1,\"861\":3,\"862\":2,\"863\":1,\"864\":1,\"866\":2,\"867\":1,\"868\":2,\"869\":3,\"870\":4,\"871\":9,\"872\":2,\"873\":16,\"876\":4,\"877\":3,\"881\":6,\"882\":1,\"883\":5,\"884\":1,\"885\":1,\"887\":1,\"888\":1,\"893\":5,\"896\":15,\"897\":9,\"898\":3,\"899\":3,\"900\":2,\"901\":2,\"902\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"913\":10,\"914\":4,\"915\":1,\"916\":2,\"920\":4,\"921\":1,\"922\":2,\"924\":1,\"925\":1,\"926\":1,\"928\":1,\"930\":4,\"932\":3,\"933\":2,\"934\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"941\":2,\"942\":2,\"943\":2,\"944\":2,\"945\":2,\"946\":2,\"947\":2,\"948\":2,\"949\":2,\"950\":2,\"953\":3,\"956\":3,\"957\":3,\"958\":1,\"959\":1,\"961\":1,\"962\":1,\"963\":3,\"964\":3,\"965\":2,\"968\":3,\"969\":2,\"970\":1,\"972\":2,\"973\":3,\"974\":3,\"975\":3,\"976\":2,\"979\":3,\"981\":2,\"984\":1,\"987\":1,\"988\":1,\"990\":1,\"993\":3,\"994\":2,\"996\":1,\"997\":1,\"1002\":3,\"1003\":5,\"1004\":1,\"1005\":3,\"1008\":2,\"1009\":2,\"1010\":2,\"1013\":3,\"1015\":2,\"1024\":4,\"1025\":3,\"1026\":2,\"1033\":2,\"1034\":2,\"1035\":1,\"1036\":1,\"1037\":2,\"1038\":2,\"1039\":3,\"1040\":1,\"1041\":1,\"1042\":1,\"1045\":1,\"1049\":4,\"1050\":1,\"1051\":2,\"1053\":1,\"1054\":1,\"1055\":1,\"1056\":3,\"1057\":1,\"1059\":2,\"1060\":2,\"1061\":2,\"1064\":3,\"1065\":3,\"1066\":4,\"1068\":3,\"1069\":2,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1077\":2,\"1078\":2,\"1079\":2,\"1080\":1,\"1086\":3,\"1087\":2,\"1089\":1,\"1090\":1,\"1095\":3,\"1096\":5,\"1097\":1,\"1098\":3,\"1101\":2,\"1102\":2,\"1103\":2,\"1106\":3,\"1108\":2,\"1117\":4,\"1118\":3,\"1119\":2,\"1120\":2,\"1127\":2,\"1128\":2,\"1129\":1,\"1130\":1,\"1131\":2,\"1132\":2,\"1133\":3,\"1134\":1,\"1135\":1,\"1136\":1,\"1139\":1,\"1143\":4,\"1145\":3,\"1146\":2,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1154\":2,\"1155\":2,\"1156\":2,\"1157\":2,\"1158\":2,\"1159\":2,\"1162\":3,\"1165\":3,\"1166\":3,\"1167\":1,\"1168\":1,\"1171\":1,\"1172\":1,\"1173\":3,\"1174\":3,\"1175\":2,\"1178\":3,\"1179\":2,\"1180\":1,\"1182\":2,\"1183\":3,\"1184\":3,\"1185\":3,\"1186\":2,\"1189\":3,\"1191\":2,\"1194\":1,\"1195\":1,\"1198\":1,\"1199\":1,\"1205\":3,\"1206\":5,\"1207\":1,\"1208\":3,\"1211\":2,\"1212\":2,\"1213\":2,\"1216\":3,\"1218\":2,\"1227\":2,\"1228\":2,\"1229\":2,\"1232\":3,\"1233\":3,\"1234\":4,\"1236\":3,\"1237\":2,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1245\":1,\"1250\":3,\"1252\":1,\"1253\":1,\"1258\":2,\"1259\":2,\"1260\":1,\"1261\":1,\"1262\":2,\"1263\":3,\"1264\":1,\"1265\":1,\"1266\":1,\"1273\":3,\"1274\":5,\"1275\":1,\"1276\":3,\"1279\":2,\"1280\":2,\"1281\":2,\"1284\":3,\"1286\":2,\"1294\":4,\"1296\":3,\"1297\":2,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1305\":2,\"1306\":2,\"1307\":2,\"1308\":2,\"1309\":2,\"1310\":2,\"1313\":3,\"1316\":3,\"1317\":3,\"1318\":1,\"1319\":1,\"1322\":1,\"1323\":1,\"1324\":3,\"1325\":3,\"1326\":2,\"1329\":3,\"1330\":2,\"1331\":1,\"1333\":2,\"1334\":3,\"1335\":3,\"1336\":3,\"1337\":2,\"1340\":3,\"1342\":2,\"1345\":1,\"1346\":1,\"1349\":1,\"1350\":1,\"1355\":4,\"1356\":1,\"1357\":2,\"1359\":1,\"1360\":2,\"1361\":1,\"1362\":3,\"1363\":1,\"1365\":2,\"1366\":2,\"1367\":2,\"1370\":3,\"1371\":3,\"1372\":4,\"1374\":3,\"1375\":2,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1383\":1,\"1389\":3,\"1391\":1,\"1392\":1,\"1397\":3,\"1398\":5,\"1399\":1,\"1400\":3,\"1403\":2,\"1404\":2,\"1405\":2,\"1408\":3,\"1410\":2,\"1419\":4,\"1420\":3,\"1421\":2,\"1422\":2,\"1429\":2,\"1430\":2,\"1431\":1,\"1432\":1,\"1433\":2,\"1434\":3,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1445\":3,\"1446\":5,\"1447\":1,\"1448\":3,\"1451\":2,\"1452\":2,\"1453\":2,\"1456\":3,\"1458\":2,\"1466\":4,\"1468\":3,\"1469\":2,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1477\":2,\"1478\":2,\"1479\":2,\"1480\":2,\"1481\":2,\"1482\":2,\"1483\":2,\"1486\":3,\"1489\":3,\"1490\":3,\"1491\":1,\"1492\":1,\"1494\":1,\"1495\":1,\"1496\":3,\"1497\":3,\"1498\":2,\"1501\":3,\"1502\":2,\"1503\":1,\"1505\":2,\"1506\":3,\"1507\":3,\"1508\":3,\"1509\":2,\"1512\":3,\"1514\":2,\"1517\":1,\"1520\":1,\"1521\":1,\"1523\":1,\"1525\":1,\"1526\":1,\"1531\":4,\"1532\":1,\"1533\":2,\"1535\":1,\"1536\":2,\"1537\":1,\"1538\":3,\"1539\":1,\"1541\":2,\"1542\":2,\"1543\":2,\"1546\":3,\"1547\":3,\"1548\":4,\"1550\":3,\"1551\":2,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1559\":1,\"1565\":3,\"1567\":1,\"1568\":1,\"1573\":3,\"1574\":5,\"1575\":1,\"1576\":3,\"1579\":2,\"1580\":2,\"1581\":2,\"1584\":3,\"1586\":2,\"1595\":4,\"1596\":3,\"1597\":2,\"1598\":2,\"1605\":2,\"1606\":2,\"1607\":1,\"1608\":1,\"1609\":2,\"1610\":2,\"1611\":3,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1622\":3,\"1623\":5,\"1624\":1,\"1625\":3,\"1628\":2,\"1629\":2,\"1630\":2,\"1633\":3,\"1635\":2,\"1643\":4,\"1645\":3,\"1646\":2,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1654\":2,\"1655\":2,\"1656\":2,\"1657\":2,\"1658\":2,\"1659\":2,\"1660\":2,\"1663\":3,\"1666\":3,\"1667\":3,\"1668\":1,\"1669\":1,\"1671\":1,\"1672\":1,\"1673\":3,\"1674\":3,\"1675\":2,\"1678\":3,\"1679\":2,\"1680\":1,\"1682\":2,\"1683\":3,\"1684\":3,\"1685\":3,\"1686\":2,\"1689\":3,\"1691\":2,\"1694\":1,\"1697\":1,\"1698\":1,\"1700\":1,\"1702\":1,\"1703\":1,\"1708\":4,\"1709\":1,\"1710\":2,\"1712\":1,\"1713\":2,\"1714\":1,\"1715\":3,\"1716\":1,\"1718\":2,\"1719\":2,\"1720\":2,\"1723\":3,\"1724\":3,\"1725\":4,\"1727\":3,\"1728\":2,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1736\":1,\"1742\":3,\"1744\":1,\"1745\":1,\"1750\":3,\"1751\":5,\"1752\":1,\"1753\":3,\"1756\":2,\"1757\":2,\"1758\":2,\"1761\":3,\"1763\":2,\"1772\":4,\"1773\":3,\"1774\":2,\"1775\":2,\"1782\":2,\"1783\":2,\"1784\":1,\"1785\":1,\"1786\":2,\"1787\":2,\"1788\":3,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1799\":3,\"1800\":5,\"1801\":1,\"1802\":3,\"1805\":2,\"1806\":2,\"1807\":2,\"1810\":3,\"1812\":2,\"1820\":4,\"1822\":3,\"1823\":2,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1831\":2,\"1832\":2,\"1833\":2,\"1834\":2,\"1835\":2,\"1836\":2,\"1837\":2,\"1840\":3,\"1843\":3,\"1844\":3,\"1845\":1,\"1846\":1,\"1848\":1,\"1849\":1,\"1850\":3,\"1851\":3,\"1852\":2,\"1855\":3,\"1856\":2,\"1857\":1,\"1859\":2,\"1860\":3,\"1861\":3,\"1862\":3,\"1863\":2,\"1866\":3,\"1868\":2,\"1871\":1,\"1874\":1,\"1875\":1,\"1877\":1,\"1879\":1,\"1880\":1,\"1885\":4,\"1886\":1,\"1887\":2,\"1889\":1,\"1890\":2,\"1891\":1,\"1892\":3,\"1893\":1,\"1895\":2,\"1896\":2,\"1897\":2,\"1900\":3,\"1901\":3,\"1902\":4,\"1904\":3,\"1905\":2,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"1913\":1,\"1919\":3,\"1921\":1,\"1922\":1,\"1927\":3,\"1928\":5,\"1929\":1,\"1930\":3,\"1933\":2,\"1934\":2,\"1935\":2,\"1938\":3,\"1940\":2,\"1949\":4,\"1950\":3,\"1951\":2,\"1952\":2,\"1959\":2,\"1960\":2,\"1961\":1,\"1962\":1,\"1963\":2,\"1964\":2,\"1965\":3,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"1976\":3,\"1977\":5,\"1978\":1,\"1979\":3,\"1982\":2,\"1983\":2,\"1984\":2,\"1987\":3,\"1989\":2,\"1997\":4,\"1999\":3,\"2000\":2,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2008\":2,\"2009\":2,\"2010\":2,\"2011\":2,\"2012\":2,\"2013\":2,\"2014\":2,\"2017\":3,\"2020\":3,\"2021\":3,\"2022\":1,\"2023\":1,\"2025\":1,\"2026\":1,\"2027\":3,\"2028\":3,\"2029\":2,\"2032\":3,\"2033\":2,\"2034\":1,\"2036\":2,\"2037\":3,\"2038\":3,\"2039\":3,\"2040\":2,\"2043\":3,\"2045\":2,\"2048\":1,\"2051\":1,\"2052\":1,\"2054\":1,\"2056\":1,\"2057\":1,\"2062\":4,\"2063\":1,\"2064\":2,\"2066\":1,\"2067\":2,\"2068\":1,\"2069\":3,\"2070\":1,\"2072\":2,\"2073\":2,\"2074\":2,\"2077\":3,\"2078\":3,\"2079\":4,\"2081\":3,\"2082\":2,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2090\":1,\"2096\":3,\"2098\":1,\"2099\":1,\"2104\":3,\"2105\":5,\"2106\":1,\"2107\":3,\"2110\":2,\"2111\":2,\"2112\":2,\"2115\":3,\"2117\":2,\"2126\":4,\"2127\":3,\"2128\":2,\"2129\":2,\"2136\":2,\"2137\":2,\"2138\":1,\"2139\":1,\"2140\":2,\"2141\":2,\"2142\":3,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2153\":3,\"2154\":5,\"2155\":1,\"2156\":3,\"2159\":2,\"2160\":2,\"2161\":2,\"2164\":3,\"2166\":2,\"2174\":4,\"2176\":3,\"2177\":2,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2185\":2,\"2186\":2,\"2187\":2,\"2188\":2,\"2189\":2,\"2190\":2,\"2191\":2,\"2194\":3,\"2197\":3,\"2198\":3,\"2199\":1,\"2200\":1,\"2202\":1,\"2203\":1,\"2204\":3,\"2205\":3,\"2206\":2,\"2209\":3,\"2210\":2,\"2211\":1,\"2213\":2,\"2214\":3,\"2215\":3,\"2216\":3,\"2217\":2,\"2220\":3,\"2222\":2,\"2225\":1,\"2228\":1,\"2229\":1,\"2231\":1,\"2233\":1,\"2234\":1,\"2239\":4,\"2240\":1,\"2241\":2,\"2243\":1,\"2244\":2,\"2245\":1,\"2246\":3,\"2247\":1,\"2249\":2,\"2250\":2,\"2251\":2,\"2254\":3,\"2255\":3,\"2256\":4,\"2258\":3,\"2259\":2,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2267\":1,\"2273\":3,\"2275\":1,\"2276\":1,\"2281\":3,\"2282\":5,\"2283\":1,\"2284\":3,\"2287\":2,\"2288\":2,\"2289\":2,\"2292\":3,\"2294\":2,\"2303\":4,\"2304\":3,\"2305\":2,\"2306\":2,\"2313\":2,\"2314\":2,\"2315\":1,\"2316\":1,\"2317\":2,\"2318\":2,\"2319\":3,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2327\":4,\"2328\":1,\"2329\":2,\"2331\":1,\"2332\":1,\"2333\":1,\"2335\":1,\"2340\":3,\"2341\":5,\"2342\":1,\"2343\":3,\"2346\":2,\"2347\":2,\"2348\":2,\"2351\":3,\"2353\":2,\"2361\":4,\"2363\":3,\"2364\":2,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2372\":2,\"2373\":2,\"2374\":2,\"2375\":2,\"2376\":2,\"2377\":2,\"2378\":2,\"2379\":2,\"2380\":2,\"2381\":2,\"2384\":3,\"2387\":3,\"2388\":3,\"2389\":1,\"2390\":1,\"2392\":1,\"2393\":1,\"2394\":3,\"2395\":3,\"2396\":2,\"2399\":3,\"2400\":2,\"2401\":1,\"2403\":2,\"2404\":3,\"2405\":3,\"2406\":3,\"2407\":2,\"2410\":3,\"2412\":2,\"2415\":1,\"2418\":1,\"2419\":1,\"2421\":1,\"2424\":3,\"2425\":2,\"2427\":1,\"2428\":1,\"2431\":4,\"2432\":3,\"2433\":2,\"2440\":2,\"2441\":2,\"2442\":1,\"2443\":1,\"2444\":2,\"2445\":2,\"2446\":3,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2454\":4,\"2455\":1,\"2456\":2,\"2458\":1,\"2459\":1,\"2460\":1,\"2461\":3,\"2462\":1,\"2464\":2,\"2465\":2,\"2466\":2,\"2469\":3,\"2470\":3,\"2471\":4,\"2473\":3,\"2474\":2,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2482\":2,\"2483\":2,\"2484\":2,\"2485\":1,\"2491\":3,\"2492\":2,\"2494\":1,\"2495\":1,\"2500\":3,\"2501\":5,\"2502\":1,\"2503\":3,\"2506\":2,\"2507\":2,\"2508\":2,\"2511\":3,\"2513\":2,\"2522\":4,\"2523\":3,\"2524\":2,\"2525\":2,\"2532\":2,\"2533\":2,\"2534\":1,\"2535\":1,\"2536\":2,\"2537\":2,\"2538\":3,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2546\":4,\"2547\":1,\"2548\":2,\"2550\":1,\"2551\":1,\"2552\":1,\"2554\":1,\"2559\":3,\"2560\":5,\"2561\":1,\"2562\":3,\"2565\":2,\"2566\":2,\"2567\":2,\"2570\":3,\"2572\":2,\"2580\":4,\"2582\":3,\"2583\":2,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2591\":2,\"2592\":2,\"2593\":2,\"2594\":2,\"2595\":2,\"2596\":2,\"2597\":2,\"2598\":2,\"2599\":2,\"2600\":2,\"2603\":3,\"2606\":3,\"2607\":3,\"2608\":1,\"2609\":1,\"2611\":1,\"2612\":1,\"2613\":3,\"2614\":3,\"2615\":2,\"2618\":3,\"2619\":2,\"2620\":1,\"2622\":2,\"2623\":3,\"2624\":3,\"2625\":3,\"2626\":2,\"2629\":3,\"2631\":2,\"2634\":1,\"2637\":1,\"2638\":1,\"2640\":1,\"2643\":3,\"2644\":2,\"2646\":1,\"2647\":1,\"2650\":4,\"2651\":3,\"2652\":2,\"2659\":2,\"2660\":2,\"2661\":1,\"2662\":1,\"2663\":2,\"2664\":2,\"2665\":3,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2673\":4,\"2674\":1,\"2675\":2,\"2677\":1,\"2678\":1,\"2679\":1,\"2680\":3,\"2681\":1,\"2683\":2,\"2684\":2,\"2685\":2,\"2688\":3,\"2689\":3,\"2690\":4,\"2692\":3,\"2693\":2,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2701\":2,\"2702\":2,\"2703\":2,\"2704\":1,\"2710\":3,\"2711\":2,\"2713\":1,\"2714\":1,\"2719\":3,\"2720\":5,\"2721\":1,\"2722\":3,\"2725\":2,\"2726\":2,\"2727\":2,\"2730\":3,\"2732\":2,\"2741\":4,\"2742\":3,\"2743\":2,\"2744\":2,\"2751\":2,\"2752\":2,\"2753\":1,\"2754\":1,\"2755\":2,\"2756\":2,\"2757\":3,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2765\":4,\"2766\":1,\"2767\":2,\"2769\":1,\"2770\":1,\"2771\":1,\"2773\":1,\"2778\":3,\"2779\":5,\"2780\":1,\"2781\":3,\"2784\":2,\"2785\":2,\"2786\":2,\"2789\":3,\"2791\":2,\"2799\":4,\"2801\":3,\"2802\":2,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2810\":2,\"2811\":2,\"2812\":2,\"2813\":2,\"2814\":2,\"2815\":2,\"2816\":2,\"2817\":2,\"2818\":2,\"2819\":2,\"2822\":3,\"2825\":3,\"2826\":3,\"2827\":1,\"2828\":1,\"2830\":1,\"2831\":1,\"2832\":3,\"2833\":3,\"2834\":2,\"2837\":3,\"2838\":2,\"2839\":1,\"2841\":2,\"2842\":3,\"2843\":3,\"2844\":3,\"2845\":2,\"2848\":3,\"2850\":2,\"2853\":1,\"2856\":1,\"2857\":1,\"2859\":1,\"2862\":3,\"2863\":2,\"2865\":1,\"2866\":1,\"2869\":4,\"2870\":3,\"2871\":2,\"2878\":2,\"2879\":2,\"2880\":1,\"2881\":1,\"2882\":2,\"2883\":2,\"2884\":3,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2892\":4,\"2893\":1,\"2894\":2,\"2896\":1,\"2897\":1,\"2898\":1,\"2899\":3,\"2900\":1,\"2902\":2,\"2903\":2,\"2904\":2,\"2907\":3,\"2908\":3,\"2909\":4,\"2911\":3,\"2912\":2,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"2920\":2,\"2921\":2,\"2922\":2,\"2923\":1,\"2929\":3,\"2930\":2,\"2932\":1,\"2933\":1,\"2938\":3,\"2939\":5,\"2940\":1,\"2941\":3,\"2944\":2,\"2945\":2,\"2946\":2,\"2949\":3,\"2951\":2,\"2960\":4,\"2961\":3,\"2962\":2,\"2963\":2,\"2970\":2,\"2971\":2,\"2972\":1,\"2973\":1,\"2974\":2,\"2975\":2,\"2976\":3,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"2984\":4,\"2985\":1,\"2986\":2,\"2988\":1,\"2989\":1,\"2990\":1,\"2992\":1,\"2997\":3,\"2998\":5,\"2999\":1,\"3000\":3,\"3003\":2,\"3004\":2,\"3005\":2,\"3008\":3,\"3010\":2,\"3018\":4,\"3020\":3,\"3021\":2,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3029\":2,\"3030\":2,\"3031\":2,\"3032\":2,\"3033\":2,\"3034\":2,\"3035\":2,\"3036\":2,\"3037\":2,\"3038\":2,\"3041\":3,\"3044\":3,\"3045\":3,\"3046\":1,\"3047\":1,\"3049\":1,\"3050\":1,\"3051\":3,\"3052\":3,\"3053\":2,\"3056\":3,\"3057\":2,\"3058\":1,\"3060\":2,\"3061\":3,\"3062\":3,\"3063\":3,\"3064\":2,\"3067\":3,\"3069\":2,\"3072\":1,\"3075\":1,\"3076\":1,\"3078\":1,\"3081\":3,\"3082\":2,\"3084\":1,\"3085\":1,\"3088\":4,\"3089\":3,\"3090\":2,\"3097\":2,\"3098\":2,\"3099\":1,\"3100\":1,\"3101\":2,\"3102\":2,\"3103\":3,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3111\":4,\"3112\":1,\"3113\":2,\"3115\":1,\"3116\":1,\"3117\":1,\"3118\":3,\"3119\":1,\"3121\":2,\"3122\":2,\"3123\":2,\"3126\":3,\"3127\":3,\"3128\":4,\"3130\":3,\"3131\":2,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3139\":2,\"3140\":2,\"3141\":2,\"3142\":1,\"3148\":3,\"3149\":2,\"3151\":1,\"3152\":1,\"3157\":3,\"3158\":5,\"3159\":1,\"3160\":3,\"3163\":2,\"3164\":2,\"3165\":2,\"3168\":3,\"3170\":2,\"3179\":4,\"3180\":3,\"3181\":2,\"3182\":2,\"3189\":2,\"3190\":2,\"3191\":1,\"3192\":1,\"3193\":2,\"3194\":2,\"3195\":3,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3203\":4,\"3204\":1,\"3205\":2,\"3207\":1,\"3208\":1,\"3209\":1,\"3211\":1,\"3213\":4,\"3215\":3,\"3216\":2,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3224\":2,\"3225\":2,\"3226\":2,\"3227\":2,\"3228\":2,\"3229\":2,\"3230\":2,\"3231\":2,\"3232\":2,\"3233\":2,\"3236\":3,\"3239\":3,\"3240\":3,\"3241\":1,\"3242\":1,\"3244\":1,\"3245\":1,\"3246\":3,\"3247\":3,\"3248\":2,\"3251\":3,\"3252\":2,\"3253\":1,\"3255\":2,\"3256\":3,\"3257\":3,\"3258\":3,\"3259\":2,\"3262\":3,\"3264\":2,\"3267\":1,\"3270\":1,\"3271\":1,\"3273\":1,\"3276\":3,\"3277\":2,\"3279\":1,\"3280\":1,\"3285\":3,\"3286\":5,\"3287\":1,\"3288\":3,\"3291\":2,\"3292\":2,\"3293\":2,\"3296\":3,\"3298\":2,\"3307\":4,\"3308\":3,\"3309\":2,\"3316\":2,\"3317\":2,\"3318\":1,\"3319\":1,\"3320\":2,\"3321\":2,\"3322\":3,\"3323\":1,\"3324\":1,\"3325\":1,\"3328\":1,\"3332\":4,\"3333\":1,\"3334\":2,\"3336\":1,\"3337\":1,\"3338\":1,\"3339\":3,\"3340\":1,\"3342\":2,\"3343\":2,\"3344\":2,\"3347\":3,\"3348\":3,\"3349\":4,\"3351\":3,\"3352\":2,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1,\"3360\":2,\"3361\":2,\"3362\":2,\"3363\":1,\"3369\":3,\"3370\":2,\"3372\":1,\"3373\":1,\"3378\":3,\"3379\":5,\"3380\":1,\"3381\":3,\"3384\":2,\"3385\":2,\"3386\":2,\"3389\":3,\"3391\":2,\"3400\":4,\"3401\":3,\"3402\":2,\"3403\":2,\"3410\":2,\"3411\":2,\"3412\":1,\"3413\":1,\"3414\":2,\"3415\":2,\"3416\":3,\"3417\":1,\"3418\":1,\"3419\":1,\"3422\":1}}],[\"szktxyq2rh5se+j\",{\"1\":{\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"skills\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"skip\",{\"1\":{\"286\":1,\"297\":1,\"413\":2,\"637\":2,\"683\":2,\"729\":2,\"775\":2,\"821\":2,\"867\":2}}],[\"src\",{\"1\":{\"331\":3,\"332\":1}}],[\"slides\",{\"1\":{\"318\":1}}],[\"sleep\",{\"0\":{\"210\":1,\"235\":1,\"961\":1,\"987\":1,\"1171\":1,\"1194\":1,\"1322\":1,\"1345\":1,\"1494\":1,\"1520\":1,\"1671\":1,\"1697\":1,\"1848\":1,\"1874\":1,\"2025\":1,\"2051\":1,\"2202\":1,\"2228\":1,\"2392\":1,\"2418\":1,\"2611\":1,\"2637\":1,\"2830\":1,\"2856\":1,\"3049\":1,\"3075\":1,\"3244\":1,\"3270\":1},\"1\":{\"210\":1,\"235\":1,\"961\":1,\"987\":1,\"1171\":1,\"1194\":1,\"1322\":1,\"1345\":1,\"1494\":1,\"1520\":1,\"1671\":1,\"1697\":1,\"1848\":1,\"1874\":1,\"2025\":1,\"2051\":1,\"2202\":1,\"2228\":1,\"2392\":1,\"2418\":1,\"2611\":1,\"2637\":1,\"2830\":1,\"2856\":1,\"3049\":1,\"3075\":1,\"3244\":1,\"3270\":1}}],[\"sample\",{\"1\":{\"318\":1,\"423\":1,\"466\":1,\"489\":1,\"515\":1,\"541\":1,\"571\":1,\"601\":1,\"647\":1,\"693\":1,\"739\":1,\"785\":1,\"831\":1,\"877\":1}}],[\"same\",{\"1\":{\"102\":1,\"138\":1,\"159\":5,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"303\":4,\"346\":2,\"347\":1,\"364\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"smooth\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"small\",{\"1\":{\"395\":1,\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"smime\",{\"0\":{\"224\":1,\"225\":2,\"975\":1,\"976\":2,\"1185\":1,\"1186\":2,\"1336\":1,\"1337\":2,\"1508\":1,\"1509\":2,\"1685\":1,\"1686\":2,\"1862\":1,\"1863\":2,\"2039\":1,\"2040\":2,\"2216\":1,\"2217\":2,\"2406\":1,\"2407\":2,\"2625\":1,\"2626\":2,\"2844\":1,\"2845\":2,\"3063\":1,\"3064\":2,\"3258\":1,\"3259\":2},\"1\":{\"224\":2,\"225\":3,\"457\":8,\"911\":8,\"975\":2,\"976\":3,\"1185\":2,\"1186\":3,\"1336\":2,\"1337\":3,\"1508\":2,\"1509\":3,\"1685\":2,\"1686\":3,\"1862\":2,\"1863\":3,\"2039\":2,\"2040\":3,\"2216\":2,\"2217\":3,\"2406\":2,\"2407\":3,\"2625\":2,\"2626\":3,\"2844\":2,\"2845\":3,\"3063\":2,\"3064\":3,\"3258\":2,\"3259\":3}}],[\"smtps\",{\"1\":{\"230\":1,\"981\":1,\"1191\":1,\"1342\":1,\"1514\":1,\"1691\":1,\"1868\":1,\"2045\":1,\"2222\":1,\"2412\":1,\"2631\":1,\"2850\":1,\"3069\":1,\"3264\":1}}],[\"smtp\",{\"1\":{\"212\":3,\"213\":3,\"214\":1,\"216\":2,\"219\":3,\"220\":1,\"222\":1,\"223\":1,\"228\":3,\"229\":3,\"230\":1,\"455\":1,\"909\":1,\"963\":3,\"964\":3,\"965\":1,\"967\":2,\"970\":3,\"971\":1,\"973\":1,\"974\":1,\"979\":3,\"980\":3,\"981\":1,\"1173\":3,\"1174\":3,\"1175\":1,\"1177\":2,\"1180\":3,\"1181\":1,\"1183\":1,\"1184\":1,\"1189\":3,\"1190\":3,\"1191\":1,\"1324\":3,\"1325\":3,\"1326\":1,\"1328\":2,\"1331\":3,\"1332\":1,\"1334\":1,\"1335\":1,\"1340\":3,\"1341\":3,\"1342\":1,\"1496\":3,\"1497\":3,\"1498\":1,\"1500\":2,\"1503\":3,\"1504\":1,\"1506\":1,\"1507\":1,\"1512\":3,\"1513\":3,\"1514\":1,\"1673\":3,\"1674\":3,\"1675\":1,\"1677\":2,\"1680\":3,\"1681\":1,\"1683\":1,\"1684\":1,\"1689\":3,\"1690\":3,\"1691\":1,\"1850\":3,\"1851\":3,\"1852\":1,\"1854\":2,\"1857\":3,\"1858\":1,\"1860\":1,\"1861\":1,\"1866\":3,\"1867\":3,\"1868\":1,\"2027\":3,\"2028\":3,\"2029\":1,\"2031\":2,\"2034\":3,\"2035\":1,\"2037\":1,\"2038\":1,\"2043\":3,\"2044\":3,\"2045\":1,\"2204\":3,\"2205\":3,\"2206\":1,\"2208\":2,\"2211\":3,\"2212\":1,\"2214\":1,\"2215\":1,\"2220\":3,\"2221\":3,\"2222\":1,\"2394\":3,\"2395\":3,\"2396\":1,\"2398\":2,\"2401\":3,\"2402\":1,\"2404\":1,\"2405\":1,\"2410\":3,\"2411\":3,\"2412\":1,\"2613\":3,\"2614\":3,\"2615\":1,\"2617\":2,\"2620\":3,\"2621\":1,\"2623\":1,\"2624\":1,\"2629\":3,\"2630\":3,\"2631\":1,\"2832\":3,\"2833\":3,\"2834\":1,\"2836\":2,\"2839\":3,\"2840\":1,\"2842\":1,\"2843\":1,\"2848\":3,\"2849\":3,\"2850\":1,\"3051\":3,\"3052\":3,\"3053\":1,\"3055\":2,\"3058\":3,\"3059\":1,\"3061\":1,\"3062\":1,\"3067\":3,\"3068\":3,\"3069\":1,\"3246\":3,\"3247\":3,\"3248\":1,\"3250\":2,\"3253\":3,\"3254\":1,\"3256\":1,\"3257\":1,\"3262\":3,\"3263\":3,\"3264\":1}}],[\"switchstatements\",{\"1\":{\"159\":2}}],[\"switch\",{\"1\":{\"159\":7}}],[\"switches\",{\"1\":{\"97\":1}}],[\"sslverifyclient\",{\"1\":{\"1045\":1,\"1139\":1,\"1438\":1,\"1615\":1,\"1792\":1,\"1969\":1,\"2146\":1,\"2323\":1,\"2450\":1,\"2542\":1,\"2669\":1,\"2761\":1,\"2888\":1,\"2980\":1,\"3107\":1,\"3199\":1,\"3328\":1,\"3422\":1}}],[\"sslcertificatekeyfile\",{\"1\":{\"279\":1,\"1042\":1,\"1136\":1,\"1266\":1,\"1437\":1,\"1614\":1,\"1791\":1,\"1968\":1,\"2145\":1,\"2322\":1,\"2449\":1,\"2541\":1,\"2668\":1,\"2760\":1,\"2887\":1,\"2979\":1,\"3106\":1,\"3198\":1,\"3325\":1,\"3419\":1}}],[\"sslcertificatefile\",{\"1\":{\"278\":1,\"1041\":1,\"1135\":1,\"1265\":1,\"1436\":1,\"1613\":1,\"1790\":1,\"1967\":1,\"2144\":1,\"2321\":1,\"2448\":1,\"2540\":1,\"2667\":1,\"2759\":1,\"2886\":1,\"2978\":1,\"3105\":1,\"3197\":1,\"3324\":1,\"3418\":1}}],[\"sslcertificatechainfile\",{\"1\":{\"277\":1,\"1040\":1,\"1134\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1,\"3323\":1,\"3417\":1}}],[\"sslcadnrequestfile\",{\"1\":{\"276\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1039\":1,\"1133\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3416\":1}}],[\"sslcacertificatefile\",{\"1\":{\"275\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1038\":1,\"1132\":1,\"1262\":1,\"1433\":1,\"1610\":1,\"1787\":1,\"1964\":1,\"2141\":1,\"2318\":1,\"2445\":1,\"2537\":1,\"2664\":1,\"2756\":1,\"2883\":1,\"2975\":1,\"3102\":1,\"3194\":1,\"3321\":1,\"3415\":1}}],[\"ssl\",{\"0\":{\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3420\":1,\"3421\":1,\"3422\":1},\"1\":{\"112\":1,\"167\":1,\"170\":3,\"275\":1,\"276\":2,\"277\":2,\"278\":1,\"279\":1,\"288\":4,\"289\":4,\"299\":4,\"300\":4,\"441\":5,\"442\":6,\"452\":5,\"454\":5,\"457\":1,\"461\":22,\"462\":5,\"480\":4,\"481\":7,\"503\":4,\"504\":7,\"529\":4,\"530\":7,\"559\":4,\"560\":7,\"589\":4,\"590\":7,\"619\":4,\"620\":7,\"665\":4,\"666\":7,\"711\":4,\"712\":7,\"757\":4,\"758\":7,\"803\":4,\"804\":7,\"849\":4,\"850\":7,\"895\":5,\"896\":6,\"906\":5,\"908\":5,\"911\":1,\"915\":22,\"916\":5,\"1024\":1,\"1039\":1,\"1040\":2,\"1041\":2,\"1042\":1,\"1044\":1,\"1045\":1,\"1117\":1,\"1133\":1,\"1134\":2,\"1135\":2,\"1136\":1,\"1138\":1,\"1139\":1,\"1262\":1,\"1263\":2,\"1264\":2,\"1265\":1,\"1266\":1,\"1419\":1,\"1433\":1,\"1434\":2,\"1435\":2,\"1436\":1,\"1437\":1,\"1438\":1,\"1595\":1,\"1610\":1,\"1611\":2,\"1612\":2,\"1613\":1,\"1614\":1,\"1615\":1,\"1772\":1,\"1787\":1,\"1788\":2,\"1789\":2,\"1790\":1,\"1791\":1,\"1792\":1,\"1949\":1,\"1964\":1,\"1965\":2,\"1966\":2,\"1967\":1,\"1968\":1,\"1969\":1,\"2126\":1,\"2141\":1,\"2142\":2,\"2143\":2,\"2144\":1,\"2145\":1,\"2146\":1,\"2303\":1,\"2318\":1,\"2319\":2,\"2320\":2,\"2321\":1,\"2322\":1,\"2323\":1,\"2431\":1,\"2445\":1,\"2446\":2,\"2447\":2,\"2448\":1,\"2449\":1,\"2450\":1,\"2522\":1,\"2537\":1,\"2538\":2,\"2539\":2,\"2540\":1,\"2541\":1,\"2542\":1,\"2650\":1,\"2664\":1,\"2665\":2,\"2666\":2,\"2667\":1,\"2668\":1,\"2669\":1,\"2741\":1,\"2756\":1,\"2757\":2,\"2758\":2,\"2759\":1,\"2760\":1,\"2761\":1,\"2869\":1,\"2883\":1,\"2884\":2,\"2885\":2,\"2886\":1,\"2887\":1,\"2888\":1,\"2960\":1,\"2975\":1,\"2976\":2,\"2977\":2,\"2978\":1,\"2979\":1,\"2980\":1,\"3088\":1,\"3102\":1,\"3103\":2,\"3104\":2,\"3105\":1,\"3106\":1,\"3107\":1,\"3179\":1,\"3194\":1,\"3195\":2,\"3196\":2,\"3197\":1,\"3198\":1,\"3199\":1,\"3307\":1,\"3322\":1,\"3323\":2,\"3324\":2,\"3325\":1,\"3327\":1,\"3328\":1,\"3400\":1,\"3416\":1,\"3417\":2,\"3418\":2,\"3419\":1,\"3421\":1,\"3422\":1}}],[\"square\",{\"1\":{\"103\":1}}],[\"snapshots>\",{\"1\":{\"162\":1}}],[\"snapshot\",{\"1\":{\"141\":1,\"142\":1,\"163\":1}}],[\"sni\",{\"1\":{\"100\":1,\"170\":2}}],[\"snomed\",{\"1\":{\"94\":1}}],[\"scripts\",{\"1\":{\"404\":1,\"628\":1,\"674\":1,\"720\":1,\"766\":1,\"812\":1,\"858\":1}}],[\"scope\",{\"1\":{\"162\":1,\"398\":2}}],[\"scalar\",{\"1\":{\"920\":2,\"1049\":2,\"1355\":2,\"1388\":1,\"1531\":2,\"1708\":2,\"1885\":2,\"2062\":2,\"2239\":2,\"2327\":2,\"2454\":2,\"2546\":2,\"2673\":2,\"2765\":2,\"2892\":2,\"2984\":2,\"3111\":2,\"3203\":2,\"3332\":2}}],[\"scalars\",{\"1\":{\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"995\":1,\"1088\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2274\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2426\":1,\"2493\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2645\":1,\"2712\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2864\":1,\"2931\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3083\":1,\"3150\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3278\":1,\"3371\":1}}],[\"scalable\",{\"1\":{\"81\":1}}],[\"scales\",{\"1\":{\"98\":1}}],[\"scheme>\",{\"1\":{\"160\":1}}],[\"scheme\",{\"1\":{\"91\":1,\"160\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"schemalocation=\",{\"1\":{\"162\":1,\"398\":1}}],[\"schema\",{\"1\":{\"91\":3}}],[\"schweizer\",{\"1\":{\"26\":4,\"83\":1}}],[\"scientific\",{\"1\":{\"78\":1}}],[\"science\",{\"1\":{\"77\":1}}],[\"sciences\",{\"0\":{\"77\":1},\"1\":{\"77\":1}}],[\"scenarios\",{\"1\":{\"5\":1}}],[\"spaces\",{\"1\":{\"159\":1}}],[\"space\",{\"1\":{\"159\":162,\"160\":2,\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"995\":1,\"1088\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2274\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2426\":1,\"2493\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2645\":1,\"2712\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2864\":1,\"2931\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3083\":1,\"3150\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3278\":1,\"3371\":1}}],[\"spreadsheet\",{\"0\":{\"286\":1,\"297\":1},\"1\":{\"286\":2,\"297\":2}}],[\"sprechstunde\",{\"0\":{\"41\":1},\"1\":{\"14\":2,\"41\":4}}],[\"spring\",{\"1\":{\"147\":2,\"149\":1,\"150\":1,\"332\":6,\"346\":1,\"364\":1,\"390\":1}}],[\"speed\",{\"1\":{\"395\":1}}],[\"special\",{\"1\":{\"332\":1}}],[\"specifying\",{\"1\":{\"341\":1,\"359\":1,\"360\":1,\"385\":1,\"386\":1,\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"specify\",{\"1\":{\"276\":1,\"332\":4,\"334\":1,\"338\":1,\"341\":1,\"348\":1,\"349\":1,\"357\":1,\"536\":1,\"922\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1025\":1,\"1026\":3,\"1039\":1,\"1051\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1118\":1,\"1119\":1,\"1120\":3,\"1133\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1263\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1357\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1420\":1,\"1421\":1,\"1422\":3,\"1434\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1533\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1596\":1,\"1597\":1,\"1598\":3,\"1611\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1710\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1773\":1,\"1774\":1,\"1775\":3,\"1788\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1887\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1950\":1,\"1951\":1,\"1952\":3,\"1965\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"2064\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2127\":1,\"2128\":1,\"2129\":3,\"2142\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2241\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2304\":1,\"2305\":1,\"2306\":3,\"2319\":1,\"2329\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2432\":1,\"2433\":3,\"2446\":1,\"2456\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2523\":1,\"2524\":1,\"2525\":3,\"2538\":1,\"2548\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2651\":1,\"2652\":3,\"2665\":1,\"2675\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2742\":1,\"2743\":1,\"2744\":3,\"2757\":1,\"2767\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2870\":1,\"2871\":3,\"2884\":1,\"2894\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2961\":1,\"2962\":1,\"2963\":3,\"2976\":1,\"2986\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3089\":1,\"3090\":3,\"3103\":1,\"3113\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3180\":1,\"3181\":1,\"3182\":3,\"3195\":1,\"3205\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3308\":1,\"3309\":3,\"3322\":1,\"3334\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3401\":1,\"3402\":1,\"3403\":3,\"3416\":1}}],[\"specifies\",{\"1\":{\"332\":1,\"333\":1,\"356\":1,\"363\":1,\"389\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"specified\",{\"1\":{\"95\":2,\"277\":1,\"332\":1,\"338\":2,\"341\":1,\"352\":1,\"356\":2,\"357\":1,\"358\":1,\"359\":1,\"360\":1,\"361\":4,\"362\":2,\"382\":1,\"384\":1,\"385\":1,\"386\":1,\"387\":4,\"388\":2,\"920\":3,\"921\":1,\"922\":1,\"923\":2,\"924\":1,\"926\":1,\"995\":1,\"1002\":1,\"1003\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1040\":1,\"1049\":3,\"1050\":1,\"1051\":1,\"1052\":2,\"1053\":1,\"1055\":1,\"1056\":2,\"1088\":1,\"1095\":1,\"1096\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1134\":1,\"1197\":1,\"1205\":1,\"1206\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1251\":1,\"1264\":1,\"1273\":1,\"1274\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1348\":1,\"1355\":3,\"1356\":1,\"1357\":1,\"1358\":2,\"1359\":1,\"1361\":1,\"1362\":2,\"1390\":1,\"1397\":1,\"1398\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1435\":1,\"1445\":1,\"1446\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1524\":1,\"1531\":3,\"1532\":1,\"1533\":1,\"1534\":2,\"1535\":1,\"1537\":1,\"1538\":2,\"1566\":1,\"1573\":1,\"1574\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1612\":1,\"1622\":1,\"1623\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1701\":1,\"1708\":3,\"1709\":1,\"1710\":1,\"1711\":2,\"1712\":1,\"1714\":1,\"1715\":2,\"1743\":1,\"1750\":1,\"1751\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1789\":1,\"1799\":1,\"1800\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1878\":1,\"1885\":3,\"1886\":1,\"1887\":1,\"1888\":2,\"1889\":1,\"1891\":1,\"1892\":2,\"1920\":1,\"1927\":1,\"1928\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1966\":1,\"1976\":1,\"1977\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"2055\":1,\"2062\":3,\"2063\":1,\"2064\":1,\"2065\":2,\"2066\":1,\"2068\":1,\"2069\":2,\"2097\":1,\"2104\":1,\"2105\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2143\":1,\"2153\":1,\"2154\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2232\":1,\"2239\":3,\"2240\":1,\"2241\":1,\"2242\":2,\"2243\":1,\"2245\":1,\"2246\":2,\"2274\":1,\"2281\":1,\"2282\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2320\":1,\"2327\":3,\"2328\":1,\"2329\":1,\"2330\":2,\"2331\":1,\"2333\":1,\"2340\":1,\"2341\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2426\":1,\"2447\":1,\"2454\":3,\"2455\":1,\"2456\":1,\"2457\":2,\"2458\":1,\"2460\":1,\"2461\":2,\"2493\":1,\"2500\":1,\"2501\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2539\":1,\"2546\":3,\"2547\":1,\"2548\":1,\"2549\":2,\"2550\":1,\"2552\":1,\"2559\":1,\"2560\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2645\":1,\"2666\":1,\"2673\":3,\"2674\":1,\"2675\":1,\"2676\":2,\"2677\":1,\"2679\":1,\"2680\":2,\"2712\":1,\"2719\":1,\"2720\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2758\":1,\"2765\":3,\"2766\":1,\"2767\":1,\"2768\":2,\"2769\":1,\"2771\":1,\"2778\":1,\"2779\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2864\":1,\"2885\":1,\"2892\":3,\"2893\":1,\"2894\":1,\"2895\":2,\"2896\":1,\"2898\":1,\"2899\":2,\"2931\":1,\"2938\":1,\"2939\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2977\":1,\"2984\":3,\"2985\":1,\"2986\":1,\"2987\":2,\"2988\":1,\"2990\":1,\"2997\":1,\"2998\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3083\":1,\"3104\":1,\"3111\":3,\"3112\":1,\"3113\":1,\"3114\":2,\"3115\":1,\"3117\":1,\"3118\":2,\"3150\":1,\"3157\":1,\"3158\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3196\":1,\"3203\":3,\"3204\":1,\"3205\":1,\"3206\":2,\"3207\":1,\"3209\":1,\"3278\":1,\"3285\":1,\"3286\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3323\":1,\"3332\":3,\"3333\":1,\"3334\":1,\"3335\":2,\"3336\":1,\"3338\":1,\"3339\":2,\"3371\":1,\"3378\":1,\"3379\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3417\":1}}],[\"specification\",{\"1\":{\"147\":1,\"150\":1}}],[\"specifications\",{\"1\":{\"81\":1}}],[\"specific\",{\"1\":{\"117\":2,\"120\":1,\"127\":1,\"154\":1,\"304\":2,\"332\":1,\"338\":1,\"347\":1,\"348\":2,\"361\":4,\"362\":2,\"363\":2,\"367\":1,\"377\":1,\"387\":4,\"388\":2,\"389\":2,\"393\":1,\"407\":1,\"429\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"536\":1,\"552\":1,\"577\":1,\"582\":1,\"607\":1,\"612\":1,\"631\":1,\"653\":1,\"658\":1,\"677\":1,\"699\":1,\"704\":1,\"723\":1,\"745\":1,\"750\":1,\"769\":1,\"791\":1,\"796\":1,\"815\":1,\"837\":1,\"842\":1,\"861\":1,\"883\":1,\"888\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"speziellen\",{\"1\":{\"15\":1}}],[\"synthetic\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"syntax\",{\"1\":{\"94\":1}}],[\"syntactically\",{\"1\":{\"0\":1,\"98\":1}}],[\"synchronized\",{\"1\":{\"110\":1,\"159\":3,\"165\":1}}],[\"systemctl\",{\"1\":{\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"systematically\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"system32\",{\"1\":{\"400\":1}}],[\"systems\",{\"0\":{\"457\":1,\"911\":1},\"1\":{\"33\":1,\"35\":1,\"38\":1,\"78\":1,\"90\":1,\"94\":3,\"95\":1,\"98\":1,\"109\":1,\"127\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"system\",{\"1\":{\"16\":1,\"37\":1,\"94\":2,\"95\":1,\"99\":1,\"169\":1,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"395\":1,\"411\":1,\"442\":2,\"443\":2,\"481\":2,\"482\":2,\"504\":2,\"505\":2,\"530\":2,\"531\":2,\"560\":2,\"561\":2,\"590\":2,\"591\":2,\"620\":2,\"621\":2,\"635\":1,\"666\":2,\"667\":2,\"681\":1,\"712\":2,\"713\":2,\"727\":1,\"758\":2,\"759\":2,\"773\":1,\"804\":2,\"805\":2,\"819\":1,\"850\":2,\"851\":2,\"865\":1,\"896\":2,\"897\":2,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"systeme\",{\"1\":{\"15\":1}}],[\"sixth\",{\"1\":{\"393\":1}}],[\"sid\",{\"1\":{\"363\":2,\"389\":2}}],[\"side\",{\"1\":{\"97\":3}}],[\"signing\",{\"1\":{\"275\":1,\"276\":1,\"1039\":1,\"1133\":1,\"1262\":1,\"1263\":1,\"1433\":1,\"1434\":1,\"1610\":1,\"1611\":1,\"1787\":1,\"1788\":1,\"1964\":1,\"1965\":1,\"2141\":1,\"2142\":1,\"2318\":1,\"2319\":1,\"2445\":1,\"2446\":1,\"2537\":1,\"2538\":1,\"2664\":1,\"2665\":1,\"2756\":1,\"2757\":1,\"2883\":1,\"2884\":1,\"2975\":1,\"2976\":1,\"3102\":1,\"3103\":1,\"3194\":1,\"3195\":1,\"3322\":1,\"3416\":1}}],[\"significant\",{\"1\":{\"127\":1,\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"signed\",{\"1\":{\"224\":1,\"277\":1,\"283\":1,\"289\":2,\"294\":1,\"300\":2,\"437\":1,\"476\":1,\"481\":2,\"499\":1,\"504\":2,\"525\":1,\"530\":2,\"555\":1,\"560\":2,\"585\":1,\"590\":2,\"615\":1,\"620\":2,\"661\":1,\"666\":2,\"707\":1,\"712\":2,\"753\":1,\"758\":2,\"799\":1,\"804\":2,\"845\":1,\"850\":2,\"891\":1,\"975\":1,\"1040\":1,\"1134\":1,\"1185\":1,\"1264\":1,\"1336\":1,\"1435\":1,\"1508\":1,\"1612\":1,\"1685\":1,\"1789\":1,\"1862\":1,\"1966\":1,\"2039\":1,\"2143\":1,\"2216\":1,\"2320\":1,\"2406\":1,\"2447\":1,\"2539\":1,\"2625\":1,\"2666\":1,\"2758\":1,\"2844\":1,\"2885\":1,\"2977\":1,\"3063\":1,\"3104\":1,\"3196\":1,\"3258\":1,\"3323\":1,\"3417\":1}}],[\"sign\",{\"1\":{\"160\":1,\"413\":1,\"456\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1,\"910\":1}}],[\"singleton\",{\"1\":{\"335\":1}}],[\"single\",{\"1\":{\"331\":2,\"338\":1,\"356\":1,\"481\":1,\"920\":2,\"921\":1,\"1043\":1,\"1044\":1,\"1049\":2,\"1050\":1,\"1137\":1,\"1138\":1,\"1355\":2,\"1356\":1,\"1388\":1,\"1531\":2,\"1532\":1,\"1708\":2,\"1709\":1,\"1885\":2,\"1886\":1,\"2062\":2,\"2063\":1,\"2239\":2,\"2240\":1,\"2327\":2,\"2328\":1,\"2454\":2,\"2455\":1,\"2546\":2,\"2547\":1,\"2673\":2,\"2674\":1,\"2765\":2,\"2766\":1,\"2892\":2,\"2893\":1,\"2984\":2,\"2985\":1,\"3111\":2,\"3112\":1,\"3203\":2,\"3204\":1,\"3326\":1,\"3327\":1,\"3332\":2,\"3333\":1,\"3420\":1,\"3421\":1}}],[\"since\",{\"1\":{\"129\":1,\"154\":1,\"157\":1,\"347\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"sind\",{\"1\":{\"17\":1}}],[\"silent\",{\"1\":{\"102\":1}}],[\"sizes\",{\"1\":{\"127\":1}}],[\"size\",{\"1\":{\"99\":1,\"127\":1,\"159\":2,\"169\":1,\"264\":1,\"404\":1,\"628\":1,\"674\":1,\"720\":1,\"766\":1,\"812\":1,\"858\":1,\"982\":1,\"983\":2,\"984\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1515\":1,\"1516\":2,\"1517\":1,\"1563\":1,\"1692\":1,\"1693\":2,\"1694\":1,\"1740\":1,\"1869\":1,\"1870\":2,\"1871\":1,\"1917\":1,\"2046\":1,\"2047\":2,\"2048\":1,\"2094\":1,\"2223\":1,\"2224\":2,\"2225\":1,\"2271\":1,\"2413\":1,\"2414\":2,\"2415\":1,\"2489\":1,\"2632\":1,\"2633\":2,\"2634\":1,\"2708\":1,\"2851\":1,\"2852\":2,\"2853\":1,\"2927\":1,\"3070\":1,\"3071\":2,\"3072\":1,\"3146\":1,\"3265\":1,\"3266\":2,\"3267\":1,\"3367\":1}}],[\"simulated\",{\"1\":{\"400\":1,\"403\":1}}],[\"simulate\",{\"1\":{\"399\":1}}],[\"simulating\",{\"1\":{\"331\":1}}],[\"simultaneously\",{\"1\":{\"90\":1}}],[\"simply\",{\"1\":{\"481\":1}}],[\"simple\",{\"0\":{\"320\":1,\"328\":1,\"329\":1},\"1\":{\"159\":4,\"320\":1,\"329\":2}}],[\"simplifier\",{\"1\":{\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"simplifies\",{\"1\":{\"96\":1}}],[\"simplified\",{\"1\":{\"88\":1}}],[\"simplify\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"402\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"similar\",{\"1\":{\"147\":2,\"148\":2}}],[\"simon\",{\"1\":{\"83\":2}}],[\"sicherzustellen\",{\"1\":{\"16\":1}}],[\"sich\",{\"1\":{\"16\":2,\"18\":1,\"22\":1}}],[\"sie\",{\"1\":{\"14\":2,\"16\":1,\"22\":2,\"41\":1}}],[\"sites\",{\"1\":{\"0\":1,\"8\":1,\"32\":2,\"88\":1,\"98\":1,\"126\":1}}],[\"site\",{\"1\":{\"0\":2,\"8\":2,\"13\":1,\"32\":2,\"128\":2,\"429\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"sort\",{\"1\":{\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"socket\",{\"1\":{\"109\":1,\"327\":6}}],[\"social\",{\"1\":{\"94\":1}}],[\"sources\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"source\",{\"1\":{\"109\":1,\"116\":1,\"117\":1,\"159\":1,\"262\":1,\"285\":1,\"296\":1,\"304\":6,\"327\":22,\"395\":1,\"396\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"some\",{\"1\":{\"93\":1,\"97\":1,\"100\":1,\"170\":1,\"346\":3,\"363\":1,\"381\":1,\"389\":3,\"414\":1,\"415\":1,\"444\":2,\"459\":1,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"564\":1,\"592\":2,\"594\":1,\"622\":2,\"624\":1,\"638\":1,\"639\":1,\"668\":2,\"670\":1,\"684\":1,\"685\":1,\"714\":2,\"716\":1,\"730\":1,\"731\":1,\"760\":2,\"762\":1,\"776\":1,\"777\":1,\"806\":2,\"808\":1,\"822\":1,\"823\":1,\"852\":2,\"854\":1,\"868\":1,\"869\":1,\"898\":2,\"913\":1}}],[\"something\",{\"1\":{\"89\":1,\"417\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"641\":1,\"653\":1,\"669\":1,\"687\":1,\"699\":1,\"715\":1,\"733\":1,\"745\":1,\"761\":1,\"779\":1,\"791\":1,\"807\":1,\"825\":1,\"837\":1,\"853\":1,\"871\":1,\"883\":1,\"899\":1}}],[\"so\",{\"1\":{\"81\":1,\"91\":1,\"127\":1,\"400\":1,\"411\":1,\"444\":1,\"483\":1,\"485\":1,\"506\":1,\"508\":1,\"532\":1,\"534\":1,\"562\":1,\"592\":1,\"622\":1,\"635\":1,\"668\":1,\"681\":1,\"714\":1,\"727\":1,\"760\":1,\"773\":1,\"806\":1,\"819\":1,\"852\":1,\"865\":1,\"898\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"software\",{\"1\":{\"35\":2,\"116\":1,\"118\":1,\"319\":1,\"394\":1,\"397\":1}}],[\"solve\",{\"1\":{\"319\":1,\"381\":1,\"394\":1}}],[\"solved\",{\"1\":{\"98\":1}}],[\"sollten\",{\"1\":{\"15\":1}}],[\"sollen\",{\"1\":{\"14\":1}}],[\"solutions\",{\"1\":{\"82\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"solution\",{\"0\":{\"336\":1,\"350\":1,\"365\":1,\"375\":1,\"391\":1},\"1\":{\"6\":1,\"318\":1,\"331\":1}}],[\"soon\",{\"0\":{\"2\":1,\"87\":1},\"1\":{\"71\":1}}],[\"s\",{\"0\":{\"1043\":1,\"1137\":1,\"3326\":1,\"3420\":1},\"1\":{\"5\":1,\"26\":6,\"37\":1,\"40\":1,\"72\":1,\"75\":1,\"77\":1,\"90\":1,\"117\":1,\"147\":1,\"224\":2,\"225\":1,\"233\":1,\"283\":1,\"289\":1,\"290\":1,\"294\":1,\"300\":1,\"301\":1,\"333\":1,\"342\":1,\"346\":1,\"374\":1,\"397\":1,\"408\":1,\"415\":4,\"417\":3,\"418\":1,\"443\":1,\"452\":1,\"454\":1,\"457\":4,\"481\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"632\":1,\"639\":4,\"641\":3,\"642\":1,\"667\":1,\"678\":1,\"685\":4,\"687\":3,\"688\":1,\"713\":1,\"724\":1,\"731\":4,\"733\":3,\"734\":1,\"759\":1,\"770\":1,\"777\":4,\"779\":3,\"780\":1,\"805\":1,\"816\":1,\"823\":4,\"825\":3,\"826\":1,\"851\":1,\"862\":1,\"869\":4,\"871\":3,\"872\":1,\"897\":1,\"906\":1,\"908\":1,\"911\":4,\"975\":2,\"976\":1,\"985\":1,\"1044\":4,\"1056\":1,\"1138\":4,\"1185\":2,\"1186\":1,\"1192\":1,\"1336\":2,\"1337\":1,\"1343\":1,\"1362\":1,\"1508\":2,\"1509\":1,\"1518\":1,\"1538\":1,\"1685\":2,\"1686\":1,\"1695\":1,\"1715\":1,\"1862\":2,\"1863\":1,\"1872\":1,\"1892\":1,\"2039\":2,\"2040\":1,\"2049\":1,\"2069\":1,\"2216\":2,\"2217\":1,\"2226\":1,\"2246\":1,\"2406\":2,\"2407\":1,\"2416\":1,\"2461\":1,\"2625\":2,\"2626\":1,\"2635\":1,\"2680\":1,\"2844\":2,\"2845\":1,\"2854\":1,\"2899\":1,\"3063\":2,\"3064\":1,\"3073\":1,\"3118\":1,\"3258\":2,\"3259\":1,\"3268\":1,\"3327\":4,\"3339\":1,\"3421\":4}}],[\"suggest\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"suggestions\",{\"1\":{\"417\":1,\"419\":2,\"641\":1,\"643\":2,\"687\":1,\"689\":2,\"733\":1,\"735\":2,\"779\":1,\"781\":2,\"825\":1,\"827\":2,\"871\":1,\"873\":2}}],[\"suggestion\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"suspend=n\",{\"1\":{\"327\":6}}],[\"sustainable\",{\"1\":{\"117\":1}}],[\"sudo\",{\"1\":{\"283\":8,\"289\":4,\"290\":4,\"294\":8,\"300\":4,\"301\":4,\"303\":5,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"433\":4,\"437\":8,\"442\":3,\"443\":3,\"461\":1,\"462\":1,\"476\":8,\"481\":3,\"482\":3,\"499\":8,\"504\":3,\"505\":3,\"510\":1,\"511\":1,\"525\":8,\"530\":3,\"531\":3,\"536\":1,\"537\":1,\"555\":8,\"560\":3,\"561\":3,\"566\":1,\"567\":1,\"585\":8,\"590\":3,\"591\":3,\"596\":1,\"597\":1,\"615\":8,\"620\":3,\"621\":3,\"626\":1,\"627\":1,\"661\":8,\"666\":3,\"667\":3,\"672\":1,\"673\":1,\"707\":8,\"712\":3,\"713\":3,\"718\":1,\"719\":1,\"753\":8,\"758\":3,\"759\":3,\"764\":1,\"765\":1,\"795\":4,\"799\":8,\"804\":3,\"805\":3,\"810\":1,\"811\":1,\"841\":4,\"845\":8,\"850\":3,\"851\":3,\"856\":1,\"857\":1,\"887\":4,\"891\":8,\"896\":3,\"897\":3,\"915\":1,\"916\":1}}],[\"suitable\",{\"1\":{\"280\":1,\"291\":1}}],[\"suing\",{\"1\":{\"39\":1}}],[\"superclass\",{\"1\":{\"159\":1}}],[\"superinterfaces\",{\"1\":{\"159\":4}}],[\"supply\",{\"1\":{\"152\":1,\"153\":1}}],[\"supporting\",{\"1\":{\"152\":1}}],[\"supports\",{\"1\":{\"95\":1,\"1024\":1,\"1117\":1,\"1419\":1,\"1595\":1,\"1772\":1,\"1949\":1,\"2126\":1,\"2303\":1,\"2431\":1,\"2522\":1,\"2650\":1,\"2741\":1,\"2869\":1,\"2960\":1,\"3088\":1,\"3179\":1,\"3307\":1,\"3400\":1}}],[\"supported\",{\"1\":{\"81\":1,\"110\":1,\"165\":1,\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"994\":1,\"995\":1,\"1024\":1,\"1087\":1,\"1088\":1,\"1117\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1390\":1,\"1419\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1566\":1,\"1595\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1743\":1,\"1772\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1920\":1,\"1949\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2097\":1,\"2126\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2274\":1,\"2303\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2425\":1,\"2426\":1,\"2431\":1,\"2492\":1,\"2493\":1,\"2522\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2644\":1,\"2645\":1,\"2650\":1,\"2711\":1,\"2712\":1,\"2741\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2863\":1,\"2864\":1,\"2869\":1,\"2930\":1,\"2931\":1,\"2960\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3082\":1,\"3083\":1,\"3088\":1,\"3149\":1,\"3150\":1,\"3179\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3277\":1,\"3278\":1,\"3307\":1,\"3370\":1,\"3371\":1,\"3400\":1}}],[\"support\",{\"0\":{\"75\":1},\"1\":{\"0\":2,\"6\":1,\"12\":1,\"14\":1,\"32\":2,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"404\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"537\":1,\"562\":1,\"592\":1,\"622\":1,\"628\":1,\"668\":1,\"674\":1,\"714\":1,\"720\":1,\"760\":1,\"766\":1,\"806\":1,\"812\":1,\"852\":1,\"858\":1,\"898\":1,\"927\":1,\"2334\":1,\"2553\":1,\"2772\":1,\"2991\":1,\"3210\":1}}],[\"success\",{\"1\":{\"381\":1,\"418\":1,\"419\":1,\"642\":1,\"643\":1,\"688\":1,\"689\":1,\"734\":1,\"735\":1,\"780\":1,\"781\":1,\"826\":1,\"827\":1,\"872\":1,\"873\":1}}],[\"successfully\",{\"1\":{\"338\":3,\"352\":3,\"367\":5,\"377\":5,\"393\":7}}],[\"successful\",{\"1\":{\"126\":1,\"128\":1,\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"such\",{\"1\":{\"6\":1,\"90\":1,\"94\":1,\"95\":2,\"98\":2,\"116\":2,\"117\":4,\"126\":1,\"341\":1}}],[\"sufficient\",{\"1\":{\"98\":1,\"127\":1,\"460\":1,\"914\":1}}],[\"subset\",{\"1\":{\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"subscription\",{\"0\":{\"206\":1,\"209\":1,\"210\":1,\"211\":1,\"958\":1,\"960\":1,\"961\":1,\"962\":1,\"1167\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1318\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1491\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1668\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1845\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"2022\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2199\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2389\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2608\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2827\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"3046\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3241\":1,\"3243\":1,\"3244\":1,\"3245\":1},\"1\":{\"90\":1,\"97\":1,\"206\":2,\"209\":1,\"210\":1,\"211\":2,\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"958\":2,\"960\":1,\"961\":1,\"962\":2,\"1167\":2,\"1170\":1,\"1171\":1,\"1172\":2,\"1318\":2,\"1321\":1,\"1322\":1,\"1323\":2,\"1491\":2,\"1493\":1,\"1494\":1,\"1495\":2,\"1668\":2,\"1670\":1,\"1671\":1,\"1672\":2,\"1845\":2,\"1847\":1,\"1848\":1,\"1849\":2,\"2022\":2,\"2024\":1,\"2025\":1,\"2026\":2,\"2199\":2,\"2201\":1,\"2202\":1,\"2203\":2,\"2389\":2,\"2391\":1,\"2392\":1,\"2393\":2,\"2608\":2,\"2610\":1,\"2611\":1,\"2612\":2,\"2827\":2,\"2829\":1,\"2830\":1,\"2831\":2,\"3046\":2,\"3048\":1,\"3049\":1,\"3050\":2,\"3241\":2,\"3243\":1,\"3244\":1,\"3245\":2}}],[\"sub\",{\"1\":{\"358\":1,\"384\":1,\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1}}],[\"submodule\",{\"1\":{\"346\":1}}],[\"submitting\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"submit\",{\"1\":{\"98\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"subnet\",{\"1\":{\"327\":3}}],[\"subject\",{\"1\":{\"112\":1,\"167\":1,\"923\":2,\"1043\":2,\"1052\":2,\"1137\":2,\"1358\":2,\"1534\":2,\"1711\":2,\"1888\":2,\"2065\":2,\"2242\":2,\"2330\":2,\"2457\":2,\"2549\":2,\"2676\":2,\"2768\":2,\"2895\":2,\"2987\":2,\"3114\":2,\"3206\":2,\"3326\":2,\"3335\":2,\"3420\":2}}],[\"subprocess\",{\"1\":{\"105\":1,\"106\":1,\"107\":1}}],[\"subprocesses\",{\"1\":{\"104\":1}}],[\"sure\",{\"1\":{\"85\":1,\"134\":1,\"135\":1,\"304\":3,\"307\":3,\"310\":1,\"338\":1,\"390\":1,\"411\":1,\"433\":1,\"635\":1,\"681\":1,\"727\":1,\"773\":1,\"795\":1,\"819\":1,\"841\":1,\"865\":1,\"887\":1}}],[\"summary\",{\"1\":{\"5\":1}}],[\"shutdown\",{\"1\":{\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"shut\",{\"1\":{\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"ship\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"shell\",{\"1\":{\"327\":1}}],[\"sha\",{\"1\":{\"289\":3,\"300\":3,\"442\":1,\"481\":2,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":2,\"922\":1,\"1049\":2,\"1051\":1,\"1083\":1,\"1355\":2,\"1357\":1,\"1386\":1,\"1531\":2,\"1533\":1,\"1562\":1,\"1708\":2,\"1710\":1,\"1739\":1,\"1885\":2,\"1887\":1,\"1916\":1,\"2062\":2,\"2064\":1,\"2093\":1,\"2239\":2,\"2241\":1,\"2270\":1,\"2327\":2,\"2329\":1,\"2454\":2,\"2456\":1,\"2488\":1,\"2546\":2,\"2548\":1,\"2673\":2,\"2675\":1,\"2707\":1,\"2765\":2,\"2767\":1,\"2892\":2,\"2894\":1,\"2926\":1,\"2984\":2,\"2986\":1,\"3111\":2,\"3113\":1,\"3145\":1,\"3203\":2,\"3205\":1,\"3332\":2,\"3334\":1,\"3366\":1}}],[\"sha512\",{\"1\":{\"265\":1,\"266\":1}}],[\"sharpen\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"share\",{\"0\":{\"75\":1},\"1\":{\"75\":1,\"98\":1,\"129\":1,\"283\":2,\"294\":2,\"404\":1,\"419\":3,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"628\":1,\"643\":3,\"661\":2,\"674\":1,\"689\":3,\"707\":2,\"720\":1,\"735\":3,\"753\":2,\"766\":1,\"781\":3,\"799\":2,\"812\":1,\"827\":3,\"845\":2,\"858\":1,\"873\":3,\"891\":2}}],[\"shared\",{\"1\":{\"5\":1,\"8\":1,\"94\":1,\"261\":1}}],[\"sharing\",{\"0\":{\"0\":1,\"8\":1,\"22\":1,\"81\":1},\"1\":{\"0\":3,\"1\":1,\"5\":1,\"6\":2,\"8\":2,\"10\":1,\"12\":2,\"14\":2,\"15\":1,\"17\":3,\"20\":1,\"26\":6,\"28\":1,\"29\":2,\"30\":2,\"32\":2,\"40\":1,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"76\":1,\"88\":1,\"97\":1,\"98\":2,\"99\":1,\"109\":1,\"116\":1,\"117\":2,\"118\":2,\"130\":1,\"169\":1,\"290\":1,\"304\":2,\"307\":2,\"318\":1,\"404\":2,\"405\":1,\"416\":1,\"417\":2,\"419\":1,\"431\":1,\"433\":4,\"628\":2,\"629\":1,\"640\":1,\"641\":2,\"643\":1,\"674\":2,\"675\":1,\"686\":1,\"687\":2,\"689\":1,\"720\":2,\"721\":1,\"732\":1,\"733\":2,\"735\":1,\"748\":2,\"766\":2,\"767\":1,\"778\":1,\"779\":2,\"781\":1,\"793\":1,\"795\":4,\"812\":2,\"813\":1,\"824\":1,\"825\":2,\"827\":1,\"839\":1,\"841\":4,\"858\":2,\"859\":1,\"870\":1,\"871\":2,\"873\":1,\"885\":1,\"887\":4}}],[\"sh\",{\"1\":{\"135\":1,\"327\":2,\"457\":56,\"911\":56}}],[\"shown\",{\"1\":{\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2454\":1,\"2673\":1,\"2892\":1,\"3111\":1,\"3332\":1}}],[\"show\",{\"1\":{\"373\":1,\"415\":2,\"429\":1,\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"577\":1,\"582\":1,\"607\":1,\"612\":1,\"639\":2,\"653\":1,\"658\":1,\"685\":2,\"699\":1,\"704\":1,\"731\":2,\"745\":1,\"750\":1,\"777\":2,\"791\":1,\"796\":1,\"823\":2,\"837\":1,\"842\":1,\"869\":2,\"883\":1,\"888\":1}}],[\"showing\",{\"1\":{\"338\":3,\"352\":2,\"367\":1,\"393\":2}}],[\"shows\",{\"1\":{\"88\":1,\"104\":1,\"162\":1,\"320\":1,\"323\":1,\"329\":1,\"354\":1,\"356\":1,\"381\":1,\"398\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"shortest\",{\"1\":{\"208\":1,\"263\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"428\":1,\"442\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"576\":1,\"590\":1,\"606\":1,\"620\":1,\"652\":1,\"666\":1,\"698\":1,\"712\":1,\"744\":1,\"758\":1,\"790\":1,\"804\":1,\"836\":1,\"850\":1,\"882\":1,\"896\":1,\"1082\":1,\"1169\":1,\"1247\":1,\"1320\":1,\"1385\":1,\"1561\":1,\"1738\":1,\"1915\":1,\"2092\":1,\"2269\":1,\"2487\":1,\"2706\":1,\"2925\":1,\"3144\":1,\"3365\":1}}],[\"should\",{\"1\":{\"12\":1,\"33\":1,\"106\":1,\"157\":2,\"184\":1,\"185\":1,\"186\":1,\"233\":1,\"237\":1,\"285\":1,\"290\":1,\"296\":1,\"301\":1,\"303\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"332\":1,\"338\":5,\"347\":1,\"349\":1,\"352\":1,\"356\":1,\"359\":1,\"360\":1,\"367\":4,\"371\":1,\"374\":1,\"385\":1,\"386\":1,\"393\":5,\"415\":1,\"439\":1,\"443\":1,\"444\":1,\"446\":1,\"462\":2,\"478\":1,\"482\":1,\"483\":1,\"501\":1,\"505\":1,\"506\":1,\"511\":2,\"527\":1,\"531\":1,\"532\":1,\"537\":2,\"557\":1,\"561\":1,\"562\":1,\"567\":2,\"587\":1,\"591\":1,\"592\":1,\"597\":2,\"617\":1,\"621\":1,\"622\":1,\"627\":2,\"639\":1,\"663\":1,\"667\":1,\"668\":1,\"673\":2,\"685\":1,\"709\":1,\"713\":1,\"714\":1,\"719\":2,\"731\":1,\"755\":1,\"759\":1,\"760\":1,\"765\":2,\"777\":1,\"801\":1,\"805\":1,\"806\":1,\"811\":2,\"823\":1,\"847\":1,\"851\":1,\"852\":1,\"857\":2,\"869\":1,\"893\":1,\"897\":1,\"898\":1,\"900\":1,\"916\":2,\"920\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"985\":1,\"989\":1,\"1049\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1192\":1,\"1196\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1343\":1,\"1347\":1,\"1355\":1,\"1388\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1518\":1,\"1522\":1,\"1531\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1695\":1,\"1699\":1,\"1708\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1872\":1,\"1876\":1,\"1885\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2049\":1,\"2053\":1,\"2062\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2226\":1,\"2230\":1,\"2239\":1,\"2327\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2416\":1,\"2420\":1,\"2454\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2546\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2635\":1,\"2639\":1,\"2673\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2765\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2854\":1,\"2858\":1,\"2892\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2984\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3073\":1,\"3077\":1,\"3111\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3203\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3268\":1,\"3272\":1,\"3332\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"shti240841\",{\"1\":{\"26\":1}}],[\"shti230921\",{\"1\":{\"26\":1}}],[\"shti230113\",{\"1\":{\"26\":1}}],[\"shti230066\",{\"1\":{\"1\":1,\"26\":1}}],[\"shti220802\",{\"1\":{\"26\":1}}],[\"shti220554\",{\"1\":{\"26\":1}}],[\"shti210548\",{\"1\":{\"26\":1}}],[\"shti210062\",{\"1\":{\"26\":1}}],[\"shti210061\",{\"1\":{\"26\":1}}],[\"shti210060\",{\"1\":{\"26\":1}}],[\"session\",{\"1\":{\"444\":2,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":2,\"806\":2,\"852\":2,\"898\":2}}],[\"sensitive\",{\"1\":{\"416\":2,\"640\":2,\"686\":2,\"732\":2,\"778\":2,\"824\":2,\"870\":2}}],[\"sent\",{\"1\":{\"390\":1,\"393\":1}}],[\"sending\",{\"1\":{\"345\":1,\"347\":1,\"354\":1,\"356\":1,\"383\":1,\"393\":1}}],[\"sendtestmailonstartup\",{\"0\":{\"223\":1,\"974\":1,\"1184\":1,\"1335\":1,\"1507\":1,\"1684\":1,\"1861\":1,\"2038\":1,\"2215\":1,\"2405\":1,\"2624\":1,\"2843\":1,\"3062\":1,\"3257\":1},\"1\":{\"223\":1,\"974\":1,\"1184\":1,\"1335\":1,\"1507\":1,\"1684\":1,\"1861\":1,\"2038\":1,\"2215\":1,\"2405\":1,\"2624\":1,\"2843\":1,\"3062\":1,\"3257\":1}}],[\"sendmailonerrorlogevent\",{\"0\":{\"222\":1,\"973\":1,\"1183\":1,\"1334\":1,\"1506\":1,\"1683\":1,\"1860\":1,\"2037\":1,\"2214\":1,\"2404\":1,\"2623\":1,\"2842\":1,\"3061\":1,\"3256\":1},\"1\":{\"222\":1,\"973\":1,\"1183\":1,\"1334\":1,\"1506\":1,\"1683\":1,\"1860\":1,\"2037\":1,\"2214\":1,\"2404\":1,\"2623\":1,\"2842\":1,\"3061\":1,\"3256\":1}}],[\"sender\",{\"1\":{\"215\":2,\"966\":2,\"1176\":2,\"1327\":2,\"1499\":2,\"1676\":2,\"1853\":2,\"2030\":2,\"2207\":2,\"2397\":2,\"2616\":2,\"2835\":2,\"3054\":2,\"3249\":2}}],[\"sends\",{\"1\":{\"97\":1,\"138\":1}}],[\"send\",{\"1\":{\"37\":1,\"40\":1,\"97\":2,\"106\":1,\"107\":2,\"130\":1,\"217\":1,\"218\":1,\"222\":1,\"223\":1,\"224\":1,\"276\":1,\"286\":1,\"297\":1,\"356\":2,\"367\":1,\"381\":1,\"383\":1,\"390\":2,\"393\":4,\"968\":1,\"969\":1,\"973\":1,\"974\":1,\"975\":1,\"1039\":1,\"1133\":1,\"1178\":1,\"1179\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1263\":1,\"1329\":1,\"1330\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1434\":1,\"1501\":1,\"1502\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1611\":1,\"1678\":1,\"1679\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1788\":1,\"1855\":1,\"1856\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1965\":1,\"2032\":1,\"2033\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2142\":1,\"2209\":1,\"2210\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2319\":1,\"2399\":1,\"2400\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2446\":1,\"2538\":1,\"2618\":1,\"2619\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2665\":1,\"2757\":1,\"2837\":1,\"2838\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2884\":1,\"2976\":1,\"3056\":1,\"3057\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3103\":1,\"3195\":1,\"3251\":1,\"3252\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3322\":1,\"3416\":1}}],[\"sequence\",{\"1\":{\"371\":3,\"374\":2}}],[\"self\",{\"1\":{\"277\":1,\"1040\":1,\"1134\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1,\"3323\":1,\"3417\":1}}],[\"selector\",{\"1\":{\"159\":1}}],[\"selected\",{\"1\":{\"106\":2}}],[\"select\",{\"1\":{\"106\":1,\"407\":2,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"631\":2,\"677\":2,\"723\":2,\"769\":2,\"815\":2,\"861\":2}}],[\"separate\",{\"1\":{\"318\":1,\"331\":2}}],[\"separated\",{\"1\":{\"221\":1,\"226\":1,\"227\":1,\"233\":1,\"237\":1,\"261\":1,\"265\":1,\"266\":1,\"289\":2,\"300\":2,\"972\":1,\"977\":1,\"978\":1,\"985\":1,\"989\":1,\"995\":1,\"1043\":1,\"1044\":1,\"1088\":1,\"1137\":1,\"1138\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1192\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1343\":1,\"1347\":1,\"1348\":1,\"1390\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1518\":1,\"1522\":1,\"1524\":1,\"1566\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1695\":1,\"1699\":1,\"1701\":1,\"1743\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"1872\":1,\"1876\":1,\"1878\":1,\"1920\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2049\":1,\"2053\":1,\"2055\":1,\"2097\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2226\":1,\"2230\":1,\"2232\":1,\"2274\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2416\":1,\"2420\":1,\"2426\":1,\"2493\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2635\":1,\"2639\":1,\"2645\":1,\"2712\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"2854\":1,\"2858\":1,\"2864\":1,\"2931\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3073\":1,\"3077\":1,\"3083\":1,\"3150\":1,\"3255\":1,\"3260\":1,\"3261\":1,\"3268\":1,\"3272\":1,\"3278\":1,\"3326\":1,\"3327\":1,\"3371\":1,\"3420\":1,\"3421\":1}}],[\"separates\",{\"1\":{\"98\":1}}],[\"semicolon\",{\"1\":{\"159\":5}}],[\"semantic\",{\"1\":{\"94\":1}}],[\"semantically\",{\"1\":{\"0\":1,\"98\":1}}],[\"seasoned\",{\"1\":{\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"searching\",{\"1\":{\"264\":1,\"1084\":1,\"1248\":1,\"1387\":1,\"1563\":1,\"1740\":1,\"1917\":1,\"2094\":1,\"2271\":1,\"2489\":1,\"2708\":1,\"2927\":1,\"3146\":1,\"3367\":1}}],[\"searches\",{\"1\":{\"152\":1,\"153\":1,\"332\":1,\"346\":1}}],[\"search\",{\"0\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1},\"1\":{\"147\":8,\"150\":1,\"151\":1,\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1049\":1,\"1055\":1,\"1057\":3,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1355\":1,\"1361\":1,\"1363\":3,\"1491\":1,\"1495\":1,\"1531\":1,\"1537\":1,\"1539\":3,\"1668\":1,\"1672\":1,\"1708\":1,\"1714\":1,\"1716\":3,\"1845\":1,\"1849\":1,\"1885\":1,\"1891\":1,\"1893\":3,\"2022\":1,\"2026\":1,\"2062\":1,\"2068\":1,\"2070\":3,\"2199\":1,\"2203\":1,\"2239\":1,\"2245\":1,\"2247\":3,\"2389\":1,\"2393\":1,\"2454\":1,\"2460\":1,\"2462\":3,\"2608\":1,\"2612\":1,\"2673\":1,\"2679\":1,\"2681\":3,\"2827\":1,\"2831\":1,\"2892\":1,\"2898\":1,\"2900\":3,\"3046\":1,\"3050\":1,\"3111\":1,\"3117\":1,\"3119\":3,\"3241\":1,\"3245\":1,\"3332\":1,\"3338\":1,\"3340\":3}}],[\"seamless\",{\"1\":{\"94\":1,\"95\":1}}],[\"seamlessly\",{\"1\":{\"94\":1}}],[\"several\",{\"1\":{\"98\":1,\"102\":1,\"318\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"sectigo\",{\"1\":{\"457\":2,\"911\":2,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"section\",{\"1\":{\"89\":1,\"96\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"secrets\",{\"0\":{\"446\":1,\"448\":1,\"900\":1,\"902\":1},\"1\":{\"175\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":1,\"224\":1,\"225\":1,\"228\":1,\"241\":1,\"242\":1,\"243\":1,\"249\":1,\"251\":1,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":9,\"290\":8,\"300\":9,\"301\":8,\"327\":76,\"442\":10,\"443\":7,\"447\":3,\"448\":3,\"449\":6,\"460\":1,\"461\":16,\"462\":10,\"481\":11,\"482\":7,\"504\":11,\"505\":7,\"530\":11,\"531\":7,\"560\":11,\"561\":7,\"590\":11,\"591\":7,\"620\":11,\"621\":7,\"666\":11,\"667\":7,\"712\":11,\"713\":7,\"758\":11,\"759\":7,\"804\":11,\"805\":7,\"850\":11,\"851\":7,\"896\":10,\"897\":7,\"901\":3,\"902\":3,\"903\":6,\"914\":1,\"915\":16,\"916\":10,\"932\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"975\":1,\"976\":1,\"979\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1027\":4,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1121\":4,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1423\":4,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1599\":4,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1776\":4,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1953\":4,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2130\":4,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2307\":4,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2434\":4,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2526\":4,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2653\":4,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2745\":4,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2872\":4,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2964\":4,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3091\":4,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3183\":4,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3310\":4,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3404\":4,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"secret\",{\"0\":{\"1007\":1,\"1100\":1,\"1210\":1,\"1278\":1,\"1402\":1,\"1450\":1,\"1578\":1,\"1627\":1,\"1755\":1,\"1804\":1,\"1932\":1,\"1981\":1,\"2109\":1,\"2158\":1,\"2286\":1,\"2345\":1,\"2505\":1,\"2564\":1,\"2724\":1,\"2783\":1,\"2943\":1,\"3002\":1,\"3162\":1,\"3290\":1,\"3383\":1},\"1\":{\"175\":1,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":1,\"219\":1,\"224\":1,\"225\":1,\"228\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"249\":1,\"251\":1,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"446\":3,\"447\":3,\"449\":4,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"900\":3,\"901\":3,\"903\":4,\"932\":1,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"970\":1,\"975\":1,\"976\":1,\"979\":1,\"996\":1,\"1002\":1,\"1007\":2,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1025\":1,\"1027\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1089\":1,\"1095\":1,\"1100\":2,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1118\":1,\"1121\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1180\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1198\":1,\"1205\":1,\"1210\":2,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1252\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1273\":1,\"1278\":2,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1331\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1349\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1391\":1,\"1397\":1,\"1402\":2,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1420\":1,\"1423\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1445\":1,\"1450\":2,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1503\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1525\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1567\":1,\"1573\":1,\"1578\":2,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1596\":1,\"1599\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1622\":1,\"1627\":2,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1680\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1702\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1744\":1,\"1750\":1,\"1755\":2,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1773\":1,\"1776\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1799\":1,\"1804\":2,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1857\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1879\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1921\":1,\"1927\":1,\"1932\":2,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1950\":1,\"1953\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1976\":1,\"1981\":2,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2034\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2056\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2098\":1,\"2104\":1,\"2109\":2,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2127\":1,\"2130\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2153\":1,\"2158\":2,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2211\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2233\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2275\":1,\"2281\":1,\"2286\":2,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2304\":1,\"2307\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2340\":1,\"2345\":2,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2401\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2427\":1,\"2432\":1,\"2434\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2494\":1,\"2500\":1,\"2505\":2,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2523\":1,\"2526\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2559\":1,\"2564\":2,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2620\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2646\":1,\"2651\":1,\"2653\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2713\":1,\"2719\":1,\"2724\":2,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2742\":1,\"2745\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2778\":1,\"2783\":2,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2839\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2865\":1,\"2870\":1,\"2872\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2932\":1,\"2938\":1,\"2943\":2,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2961\":1,\"2964\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2997\":1,\"3002\":2,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3058\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3084\":1,\"3089\":1,\"3091\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3151\":1,\"3157\":1,\"3162\":2,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3180\":1,\"3183\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3253\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3279\":1,\"3285\":1,\"3290\":2,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3308\":1,\"3310\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3372\":1,\"3378\":1,\"3383\":2,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3401\":1,\"3404\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"seconds\",{\"1\":{\"271\":2,\"272\":2,\"273\":2,\"274\":2,\"1033\":2,\"1034\":2,\"1035\":2,\"1036\":2,\"1127\":2,\"1128\":2,\"1129\":2,\"1130\":2,\"1258\":2,\"1259\":2,\"1260\":2,\"1261\":2,\"1429\":2,\"1430\":2,\"1431\":2,\"1432\":2,\"1605\":2,\"1606\":2,\"1607\":2,\"1608\":2,\"1782\":2,\"1783\":2,\"1784\":2,\"1785\":2,\"1959\":2,\"1960\":2,\"1961\":2,\"1962\":2,\"2136\":2,\"2137\":2,\"2138\":2,\"2139\":2,\"2313\":2,\"2314\":2,\"2315\":2,\"2316\":2,\"2440\":2,\"2441\":2,\"2442\":2,\"2443\":2,\"2532\":2,\"2533\":2,\"2534\":2,\"2535\":2,\"2659\":2,\"2660\":2,\"2661\":2,\"2662\":2,\"2751\":2,\"2752\":2,\"2753\":2,\"2754\":2,\"2878\":2,\"2879\":2,\"2880\":2,\"2881\":2,\"2970\":2,\"2971\":2,\"2972\":2,\"2973\":2,\"3097\":2,\"3098\":2,\"3099\":2,\"3100\":2,\"3189\":2,\"3190\":2,\"3191\":2,\"3192\":2,\"3316\":2,\"3317\":2,\"3318\":2,\"3319\":2,\"3410\":2,\"3411\":2,\"3412\":2,\"3413\":2}}],[\"second\",{\"1\":{\"94\":1,\"265\":1,\"266\":1,\"338\":1,\"342\":1,\"352\":1,\"356\":1,\"374\":1,\"377\":1,\"383\":1,\"393\":1,\"928\":2,\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2335\":2,\"2462\":2,\"2554\":2,\"2681\":2,\"2773\":2,\"2900\":2,\"2992\":2,\"3119\":2,\"3211\":2,\"3340\":2}}],[\"secondly\",{\"1\":{\"85\":1}}],[\"security\",{\"0\":{\"10\":1,\"33\":1,\"34\":1,\"35\":1,\"108\":1,\"109\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1},\"1\":{\"5\":2,\"6\":1,\"10\":1,\"24\":1,\"33\":5,\"35\":2,\"36\":1,\"37\":4,\"38\":2,\"40\":2,\"91\":2,\"109\":3}}],[\"securely\",{\"1\":{\"8\":1,\"94\":1}}],[\"secured\",{\"1\":{\"0\":1,\"32\":1,\"88\":1}}],[\"secure\",{\"1\":{\"0\":3,\"5\":1,\"6\":1,\"12\":1,\"26\":2,\"29\":1,\"33\":2,\"38\":1,\"81\":1,\"90\":1,\"94\":1,\"98\":3,\"109\":1,\"150\":1,\"457\":2,\"911\":2,\"1044\":2,\"1138\":2,\"3327\":2,\"3421\":2}}],[\"seidel\",{\"1\":{\"83\":1}}],[\"sein\",{\"1\":{\"15\":1,\"16\":1}}],[\"seen\",{\"1\":{\"90\":1,\"130\":1}}],[\"see\",{\"1\":{\"43\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"74\":1,\"97\":1,\"110\":1,\"137\":2,\"165\":1,\"280\":1,\"283\":1,\"284\":1,\"285\":1,\"289\":2,\"290\":4,\"291\":1,\"294\":1,\"295\":1,\"296\":1,\"300\":2,\"301\":4,\"302\":1,\"304\":5,\"305\":2,\"307\":3,\"308\":1,\"310\":3,\"313\":1,\"316\":1,\"319\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"373\":1,\"417\":1,\"437\":1,\"442\":3,\"443\":1,\"444\":1,\"460\":1,\"476\":1,\"481\":2,\"482\":1,\"483\":1,\"499\":1,\"504\":3,\"505\":1,\"506\":1,\"525\":1,\"530\":3,\"531\":1,\"532\":1,\"536\":1,\"555\":1,\"560\":3,\"561\":1,\"562\":1,\"585\":1,\"590\":3,\"591\":1,\"592\":1,\"615\":1,\"620\":3,\"621\":1,\"622\":1,\"641\":1,\"661\":1,\"666\":3,\"667\":1,\"668\":1,\"687\":1,\"707\":1,\"712\":3,\"713\":1,\"714\":1,\"733\":1,\"753\":1,\"758\":3,\"759\":1,\"760\":1,\"779\":1,\"799\":1,\"804\":3,\"805\":1,\"806\":1,\"825\":1,\"845\":1,\"850\":3,\"851\":1,\"852\":1,\"871\":1,\"891\":1,\"896\":3,\"897\":1,\"898\":1,\"914\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"seriously\",{\"1\":{\"33\":1,\"35\":1}}],[\"servicetask\",{\"1\":{\"332\":2,\"372\":1}}],[\"serviceloader\",{\"1\":{\"332\":1}}],[\"service\",{\"0\":{\"154\":1},\"1\":{\"82\":1,\"99\":2,\"136\":1,\"143\":1,\"148\":2,\"152\":1,\"153\":1,\"154\":7,\"169\":2,\"215\":1,\"221\":1,\"226\":1,\"227\":1,\"238\":2,\"329\":2,\"332\":1,\"335\":2,\"349\":1,\"364\":1,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2,\"966\":1,\"972\":1,\"977\":1,\"978\":1,\"1176\":1,\"1182\":1,\"1187\":1,\"1188\":1,\"1327\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1499\":1,\"1505\":1,\"1510\":1,\"1511\":1,\"1676\":1,\"1682\":1,\"1687\":1,\"1688\":1,\"1853\":1,\"1859\":1,\"1864\":1,\"1865\":1,\"2030\":1,\"2036\":1,\"2041\":1,\"2042\":1,\"2207\":1,\"2213\":1,\"2218\":1,\"2219\":1,\"2397\":1,\"2403\":1,\"2408\":1,\"2409\":1,\"2616\":1,\"2622\":1,\"2627\":1,\"2628\":1,\"2835\":1,\"2841\":1,\"2846\":1,\"2847\":1,\"3054\":1,\"3060\":1,\"3065\":1,\"3066\":1,\"3249\":1,\"3255\":1,\"3260\":1,\"3261\":1}}],[\"services\",{\"1\":{\"33\":1,\"35\":1,\"40\":1,\"152\":1,\"153\":1,\"289\":2,\"290\":2,\"300\":2,\"301\":1,\"303\":2,\"304\":8,\"306\":2,\"307\":5,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"327\":1,\"332\":1,\"439\":1,\"442\":2,\"443\":1,\"449\":1,\"461\":1,\"462\":1,\"478\":1,\"481\":2,\"482\":1,\"501\":1,\"504\":2,\"505\":1,\"510\":1,\"511\":1,\"527\":1,\"530\":2,\"531\":1,\"536\":1,\"537\":1,\"557\":1,\"560\":2,\"561\":1,\"566\":1,\"567\":1,\"587\":1,\"590\":2,\"591\":1,\"596\":1,\"597\":1,\"617\":1,\"620\":2,\"621\":1,\"626\":1,\"627\":1,\"663\":1,\"666\":2,\"667\":1,\"672\":1,\"673\":1,\"709\":1,\"712\":2,\"713\":1,\"718\":1,\"719\":1,\"755\":1,\"758\":2,\"759\":1,\"764\":1,\"765\":1,\"801\":1,\"804\":2,\"805\":1,\"810\":1,\"811\":1,\"847\":1,\"850\":2,\"851\":1,\"856\":1,\"857\":1,\"893\":1,\"896\":2,\"897\":1,\"903\":1,\"915\":1,\"916\":1,\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"server=y\",{\"1\":{\"327\":6}}],[\"server>\",{\"1\":{\"162\":1,\"398\":1}}],[\"server\",{\"0\":{\"89\":1,\"113\":1,\"168\":1,\"173\":1,\"207\":1,\"208\":1,\"234\":1,\"235\":1,\"240\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"269\":1,\"270\":1,\"284\":1,\"289\":1,\"290\":1,\"295\":1,\"300\":1,\"301\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"438\":1,\"442\":1,\"443\":1,\"453\":1,\"455\":1,\"461\":1,\"462\":1,\"477\":1,\"481\":1,\"482\":1,\"500\":1,\"504\":1,\"505\":1,\"510\":1,\"511\":1,\"526\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"556\":1,\"560\":1,\"561\":1,\"566\":1,\"567\":1,\"586\":1,\"590\":1,\"591\":1,\"596\":1,\"597\":1,\"616\":1,\"620\":1,\"621\":1,\"626\":1,\"627\":1,\"662\":1,\"666\":1,\"667\":1,\"672\":1,\"673\":1,\"708\":1,\"712\":1,\"713\":1,\"718\":1,\"719\":1,\"754\":1,\"758\":1,\"759\":1,\"764\":1,\"765\":1,\"800\":1,\"804\":1,\"805\":1,\"810\":1,\"811\":1,\"846\":1,\"850\":1,\"851\":1,\"856\":1,\"857\":1,\"892\":1,\"896\":1,\"897\":1,\"907\":1,\"909\":1,\"915\":1,\"916\":1,\"917\":1,\"957\":1,\"959\":1,\"979\":1,\"986\":1,\"987\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":2,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":2,\"1020\":1,\"1021\":1,\"1022\":1,\"1031\":1,\"1032\":1,\"1037\":1,\"1046\":1,\"1064\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":2,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":2,\"1113\":1,\"1114\":1,\"1115\":1,\"1125\":1,\"1126\":1,\"1131\":1,\"1142\":1,\"1166\":1,\"1168\":1,\"1169\":1,\"1189\":1,\"1193\":1,\"1194\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":2,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":2,\"1223\":1,\"1224\":1,\"1225\":1,\"1226\":1,\"1232\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1256\":1,\"1257\":1,\"1267\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":2,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":2,\"1291\":1,\"1292\":1,\"1293\":1,\"1317\":1,\"1319\":1,\"1320\":1,\"1340\":1,\"1344\":1,\"1345\":1,\"1352\":1,\"1370\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":2,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":2,\"1415\":1,\"1416\":1,\"1417\":1,\"1427\":1,\"1428\":1,\"1439\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":2,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":2,\"1463\":1,\"1464\":1,\"1465\":1,\"1490\":1,\"1492\":1,\"1512\":1,\"1519\":1,\"1520\":1,\"1528\":1,\"1546\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":2,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":2,\"1591\":1,\"1592\":1,\"1593\":1,\"1603\":1,\"1604\":1,\"1609\":1,\"1616\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":2,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":2,\"1640\":1,\"1641\":1,\"1642\":1,\"1667\":1,\"1669\":1,\"1689\":1,\"1696\":1,\"1697\":1,\"1705\":1,\"1723\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":2,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":2,\"1768\":1,\"1769\":1,\"1770\":1,\"1780\":1,\"1781\":1,\"1786\":1,\"1793\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":2,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":2,\"1817\":1,\"1818\":1,\"1819\":1,\"1844\":1,\"1846\":1,\"1866\":1,\"1873\":1,\"1874\":1,\"1882\":1,\"1900\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":2,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":2,\"1945\":1,\"1946\":1,\"1947\":1,\"1957\":1,\"1958\":1,\"1963\":1,\"1970\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":2,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":2,\"1994\":1,\"1995\":1,\"1996\":1,\"2021\":1,\"2023\":1,\"2043\":1,\"2050\":1,\"2051\":1,\"2059\":1,\"2077\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":2,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":2,\"2122\":1,\"2123\":1,\"2124\":1,\"2134\":1,\"2135\":1,\"2140\":1,\"2147\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":2,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":2,\"2171\":1,\"2172\":1,\"2173\":1,\"2198\":1,\"2200\":1,\"2220\":1,\"2227\":1,\"2228\":1,\"2236\":1,\"2254\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":2,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":2,\"2299\":1,\"2300\":1,\"2301\":1,\"2311\":1,\"2312\":1,\"2317\":1,\"2324\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":2,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":2,\"2358\":1,\"2359\":1,\"2360\":1,\"2388\":1,\"2390\":1,\"2410\":1,\"2417\":1,\"2418\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2438\":1,\"2439\":1,\"2444\":1,\"2451\":1,\"2469\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":2,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":2,\"2518\":1,\"2519\":1,\"2520\":1,\"2530\":1,\"2531\":1,\"2536\":1,\"2543\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":2,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":2,\"2577\":1,\"2578\":1,\"2579\":1,\"2607\":1,\"2609\":1,\"2629\":1,\"2636\":1,\"2637\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2657\":1,\"2658\":1,\"2663\":1,\"2670\":1,\"2688\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":2,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":2,\"2737\":1,\"2738\":1,\"2739\":1,\"2749\":1,\"2750\":1,\"2755\":1,\"2762\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":2,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":2,\"2796\":1,\"2797\":1,\"2798\":1,\"2826\":1,\"2828\":1,\"2848\":1,\"2855\":1,\"2856\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2876\":1,\"2877\":1,\"2882\":1,\"2889\":1,\"2907\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":2,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":2,\"2956\":1,\"2957\":1,\"2958\":1,\"2968\":1,\"2969\":1,\"2974\":1,\"2981\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":2,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":2,\"3015\":1,\"3016\":1,\"3017\":1,\"3045\":1,\"3047\":1,\"3067\":1,\"3074\":1,\"3075\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3095\":1,\"3096\":1,\"3101\":1,\"3108\":1,\"3126\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":2,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":2,\"3175\":1,\"3176\":1,\"3177\":1,\"3187\":1,\"3188\":1,\"3193\":1,\"3200\":1,\"3240\":1,\"3242\":1,\"3262\":1,\"3269\":1,\"3270\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":2,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":2,\"3303\":1,\"3304\":1,\"3305\":1,\"3314\":1,\"3315\":1,\"3320\":1,\"3329\":1,\"3347\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":2,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":2,\"3396\":1,\"3397\":1,\"3398\":1,\"3408\":1,\"3409\":1,\"3414\":1},\"1\":{\"17\":2,\"32\":1,\"85\":1,\"89\":3,\"90\":3,\"96\":1,\"99\":18,\"109\":1,\"110\":3,\"112\":6,\"113\":6,\"134\":2,\"135\":2,\"144\":1,\"145\":4,\"147\":9,\"149\":2,\"150\":6,\"151\":2,\"165\":2,\"167\":5,\"168\":6,\"169\":18,\"170\":5,\"174\":2,\"175\":1,\"176\":1,\"177\":1,\"178\":1,\"179\":1,\"180\":2,\"181\":1,\"182\":1,\"183\":2,\"190\":2,\"191\":2,\"192\":2,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":2,\"198\":2,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"205\":1,\"206\":1,\"207\":2,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":2,\"213\":2,\"214\":1,\"216\":2,\"219\":2,\"220\":1,\"222\":1,\"223\":1,\"228\":3,\"229\":2,\"231\":1,\"233\":1,\"234\":2,\"235\":2,\"236\":1,\"237\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":2,\"248\":1,\"249\":1,\"251\":1,\"252\":1,\"253\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":2,\"259\":2,\"260\":2,\"261\":1,\"262\":2,\"263\":1,\"264\":2,\"265\":2,\"266\":2,\"270\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"277\":2,\"278\":1,\"279\":1,\"284\":2,\"285\":5,\"288\":2,\"289\":15,\"290\":15,\"295\":2,\"296\":5,\"299\":2,\"300\":17,\"301\":15,\"303\":1,\"304\":15,\"307\":12,\"310\":9,\"313\":7,\"316\":7,\"327\":30,\"331\":3,\"332\":3,\"338\":17,\"341\":4,\"342\":2,\"348\":2,\"352\":7,\"356\":3,\"362\":4,\"367\":20,\"377\":9,\"381\":1,\"388\":4,\"393\":25,\"398\":1,\"425\":2,\"438\":4,\"439\":5,\"441\":3,\"442\":10,\"443\":11,\"447\":2,\"449\":1,\"450\":2,\"453\":7,\"455\":10,\"456\":1,\"457\":3,\"459\":2,\"460\":1,\"461\":2,\"462\":9,\"477\":4,\"478\":5,\"480\":2,\"481\":14,\"482\":13,\"483\":2,\"485\":1,\"491\":2,\"500\":4,\"501\":5,\"503\":2,\"504\":13,\"505\":12,\"506\":2,\"508\":1,\"511\":7,\"517\":2,\"526\":4,\"527\":5,\"529\":2,\"530\":13,\"531\":12,\"532\":2,\"534\":1,\"536\":1,\"537\":7,\"543\":2,\"556\":4,\"557\":5,\"559\":2,\"560\":13,\"561\":12,\"562\":2,\"564\":2,\"567\":7,\"573\":2,\"586\":4,\"587\":5,\"589\":2,\"590\":13,\"591\":11,\"592\":2,\"594\":2,\"597\":7,\"603\":2,\"616\":4,\"617\":5,\"619\":2,\"620\":13,\"621\":11,\"622\":2,\"624\":2,\"627\":7,\"649\":2,\"662\":4,\"663\":5,\"665\":2,\"666\":13,\"667\":11,\"668\":2,\"670\":2,\"673\":7,\"695\":2,\"708\":4,\"709\":5,\"711\":2,\"712\":13,\"713\":11,\"714\":2,\"716\":2,\"719\":7,\"741\":2,\"754\":4,\"755\":5,\"757\":2,\"758\":13,\"759\":11,\"762\":2,\"765\":7,\"787\":2,\"800\":4,\"801\":5,\"803\":2,\"804\":13,\"805\":11,\"808\":2,\"811\":7,\"833\":2,\"846\":4,\"847\":5,\"849\":2,\"850\":13,\"851\":11,\"854\":2,\"857\":7,\"879\":2,\"892\":4,\"893\":5,\"895\":3,\"896\":10,\"897\":11,\"901\":2,\"903\":1,\"904\":2,\"907\":7,\"909\":10,\"910\":1,\"911\":3,\"913\":2,\"914\":1,\"915\":2,\"916\":9,\"920\":5,\"927\":1,\"928\":3,\"932\":1,\"933\":1,\"934\":1,\"935\":1,\"936\":1,\"937\":2,\"938\":1,\"939\":1,\"940\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"957\":3,\"958\":1,\"959\":2,\"960\":1,\"961\":1,\"962\":1,\"963\":2,\"964\":2,\"965\":1,\"967\":2,\"970\":2,\"971\":1,\"973\":1,\"974\":1,\"979\":5,\"980\":2,\"985\":1,\"986\":2,\"987\":2,\"988\":1,\"989\":1,\"991\":2,\"992\":2,\"993\":1,\"994\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":4,\"1003\":4,\"1004\":1,\"1005\":2,\"1006\":2,\"1007\":2,\"1008\":1,\"1009\":3,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":4,\"1014\":1,\"1015\":1,\"1016\":3,\"1017\":3,\"1018\":3,\"1019\":3,\"1020\":1,\"1021\":1,\"1022\":1,\"1024\":2,\"1025\":8,\"1026\":4,\"1027\":8,\"1031\":1,\"1032\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1040\":2,\"1041\":2,\"1042\":1,\"1043\":1,\"1044\":3,\"1049\":6,\"1057\":3,\"1062\":2,\"1063\":1,\"1064\":3,\"1068\":1,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":2,\"1076\":2,\"1080\":2,\"1081\":2,\"1082\":1,\"1083\":1,\"1084\":2,\"1085\":2,\"1086\":1,\"1087\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":4,\"1096\":4,\"1097\":1,\"1098\":2,\"1099\":2,\"1100\":2,\"1101\":1,\"1102\":3,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":4,\"1107\":1,\"1108\":1,\"1109\":3,\"1110\":3,\"1111\":3,\"1112\":3,\"1113\":1,\"1114\":1,\"1115\":1,\"1117\":2,\"1118\":8,\"1119\":2,\"1120\":4,\"1121\":8,\"1125\":1,\"1126\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1134\":2,\"1135\":2,\"1136\":1,\"1137\":1,\"1138\":3,\"1141\":2,\"1145\":1,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":2,\"1151\":1,\"1152\":1,\"1153\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1166\":3,\"1167\":1,\"1168\":2,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":2,\"1174\":2,\"1175\":1,\"1177\":2,\"1180\":2,\"1181\":1,\"1183\":1,\"1184\":1,\"1189\":4,\"1190\":2,\"1192\":1,\"1193\":2,\"1194\":2,\"1195\":1,\"1196\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":4,\"1206\":4,\"1207\":1,\"1208\":2,\"1209\":2,\"1210\":2,\"1211\":1,\"1212\":3,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":3,\"1217\":1,\"1218\":1,\"1219\":3,\"1220\":3,\"1221\":3,\"1222\":3,\"1223\":1,\"1224\":1,\"1225\":1,\"1230\":2,\"1231\":1,\"1232\":3,\"1236\":1,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":2,\"1244\":2,\"1245\":2,\"1246\":2,\"1247\":1,\"1248\":2,\"1249\":1,\"1250\":1,\"1257\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1264\":2,\"1265\":1,\"1266\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":4,\"1274\":4,\"1275\":1,\"1276\":2,\"1277\":2,\"1278\":2,\"1279\":1,\"1280\":3,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":3,\"1285\":1,\"1286\":1,\"1287\":3,\"1288\":3,\"1289\":3,\"1290\":3,\"1291\":1,\"1292\":1,\"1293\":1,\"1296\":1,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":2,\"1302\":1,\"1303\":1,\"1304\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1317\":3,\"1318\":1,\"1319\":2,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":2,\"1325\":2,\"1326\":1,\"1328\":2,\"1331\":2,\"1332\":1,\"1334\":1,\"1335\":1,\"1340\":4,\"1341\":2,\"1343\":1,\"1344\":2,\"1345\":2,\"1346\":1,\"1347\":1,\"1355\":6,\"1363\":3,\"1368\":2,\"1369\":1,\"1370\":3,\"1374\":1,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":2,\"1382\":2,\"1383\":2,\"1384\":2,\"1385\":1,\"1386\":1,\"1387\":2,\"1388\":2,\"1389\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":4,\"1398\":4,\"1399\":1,\"1400\":2,\"1401\":2,\"1402\":2,\"1403\":1,\"1404\":3,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":3,\"1409\":1,\"1410\":1,\"1411\":3,\"1412\":3,\"1413\":3,\"1414\":3,\"1415\":1,\"1416\":1,\"1417\":1,\"1419\":2,\"1420\":8,\"1421\":2,\"1422\":4,\"1423\":8,\"1428\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1435\":2,\"1436\":1,\"1437\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":4,\"1446\":4,\"1447\":1,\"1448\":2,\"1449\":2,\"1450\":2,\"1451\":1,\"1452\":3,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":3,\"1457\":1,\"1458\":1,\"1459\":3,\"1460\":3,\"1461\":3,\"1462\":3,\"1463\":1,\"1464\":1,\"1465\":1,\"1468\":1,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":2,\"1474\":1,\"1475\":1,\"1476\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1490\":3,\"1491\":1,\"1492\":2,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":2,\"1497\":2,\"1498\":1,\"1500\":2,\"1503\":2,\"1504\":1,\"1506\":1,\"1507\":1,\"1512\":4,\"1513\":2,\"1518\":1,\"1519\":2,\"1520\":2,\"1521\":1,\"1522\":1,\"1531\":6,\"1539\":3,\"1544\":2,\"1545\":1,\"1546\":3,\"1550\":1,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":2,\"1558\":2,\"1559\":2,\"1560\":2,\"1561\":1,\"1562\":1,\"1563\":2,\"1564\":2,\"1565\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":4,\"1574\":4,\"1575\":1,\"1576\":2,\"1577\":2,\"1578\":2,\"1579\":1,\"1580\":3,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":3,\"1585\":1,\"1586\":1,\"1587\":3,\"1588\":3,\"1589\":3,\"1590\":3,\"1591\":1,\"1592\":1,\"1593\":1,\"1595\":2,\"1596\":8,\"1597\":2,\"1598\":4,\"1599\":8,\"1604\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1612\":2,\"1613\":1,\"1614\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":4,\"1623\":4,\"1624\":1,\"1625\":2,\"1626\":2,\"1627\":2,\"1628\":1,\"1629\":3,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":3,\"1634\":1,\"1635\":1,\"1636\":3,\"1637\":3,\"1638\":3,\"1639\":3,\"1640\":1,\"1641\":1,\"1642\":1,\"1645\":1,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":2,\"1651\":1,\"1652\":1,\"1653\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1667\":2,\"1668\":1,\"1669\":2,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":2,\"1674\":2,\"1675\":1,\"1677\":2,\"1680\":2,\"1681\":1,\"1683\":1,\"1684\":1,\"1689\":4,\"1690\":2,\"1695\":1,\"1696\":2,\"1697\":2,\"1698\":1,\"1699\":1,\"1708\":6,\"1716\":3,\"1721\":2,\"1722\":1,\"1723\":2,\"1727\":1,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":2,\"1735\":2,\"1736\":2,\"1737\":2,\"1738\":1,\"1739\":1,\"1740\":2,\"1741\":2,\"1742\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":4,\"1751\":4,\"1752\":1,\"1753\":2,\"1754\":2,\"1755\":2,\"1756\":1,\"1757\":3,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":3,\"1762\":1,\"1763\":1,\"1764\":3,\"1765\":3,\"1766\":3,\"1767\":3,\"1768\":1,\"1769\":1,\"1770\":1,\"1772\":2,\"1773\":8,\"1774\":2,\"1775\":4,\"1776\":8,\"1781\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1789\":2,\"1790\":1,\"1791\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":4,\"1800\":4,\"1801\":1,\"1802\":2,\"1803\":2,\"1804\":2,\"1805\":1,\"1806\":3,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":3,\"1811\":1,\"1812\":1,\"1813\":3,\"1814\":3,\"1815\":3,\"1816\":3,\"1817\":1,\"1818\":1,\"1819\":1,\"1822\":1,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":2,\"1828\":1,\"1829\":1,\"1830\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1844\":2,\"1845\":1,\"1846\":2,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":2,\"1851\":2,\"1852\":1,\"1854\":2,\"1857\":2,\"1858\":1,\"1860\":1,\"1861\":1,\"1866\":4,\"1867\":2,\"1872\":1,\"1873\":2,\"1874\":2,\"1875\":1,\"1876\":1,\"1885\":6,\"1893\":3,\"1898\":2,\"1899\":1,\"1900\":2,\"1904\":1,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":2,\"1912\":2,\"1913\":2,\"1914\":2,\"1915\":1,\"1916\":1,\"1917\":2,\"1918\":2,\"1919\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":4,\"1928\":4,\"1929\":1,\"1930\":2,\"1931\":2,\"1932\":2,\"1933\":1,\"1934\":3,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":3,\"1939\":1,\"1940\":1,\"1941\":3,\"1942\":3,\"1943\":3,\"1944\":3,\"1945\":1,\"1946\":1,\"1947\":1,\"1949\":2,\"1950\":8,\"1951\":2,\"1952\":4,\"1953\":8,\"1958\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1966\":2,\"1967\":1,\"1968\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":4,\"1977\":4,\"1978\":1,\"1979\":2,\"1980\":2,\"1981\":2,\"1982\":1,\"1983\":3,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":3,\"1988\":1,\"1989\":1,\"1990\":3,\"1991\":3,\"1992\":3,\"1993\":3,\"1994\":1,\"1995\":1,\"1996\":1,\"1999\":1,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":2,\"2005\":1,\"2006\":1,\"2007\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2021\":2,\"2022\":1,\"2023\":2,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":2,\"2028\":2,\"2029\":1,\"2031\":2,\"2034\":2,\"2035\":1,\"2037\":1,\"2038\":1,\"2043\":4,\"2044\":2,\"2049\":1,\"2050\":2,\"2051\":2,\"2052\":1,\"2053\":1,\"2062\":6,\"2070\":3,\"2075\":2,\"2076\":1,\"2077\":2,\"2081\":1,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":2,\"2089\":2,\"2090\":2,\"2091\":2,\"2092\":1,\"2093\":1,\"2094\":2,\"2095\":2,\"2096\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":4,\"2105\":4,\"2106\":1,\"2107\":2,\"2108\":2,\"2109\":2,\"2110\":1,\"2111\":3,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":3,\"2116\":1,\"2117\":1,\"2118\":3,\"2119\":3,\"2120\":3,\"2121\":3,\"2122\":1,\"2123\":1,\"2124\":1,\"2126\":2,\"2127\":8,\"2128\":2,\"2129\":4,\"2130\":8,\"2135\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2143\":2,\"2144\":1,\"2145\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":4,\"2154\":4,\"2155\":1,\"2156\":2,\"2157\":2,\"2158\":2,\"2159\":1,\"2160\":3,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":3,\"2165\":1,\"2166\":1,\"2167\":3,\"2168\":3,\"2169\":3,\"2170\":3,\"2171\":1,\"2172\":1,\"2173\":1,\"2176\":1,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":2,\"2182\":1,\"2183\":1,\"2184\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2198\":2,\"2199\":1,\"2200\":2,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":2,\"2205\":2,\"2206\":1,\"2208\":2,\"2211\":2,\"2212\":1,\"2214\":1,\"2215\":1,\"2220\":4,\"2221\":2,\"2226\":1,\"2227\":2,\"2228\":2,\"2229\":1,\"2230\":1,\"2239\":6,\"2247\":3,\"2252\":2,\"2253\":1,\"2254\":2,\"2258\":1,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":2,\"2266\":2,\"2267\":2,\"2268\":2,\"2269\":1,\"2270\":1,\"2271\":2,\"2272\":2,\"2273\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":4,\"2282\":4,\"2283\":1,\"2284\":2,\"2285\":2,\"2286\":2,\"2287\":1,\"2288\":3,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":3,\"2293\":1,\"2294\":1,\"2295\":3,\"2296\":3,\"2297\":3,\"2298\":3,\"2299\":1,\"2300\":1,\"2301\":1,\"2303\":2,\"2304\":8,\"2305\":2,\"2306\":4,\"2307\":8,\"2312\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2320\":2,\"2321\":1,\"2322\":1,\"2327\":5,\"2334\":1,\"2335\":3,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":4,\"2341\":4,\"2342\":1,\"2343\":2,\"2344\":2,\"2345\":2,\"2346\":1,\"2347\":3,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":3,\"2352\":1,\"2353\":1,\"2354\":3,\"2355\":3,\"2356\":3,\"2357\":3,\"2358\":1,\"2359\":1,\"2360\":1,\"2363\":1,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":2,\"2369\":1,\"2370\":1,\"2371\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2388\":2,\"2389\":1,\"2390\":2,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":2,\"2395\":2,\"2396\":1,\"2398\":2,\"2401\":2,\"2402\":1,\"2404\":1,\"2405\":1,\"2410\":4,\"2411\":2,\"2416\":1,\"2417\":2,\"2418\":2,\"2419\":1,\"2420\":1,\"2422\":2,\"2423\":2,\"2424\":1,\"2425\":1,\"2431\":2,\"2432\":8,\"2433\":4,\"2434\":8,\"2438\":1,\"2439\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2447\":2,\"2448\":1,\"2449\":1,\"2454\":6,\"2462\":3,\"2467\":2,\"2468\":1,\"2469\":2,\"2473\":1,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":2,\"2481\":2,\"2485\":2,\"2486\":2,\"2487\":1,\"2488\":1,\"2489\":2,\"2490\":2,\"2491\":1,\"2492\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":4,\"2501\":4,\"2502\":1,\"2503\":2,\"2504\":2,\"2505\":2,\"2506\":1,\"2507\":3,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":3,\"2512\":1,\"2513\":1,\"2514\":3,\"2515\":3,\"2516\":3,\"2517\":3,\"2518\":1,\"2519\":1,\"2520\":1,\"2522\":2,\"2523\":8,\"2524\":2,\"2525\":4,\"2526\":8,\"2530\":1,\"2531\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2539\":2,\"2540\":1,\"2541\":1,\"2546\":5,\"2553\":1,\"2554\":3,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":4,\"2560\":4,\"2561\":1,\"2562\":2,\"2563\":2,\"2564\":2,\"2565\":1,\"2566\":3,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":3,\"2571\":1,\"2572\":1,\"2573\":3,\"2574\":3,\"2575\":3,\"2576\":3,\"2577\":1,\"2578\":1,\"2579\":1,\"2582\":1,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":2,\"2588\":1,\"2589\":1,\"2590\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2607\":2,\"2608\":1,\"2609\":2,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":2,\"2614\":2,\"2615\":1,\"2617\":2,\"2620\":2,\"2621\":1,\"2623\":1,\"2624\":1,\"2629\":4,\"2630\":2,\"2635\":1,\"2636\":2,\"2637\":2,\"2638\":1,\"2639\":1,\"2641\":2,\"2642\":2,\"2643\":1,\"2644\":1,\"2650\":2,\"2651\":8,\"2652\":4,\"2653\":8,\"2657\":1,\"2658\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2666\":2,\"2667\":1,\"2668\":1,\"2673\":6,\"2681\":3,\"2686\":2,\"2687\":1,\"2688\":2,\"2692\":1,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":2,\"2700\":2,\"2704\":2,\"2705\":2,\"2706\":1,\"2707\":1,\"2708\":2,\"2709\":2,\"2710\":1,\"2711\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":4,\"2720\":4,\"2721\":1,\"2722\":2,\"2723\":2,\"2724\":2,\"2725\":1,\"2726\":3,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":3,\"2731\":1,\"2732\":1,\"2733\":3,\"2734\":3,\"2735\":3,\"2736\":3,\"2737\":1,\"2738\":1,\"2739\":1,\"2741\":2,\"2742\":8,\"2743\":2,\"2744\":4,\"2745\":8,\"2749\":1,\"2750\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2758\":2,\"2759\":1,\"2760\":1,\"2765\":5,\"2772\":1,\"2773\":3,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":4,\"2779\":4,\"2780\":1,\"2781\":2,\"2782\":2,\"2783\":2,\"2784\":1,\"2785\":3,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":3,\"2790\":1,\"2791\":1,\"2792\":3,\"2793\":3,\"2794\":3,\"2795\":3,\"2796\":1,\"2797\":1,\"2798\":1,\"2801\":1,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":2,\"2807\":1,\"2808\":1,\"2809\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2826\":2,\"2827\":1,\"2828\":2,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":2,\"2833\":2,\"2834\":1,\"2836\":2,\"2839\":2,\"2840\":1,\"2842\":1,\"2843\":1,\"2848\":4,\"2849\":2,\"2854\":1,\"2855\":2,\"2856\":2,\"2857\":1,\"2858\":1,\"2860\":2,\"2861\":2,\"2862\":1,\"2863\":1,\"2869\":2,\"2870\":8,\"2871\":4,\"2872\":8,\"2876\":1,\"2877\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2885\":2,\"2886\":1,\"2887\":1,\"2892\":6,\"2900\":3,\"2905\":2,\"2906\":1,\"2907\":2,\"2911\":1,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":2,\"2919\":2,\"2923\":2,\"2924\":2,\"2925\":1,\"2926\":1,\"2927\":2,\"2928\":2,\"2929\":1,\"2930\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":4,\"2939\":4,\"2940\":1,\"2941\":2,\"2942\":2,\"2943\":2,\"2944\":1,\"2945\":3,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":3,\"2950\":1,\"2951\":1,\"2952\":3,\"2953\":3,\"2954\":3,\"2955\":3,\"2956\":1,\"2957\":1,\"2958\":1,\"2960\":2,\"2961\":8,\"2962\":2,\"2963\":4,\"2964\":8,\"2968\":1,\"2969\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2977\":2,\"2978\":1,\"2979\":1,\"2984\":5,\"2991\":1,\"2992\":3,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":4,\"2998\":4,\"2999\":1,\"3000\":2,\"3001\":2,\"3002\":2,\"3003\":1,\"3004\":3,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":3,\"3009\":1,\"3010\":1,\"3011\":3,\"3012\":3,\"3013\":3,\"3014\":3,\"3015\":1,\"3016\":1,\"3017\":1,\"3020\":1,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":2,\"3026\":1,\"3027\":1,\"3028\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3045\":2,\"3046\":1,\"3047\":2,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":2,\"3052\":2,\"3053\":1,\"3055\":2,\"3058\":2,\"3059\":1,\"3061\":1,\"3062\":1,\"3067\":4,\"3068\":2,\"3073\":1,\"3074\":2,\"3075\":2,\"3076\":1,\"3077\":1,\"3079\":2,\"3080\":2,\"3081\":1,\"3082\":1,\"3088\":2,\"3089\":8,\"3090\":4,\"3091\":8,\"3095\":1,\"3096\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3104\":2,\"3105\":1,\"3106\":1,\"3111\":6,\"3119\":3,\"3124\":2,\"3125\":1,\"3126\":2,\"3130\":1,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":2,\"3138\":2,\"3142\":2,\"3143\":2,\"3144\":1,\"3145\":1,\"3146\":2,\"3147\":2,\"3148\":1,\"3149\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":4,\"3158\":4,\"3159\":1,\"3160\":2,\"3161\":2,\"3162\":2,\"3163\":1,\"3164\":3,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":3,\"3169\":1,\"3170\":1,\"3171\":3,\"3172\":3,\"3173\":3,\"3174\":3,\"3175\":1,\"3176\":1,\"3177\":1,\"3179\":2,\"3180\":8,\"3181\":2,\"3182\":4,\"3183\":8,\"3187\":1,\"3188\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3196\":2,\"3197\":1,\"3198\":1,\"3203\":5,\"3210\":1,\"3211\":3,\"3215\":1,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":2,\"3221\":1,\"3222\":1,\"3223\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3240\":3,\"3241\":1,\"3242\":2,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":2,\"3247\":2,\"3248\":1,\"3250\":2,\"3253\":2,\"3254\":1,\"3256\":1,\"3257\":1,\"3262\":5,\"3263\":2,\"3268\":1,\"3269\":2,\"3270\":2,\"3271\":1,\"3272\":1,\"3274\":2,\"3275\":2,\"3276\":1,\"3277\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":4,\"3286\":4,\"3287\":1,\"3288\":2,\"3289\":2,\"3290\":2,\"3291\":1,\"3292\":3,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":4,\"3297\":1,\"3298\":1,\"3299\":3,\"3300\":3,\"3301\":3,\"3302\":3,\"3303\":1,\"3304\":1,\"3305\":1,\"3307\":2,\"3308\":8,\"3309\":4,\"3310\":8,\"3314\":1,\"3315\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3323\":2,\"3324\":2,\"3325\":1,\"3326\":1,\"3327\":3,\"3332\":6,\"3340\":3,\"3345\":2,\"3346\":1,\"3347\":3,\"3351\":1,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":2,\"3359\":2,\"3363\":2,\"3364\":2,\"3365\":1,\"3366\":1,\"3367\":2,\"3368\":2,\"3369\":1,\"3370\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":4,\"3379\":4,\"3380\":1,\"3381\":2,\"3382\":2,\"3383\":2,\"3384\":1,\"3385\":3,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":4,\"3390\":1,\"3391\":1,\"3392\":3,\"3393\":3,\"3394\":3,\"3395\":3,\"3396\":1,\"3397\":1,\"3398\":1,\"3400\":2,\"3401\":8,\"3402\":2,\"3403\":4,\"3404\":8,\"3408\":1,\"3409\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1,\"3417\":2,\"3418\":2,\"3419\":1,\"3420\":1,\"3421\":3}}],[\"servers>\",{\"1\":{\"162\":1,\"398\":1}}],[\"servers\",{\"1\":{\"16\":1,\"90\":1,\"99\":2,\"109\":1,\"169\":2,\"187\":1,\"190\":1,\"191\":1,\"192\":1,\"196\":1,\"197\":1,\"198\":1,\"204\":1,\"205\":1,\"241\":1,\"249\":1,\"250\":1,\"269\":1,\"284\":2,\"288\":3,\"289\":3,\"290\":1,\"295\":2,\"299\":3,\"300\":4,\"301\":1,\"341\":1,\"383\":1,\"400\":1,\"438\":2,\"441\":3,\"442\":2,\"443\":1,\"453\":1,\"455\":1,\"477\":2,\"480\":3,\"481\":2,\"482\":1,\"500\":2,\"503\":3,\"504\":2,\"505\":1,\"526\":2,\"529\":3,\"530\":2,\"531\":1,\"556\":2,\"559\":3,\"560\":2,\"561\":1,\"586\":2,\"589\":3,\"590\":2,\"591\":1,\"616\":2,\"619\":3,\"620\":2,\"621\":1,\"662\":2,\"665\":3,\"666\":2,\"667\":1,\"708\":2,\"711\":3,\"712\":2,\"713\":1,\"754\":2,\"757\":3,\"758\":2,\"759\":1,\"800\":2,\"803\":3,\"804\":2,\"805\":1,\"846\":2,\"849\":3,\"850\":2,\"851\":1,\"892\":2,\"895\":3,\"896\":2,\"897\":1,\"907\":1,\"909\":1,\"948\":1,\"956\":1,\"957\":1,\"1059\":1,\"1064\":1,\"1065\":1,\"1157\":1,\"1165\":1,\"1166\":1,\"1227\":1,\"1232\":1,\"1233\":1,\"1256\":1,\"1308\":1,\"1316\":1,\"1317\":1,\"1365\":1,\"1370\":1,\"1371\":1,\"1427\":1,\"1481\":1,\"1489\":1,\"1490\":1,\"1541\":1,\"1546\":1,\"1547\":1,\"1603\":1,\"1658\":1,\"1666\":1,\"1667\":1,\"1718\":1,\"1723\":1,\"1724\":1,\"1780\":1,\"1835\":1,\"1843\":1,\"1844\":1,\"1895\":1,\"1900\":1,\"1901\":1,\"1957\":1,\"2012\":1,\"2020\":1,\"2021\":1,\"2072\":1,\"2077\":1,\"2078\":1,\"2134\":1,\"2189\":1,\"2197\":1,\"2198\":1,\"2249\":1,\"2254\":1,\"2255\":1,\"2311\":1,\"2379\":1,\"2387\":1,\"2388\":1,\"2464\":1,\"2469\":1,\"2470\":1,\"2598\":1,\"2606\":1,\"2607\":1,\"2683\":1,\"2688\":1,\"2689\":1,\"2817\":1,\"2825\":1,\"2826\":1,\"2902\":1,\"2907\":1,\"2908\":1,\"3036\":1,\"3044\":1,\"3045\":1,\"3121\":1,\"3126\":1,\"3127\":1,\"3231\":1,\"3239\":1,\"3240\":1,\"3342\":1,\"3347\":1,\"3348\":1}}],[\"setvariable\",{\"1\":{\"373\":1}}],[\"sets\",{\"1\":{\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"setter\",{\"1\":{\"159\":1}}],[\"setting\",{\"0\":{\"410\":1,\"634\":1,\"680\":1,\"726\":1,\"772\":1,\"818\":1,\"864\":1},\"1\":{\"116\":1,\"117\":1,\"137\":2,\"320\":1,\"329\":1,\"1025\":1,\"1118\":1,\"1420\":1,\"1596\":1,\"1773\":1,\"1950\":1,\"2127\":1,\"2304\":1,\"2432\":1,\"2523\":1,\"2651\":1,\"2742\":1,\"2870\":1,\"2961\":1,\"3089\":1,\"3180\":1,\"3308\":1,\"3401\":1}}],[\"settings>\",{\"1\":{\"162\":1,\"398\":1}}],[\"settings\",{\"1\":{\"5\":1,\"11\":1,\"162\":4,\"177\":1,\"253\":1,\"398\":4,\"407\":2,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"631\":2,\"670\":1,\"677\":2,\"716\":1,\"723\":2,\"762\":1,\"769\":2,\"808\":1,\"815\":2,\"854\":1,\"861\":2,\"913\":1,\"934\":1,\"1070\":1,\"1147\":1,\"1238\":1,\"1298\":1,\"1376\":1,\"1470\":1,\"1552\":1,\"1647\":1,\"1729\":1,\"1824\":1,\"1906\":1,\"2001\":1,\"2083\":1,\"2178\":1,\"2260\":1,\"2365\":1,\"2475\":1,\"2584\":1,\"2694\":1,\"2803\":1,\"2913\":1,\"3022\":1,\"3132\":1,\"3217\":1,\"3353\":1}}],[\"set\",{\"1\":{\"95\":1,\"128\":1,\"138\":2,\"152\":1,\"153\":1,\"184\":1,\"185\":1,\"186\":1,\"190\":1,\"191\":1,\"192\":1,\"195\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"204\":1,\"222\":1,\"223\":1,\"230\":1,\"244\":1,\"245\":1,\"246\":1,\"250\":1,\"261\":1,\"289\":8,\"290\":3,\"300\":9,\"301\":3,\"335\":1,\"338\":1,\"349\":1,\"364\":2,\"390\":1,\"442\":6,\"443\":2,\"447\":4,\"481\":7,\"482\":3,\"504\":6,\"505\":3,\"530\":6,\"531\":3,\"560\":6,\"561\":3,\"590\":6,\"591\":2,\"620\":6,\"621\":2,\"666\":6,\"667\":2,\"712\":6,\"713\":2,\"758\":6,\"759\":2,\"804\":6,\"805\":2,\"850\":6,\"851\":2,\"896\":6,\"897\":2,\"901\":4,\"930\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"953\":1,\"956\":1,\"973\":1,\"974\":1,\"981\":1,\"993\":2,\"1002\":1,\"1003\":2,\"1005\":1,\"1024\":1,\"1025\":1,\"1045\":1,\"1056\":1,\"1065\":1,\"1066\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1086\":2,\"1095\":1,\"1096\":2,\"1098\":1,\"1117\":1,\"1118\":1,\"1119\":1,\"1139\":1,\"1143\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1183\":1,\"1184\":1,\"1191\":1,\"1205\":1,\"1206\":2,\"1208\":1,\"1233\":1,\"1234\":1,\"1250\":2,\"1273\":1,\"1274\":2,\"1276\":1,\"1294\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1334\":1,\"1335\":1,\"1342\":1,\"1362\":1,\"1371\":1,\"1372\":1,\"1389\":2,\"1397\":1,\"1398\":2,\"1400\":1,\"1419\":1,\"1420\":1,\"1421\":1,\"1438\":1,\"1445\":1,\"1446\":2,\"1448\":1,\"1466\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1486\":1,\"1489\":1,\"1506\":1,\"1507\":1,\"1514\":1,\"1538\":1,\"1547\":1,\"1548\":1,\"1565\":2,\"1573\":1,\"1574\":2,\"1576\":1,\"1595\":1,\"1596\":1,\"1597\":1,\"1615\":1,\"1622\":1,\"1623\":2,\"1625\":1,\"1643\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1663\":1,\"1666\":1,\"1683\":1,\"1684\":1,\"1691\":1,\"1715\":1,\"1724\":1,\"1725\":1,\"1742\":2,\"1750\":1,\"1751\":2,\"1753\":1,\"1772\":1,\"1773\":1,\"1774\":1,\"1792\":1,\"1799\":1,\"1800\":2,\"1802\":1,\"1820\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1840\":1,\"1843\":1,\"1860\":1,\"1861\":1,\"1868\":1,\"1892\":1,\"1901\":1,\"1902\":1,\"1919\":2,\"1927\":1,\"1928\":2,\"1930\":1,\"1949\":1,\"1950\":1,\"1951\":1,\"1969\":1,\"1976\":1,\"1977\":2,\"1979\":1,\"1997\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2017\":1,\"2020\":1,\"2037\":1,\"2038\":1,\"2045\":1,\"2069\":1,\"2078\":1,\"2079\":1,\"2096\":2,\"2104\":1,\"2105\":2,\"2107\":1,\"2126\":1,\"2127\":1,\"2128\":1,\"2146\":1,\"2153\":1,\"2154\":2,\"2156\":1,\"2174\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2194\":1,\"2197\":1,\"2214\":1,\"2215\":1,\"2222\":1,\"2246\":1,\"2255\":1,\"2256\":1,\"2273\":2,\"2281\":1,\"2282\":2,\"2284\":1,\"2303\":1,\"2304\":1,\"2305\":1,\"2323\":1,\"2340\":1,\"2341\":2,\"2343\":1,\"2361\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2384\":1,\"2387\":1,\"2404\":1,\"2405\":1,\"2412\":1,\"2424\":2,\"2431\":1,\"2432\":1,\"2450\":1,\"2461\":1,\"2470\":1,\"2471\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2491\":2,\"2500\":1,\"2501\":2,\"2503\":1,\"2522\":1,\"2523\":1,\"2524\":1,\"2542\":1,\"2559\":1,\"2560\":2,\"2562\":1,\"2580\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2603\":1,\"2606\":1,\"2623\":1,\"2624\":1,\"2631\":1,\"2643\":2,\"2650\":1,\"2651\":1,\"2669\":1,\"2680\":1,\"2689\":1,\"2690\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2710\":2,\"2719\":1,\"2720\":2,\"2722\":1,\"2741\":1,\"2742\":1,\"2743\":1,\"2761\":1,\"2778\":1,\"2779\":2,\"2781\":1,\"2799\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2822\":1,\"2825\":1,\"2842\":1,\"2843\":1,\"2850\":1,\"2862\":2,\"2869\":1,\"2870\":1,\"2888\":1,\"2899\":1,\"2908\":1,\"2909\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2929\":2,\"2938\":1,\"2939\":2,\"2941\":1,\"2960\":1,\"2961\":1,\"2962\":1,\"2980\":1,\"2997\":1,\"2998\":2,\"3000\":1,\"3018\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3041\":1,\"3044\":1,\"3061\":1,\"3062\":1,\"3069\":1,\"3081\":2,\"3088\":1,\"3089\":1,\"3107\":1,\"3118\":1,\"3127\":1,\"3128\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3148\":2,\"3157\":1,\"3158\":2,\"3160\":1,\"3179\":1,\"3180\":1,\"3181\":1,\"3199\":1,\"3213\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3236\":1,\"3239\":1,\"3256\":1,\"3257\":1,\"3264\":1,\"3276\":2,\"3285\":1,\"3286\":2,\"3288\":1,\"3307\":1,\"3308\":1,\"3328\":1,\"3339\":1,\"3348\":1,\"3349\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3369\":2,\"3378\":1,\"3379\":2,\"3381\":1,\"3400\":1,\"3401\":1,\"3402\":1,\"3422\":1}}],[\"setups\",{\"1\":{\"412\":1,\"636\":1,\"682\":1,\"728\":1,\"774\":1,\"820\":1,\"866\":1}}],[\"setup\",{\"0\":{\"92\":1,\"99\":1,\"169\":1,\"285\":1,\"287\":1,\"296\":1,\"298\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"331\":1,\"400\":1,\"439\":1,\"440\":1,\"461\":1,\"462\":1,\"478\":1,\"479\":1,\"501\":1,\"502\":1,\"510\":1,\"511\":1,\"527\":1,\"528\":1,\"536\":1,\"537\":1,\"557\":1,\"558\":1,\"566\":1,\"567\":1,\"587\":1,\"588\":1,\"596\":1,\"597\":1,\"617\":1,\"618\":1,\"626\":1,\"627\":1,\"663\":1,\"664\":1,\"672\":1,\"673\":1,\"709\":1,\"710\":1,\"718\":1,\"719\":1,\"755\":1,\"756\":1,\"764\":1,\"765\":1,\"801\":1,\"802\":1,\"810\":1,\"811\":1,\"847\":1,\"848\":1,\"856\":1,\"857\":1,\"893\":1,\"894\":1,\"915\":1,\"916\":1},\"1\":{\"8\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"92\":1,\"99\":1,\"100\":1,\"128\":1,\"135\":4,\"137\":2,\"138\":1,\"141\":1,\"142\":1,\"164\":1,\"169\":1,\"170\":1,\"280\":1,\"285\":2,\"291\":1,\"296\":2,\"329\":1,\"331\":2,\"338\":3,\"341\":1,\"342\":2,\"349\":1,\"352\":3,\"354\":1,\"367\":5,\"377\":4,\"393\":7,\"399\":1,\"403\":1,\"439\":1,\"459\":4,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"564\":4,\"587\":1,\"594\":4,\"617\":1,\"624\":4,\"663\":1,\"670\":4,\"709\":1,\"716\":4,\"755\":1,\"762\":4,\"801\":1,\"808\":4,\"847\":1,\"854\":4,\"893\":1,\"913\":4}}],[\"still\",{\"1\":{\"457\":2,\"911\":2}}],[\"stuck\",{\"1\":{\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1}}],[\"stub\",{\"1\":{\"174\":2,\"231\":2,\"232\":2,\"238\":2}}],[\"study\",{\"1\":{\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1}}],[\"studies\",{\"1\":{\"117\":2}}],[\"stud\",{\"1\":{\"26\":10}}],[\"style\",{\"0\":{\"156\":1,\"159\":1,\"160\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1},\"1\":{\"156\":2,\"160\":3,\"407\":4,\"631\":4,\"677\":4,\"723\":4,\"769\":4,\"815\":4,\"861\":4}}],[\"stopping\",{\"1\":{\"374\":1}}],[\"stop\",{\"1\":{\"105\":1,\"289\":1,\"290\":5,\"300\":1,\"301\":5,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"storing\",{\"0\":{\"373\":1},\"1\":{\"99\":2,\"129\":1,\"169\":2,\"374\":1}}],[\"stores\",{\"1\":{\"85\":1,\"460\":1,\"914\":1}}],[\"store\",{\"0\":{\"17\":1},\"1\":{\"17\":1,\"134\":2,\"135\":2,\"207\":1,\"260\":1,\"288\":4,\"299\":4,\"338\":2,\"427\":1,\"441\":5,\"480\":4,\"503\":4,\"529\":4,\"559\":4,\"575\":1,\"589\":4,\"605\":1,\"619\":4,\"651\":1,\"665\":4,\"697\":1,\"711\":4,\"743\":1,\"757\":4,\"789\":1,\"803\":4,\"835\":1,\"849\":4,\"881\":1,\"895\":5,\"959\":1,\"1080\":1,\"1168\":1,\"1245\":1,\"1319\":1,\"1383\":1,\"1492\":1,\"1559\":1,\"1669\":1,\"1736\":1,\"1846\":1,\"1913\":1,\"2023\":1,\"2090\":1,\"2200\":1,\"2267\":1,\"2390\":1,\"2485\":1,\"2609\":1,\"2704\":1,\"2828\":1,\"2923\":1,\"3047\":1,\"3142\":1,\"3242\":1,\"3363\":1}}],[\"stored\",{\"1\":{\"0\":1,\"90\":1,\"98\":1,\"372\":1,\"374\":1,\"451\":1,\"905\":1}}],[\"step\",{\"1\":{\"286\":1,\"297\":1,\"342\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1,\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1}}],[\"steps\",{\"1\":{\"0\":1,\"32\":1,\"37\":1,\"98\":1,\"105\":1,\"106\":1,\"107\":1,\"144\":1,\"154\":1,\"419\":2,\"434\":1,\"459\":1,\"473\":1,\"485\":1,\"496\":1,\"508\":1,\"522\":1,\"534\":1,\"552\":1,\"564\":1,\"582\":1,\"594\":1,\"612\":1,\"624\":1,\"643\":2,\"658\":1,\"670\":1,\"689\":2,\"704\":1,\"716\":1,\"735\":2,\"750\":1,\"762\":1,\"781\":2,\"796\":1,\"808\":1,\"827\":2,\"842\":1,\"854\":1,\"873\":2,\"888\":1,\"913\":1}}],[\"stellen\",{\"1\":{\"17\":1}}],[\"stale\",{\"1\":{\"381\":1}}],[\"standalone=\",{\"1\":{\"159\":1}}],[\"standardized\",{\"1\":{\"126\":1}}],[\"standardised\",{\"1\":{\"96\":1}}],[\"standard\",{\"1\":{\"9\":1,\"95\":2,\"127\":1,\"348\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"standards\",{\"0\":{\"9\":1,\"93\":1},\"1\":{\"0\":1,\"6\":1,\"24\":1,\"32\":1,\"88\":1,\"89\":1,\"93\":3,\"95\":1,\"98\":1,\"109\":1,\"116\":1,\"117\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"staff\",{\"1\":{\"117\":1}}],[\"stakeholders\",{\"1\":{\"96\":1}}],[\"star\",{\"1\":{\"91\":2}}],[\"starter\",{\"1\":{\"349\":1}}],[\"started\",{\"0\":{\"12\":1},\"1\":{\"13\":1,\"233\":1,\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"333\":1,\"338\":3,\"352\":3,\"356\":2,\"367\":4,\"374\":1,\"377\":3,\"381\":1,\"393\":6,\"419\":4,\"422\":1,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"643\":4,\"646\":1,\"673\":2,\"689\":4,\"692\":1,\"719\":2,\"735\":4,\"738\":1,\"765\":2,\"781\":4,\"784\":1,\"811\":2,\"827\":4,\"830\":1,\"857\":2,\"873\":4,\"876\":1,\"916\":2,\"985\":1,\"1192\":1,\"1343\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1}}],[\"startup\",{\"1\":{\"152\":1,\"153\":1,\"223\":1,\"233\":1,\"236\":1,\"237\":1,\"262\":1,\"290\":4,\"301\":4,\"443\":4,\"482\":4,\"505\":4,\"531\":4,\"561\":4,\"591\":4,\"621\":4,\"667\":4,\"713\":4,\"759\":4,\"805\":4,\"851\":4,\"897\":4,\"974\":1,\"985\":1,\"988\":1,\"989\":1,\"1081\":1,\"1184\":1,\"1192\":1,\"1195\":1,\"1196\":1,\"1246\":1,\"1335\":1,\"1343\":1,\"1346\":1,\"1347\":1,\"1384\":1,\"1507\":1,\"1518\":1,\"1521\":1,\"1522\":1,\"1560\":1,\"1684\":1,\"1695\":1,\"1698\":1,\"1699\":1,\"1737\":1,\"1861\":1,\"1872\":1,\"1875\":1,\"1876\":1,\"1914\":1,\"2038\":1,\"2049\":1,\"2052\":1,\"2053\":1,\"2091\":1,\"2215\":1,\"2226\":1,\"2229\":1,\"2230\":1,\"2268\":1,\"2405\":1,\"2416\":1,\"2419\":1,\"2420\":1,\"2486\":1,\"2624\":1,\"2635\":1,\"2638\":1,\"2639\":1,\"2705\":1,\"2843\":1,\"2854\":1,\"2857\":1,\"2858\":1,\"2924\":1,\"3062\":1,\"3073\":1,\"3076\":1,\"3077\":1,\"3143\":1,\"3257\":1,\"3268\":1,\"3271\":1,\"3272\":1,\"3364\":1}}],[\"starting\",{\"0\":{\"138\":1},\"1\":{\"136\":1,\"159\":2,\"356\":1,\"374\":2,\"418\":1,\"459\":2,\"564\":2,\"594\":2,\"624\":2,\"642\":1,\"670\":2,\"688\":1,\"716\":2,\"734\":1,\"762\":2,\"780\":1,\"808\":2,\"826\":1,\"854\":2,\"872\":1,\"913\":2}}],[\"starts\",{\"1\":{\"90\":1,\"97\":1,\"333\":1,\"347\":1}}],[\"start\",{\"0\":{\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1},\"1\":{\"12\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"97\":1,\"105\":2,\"116\":1,\"134\":2,\"135\":3,\"138\":1,\"141\":1,\"157\":1,\"185\":1,\"186\":1,\"289\":2,\"290\":4,\"300\":2,\"301\":4,\"331\":1,\"334\":1,\"338\":4,\"342\":4,\"345\":1,\"352\":4,\"356\":1,\"359\":1,\"364\":1,\"367\":7,\"377\":6,\"385\":1,\"393\":10,\"405\":1,\"419\":1,\"429\":1,\"442\":2,\"443\":2,\"444\":1,\"459\":2,\"472\":1,\"481\":2,\"482\":2,\"483\":1,\"495\":1,\"504\":2,\"505\":2,\"506\":1,\"521\":1,\"530\":2,\"531\":2,\"532\":1,\"547\":1,\"560\":2,\"561\":2,\"562\":1,\"564\":2,\"577\":1,\"590\":2,\"591\":2,\"592\":1,\"594\":2,\"607\":1,\"620\":2,\"621\":2,\"622\":1,\"624\":2,\"629\":1,\"643\":1,\"653\":1,\"666\":2,\"667\":2,\"668\":1,\"670\":2,\"675\":1,\"689\":1,\"699\":1,\"712\":2,\"713\":2,\"714\":1,\"716\":2,\"721\":1,\"735\":1,\"745\":1,\"758\":2,\"759\":2,\"760\":1,\"762\":2,\"767\":1,\"781\":1,\"791\":1,\"804\":2,\"805\":2,\"806\":1,\"808\":2,\"813\":1,\"827\":1,\"837\":1,\"850\":2,\"851\":2,\"852\":1,\"854\":2,\"859\":1,\"873\":1,\"883\":1,\"896\":2,\"897\":2,\"898\":1,\"913\":2,\"944\":1,\"945\":1,\"946\":1,\"990\":1,\"1037\":1,\"1056\":2,\"1131\":1,\"1155\":1,\"1156\":1,\"1306\":1,\"1307\":1,\"1362\":2,\"1478\":1,\"1479\":1,\"1480\":1,\"1523\":1,\"1538\":2,\"1609\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1700\":1,\"1715\":2,\"1786\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1877\":1,\"1892\":2,\"1963\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2054\":1,\"2069\":2,\"2140\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2231\":1,\"2246\":2,\"2317\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2421\":1,\"2444\":1,\"2461\":2,\"2536\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2640\":1,\"2663\":1,\"2680\":2,\"2755\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2859\":1,\"2882\":1,\"2899\":2,\"2974\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3078\":1,\"3101\":1,\"3118\":2,\"3193\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3273\":1,\"3320\":1,\"3339\":2,\"3414\":1}}],[\"stable\",{\"1\":{\"81\":1,\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"stay\",{\"0\":{\"73\":1},\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"static\",{\"0\":{\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1},\"1\":{\"345\":1,\"346\":1,\"993\":2,\"1086\":2,\"1250\":2,\"1389\":2,\"1565\":2,\"1742\":2,\"1919\":2,\"2096\":2,\"2273\":2,\"2424\":2,\"2491\":2,\"2643\":2,\"2710\":2,\"2862\":2,\"2929\":2,\"3081\":2,\"3148\":2,\"3276\":2,\"3369\":2}}],[\"static=\",{\"1\":{\"160\":8}}],[\"statment\",{\"1\":{\"159\":1}}],[\"statusclient\",{\"1\":{\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"536\":1,\"537\":1}}],[\"status=active\",{\"1\":{\"206\":1,\"211\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"status\",{\"0\":{\"1021\":1,\"1022\":1,\"1114\":1,\"1115\":1,\"1224\":1,\"1225\":1,\"1292\":1,\"1293\":1,\"1416\":1,\"1417\":1,\"1464\":1,\"1465\":1,\"1592\":1,\"1593\":1,\"1641\":1,\"1642\":1,\"1769\":1,\"1770\":1,\"1818\":1,\"1819\":1,\"1946\":1,\"1947\":1,\"1995\":1,\"1996\":1,\"2123\":1,\"2124\":1,\"2172\":1,\"2173\":1,\"2300\":1,\"2301\":1,\"2359\":1,\"2360\":1,\"2519\":1,\"2520\":1,\"2578\":1,\"2579\":1,\"2738\":1,\"2739\":1,\"2797\":1,\"2798\":1,\"2957\":1,\"2958\":1,\"3016\":1,\"3017\":1,\"3176\":1,\"3177\":1,\"3304\":1,\"3305\":1,\"3397\":1,\"3398\":1},\"1\":{\"90\":2,\"97\":2,\"106\":1,\"107\":1,\"141\":1,\"142\":1,\"536\":1,\"537\":1,\"1021\":2,\"1022\":2,\"1043\":1,\"1044\":1,\"1114\":2,\"1115\":2,\"1137\":1,\"1138\":1,\"1224\":2,\"1225\":2,\"1292\":2,\"1293\":2,\"1416\":2,\"1417\":2,\"1464\":2,\"1465\":2,\"1592\":2,\"1593\":2,\"1641\":2,\"1642\":2,\"1769\":2,\"1770\":2,\"1818\":2,\"1819\":2,\"1946\":2,\"1947\":2,\"1995\":2,\"1996\":2,\"2123\":2,\"2124\":2,\"2172\":2,\"2173\":2,\"2300\":2,\"2301\":2,\"2359\":2,\"2360\":2,\"2519\":2,\"2520\":2,\"2578\":2,\"2579\":2,\"2738\":2,\"2739\":2,\"2797\":2,\"2798\":2,\"2957\":2,\"2958\":2,\"3016\":2,\"3017\":2,\"3176\":2,\"3177\":2,\"3304\":2,\"3305\":2,\"3326\":1,\"3327\":1,\"3397\":2,\"3398\":2,\"3420\":1,\"3421\":1}}],[\"stattfinden\",{\"1\":{\"41\":1}}],[\"statements\",{\"1\":{\"159\":4}}],[\"statement\",{\"1\":{\"159\":11,\"160\":1}}],[\"state\",{\"1\":{\"33\":1,\"324\":1,\"369\":1,\"381\":2}}],[\"strategy\",{\"0\":{\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1},\"1\":{\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1}}],[\"strategies\",{\"1\":{\"120\":1}}],[\"stronger\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"stream\",{\"1\":{\"170\":1}}],[\"structural\",{\"1\":{\"94\":1}}],[\"structures\",{\"1\":{\"98\":1,\"304\":1,\"307\":1,\"310\":1}}],[\"structuredefinition\",{\"1\":{\"97\":1,\"338\":2,\"348\":1,\"358\":2,\"361\":4,\"362\":2,\"363\":4,\"364\":2,\"367\":2,\"384\":2,\"387\":4,\"388\":2,\"389\":4,\"393\":2}}],[\"structured\",{\"1\":{\"78\":2}}],[\"structure\",{\"0\":{\"81\":1,\"331\":1},\"1\":{\"0\":1,\"98\":1,\"236\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"408\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"632\":1,\"666\":1,\"667\":1,\"678\":1,\"712\":1,\"713\":1,\"724\":1,\"758\":1,\"759\":1,\"770\":1,\"804\":1,\"805\":1,\"816\":1,\"850\":1,\"851\":1,\"862\":1,\"896\":1,\"897\":1,\"988\":1,\"1195\":1,\"1346\":1,\"1521\":1,\"1698\":1,\"1875\":1,\"2052\":1,\"2229\":1,\"2419\":1,\"2638\":1,\"2857\":1,\"3076\":1,\"3271\":1}}],[\"strings\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"string\",{\"1\":{\"349\":2,\"359\":1,\"385\":1,\"920\":2,\"1037\":1,\"1049\":2,\"1131\":1,\"1355\":1,\"1388\":1,\"1531\":1,\"1609\":1,\"1708\":1,\"1786\":1,\"1885\":1,\"1963\":1,\"2062\":1,\"2140\":1,\"2239\":1,\"2317\":1,\"2327\":2,\"2444\":1,\"2454\":2,\"2536\":1,\"2546\":2,\"2663\":1,\"2673\":2,\"2755\":1,\"2765\":2,\"2882\":1,\"2892\":2,\"2974\":1,\"2984\":2,\"3101\":1,\"3111\":2,\"3193\":1,\"3203\":2,\"3320\":1,\"3332\":2,\"3414\":1}}],[\"stringent\",{\"1\":{\"5\":1}}],[\"strive\",{\"1\":{\"38\":1}}],[\"f0\",{\"1\":{\"920\":2,\"1049\":2,\"1355\":2,\"1531\":2,\"1708\":2,\"1885\":2,\"2062\":2,\"2239\":2,\"2327\":2,\"2454\":2,\"2546\":2,\"2673\":2,\"2765\":2,\"2892\":2,\"2984\":2,\"3111\":2,\"3203\":2,\"3332\":2}}],[\"f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f\",{\"1\":{\"442\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1}}],[\"f3a2\",{\"1\":{\"289\":2,\"300\":2}}],[\"fttp\",{\"1\":{\"285\":1,\"296\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1}}],[\"fssl\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"f\",{\"1\":{\"135\":4,\"289\":1,\"290\":2,\"300\":1,\"301\":2,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"442\":1,\"443\":1,\"444\":1,\"461\":1,\"462\":1,\"481\":1,\"482\":1,\"483\":1,\"504\":1,\"505\":1,\"506\":1,\"510\":1,\"511\":1,\"530\":1,\"531\":1,\"532\":1,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"562\":1,\"566\":1,\"567\":1,\"590\":1,\"591\":1,\"592\":1,\"596\":1,\"597\":1,\"620\":1,\"621\":1,\"622\":1,\"626\":1,\"627\":1,\"666\":1,\"667\":1,\"668\":1,\"672\":1,\"673\":1,\"712\":1,\"713\":1,\"714\":1,\"718\":1,\"719\":1,\"758\":1,\"759\":1,\"760\":1,\"764\":1,\"765\":1,\"804\":1,\"805\":1,\"806\":1,\"810\":1,\"811\":1,\"850\":1,\"851\":1,\"852\":1,\"856\":1,\"857\":1,\"896\":1,\"897\":1,\"898\":1,\"915\":1,\"916\":1}}],[\"fqdns\",{\"1\":{\"112\":1,\"167\":1}}],[\"fqdn\",{\"1\":{\"112\":3,\"113\":2,\"167\":3,\"168\":2,\"208\":1,\"263\":1,\"270\":2,\"284\":2,\"285\":1,\"289\":5,\"290\":4,\"295\":2,\"296\":1,\"300\":8,\"301\":4,\"304\":2,\"307\":1,\"428\":1,\"438\":2,\"439\":1,\"442\":3,\"443\":2,\"471\":1,\"477\":2,\"478\":1,\"481\":5,\"482\":4,\"483\":2,\"494\":1,\"500\":2,\"501\":1,\"504\":4,\"505\":3,\"506\":2,\"520\":1,\"526\":2,\"527\":1,\"530\":4,\"531\":3,\"532\":2,\"546\":1,\"556\":2,\"557\":1,\"560\":4,\"561\":3,\"562\":2,\"576\":1,\"586\":2,\"587\":1,\"590\":4,\"591\":2,\"592\":2,\"606\":1,\"616\":2,\"617\":1,\"620\":4,\"621\":2,\"622\":2,\"652\":1,\"662\":2,\"663\":1,\"666\":4,\"667\":2,\"668\":2,\"698\":1,\"708\":2,\"709\":1,\"712\":4,\"713\":2,\"714\":2,\"744\":1,\"754\":2,\"755\":1,\"758\":4,\"759\":2,\"790\":1,\"800\":2,\"801\":1,\"804\":4,\"805\":2,\"836\":1,\"846\":2,\"847\":1,\"850\":4,\"851\":2,\"882\":1,\"892\":2,\"893\":1,\"896\":3,\"897\":2,\"1032\":2,\"1082\":1,\"1126\":2,\"1169\":1,\"1247\":1,\"1257\":2,\"1320\":1,\"1385\":1,\"1428\":2,\"1561\":1,\"1604\":2,\"1738\":1,\"1781\":2,\"1915\":1,\"1958\":2,\"2092\":1,\"2135\":2,\"2269\":1,\"2312\":2,\"2439\":2,\"2487\":1,\"2531\":2,\"2658\":2,\"2706\":1,\"2750\":2,\"2877\":2,\"2925\":1,\"2969\":2,\"3096\":2,\"3144\":1,\"3188\":2,\"3315\":2,\"3365\":1,\"3409\":2}}],[\"fdgp+\",{\"1\":{\"81\":1}}],[\"fdpg\",{\"1\":{\"16\":1,\"41\":1,\"81\":2,\"91\":1,\"126\":1}}],[\"fdpg+\",{\"1\":{\"14\":6,\"41\":1,\"81\":2}}],[\"fall\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"falls\",{\"1\":{\"22\":1}}],[\"false\",{\"1\":{\"159\":25,\"160\":12,\"184\":1,\"185\":1,\"186\":1,\"195\":1,\"204\":1,\"222\":1,\"223\":1,\"230\":1,\"250\":1,\"349\":1,\"352\":1,\"373\":1,\"930\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"953\":1,\"956\":1,\"973\":1,\"974\":1,\"981\":1,\"993\":2,\"1002\":1,\"1003\":1,\"1005\":1,\"1065\":1,\"1066\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1086\":2,\"1095\":1,\"1096\":1,\"1098\":1,\"1143\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1162\":1,\"1165\":1,\"1183\":1,\"1184\":1,\"1191\":1,\"1205\":1,\"1206\":1,\"1208\":1,\"1233\":1,\"1234\":1,\"1250\":2,\"1273\":1,\"1274\":1,\"1276\":1,\"1294\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1313\":1,\"1316\":1,\"1334\":1,\"1335\":1,\"1342\":1,\"1371\":1,\"1372\":1,\"1389\":2,\"1397\":1,\"1398\":1,\"1400\":1,\"1445\":1,\"1446\":1,\"1448\":1,\"1466\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1486\":1,\"1489\":1,\"1506\":1,\"1507\":1,\"1514\":1,\"1547\":1,\"1548\":1,\"1565\":2,\"1573\":1,\"1574\":1,\"1576\":1,\"1622\":1,\"1623\":1,\"1625\":1,\"1643\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1663\":1,\"1666\":1,\"1683\":1,\"1684\":1,\"1691\":1,\"1724\":1,\"1725\":1,\"1742\":2,\"1750\":1,\"1751\":1,\"1753\":1,\"1799\":1,\"1800\":1,\"1802\":1,\"1820\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1840\":1,\"1843\":1,\"1860\":1,\"1861\":1,\"1868\":1,\"1901\":1,\"1902\":1,\"1919\":2,\"1927\":1,\"1928\":1,\"1930\":1,\"1976\":1,\"1977\":1,\"1979\":1,\"1997\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2017\":1,\"2020\":1,\"2037\":1,\"2038\":1,\"2045\":1,\"2078\":1,\"2079\":1,\"2096\":2,\"2104\":1,\"2105\":1,\"2107\":1,\"2153\":1,\"2154\":1,\"2156\":1,\"2174\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2194\":1,\"2197\":1,\"2214\":1,\"2215\":1,\"2222\":1,\"2255\":1,\"2256\":1,\"2273\":2,\"2281\":1,\"2282\":1,\"2284\":1,\"2340\":1,\"2341\":1,\"2343\":1,\"2361\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2384\":1,\"2387\":1,\"2404\":1,\"2405\":1,\"2412\":1,\"2424\":2,\"2470\":1,\"2471\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2491\":2,\"2500\":1,\"2501\":1,\"2503\":1,\"2559\":1,\"2560\":1,\"2562\":1,\"2580\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2603\":1,\"2606\":1,\"2623\":1,\"2624\":1,\"2631\":1,\"2643\":2,\"2689\":1,\"2690\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2710\":2,\"2719\":1,\"2720\":1,\"2722\":1,\"2778\":1,\"2779\":1,\"2781\":1,\"2799\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2822\":1,\"2825\":1,\"2842\":1,\"2843\":1,\"2850\":1,\"2862\":2,\"2908\":1,\"2909\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2929\":2,\"2938\":1,\"2939\":1,\"2941\":1,\"2997\":1,\"2998\":1,\"3000\":1,\"3018\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3041\":1,\"3044\":1,\"3061\":1,\"3062\":1,\"3069\":1,\"3081\":2,\"3127\":1,\"3128\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3148\":2,\"3157\":1,\"3158\":1,\"3160\":1,\"3213\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3236\":1,\"3239\":1,\"3256\":1,\"3257\":1,\"3264\":1,\"3276\":2,\"3285\":1,\"3286\":1,\"3288\":1,\"3348\":1,\"3349\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3369\":2,\"3378\":1,\"3379\":1,\"3381\":1}}],[\"factory\",{\"0\":{\"174\":1,\"231\":1,\"232\":1,\"238\":1},\"1\":{\"152\":3,\"153\":3,\"174\":4,\"231\":4,\"232\":4,\"238\":4}}],[\"facilitating\",{\"1\":{\"8\":1}}],[\"facilitate\",{\"1\":{\"6\":1}}],[\"fast\",{\"1\":{\"109\":1}}],[\"failures\",{\"1\":{\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1}}],[\"failure\",{\"1\":{\"303\":2,\"304\":2,\"306\":2,\"307\":2,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"461\":2,\"462\":1,\"510\":2,\"511\":1,\"536\":2,\"537\":1,\"566\":2,\"567\":1,\"596\":2,\"597\":1,\"626\":2,\"627\":1,\"672\":2,\"673\":1,\"718\":2,\"719\":1,\"764\":2,\"765\":1,\"810\":2,\"811\":1,\"856\":2,\"857\":1,\"915\":2,\"916\":1}}],[\"failed\",{\"1\":{\"97\":1}}],[\"faith\",{\"1\":{\"39\":1}}],[\"familiar\",{\"1\":{\"74\":1}}],[\"flp6zsd5qrmakgzmjxqxjmcwrtfa3dn8fa57h92y\",{\"1\":{\"134\":1}}],[\"flyer\",{\"1\":{\"126\":1}}],[\"flexible\",{\"0\":{\"91\":1},\"1\":{\"91\":1}}],[\"flexibility\",{\"0\":{\"9\":1},\"1\":{\"9\":1}}],[\"florian\",{\"1\":{\"83\":1}}],[\"flows\",{\"1\":{\"371\":1,\"374\":1}}],[\"flow\",{\"0\":{\"356\":1,\"1002\":1,\"1025\":1,\"1095\":1,\"1118\":1,\"1205\":1,\"1273\":1,\"1397\":1,\"1420\":1,\"1445\":1,\"1573\":1,\"1596\":1,\"1622\":1,\"1750\":1,\"1773\":1,\"1799\":1,\"1927\":1,\"1950\":1,\"1976\":1,\"2104\":1,\"2127\":1,\"2153\":1,\"2281\":1,\"2304\":1,\"2340\":1,\"2432\":1,\"2500\":1,\"2523\":1,\"2559\":1,\"2651\":1,\"2719\":1,\"2742\":1,\"2778\":1,\"2870\":1,\"2938\":1,\"2961\":1,\"2997\":1,\"3089\":1,\"3157\":1,\"3180\":1,\"3285\":1,\"3308\":1,\"3378\":1,\"3401\":1},\"1\":{\"74\":1,\"157\":1,\"323\":1,\"325\":1,\"354\":2,\"356\":3,\"371\":2,\"374\":1,\"379\":1,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1,\"1002\":2,\"1003\":1,\"1006\":1,\"1007\":1,\"1024\":1,\"1025\":2,\"1027\":1,\"1095\":2,\"1096\":1,\"1099\":1,\"1100\":1,\"1117\":1,\"1118\":2,\"1121\":1,\"1205\":2,\"1206\":1,\"1209\":1,\"1210\":1,\"1273\":2,\"1274\":1,\"1277\":1,\"1278\":1,\"1397\":2,\"1398\":1,\"1401\":1,\"1402\":1,\"1419\":1,\"1420\":2,\"1423\":1,\"1445\":2,\"1446\":1,\"1449\":1,\"1450\":1,\"1573\":2,\"1574\":1,\"1577\":1,\"1578\":1,\"1595\":1,\"1596\":2,\"1599\":1,\"1622\":2,\"1623\":1,\"1626\":1,\"1627\":1,\"1750\":2,\"1751\":1,\"1754\":1,\"1755\":1,\"1772\":1,\"1773\":2,\"1776\":1,\"1799\":2,\"1800\":1,\"1803\":1,\"1804\":1,\"1927\":2,\"1928\":1,\"1931\":1,\"1932\":1,\"1949\":1,\"1950\":2,\"1953\":1,\"1976\":2,\"1977\":1,\"1980\":1,\"1981\":1,\"2104\":2,\"2105\":1,\"2108\":1,\"2109\":1,\"2126\":1,\"2127\":2,\"2130\":1,\"2153\":2,\"2154\":1,\"2157\":1,\"2158\":1,\"2281\":2,\"2282\":1,\"2285\":1,\"2286\":1,\"2303\":1,\"2304\":2,\"2307\":1,\"2340\":2,\"2341\":1,\"2344\":1,\"2345\":1,\"2431\":1,\"2432\":2,\"2434\":1,\"2500\":2,\"2501\":1,\"2504\":1,\"2505\":1,\"2522\":1,\"2523\":2,\"2526\":1,\"2559\":2,\"2560\":1,\"2563\":1,\"2564\":1,\"2650\":1,\"2651\":2,\"2653\":1,\"2719\":2,\"2720\":1,\"2723\":1,\"2724\":1,\"2741\":1,\"2742\":2,\"2745\":1,\"2778\":2,\"2779\":1,\"2782\":1,\"2783\":1,\"2869\":1,\"2870\":2,\"2872\":1,\"2938\":2,\"2939\":1,\"2942\":1,\"2943\":1,\"2960\":1,\"2961\":2,\"2964\":1,\"2997\":2,\"2998\":1,\"3001\":1,\"3002\":1,\"3088\":1,\"3089\":2,\"3091\":1,\"3157\":2,\"3158\":1,\"3161\":1,\"3162\":1,\"3179\":1,\"3180\":2,\"3183\":1,\"3285\":2,\"3286\":1,\"3289\":1,\"3290\":1,\"3307\":1,\"3308\":2,\"3310\":1,\"3378\":2,\"3379\":1,\"3382\":1,\"3383\":1,\"3400\":1,\"3401\":2,\"3404\":1}}],[\"flare\",{\"1\":{\"21\":1}}],[\"fist\",{\"1\":{\"446\":1,\"900\":1}}],[\"fifth\",{\"1\":{\"393\":1}}],[\"field\",{\"1\":{\"159\":4,\"348\":2,\"349\":1,\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"fields\",{\"1\":{\"79\":1,\"159\":2,\"348\":1}}],[\"fixing\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"fixed\",{\"1\":{\"349\":1}}],[\"fixes\",{\"1\":{\"157\":1}}],[\"fix\",{\"1\":{\"158\":2,\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"figure\",{\"1\":{\"104\":1,\"130\":1,\"364\":1,\"390\":2}}],[\"fit\",{\"1\":{\"97\":1}}],[\"fits\",{\"1\":{\"97\":1}}],[\"finishes\",{\"1\":{\"393\":1}}],[\"finished\",{\"1\":{\"338\":1,\"352\":1}}],[\"finish\",{\"1\":{\"381\":3,\"390\":1,\"393\":1}}],[\"fingerprint\",{\"1\":{\"289\":1,\"300\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"920\":1,\"1049\":1,\"1083\":1,\"1355\":1,\"1386\":1,\"1531\":1,\"1562\":1,\"1708\":1,\"1739\":1,\"1885\":1,\"1916\":1,\"2062\":1,\"2093\":1,\"2239\":1,\"2270\":1,\"2327\":1,\"2454\":1,\"2488\":1,\"2546\":1,\"2673\":1,\"2707\":1,\"2765\":1,\"2892\":1,\"2926\":1,\"2984\":1,\"3111\":1,\"3145\":1,\"3203\":1,\"3332\":1,\"3366\":1}}],[\"finally\",{\"1\":{\"117\":1,\"159\":1,\"160\":1}}],[\"final\",{\"0\":{\"141\":1},\"1\":{\"94\":1,\"325\":1,\"379\":1}}],[\"findings\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"find\",{\"1\":{\"30\":1,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"74\":1,\"92\":1,\"93\":1,\"400\":1,\"408\":1,\"417\":1,\"419\":1,\"431\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"548\":1,\"562\":1,\"578\":1,\"592\":1,\"608\":1,\"622\":1,\"632\":1,\"641\":1,\"643\":1,\"654\":1,\"668\":1,\"678\":1,\"687\":1,\"689\":1,\"700\":1,\"714\":1,\"724\":1,\"733\":1,\"735\":1,\"746\":1,\"760\":1,\"770\":1,\"779\":1,\"781\":1,\"793\":1,\"806\":1,\"816\":1,\"825\":1,\"827\":1,\"839\":1,\"852\":1,\"862\":1,\"871\":1,\"873\":1,\"885\":1,\"898\":1}}],[\"finden\",{\"1\":{\"17\":1}}],[\"fires\",{\"1\":{\"382\":1}}],[\"fire\",{\"1\":{\"381\":1}}],[\"firewall\",{\"1\":{\"33\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"firewallregeln\",{\"1\":{\"16\":1}}],[\"first\",{\"1\":{\"85\":1,\"99\":1,\"159\":4,\"160\":1,\"169\":1,\"302\":1,\"305\":1,\"318\":1,\"320\":1,\"329\":1,\"338\":1,\"342\":1,\"367\":1,\"374\":1,\"381\":1,\"383\":1,\"393\":1,\"408\":1,\"565\":2,\"595\":2,\"625\":2,\"632\":1,\"671\":2,\"678\":1,\"717\":2,\"724\":1,\"763\":2,\"770\":1,\"809\":2,\"816\":1,\"862\":1,\"928\":2,\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2335\":2,\"2462\":2,\"2554\":2,\"2681\":2,\"2773\":2,\"2900\":2,\"2992\":2,\"3119\":2,\"3211\":2,\"3340\":2}}],[\"fill\",{\"1\":{\"286\":1,\"297\":1}}],[\"filter\",{\"1\":{\"147\":2}}],[\"filters\",{\"1\":{\"99\":1,\"169\":1}}],[\"filtering\",{\"1\":{\"0\":1,\"32\":1}}],[\"files\",{\"1\":{\"141\":1,\"142\":1,\"154\":1,\"262\":1,\"289\":3,\"290\":4,\"300\":3,\"301\":4,\"302\":1,\"303\":1,\"304\":1,\"305\":1,\"307\":1,\"308\":1,\"310\":1,\"311\":1,\"314\":1,\"416\":2,\"442\":3,\"443\":3,\"444\":2,\"446\":1,\"448\":2,\"451\":1,\"452\":3,\"453\":2,\"454\":3,\"455\":2,\"459\":1,\"460\":1,\"481\":3,\"482\":3,\"483\":2,\"504\":3,\"505\":3,\"506\":2,\"509\":1,\"530\":3,\"531\":3,\"532\":2,\"535\":1,\"560\":3,\"561\":3,\"562\":2,\"564\":1,\"565\":1,\"590\":3,\"591\":3,\"592\":2,\"594\":1,\"595\":1,\"620\":3,\"621\":3,\"622\":2,\"624\":1,\"625\":1,\"640\":2,\"666\":3,\"667\":3,\"668\":2,\"670\":1,\"671\":1,\"686\":2,\"712\":3,\"713\":3,\"714\":2,\"716\":1,\"717\":1,\"732\":2,\"758\":3,\"759\":3,\"760\":2,\"762\":1,\"763\":1,\"778\":2,\"804\":3,\"805\":3,\"806\":2,\"808\":1,\"809\":1,\"824\":2,\"850\":3,\"851\":3,\"852\":2,\"854\":1,\"855\":1,\"870\":2,\"896\":3,\"897\":3,\"898\":2,\"900\":1,\"902\":2,\"905\":1,\"906\":3,\"907\":2,\"908\":3,\"909\":2,\"913\":1,\"914\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1560\":1,\"1737\":1,\"1914\":1,\"2091\":1,\"2268\":1,\"2486\":1,\"2705\":1,\"2924\":1,\"3143\":1,\"3364\":1}}],[\"file\",{\"0\":{\"175\":1,\"179\":1,\"182\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"214\":1,\"219\":1,\"225\":1,\"243\":1,\"244\":1,\"251\":1,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"932\":1,\"936\":1,\"939\":1,\"950\":1,\"965\":1,\"970\":1,\"976\":1,\"996\":1,\"1010\":1,\"1019\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1061\":1,\"1068\":1,\"1072\":1,\"1074\":1,\"1089\":1,\"1103\":1,\"1112\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1149\":1,\"1152\":1,\"1159\":1,\"1175\":1,\"1180\":1,\"1186\":1,\"1198\":1,\"1213\":1,\"1222\":1,\"1229\":1,\"1236\":1,\"1240\":1,\"1242\":1,\"1252\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1281\":1,\"1290\":1,\"1296\":1,\"1300\":1,\"1303\":1,\"1310\":1,\"1326\":1,\"1331\":1,\"1337\":1,\"1349\":1,\"1367\":1,\"1374\":1,\"1378\":1,\"1380\":1,\"1391\":1,\"1405\":1,\"1414\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1453\":1,\"1462\":1,\"1468\":1,\"1472\":1,\"1475\":1,\"1483\":1,\"1498\":1,\"1503\":1,\"1509\":1,\"1525\":1,\"1543\":1,\"1550\":1,\"1554\":1,\"1556\":1,\"1567\":1,\"1581\":1,\"1590\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1630\":1,\"1639\":1,\"1645\":1,\"1649\":1,\"1652\":1,\"1660\":1,\"1675\":1,\"1680\":1,\"1686\":1,\"1702\":1,\"1720\":1,\"1727\":1,\"1731\":1,\"1733\":1,\"1744\":1,\"1758\":1,\"1767\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1807\":1,\"1816\":1,\"1822\":1,\"1826\":1,\"1829\":1,\"1837\":1,\"1852\":1,\"1857\":1,\"1863\":1,\"1879\":1,\"1897\":1,\"1904\":1,\"1908\":1,\"1910\":1,\"1921\":1,\"1935\":1,\"1944\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1984\":1,\"1993\":1,\"1999\":1,\"2003\":1,\"2006\":1,\"2014\":1,\"2029\":1,\"2034\":1,\"2040\":1,\"2056\":1,\"2074\":1,\"2081\":1,\"2085\":1,\"2087\":1,\"2098\":1,\"2112\":1,\"2121\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2161\":1,\"2170\":1,\"2176\":1,\"2180\":1,\"2183\":1,\"2191\":1,\"2206\":1,\"2211\":1,\"2217\":1,\"2233\":1,\"2251\":1,\"2258\":1,\"2262\":1,\"2264\":1,\"2275\":1,\"2289\":1,\"2298\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2348\":1,\"2357\":1,\"2363\":1,\"2367\":1,\"2370\":1,\"2381\":1,\"2396\":1,\"2401\":1,\"2407\":1,\"2427\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2466\":1,\"2473\":1,\"2477\":1,\"2479\":1,\"2494\":1,\"2508\":1,\"2517\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2567\":1,\"2576\":1,\"2582\":1,\"2586\":1,\"2589\":1,\"2600\":1,\"2615\":1,\"2620\":1,\"2626\":1,\"2646\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2685\":1,\"2692\":1,\"2696\":1,\"2698\":1,\"2713\":1,\"2727\":1,\"2736\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2786\":1,\"2795\":1,\"2801\":1,\"2805\":1,\"2808\":1,\"2819\":1,\"2834\":1,\"2839\":1,\"2845\":1,\"2865\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2904\":1,\"2911\":1,\"2915\":1,\"2917\":1,\"2932\":1,\"2946\":1,\"2955\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"3005\":1,\"3014\":1,\"3020\":1,\"3024\":1,\"3027\":1,\"3038\":1,\"3053\":1,\"3058\":1,\"3064\":1,\"3084\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3123\":1,\"3130\":1,\"3134\":1,\"3136\":1,\"3151\":1,\"3165\":1,\"3174\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3219\":1,\"3222\":1,\"3233\":1,\"3248\":1,\"3253\":1,\"3259\":1,\"3279\":1,\"3293\":1,\"3302\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3344\":1,\"3351\":1,\"3355\":1,\"3357\":1,\"3372\":1,\"3386\":1,\"3395\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1},\"1\":{\"37\":1,\"90\":1,\"102\":1,\"134\":1,\"135\":1,\"145\":2,\"152\":1,\"153\":1,\"154\":1,\"159\":1,\"163\":1,\"175\":2,\"179\":2,\"182\":2,\"187\":2,\"188\":3,\"189\":2,\"190\":2,\"196\":2,\"199\":2,\"205\":2,\"212\":2,\"213\":3,\"214\":2,\"218\":1,\"219\":2,\"224\":2,\"225\":3,\"228\":2,\"241\":2,\"242\":3,\"243\":2,\"244\":2,\"249\":2,\"251\":2,\"255\":2,\"257\":2,\"275\":3,\"276\":4,\"277\":5,\"278\":3,\"279\":3,\"288\":4,\"289\":14,\"290\":8,\"299\":4,\"300\":14,\"301\":8,\"302\":1,\"303\":1,\"304\":2,\"306\":1,\"307\":2,\"309\":1,\"310\":2,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"327\":49,\"331\":1,\"332\":1,\"338\":1,\"341\":1,\"352\":2,\"364\":2,\"367\":1,\"377\":1,\"390\":5,\"393\":1,\"400\":2,\"407\":2,\"431\":1,\"433\":4,\"441\":5,\"442\":21,\"443\":8,\"446\":5,\"447\":5,\"449\":4,\"452\":3,\"453\":1,\"454\":3,\"455\":1,\"461\":28,\"462\":10,\"480\":4,\"481\":24,\"482\":8,\"503\":4,\"504\":23,\"505\":8,\"510\":1,\"511\":1,\"529\":4,\"530\":23,\"531\":8,\"536\":1,\"537\":3,\"559\":4,\"560\":23,\"561\":8,\"566\":1,\"567\":1,\"589\":4,\"590\":23,\"591\":8,\"596\":1,\"597\":1,\"619\":4,\"620\":23,\"621\":8,\"626\":1,\"627\":1,\"631\":2,\"665\":4,\"666\":23,\"667\":8,\"672\":1,\"673\":1,\"677\":2,\"711\":4,\"712\":23,\"713\":8,\"718\":1,\"719\":1,\"723\":2,\"757\":4,\"758\":23,\"759\":8,\"764\":1,\"765\":1,\"769\":2,\"793\":1,\"795\":4,\"803\":4,\"804\":23,\"805\":8,\"810\":1,\"811\":1,\"815\":2,\"839\":1,\"841\":4,\"849\":4,\"850\":23,\"851\":8,\"856\":1,\"857\":1,\"861\":2,\"885\":1,\"887\":4,\"895\":5,\"896\":21,\"897\":8,\"900\":5,\"901\":5,\"903\":4,\"906\":3,\"907\":1,\"908\":3,\"909\":1,\"915\":28,\"916\":10,\"932\":2,\"936\":2,\"939\":2,\"948\":2,\"949\":3,\"950\":2,\"957\":2,\"963\":2,\"964\":3,\"965\":2,\"969\":1,\"970\":2,\"975\":2,\"976\":3,\"979\":2,\"996\":2,\"1008\":2,\"1009\":3,\"1010\":2,\"1013\":2,\"1015\":2,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1026\":1,\"1027\":1,\"1038\":2,\"1039\":3,\"1040\":5,\"1041\":4,\"1042\":3,\"1059\":2,\"1060\":3,\"1061\":2,\"1064\":2,\"1068\":2,\"1072\":2,\"1074\":2,\"1089\":2,\"1101\":2,\"1102\":3,\"1103\":2,\"1106\":2,\"1108\":2,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1120\":1,\"1121\":1,\"1132\":2,\"1133\":3,\"1134\":5,\"1135\":4,\"1136\":3,\"1145\":2,\"1149\":2,\"1152\":2,\"1157\":2,\"1158\":3,\"1159\":2,\"1166\":2,\"1173\":2,\"1174\":3,\"1175\":2,\"1179\":1,\"1180\":2,\"1185\":2,\"1186\":3,\"1189\":2,\"1198\":2,\"1211\":2,\"1212\":3,\"1213\":2,\"1216\":2,\"1218\":2,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1227\":2,\"1228\":3,\"1229\":2,\"1232\":2,\"1236\":2,\"1240\":2,\"1242\":2,\"1252\":2,\"1262\":3,\"1263\":4,\"1264\":5,\"1265\":3,\"1266\":3,\"1279\":2,\"1280\":3,\"1281\":2,\"1284\":2,\"1286\":2,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1296\":2,\"1300\":2,\"1303\":2,\"1308\":2,\"1309\":3,\"1310\":2,\"1317\":2,\"1324\":2,\"1325\":3,\"1326\":2,\"1330\":1,\"1331\":2,\"1336\":2,\"1337\":3,\"1340\":2,\"1349\":2,\"1365\":2,\"1366\":3,\"1367\":2,\"1370\":2,\"1374\":2,\"1378\":2,\"1380\":2,\"1391\":2,\"1403\":2,\"1404\":3,\"1405\":2,\"1408\":2,\"1410\":2,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1422\":1,\"1423\":1,\"1433\":3,\"1434\":4,\"1435\":5,\"1436\":3,\"1437\":3,\"1451\":2,\"1452\":3,\"1453\":2,\"1456\":2,\"1458\":2,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1468\":2,\"1472\":2,\"1475\":2,\"1481\":2,\"1482\":3,\"1483\":2,\"1490\":2,\"1496\":2,\"1497\":3,\"1498\":2,\"1502\":1,\"1503\":2,\"1508\":2,\"1509\":3,\"1512\":2,\"1525\":2,\"1541\":2,\"1542\":3,\"1543\":2,\"1546\":2,\"1550\":2,\"1554\":2,\"1556\":2,\"1567\":2,\"1579\":2,\"1580\":3,\"1581\":2,\"1584\":2,\"1586\":2,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1598\":1,\"1599\":1,\"1610\":3,\"1611\":4,\"1612\":5,\"1613\":3,\"1614\":3,\"1628\":2,\"1629\":3,\"1630\":2,\"1633\":2,\"1635\":2,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1645\":2,\"1649\":2,\"1652\":2,\"1658\":2,\"1659\":3,\"1660\":2,\"1667\":2,\"1673\":2,\"1674\":3,\"1675\":2,\"1679\":1,\"1680\":2,\"1685\":2,\"1686\":3,\"1689\":2,\"1702\":2,\"1718\":2,\"1719\":3,\"1720\":2,\"1723\":2,\"1727\":2,\"1731\":2,\"1733\":2,\"1744\":2,\"1756\":2,\"1757\":3,\"1758\":2,\"1761\":2,\"1763\":2,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1775\":1,\"1776\":1,\"1787\":3,\"1788\":4,\"1789\":5,\"1790\":3,\"1791\":3,\"1805\":2,\"1806\":3,\"1807\":2,\"1810\":2,\"1812\":2,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1822\":2,\"1826\":2,\"1829\":2,\"1835\":2,\"1836\":3,\"1837\":2,\"1844\":2,\"1850\":2,\"1851\":3,\"1852\":2,\"1856\":1,\"1857\":2,\"1862\":2,\"1863\":3,\"1866\":2,\"1879\":2,\"1895\":2,\"1896\":3,\"1897\":2,\"1900\":2,\"1904\":2,\"1908\":2,\"1910\":2,\"1921\":2,\"1933\":2,\"1934\":3,\"1935\":2,\"1938\":2,\"1940\":2,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1952\":1,\"1953\":1,\"1964\":3,\"1965\":4,\"1966\":5,\"1967\":3,\"1968\":3,\"1982\":2,\"1983\":3,\"1984\":2,\"1987\":2,\"1989\":2,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1999\":2,\"2003\":2,\"2006\":2,\"2012\":2,\"2013\":3,\"2014\":2,\"2021\":2,\"2027\":2,\"2028\":3,\"2029\":2,\"2033\":1,\"2034\":2,\"2039\":2,\"2040\":3,\"2043\":2,\"2056\":2,\"2072\":2,\"2073\":3,\"2074\":2,\"2077\":2,\"2081\":2,\"2085\":2,\"2087\":2,\"2098\":2,\"2110\":2,\"2111\":3,\"2112\":2,\"2115\":2,\"2117\":2,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2129\":1,\"2130\":1,\"2141\":3,\"2142\":4,\"2143\":5,\"2144\":3,\"2145\":3,\"2159\":2,\"2160\":3,\"2161\":2,\"2164\":2,\"2166\":2,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2176\":2,\"2180\":2,\"2183\":2,\"2189\":2,\"2190\":3,\"2191\":2,\"2198\":2,\"2204\":2,\"2205\":3,\"2206\":2,\"2210\":1,\"2211\":2,\"2216\":2,\"2217\":3,\"2220\":2,\"2233\":2,\"2249\":2,\"2250\":3,\"2251\":2,\"2254\":2,\"2258\":2,\"2262\":2,\"2264\":2,\"2275\":2,\"2287\":2,\"2288\":3,\"2289\":2,\"2292\":2,\"2294\":2,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2306\":1,\"2307\":1,\"2318\":3,\"2319\":4,\"2320\":5,\"2321\":3,\"2322\":3,\"2346\":2,\"2347\":3,\"2348\":2,\"2351\":2,\"2353\":2,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2363\":2,\"2367\":2,\"2370\":2,\"2379\":2,\"2380\":3,\"2381\":2,\"2388\":2,\"2394\":2,\"2395\":3,\"2396\":2,\"2400\":1,\"2401\":2,\"2406\":2,\"2407\":3,\"2410\":2,\"2427\":2,\"2433\":1,\"2434\":1,\"2445\":3,\"2446\":4,\"2447\":5,\"2448\":3,\"2449\":3,\"2464\":2,\"2465\":3,\"2466\":2,\"2469\":2,\"2473\":2,\"2477\":2,\"2479\":2,\"2494\":2,\"2506\":2,\"2507\":3,\"2508\":2,\"2511\":2,\"2513\":2,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2525\":1,\"2526\":1,\"2537\":3,\"2538\":4,\"2539\":5,\"2540\":3,\"2541\":3,\"2565\":2,\"2566\":3,\"2567\":2,\"2570\":2,\"2572\":2,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2582\":2,\"2586\":2,\"2589\":2,\"2598\":2,\"2599\":3,\"2600\":2,\"2607\":2,\"2613\":2,\"2614\":3,\"2615\":2,\"2619\":1,\"2620\":2,\"2625\":2,\"2626\":3,\"2629\":2,\"2646\":2,\"2652\":1,\"2653\":1,\"2664\":3,\"2665\":4,\"2666\":5,\"2667\":3,\"2668\":3,\"2683\":2,\"2684\":3,\"2685\":2,\"2688\":2,\"2692\":2,\"2696\":2,\"2698\":2,\"2713\":2,\"2725\":2,\"2726\":3,\"2727\":2,\"2730\":2,\"2732\":2,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2744\":1,\"2745\":1,\"2756\":3,\"2757\":4,\"2758\":5,\"2759\":3,\"2760\":3,\"2784\":2,\"2785\":3,\"2786\":2,\"2789\":2,\"2791\":2,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2801\":2,\"2805\":2,\"2808\":2,\"2817\":2,\"2818\":3,\"2819\":2,\"2826\":2,\"2832\":2,\"2833\":3,\"2834\":2,\"2838\":1,\"2839\":2,\"2844\":2,\"2845\":3,\"2848\":2,\"2865\":2,\"2871\":1,\"2872\":1,\"2883\":3,\"2884\":4,\"2885\":5,\"2886\":3,\"2887\":3,\"2902\":2,\"2903\":3,\"2904\":2,\"2907\":2,\"2911\":2,\"2915\":2,\"2917\":2,\"2932\":2,\"2944\":2,\"2945\":3,\"2946\":2,\"2949\":2,\"2951\":2,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2963\":1,\"2964\":1,\"2975\":3,\"2976\":4,\"2977\":5,\"2978\":3,\"2979\":3,\"3003\":2,\"3004\":3,\"3005\":2,\"3008\":2,\"3010\":2,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3020\":2,\"3024\":2,\"3027\":2,\"3036\":2,\"3037\":3,\"3038\":2,\"3045\":2,\"3051\":2,\"3052\":3,\"3053\":2,\"3057\":1,\"3058\":2,\"3063\":2,\"3064\":3,\"3067\":2,\"3084\":2,\"3090\":1,\"3091\":1,\"3102\":3,\"3103\":4,\"3104\":5,\"3105\":3,\"3106\":3,\"3121\":2,\"3122\":3,\"3123\":2,\"3126\":2,\"3130\":2,\"3134\":2,\"3136\":2,\"3151\":2,\"3163\":2,\"3164\":3,\"3165\":2,\"3168\":2,\"3170\":2,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3182\":1,\"3183\":1,\"3194\":3,\"3195\":4,\"3196\":5,\"3197\":3,\"3198\":3,\"3215\":2,\"3219\":2,\"3222\":2,\"3231\":2,\"3232\":3,\"3233\":2,\"3240\":2,\"3246\":2,\"3247\":3,\"3248\":2,\"3252\":1,\"3253\":2,\"3258\":2,\"3259\":3,\"3262\":2,\"3279\":2,\"3291\":2,\"3292\":3,\"3293\":2,\"3296\":2,\"3298\":2,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3309\":1,\"3310\":1,\"3321\":2,\"3322\":3,\"3323\":5,\"3324\":4,\"3325\":3,\"3342\":2,\"3343\":3,\"3344\":2,\"3347\":2,\"3351\":2,\"3355\":2,\"3357\":2,\"3372\":2,\"3384\":2,\"3385\":3,\"3386\":2,\"3389\":2,\"3391\":2,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3403\":1,\"3404\":1,\"3415\":2,\"3416\":3,\"3417\":5,\"3418\":4,\"3419\":3}}],[\"für\",{\"1\":{\"14\":1,\"15\":1,\"16\":2,\"17\":1,\"126\":1}}],[\"fr\",{\"1\":{\"1043\":1,\"1137\":1,\"3326\":1,\"3420\":1}}],[\"friendly\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"frir\",{\"1\":{\"289\":2,\"290\":1,\"300\":3,\"301\":1,\"304\":2,\"307\":1}}],[\"frontend\",{\"1\":{\"170\":1,\"327\":15}}],[\"fromaddress\",{\"0\":{\"215\":1,\"966\":1,\"1176\":1,\"1327\":1,\"1499\":1,\"1676\":1,\"1853\":1,\"2030\":1,\"2207\":1,\"2397\":1,\"2616\":1,\"2835\":1,\"3054\":1,\"3249\":1},\"1\":{\"215\":1,\"966\":1,\"1176\":1,\"1327\":1,\"1499\":1,\"1676\":1,\"1853\":1,\"2030\":1,\"2207\":1,\"2397\":1,\"2616\":1,\"2835\":1,\"3054\":1,\"3249\":1}}],[\"from\",{\"0\":{\"302\":1,\"305\":1,\"308\":1,\"311\":1,\"314\":1,\"423\":1,\"459\":1,\"460\":1,\"466\":1,\"485\":1,\"489\":1,\"508\":1,\"509\":1,\"515\":1,\"534\":1,\"535\":1,\"541\":1,\"564\":1,\"565\":1,\"571\":1,\"594\":1,\"595\":1,\"601\":1,\"624\":1,\"625\":1,\"647\":1,\"670\":1,\"671\":1,\"693\":1,\"716\":1,\"717\":1,\"739\":1,\"762\":1,\"763\":1,\"785\":1,\"808\":1,\"809\":1,\"831\":1,\"854\":1,\"855\":1,\"877\":1,\"913\":1,\"914\":1},\"1\":{\"28\":1,\"42\":3,\"44\":2,\"46\":3,\"48\":3,\"50\":3,\"52\":3,\"54\":3,\"56\":3,\"58\":3,\"60\":3,\"62\":3,\"64\":3,\"66\":3,\"81\":3,\"88\":1,\"91\":1,\"94\":1,\"98\":2,\"99\":1,\"106\":1,\"107\":1,\"109\":1,\"112\":2,\"113\":1,\"116\":1,\"117\":2,\"120\":1,\"127\":2,\"128\":1,\"130\":1,\"134\":4,\"135\":2,\"136\":1,\"141\":3,\"142\":2,\"147\":1,\"152\":1,\"153\":1,\"157\":1,\"159\":1,\"163\":1,\"167\":2,\"168\":1,\"169\":1,\"171\":2,\"175\":1,\"176\":1,\"177\":1,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"194\":1,\"195\":1,\"203\":1,\"204\":1,\"206\":1,\"211\":1,\"233\":1,\"236\":1,\"248\":1,\"250\":1,\"251\":1,\"252\":1,\"253\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"261\":1,\"262\":2,\"265\":1,\"266\":1,\"276\":1,\"284\":1,\"289\":2,\"290\":7,\"295\":1,\"300\":2,\"301\":6,\"302\":3,\"303\":1,\"304\":15,\"305\":6,\"306\":1,\"307\":15,\"308\":3,\"309\":1,\"310\":6,\"311\":2,\"312\":1,\"313\":1,\"314\":2,\"315\":1,\"316\":1,\"332\":2,\"335\":1,\"346\":2,\"347\":1,\"349\":4,\"354\":1,\"356\":1,\"361\":1,\"362\":1,\"379\":1,\"381\":2,\"387\":1,\"388\":1,\"390\":2,\"395\":1,\"398\":1,\"419\":1,\"421\":1,\"425\":1,\"427\":1,\"428\":2,\"438\":1,\"442\":2,\"443\":3,\"444\":1,\"447\":1,\"459\":2,\"460\":1,\"461\":1,\"462\":1,\"464\":1,\"468\":1,\"470\":1,\"471\":2,\"477\":1,\"481\":3,\"482\":3,\"483\":1,\"485\":3,\"487\":1,\"491\":1,\"493\":1,\"494\":2,\"500\":1,\"504\":2,\"505\":3,\"506\":1,\"508\":3,\"509\":3,\"510\":1,\"511\":1,\"513\":1,\"517\":1,\"519\":1,\"520\":2,\"526\":1,\"530\":2,\"531\":3,\"532\":1,\"534\":3,\"535\":3,\"536\":1,\"537\":1,\"539\":1,\"543\":1,\"545\":1,\"546\":2,\"556\":1,\"560\":2,\"561\":3,\"562\":1,\"564\":2,\"565\":4,\"566\":1,\"567\":1,\"569\":1,\"573\":1,\"575\":1,\"576\":2,\"586\":1,\"590\":2,\"591\":3,\"592\":1,\"594\":2,\"595\":2,\"596\":1,\"597\":1,\"599\":1,\"603\":1,\"605\":1,\"606\":2,\"616\":1,\"620\":2,\"621\":3,\"622\":1,\"624\":2,\"625\":2,\"626\":1,\"627\":1,\"643\":1,\"645\":1,\"649\":1,\"651\":1,\"652\":2,\"662\":1,\"666\":2,\"667\":3,\"668\":1,\"670\":2,\"671\":2,\"672\":1,\"673\":1,\"689\":1,\"691\":1,\"695\":1,\"697\":1,\"698\":2,\"708\":1,\"712\":2,\"713\":3,\"714\":1,\"716\":2,\"717\":2,\"718\":1,\"719\":1,\"735\":1,\"737\":1,\"741\":1,\"743\":1,\"744\":2,\"754\":1,\"758\":2,\"759\":3,\"760\":1,\"762\":2,\"763\":2,\"764\":1,\"765\":1,\"781\":1,\"783\":1,\"787\":1,\"789\":1,\"790\":2,\"800\":1,\"804\":2,\"805\":3,\"806\":1,\"808\":2,\"809\":2,\"810\":1,\"811\":1,\"827\":1,\"829\":1,\"833\":1,\"835\":1,\"836\":2,\"846\":1,\"850\":2,\"851\":3,\"852\":1,\"854\":2,\"855\":1,\"856\":1,\"857\":1,\"873\":1,\"875\":1,\"879\":1,\"881\":1,\"882\":2,\"892\":1,\"896\":2,\"897\":3,\"898\":1,\"901\":1,\"913\":2,\"914\":1,\"915\":1,\"916\":1,\"922\":1,\"923\":1,\"928\":1,\"932\":1,\"933\":1,\"934\":1,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"952\":1,\"953\":1,\"955\":1,\"956\":1,\"958\":1,\"962\":1,\"985\":1,\"988\":1,\"1001\":1,\"1015\":1,\"1039\":1,\"1044\":1,\"1051\":1,\"1052\":1,\"1056\":1,\"1057\":1,\"1063\":1,\"1065\":1,\"1068\":1,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1081\":2,\"1094\":1,\"1108\":1,\"1133\":1,\"1138\":1,\"1145\":1,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1161\":1,\"1162\":1,\"1164\":1,\"1165\":1,\"1167\":1,\"1172\":1,\"1192\":1,\"1195\":1,\"1204\":1,\"1218\":1,\"1231\":1,\"1233\":1,\"1236\":1,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1246\":2,\"1263\":1,\"1272\":1,\"1286\":1,\"1296\":1,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1312\":1,\"1313\":1,\"1315\":1,\"1316\":1,\"1318\":1,\"1323\":1,\"1343\":1,\"1346\":1,\"1357\":1,\"1358\":1,\"1362\":1,\"1363\":1,\"1369\":1,\"1371\":1,\"1374\":1,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1384\":2,\"1396\":1,\"1410\":1,\"1434\":1,\"1444\":1,\"1458\":1,\"1468\":1,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1485\":1,\"1486\":1,\"1488\":1,\"1489\":1,\"1491\":1,\"1495\":1,\"1518\":1,\"1521\":1,\"1533\":1,\"1534\":1,\"1538\":1,\"1539\":1,\"1545\":1,\"1547\":1,\"1550\":1,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1560\":2,\"1572\":1,\"1586\":1,\"1611\":1,\"1621\":1,\"1635\":1,\"1645\":1,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1662\":1,\"1663\":1,\"1665\":1,\"1666\":1,\"1668\":1,\"1672\":1,\"1695\":1,\"1698\":1,\"1710\":1,\"1711\":1,\"1715\":1,\"1716\":1,\"1722\":1,\"1724\":1,\"1727\":1,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1737\":2,\"1749\":1,\"1763\":1,\"1788\":1,\"1798\":1,\"1812\":1,\"1822\":1,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1839\":1,\"1840\":1,\"1842\":1,\"1843\":1,\"1845\":1,\"1849\":1,\"1872\":1,\"1875\":1,\"1887\":1,\"1888\":1,\"1892\":1,\"1893\":1,\"1899\":1,\"1901\":1,\"1904\":1,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1914\":2,\"1926\":1,\"1940\":1,\"1965\":1,\"1975\":1,\"1989\":1,\"1999\":1,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2016\":1,\"2017\":1,\"2019\":1,\"2020\":1,\"2022\":1,\"2026\":1,\"2049\":1,\"2052\":1,\"2064\":1,\"2065\":1,\"2069\":1,\"2070\":1,\"2076\":1,\"2078\":1,\"2081\":1,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2091\":2,\"2103\":1,\"2117\":1,\"2142\":1,\"2152\":1,\"2166\":1,\"2176\":1,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2193\":1,\"2194\":1,\"2196\":1,\"2197\":1,\"2199\":1,\"2203\":1,\"2226\":1,\"2229\":1,\"2241\":1,\"2242\":1,\"2246\":1,\"2247\":1,\"2253\":1,\"2255\":1,\"2258\":1,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2268\":2,\"2280\":1,\"2294\":1,\"2319\":1,\"2329\":1,\"2330\":1,\"2335\":1,\"2339\":1,\"2353\":1,\"2363\":1,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2383\":1,\"2384\":1,\"2386\":1,\"2387\":1,\"2389\":1,\"2393\":1,\"2416\":1,\"2419\":1,\"2446\":1,\"2456\":1,\"2457\":1,\"2461\":1,\"2462\":1,\"2468\":1,\"2470\":1,\"2473\":1,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2486\":2,\"2499\":1,\"2513\":1,\"2538\":1,\"2548\":1,\"2549\":1,\"2554\":1,\"2558\":1,\"2572\":1,\"2582\":1,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2602\":1,\"2603\":1,\"2605\":1,\"2606\":1,\"2608\":1,\"2612\":1,\"2635\":1,\"2638\":1,\"2665\":1,\"2675\":1,\"2676\":1,\"2680\":1,\"2681\":1,\"2687\":1,\"2689\":1,\"2692\":1,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2705\":2,\"2718\":1,\"2732\":1,\"2757\":1,\"2767\":1,\"2768\":1,\"2773\":1,\"2777\":1,\"2791\":1,\"2801\":1,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2821\":1,\"2822\":1,\"2824\":1,\"2825\":1,\"2827\":1,\"2831\":1,\"2854\":1,\"2857\":1,\"2884\":1,\"2894\":1,\"2895\":1,\"2899\":1,\"2900\":1,\"2906\":1,\"2908\":1,\"2911\":1,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"2924\":2,\"2937\":1,\"2951\":1,\"2976\":1,\"2986\":1,\"2987\":1,\"2992\":1,\"2996\":1,\"3010\":1,\"3020\":1,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3040\":1,\"3041\":1,\"3043\":1,\"3044\":1,\"3046\":1,\"3050\":1,\"3073\":1,\"3076\":1,\"3103\":1,\"3113\":1,\"3114\":1,\"3118\":1,\"3119\":1,\"3125\":1,\"3127\":1,\"3130\":1,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3143\":2,\"3156\":1,\"3170\":1,\"3195\":1,\"3205\":1,\"3206\":1,\"3211\":1,\"3215\":1,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3235\":1,\"3236\":1,\"3238\":1,\"3239\":1,\"3241\":1,\"3245\":1,\"3268\":1,\"3271\":1,\"3284\":1,\"3298\":1,\"3322\":1,\"3327\":1,\"3334\":1,\"3335\":1,\"3339\":1,\"3340\":1,\"3346\":1,\"3348\":1,\"3351\":1,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1,\"3364\":2,\"3377\":1,\"3391\":1,\"3416\":1,\"3421\":1}}],[\"frequently\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"free\",{\"1\":{\"71\":1,\"395\":1,\"396\":1,\"414\":1,\"417\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"638\":1,\"641\":1,\"653\":1,\"669\":1,\"684\":1,\"687\":1,\"699\":1,\"715\":1,\"730\":1,\"733\":1,\"745\":1,\"761\":1,\"776\":1,\"779\":1,\"791\":1,\"807\":1,\"822\":1,\"825\":1,\"837\":1,\"853\":1,\"868\":1,\"871\":1,\"883\":1,\"899\":1}}],[\"freigaben\",{\"1\":{\"16\":1}}],[\"freigabe\",{\"1\":{\"16\":2}}],[\"freuen\",{\"1\":{\"14\":1}}],[\"fraunhofer\",{\"1\":{\"457\":1,\"911\":1,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"fragen\",{\"1\":{\"14\":1,\"22\":1}}],[\"framework\",{\"0\":{\"0\":1,\"81\":1},\"1\":{\"0\":1,\"1\":1,\"6\":1,\"26\":4,\"28\":1,\"29\":1,\"30\":2,\"32\":1,\"40\":1,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"76\":1,\"88\":1,\"98\":1,\"99\":1,\"109\":1,\"116\":1,\"117\":2,\"130\":1,\"152\":1,\"153\":1,\"154\":1,\"169\":1,\"318\":1,\"332\":1,\"346\":1,\"404\":2,\"416\":1,\"417\":2,\"628\":2,\"640\":1,\"641\":2,\"674\":2,\"686\":1,\"687\":2,\"720\":2,\"732\":1,\"733\":2,\"766\":2,\"778\":1,\"779\":2,\"812\":2,\"824\":1,\"825\":2,\"858\":2,\"870\":1,\"871\":2}}],[\"fowler\",{\"1\":{\"415\":3,\"639\":3,\"685\":3,\"731\":3,\"777\":3,\"823\":3,\"869\":3}}],[\"foster\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"footer\",{\"1\":{\"218\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1}}],[\"foo\",{\"1\":{\"191\":1,\"197\":1,\"200\":1,\"207\":1,\"245\":1,\"260\":1,\"289\":4,\"290\":2,\"300\":5,\"301\":2,\"363\":1,\"389\":1,\"442\":4,\"443\":2,\"481\":4,\"482\":2,\"504\":4,\"505\":2,\"530\":4,\"531\":2,\"560\":4,\"561\":2,\"590\":4,\"591\":2,\"620\":4,\"621\":2,\"666\":4,\"667\":2,\"712\":4,\"713\":2,\"758\":4,\"759\":2,\"804\":4,\"805\":2,\"850\":4,\"851\":2,\"896\":4,\"897\":2,\"959\":1,\"991\":1,\"995\":1,\"997\":1,\"1080\":1,\"1088\":1,\"1090\":1,\"1168\":1,\"1197\":1,\"1199\":1,\"1245\":1,\"1251\":1,\"1253\":1,\"1319\":1,\"1348\":1,\"1350\":1,\"1383\":1,\"1390\":1,\"1392\":1,\"1492\":1,\"1524\":1,\"1526\":1,\"1559\":1,\"1566\":1,\"1568\":1,\"1669\":1,\"1701\":1,\"1703\":1,\"1736\":1,\"1743\":1,\"1745\":1,\"1846\":1,\"1878\":1,\"1880\":1,\"1913\":1,\"1920\":1,\"1922\":1,\"2023\":1,\"2055\":1,\"2057\":1,\"2090\":1,\"2097\":1,\"2099\":1,\"2200\":1,\"2232\":1,\"2234\":1,\"2267\":1,\"2274\":1,\"2276\":1,\"2390\":1,\"2422\":1,\"2426\":1,\"2428\":1,\"2485\":1,\"2493\":1,\"2495\":1,\"2609\":1,\"2641\":1,\"2645\":1,\"2647\":1,\"2704\":1,\"2712\":1,\"2714\":1,\"2828\":1,\"2860\":1,\"2864\":1,\"2866\":1,\"2923\":1,\"2931\":1,\"2933\":1,\"3047\":1,\"3079\":1,\"3083\":1,\"3085\":1,\"3142\":1,\"3150\":1,\"3152\":1,\"3242\":1,\"3274\":1,\"3278\":1,\"3280\":1,\"3363\":1,\"3371\":1,\"3373\":1}}],[\"fourth\",{\"1\":{\"377\":1,\"393\":1}}],[\"four\",{\"1\":{\"94\":1,\"358\":1,\"384\":1}}],[\"founded\",{\"1\":{\"98\":1}}],[\"foundational\",{\"1\":{\"94\":1}}],[\"found\",{\"1\":{\"37\":1,\"100\":1,\"109\":1,\"110\":1,\"126\":1,\"130\":1,\"147\":1,\"152\":1,\"153\":1,\"154\":1,\"156\":1,\"170\":1,\"318\":1,\"382\":1,\"395\":1,\"397\":1,\"399\":1,\"401\":2,\"402\":1,\"429\":1,\"432\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"653\":1,\"669\":1,\"699\":1,\"715\":1,\"745\":1,\"761\":1,\"791\":1,\"794\":1,\"807\":1,\"837\":1,\"840\":1,\"853\":1,\"883\":1,\"886\":1,\"899\":1,\"3423\":1}}],[\"focusing\",{\"1\":{\"81\":1}}],[\"focuses\",{\"1\":{\"81\":1,\"320\":1,\"329\":1}}],[\"focus\",{\"1\":{\"78\":1}}],[\"folders\",{\"1\":{\"290\":2,\"301\":2,\"443\":1,\"459\":1,\"482\":1,\"485\":1,\"505\":1,\"508\":1,\"531\":1,\"534\":1,\"561\":1,\"564\":1,\"591\":1,\"594\":1,\"621\":1,\"624\":1,\"667\":1,\"670\":1,\"713\":1,\"716\":1,\"759\":1,\"762\":1,\"805\":1,\"808\":1,\"851\":1,\"854\":1,\"897\":1,\"913\":1}}],[\"folder\",{\"1\":{\"134\":2,\"135\":4,\"152\":2,\"153\":2,\"289\":2,\"290\":1,\"300\":2,\"301\":1,\"331\":1,\"346\":1,\"433\":1,\"442\":2,\"443\":1,\"481\":2,\"482\":1,\"504\":2,\"505\":1,\"530\":2,\"531\":1,\"560\":2,\"561\":1,\"590\":2,\"591\":1,\"620\":2,\"621\":1,\"666\":2,\"667\":1,\"712\":2,\"713\":1,\"758\":2,\"759\":1,\"795\":1,\"804\":2,\"805\":1,\"841\":1,\"850\":2,\"851\":1,\"887\":1,\"896\":2,\"897\":1}}],[\"followed\",{\"1\":{\"371\":1}}],[\"follows\",{\"1\":{\"74\":1,\"163\":1,\"346\":1}}],[\"following\",{\"1\":{\"37\":1,\"88\":1,\"97\":2,\"103\":1,\"104\":1,\"105\":1,\"106\":1,\"107\":1,\"130\":1,\"138\":1,\"152\":1,\"153\":1,\"162\":1,\"289\":2,\"290\":2,\"300\":2,\"301\":2,\"311\":1,\"314\":1,\"348\":1,\"356\":1,\"357\":1,\"363\":1,\"373\":1,\"381\":1,\"389\":1,\"398\":1,\"400\":1,\"408\":1,\"409\":1,\"413\":1,\"416\":1,\"434\":1,\"442\":1,\"443\":1,\"444\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"459\":1,\"473\":1,\"481\":2,\"482\":1,\"483\":1,\"485\":1,\"496\":1,\"504\":2,\"505\":1,\"506\":1,\"508\":1,\"522\":1,\"530\":2,\"531\":1,\"532\":1,\"534\":1,\"552\":1,\"560\":2,\"561\":1,\"562\":1,\"564\":1,\"582\":1,\"590\":2,\"591\":1,\"592\":1,\"594\":1,\"612\":1,\"620\":2,\"621\":1,\"622\":1,\"624\":1,\"632\":1,\"633\":1,\"637\":1,\"640\":1,\"658\":1,\"666\":2,\"667\":1,\"668\":1,\"670\":1,\"678\":1,\"679\":1,\"683\":1,\"686\":1,\"704\":1,\"712\":2,\"713\":1,\"714\":1,\"716\":1,\"724\":1,\"725\":1,\"729\":1,\"732\":1,\"750\":1,\"758\":2,\"759\":1,\"760\":1,\"762\":1,\"770\":1,\"771\":1,\"775\":1,\"778\":1,\"796\":1,\"804\":2,\"805\":1,\"806\":1,\"808\":1,\"816\":1,\"817\":1,\"821\":1,\"824\":1,\"842\":1,\"850\":2,\"851\":1,\"852\":1,\"854\":1,\"862\":1,\"863\":1,\"867\":1,\"870\":1,\"888\":1,\"896\":1,\"897\":1,\"898\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"913\":1,\"1025\":1,\"1118\":1,\"1119\":1,\"1420\":1,\"1421\":1,\"1596\":1,\"1597\":1,\"1773\":1,\"1774\":1,\"1950\":1,\"1951\":1,\"2127\":1,\"2128\":1,\"2304\":1,\"2305\":1,\"2432\":1,\"2523\":1,\"2524\":1,\"2651\":1,\"2742\":1,\"2743\":1,\"2870\":1,\"2961\":1,\"2962\":1,\"3089\":1,\"3180\":1,\"3181\":1,\"3308\":1,\"3401\":1,\"3402\":1}}],[\"follow\",{\"1\":{\"36\":1,\"73\":1,\"79\":1,\"157\":1,\"311\":1,\"314\":1,\"415\":1,\"470\":1,\"493\":1,\"509\":1,\"519\":1,\"535\":1,\"545\":1,\"565\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"folgen\",{\"1\":{\"14\":1}}],[\"fokus\",{\"1\":{\"14\":1}}],[\"forbidden\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"forward\",{\"1\":{\"995\":1,\"996\":1,\"997\":2,\"998\":1,\"1088\":1,\"1089\":1,\"1090\":2,\"1091\":1,\"1197\":1,\"1198\":1,\"1199\":2,\"1200\":1,\"1251\":1,\"1252\":1,\"1253\":2,\"1254\":1,\"1348\":1,\"1349\":1,\"1350\":2,\"1351\":1,\"1390\":1,\"1391\":1,\"1392\":2,\"1393\":1,\"1524\":1,\"1525\":1,\"1526\":2,\"1527\":1,\"1566\":1,\"1567\":1,\"1568\":2,\"1569\":1,\"1701\":1,\"1702\":1,\"1703\":2,\"1704\":1,\"1743\":1,\"1744\":1,\"1745\":2,\"1746\":1,\"1878\":1,\"1879\":1,\"1880\":2,\"1881\":1,\"1920\":1,\"1921\":1,\"1922\":2,\"1923\":1,\"2055\":1,\"2056\":1,\"2057\":2,\"2058\":1,\"2097\":1,\"2098\":1,\"2099\":2,\"2100\":1,\"2232\":1,\"2233\":1,\"2234\":2,\"2235\":1,\"2274\":1,\"2275\":1,\"2276\":2,\"2277\":1,\"2426\":1,\"2427\":1,\"2428\":2,\"2429\":1,\"2493\":1,\"2494\":1,\"2495\":2,\"2496\":1,\"2645\":1,\"2646\":1,\"2647\":2,\"2648\":1,\"2712\":1,\"2713\":1,\"2714\":2,\"2715\":1,\"2864\":1,\"2865\":1,\"2866\":2,\"2867\":1,\"2931\":1,\"2932\":1,\"2933\":2,\"2934\":1,\"3083\":1,\"3084\":1,\"3085\":2,\"3086\":1,\"3150\":1,\"3151\":1,\"3152\":2,\"3153\":1,\"3278\":1,\"3279\":1,\"3280\":2,\"3281\":1,\"3371\":1,\"3372\":1,\"3373\":2,\"3374\":1}}],[\"force\",{\"1\":{\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1}}],[\"forceunlock\",{\"0\":{\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1},\"1\":{\"930\":1,\"1066\":1,\"1143\":1,\"1234\":1,\"1294\":1,\"1372\":1,\"1466\":1,\"1548\":1,\"1643\":1,\"1725\":1,\"1820\":1,\"1902\":1,\"1997\":1,\"2079\":1,\"2174\":1,\"2256\":1,\"2361\":1,\"2471\":1,\"2580\":1,\"2690\":1,\"2799\":1,\"2909\":1,\"3018\":1,\"3128\":1,\"3213\":1,\"3349\":1}}],[\"fork\",{\"1\":{\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"forget\",{\"1\":{\"145\":1}}],[\"forschungsdaten\",{\"1\":{\"126\":1}}],[\"forschungsdatenportal\",{\"1\":{\"91\":1}}],[\"formalities\",{\"1\":{\"103\":1}}],[\"formatter\",{\"1\":{\"159\":319,\"160\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"formatted\",{\"1\":{\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"format\",{\"1\":{\"94\":1,\"126\":1,\"156\":1,\"159\":8,\"382\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"formats\",{\"1\":{\"9\":1,\"94\":1,\"95\":1}}],[\"forms\",{\"1\":{\"96\":1}}],[\"form\",{\"1\":{\"17\":1,\"346\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1,\"920\":1,\"1049\":1,\"1056\":1,\"1355\":1,\"1362\":1,\"1531\":1,\"1538\":1,\"1708\":1,\"1715\":1,\"1885\":1,\"1892\":1,\"2062\":1,\"2069\":1,\"2239\":1,\"2246\":1,\"2327\":1,\"2454\":1,\"2461\":1,\"2546\":1,\"2673\":1,\"2680\":1,\"2765\":1,\"2892\":1,\"2899\":1,\"2984\":1,\"3111\":1,\"3118\":1,\"3203\":1,\"3332\":1,\"3339\":1}}],[\"former\",{\"1\":{\"1\":1,\"354\":1}}],[\"for\",{\"0\":{\"5\":1,\"137\":1,\"358\":1,\"384\":1,\"400\":1},\"1\":{\"0\":1,\"1\":3,\"5\":1,\"6\":1,\"9\":1,\"12\":1,\"20\":3,\"26\":1,\"29\":1,\"37\":1,\"39\":1,\"74\":1,\"75\":1,\"76\":1,\"81\":2,\"88\":3,\"89\":2,\"90\":1,\"91\":2,\"94\":2,\"95\":5,\"96\":2,\"97\":2,\"98\":7,\"99\":12,\"100\":1,\"102\":2,\"104\":1,\"109\":2,\"110\":2,\"116\":2,\"117\":6,\"118\":2,\"119\":1,\"120\":2,\"127\":3,\"129\":1,\"130\":1,\"134\":1,\"135\":1,\"137\":2,\"141\":1,\"142\":1,\"145\":2,\"146\":1,\"152\":1,\"153\":1,\"154\":1,\"156\":1,\"157\":2,\"159\":59,\"162\":1,\"163\":1,\"165\":2,\"169\":12,\"170\":1,\"174\":3,\"177\":1,\"178\":1,\"179\":1,\"180\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"205\":1,\"222\":1,\"231\":3,\"232\":3,\"236\":1,\"238\":3,\"241\":1,\"249\":1,\"253\":1,\"256\":1,\"257\":1,\"258\":1,\"265\":1,\"266\":2,\"271\":2,\"272\":2,\"273\":2,\"274\":2,\"280\":2,\"283\":1,\"285\":2,\"289\":4,\"290\":5,\"291\":2,\"294\":1,\"296\":2,\"300\":4,\"301\":5,\"303\":1,\"304\":7,\"306\":1,\"307\":5,\"309\":1,\"310\":5,\"312\":1,\"313\":3,\"315\":1,\"316\":3,\"318\":2,\"319\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"331\":3,\"332\":8,\"333\":2,\"335\":1,\"338\":4,\"341\":3,\"342\":3,\"346\":2,\"347\":4,\"348\":7,\"352\":2,\"356\":5,\"357\":4,\"358\":2,\"362\":2,\"364\":4,\"367\":4,\"371\":1,\"372\":1,\"373\":1,\"377\":3,\"381\":2,\"382\":1,\"383\":2,\"384\":2,\"388\":2,\"390\":3,\"393\":7,\"395\":1,\"396\":1,\"397\":1,\"399\":1,\"401\":3,\"402\":1,\"404\":1,\"407\":1,\"413\":1,\"415\":7,\"416\":2,\"417\":2,\"418\":1,\"419\":12,\"427\":2,\"428\":1,\"429\":4,\"430\":1,\"431\":3,\"433\":3,\"434\":2,\"437\":1,\"439\":1,\"442\":5,\"443\":2,\"445\":2,\"446\":1,\"448\":1,\"452\":4,\"453\":4,\"454\":4,\"455\":4,\"459\":4,\"460\":5,\"461\":1,\"462\":2,\"470\":5,\"471\":1,\"472\":1,\"473\":3,\"476\":1,\"478\":1,\"481\":5,\"482\":2,\"484\":2,\"485\":1,\"493\":5,\"494\":1,\"495\":1,\"496\":3,\"499\":1,\"501\":1,\"504\":6,\"505\":2,\"507\":2,\"508\":1,\"510\":1,\"511\":2,\"519\":5,\"520\":1,\"521\":1,\"522\":3,\"525\":1,\"527\":1,\"530\":6,\"531\":2,\"533\":2,\"534\":1,\"536\":3,\"537\":3,\"545\":3,\"546\":1,\"547\":4,\"552\":2,\"555\":1,\"557\":1,\"560\":6,\"561\":2,\"563\":2,\"564\":4,\"566\":1,\"567\":2,\"575\":2,\"576\":1,\"577\":4,\"582\":2,\"585\":1,\"587\":1,\"590\":6,\"591\":2,\"593\":2,\"594\":4,\"596\":1,\"597\":2,\"605\":2,\"606\":1,\"607\":4,\"612\":2,\"615\":1,\"617\":1,\"620\":6,\"621\":2,\"623\":2,\"624\":4,\"626\":1,\"627\":2,\"628\":1,\"631\":1,\"637\":1,\"639\":7,\"640\":2,\"641\":2,\"642\":1,\"643\":12,\"651\":2,\"652\":1,\"653\":4,\"658\":2,\"661\":1,\"663\":1,\"666\":6,\"667\":2,\"669\":2,\"670\":4,\"672\":1,\"673\":2,\"674\":1,\"677\":1,\"683\":1,\"685\":7,\"686\":2,\"687\":2,\"688\":1,\"689\":12,\"697\":2,\"698\":1,\"699\":4,\"704\":2,\"707\":1,\"709\":1,\"712\":6,\"713\":2,\"715\":2,\"716\":4,\"718\":1,\"719\":2,\"720\":1,\"723\":1,\"729\":1,\"731\":7,\"732\":2,\"733\":2,\"734\":1,\"735\":12,\"743\":2,\"744\":1,\"745\":4,\"750\":2,\"753\":1,\"755\":1,\"758\":6,\"759\":2,\"761\":2,\"762\":4,\"764\":1,\"765\":2,\"766\":1,\"769\":1,\"775\":1,\"777\":7,\"778\":2,\"779\":2,\"780\":1,\"781\":12,\"789\":2,\"790\":1,\"791\":4,\"792\":1,\"793\":3,\"795\":3,\"796\":2,\"799\":1,\"801\":1,\"804\":6,\"805\":2,\"807\":2,\"808\":4,\"810\":1,\"811\":2,\"812\":1,\"815\":1,\"821\":1,\"823\":7,\"824\":2,\"825\":2,\"826\":1,\"827\":12,\"835\":2,\"836\":1,\"837\":4,\"838\":1,\"839\":3,\"841\":3,\"842\":2,\"845\":1,\"847\":1,\"850\":6,\"851\":2,\"853\":2,\"854\":4,\"856\":1,\"857\":2,\"858\":1,\"861\":1,\"867\":1,\"869\":7,\"870\":2,\"871\":2,\"872\":1,\"873\":12,\"881\":2,\"882\":1,\"883\":4,\"884\":1,\"885\":3,\"887\":3,\"888\":2,\"891\":1,\"893\":1,\"896\":5,\"897\":2,\"899\":2,\"900\":1,\"902\":1,\"906\":4,\"907\":4,\"908\":4,\"909\":4,\"913\":4,\"914\":5,\"915\":1,\"916\":2,\"920\":7,\"934\":1,\"935\":1,\"936\":1,\"937\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"948\":1,\"957\":1,\"973\":1,\"988\":1,\"993\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1016\":2,\"1017\":2,\"1018\":2,\"1019\":2,\"1020\":1,\"1024\":2,\"1026\":2,\"1033\":2,\"1034\":2,\"1035\":2,\"1036\":2,\"1049\":7,\"1059\":1,\"1064\":1,\"1070\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1086\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1109\":2,\"1110\":2,\"1111\":2,\"1112\":2,\"1113\":1,\"1117\":3,\"1120\":2,\"1127\":2,\"1128\":2,\"1129\":2,\"1130\":2,\"1142\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1166\":1,\"1183\":1,\"1195\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1219\":2,\"1220\":2,\"1221\":2,\"1222\":2,\"1223\":1,\"1226\":1,\"1227\":1,\"1232\":1,\"1238\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1250\":1,\"1258\":2,\"1259\":2,\"1260\":2,\"1261\":2,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1287\":2,\"1288\":2,\"1289\":2,\"1290\":2,\"1291\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1317\":1,\"1334\":1,\"1346\":1,\"1355\":6,\"1365\":1,\"1370\":1,\"1376\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1389\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1411\":2,\"1412\":2,\"1413\":2,\"1414\":2,\"1415\":1,\"1419\":3,\"1422\":2,\"1429\":2,\"1430\":2,\"1431\":2,\"1432\":2,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1459\":2,\"1460\":2,\"1461\":2,\"1462\":2,\"1463\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1490\":1,\"1506\":1,\"1521\":1,\"1531\":6,\"1541\":1,\"1546\":1,\"1552\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1565\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1587\":2,\"1588\":2,\"1589\":2,\"1590\":2,\"1591\":1,\"1595\":3,\"1598\":2,\"1605\":2,\"1606\":2,\"1607\":2,\"1608\":2,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1636\":2,\"1637\":2,\"1638\":2,\"1639\":2,\"1640\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1667\":1,\"1683\":1,\"1698\":1,\"1708\":6,\"1718\":1,\"1723\":1,\"1729\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1742\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1764\":2,\"1765\":2,\"1766\":2,\"1767\":2,\"1768\":1,\"1772\":3,\"1775\":2,\"1782\":2,\"1783\":2,\"1784\":2,\"1785\":2,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1813\":2,\"1814\":2,\"1815\":2,\"1816\":2,\"1817\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1844\":1,\"1860\":1,\"1875\":1,\"1885\":6,\"1895\":1,\"1900\":1,\"1906\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1919\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1941\":2,\"1942\":2,\"1943\":2,\"1944\":2,\"1945\":1,\"1949\":3,\"1952\":2,\"1959\":2,\"1960\":2,\"1961\":2,\"1962\":2,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1990\":2,\"1991\":2,\"1992\":2,\"1993\":2,\"1994\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2021\":1,\"2037\":1,\"2052\":1,\"2062\":6,\"2072\":1,\"2077\":1,\"2083\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2096\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2118\":2,\"2119\":2,\"2120\":2,\"2121\":2,\"2122\":1,\"2126\":3,\"2129\":2,\"2136\":2,\"2137\":2,\"2138\":2,\"2139\":2,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2167\":2,\"2168\":2,\"2169\":2,\"2170\":2,\"2171\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2198\":1,\"2214\":1,\"2229\":1,\"2239\":6,\"2249\":1,\"2254\":1,\"2260\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2273\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2295\":2,\"2296\":2,\"2297\":2,\"2298\":2,\"2299\":1,\"2303\":3,\"2306\":2,\"2313\":2,\"2314\":2,\"2315\":2,\"2316\":2,\"2327\":7,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2354\":2,\"2355\":2,\"2356\":2,\"2357\":2,\"2358\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2379\":1,\"2388\":1,\"2404\":1,\"2419\":1,\"2424\":1,\"2431\":2,\"2433\":2,\"2440\":2,\"2441\":2,\"2442\":2,\"2443\":2,\"2454\":7,\"2464\":1,\"2469\":1,\"2475\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2491\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2514\":2,\"2515\":2,\"2516\":2,\"2517\":2,\"2518\":1,\"2522\":3,\"2525\":2,\"2532\":2,\"2533\":2,\"2534\":2,\"2535\":2,\"2546\":7,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2573\":2,\"2574\":2,\"2575\":2,\"2576\":2,\"2577\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2598\":1,\"2607\":1,\"2623\":1,\"2638\":1,\"2643\":1,\"2650\":2,\"2652\":2,\"2659\":2,\"2660\":2,\"2661\":2,\"2662\":2,\"2673\":7,\"2683\":1,\"2688\":1,\"2694\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2710\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2733\":2,\"2734\":2,\"2735\":2,\"2736\":2,\"2737\":1,\"2741\":3,\"2744\":2,\"2751\":2,\"2752\":2,\"2753\":2,\"2754\":2,\"2765\":7,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2792\":2,\"2793\":2,\"2794\":2,\"2795\":2,\"2796\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2817\":1,\"2826\":1,\"2842\":1,\"2857\":1,\"2862\":1,\"2869\":2,\"2871\":2,\"2878\":2,\"2879\":2,\"2880\":2,\"2881\":2,\"2892\":7,\"2902\":1,\"2907\":1,\"2913\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2929\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2952\":2,\"2953\":2,\"2954\":2,\"2955\":2,\"2956\":1,\"2960\":3,\"2963\":2,\"2970\":2,\"2971\":2,\"2972\":2,\"2973\":2,\"2984\":7,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3011\":2,\"3012\":2,\"3013\":2,\"3014\":2,\"3015\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3036\":1,\"3045\":1,\"3061\":1,\"3076\":1,\"3081\":1,\"3088\":2,\"3090\":2,\"3097\":2,\"3098\":2,\"3099\":2,\"3100\":2,\"3111\":7,\"3121\":1,\"3126\":1,\"3132\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3148\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3171\":2,\"3172\":2,\"3173\":2,\"3174\":2,\"3175\":1,\"3179\":3,\"3182\":2,\"3189\":2,\"3190\":2,\"3191\":2,\"3192\":2,\"3203\":7,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3231\":1,\"3240\":1,\"3256\":1,\"3271\":1,\"3276\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3299\":2,\"3300\":2,\"3301\":2,\"3302\":2,\"3303\":1,\"3307\":2,\"3309\":2,\"3316\":2,\"3317\":2,\"3318\":2,\"3319\":2,\"3332\":7,\"3342\":1,\"3347\":1,\"3353\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3369\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3392\":2,\"3393\":2,\"3394\":2,\"3395\":2,\"3396\":1,\"3400\":3,\"3403\":2,\"3410\":2,\"3411\":2,\"3412\":2,\"3413\":2}}],[\"fulfilled\",{\"1\":{\"429\":1,\"472\":1,\"495\":1,\"521\":1,\"547\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"fulfill\",{\"1\":{\"334\":1,\"357\":1}}],[\"fully\",{\"1\":{\"332\":1}}],[\"full\",{\"1\":{\"152\":1,\"153\":1,\"983\":1,\"1015\":1,\"1108\":1,\"1516\":1,\"1693\":1,\"1870\":1,\"2047\":1,\"2224\":1,\"2414\":1,\"2633\":1,\"2852\":1,\"3071\":1,\"3266\":1,\"3298\":1,\"3391\":1}}],[\"future\",{\"1\":{\"117\":1,\"405\":1,\"415\":1,\"457\":3,\"629\":1,\"639\":1,\"675\":1,\"685\":1,\"721\":1,\"731\":1,\"767\":1,\"777\":1,\"813\":1,\"823\":1,\"859\":1,\"869\":1,\"911\":3}}],[\"function\",{\"1\":{\"184\":1,\"185\":1,\"186\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"functions\",{\"1\":{\"145\":3}}],[\"functionality\",{\"1\":{\"102\":1,\"412\":1,\"419\":1,\"636\":1,\"643\":1,\"682\":1,\"689\":1,\"728\":1,\"735\":1,\"774\":1,\"781\":1,\"820\":1,\"827\":1,\"866\":1,\"873\":1}}],[\"funktionstests\",{\"1\":{\"16\":1}}],[\"fundamental\",{\"1\":{\"116\":1,\"117\":1}}],[\"funding\",{\"0\":{\"80\":1},\"1\":{\"4\":1,\"69\":1,\"81\":3,\"82\":2,\"98\":1}}],[\"funded\",{\"1\":{\"0\":1,\"6\":1,\"76\":1,\"83\":1,\"98\":1,\"116\":1,\"126\":1}}],[\"furthermore\",{\"1\":{\"96\":1}}],[\"further\",{\"1\":{\"13\":1,\"76\":1,\"81\":4,\"126\":1}}],[\"feb\",{\"1\":{\"457\":7,\"911\":7}}],[\"fellow\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"feedback\",{\"1\":{\"117\":1,\"414\":1,\"415\":1,\"417\":1,\"419\":4,\"638\":1,\"639\":1,\"641\":1,\"643\":4,\"684\":1,\"685\":1,\"687\":1,\"689\":4,\"730\":1,\"731\":1,\"733\":1,\"735\":4,\"776\":1,\"777\":1,\"779\":1,\"781\":4,\"822\":1,\"823\":1,\"825\":1,\"827\":4,\"868\":1,\"869\":1,\"871\":1,\"873\":4}}],[\"feeling\",{\"1\":{\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1}}],[\"feel\",{\"1\":{\"71\":1,\"414\":2,\"417\":1,\"429\":1,\"445\":1,\"472\":1,\"484\":1,\"495\":1,\"507\":1,\"521\":1,\"533\":1,\"547\":1,\"563\":1,\"577\":1,\"593\":1,\"607\":1,\"623\":1,\"638\":2,\"641\":1,\"653\":1,\"669\":1,\"684\":2,\"687\":1,\"699\":1,\"715\":1,\"730\":2,\"733\":1,\"745\":1,\"761\":1,\"776\":2,\"779\":1,\"791\":1,\"807\":1,\"822\":2,\"825\":1,\"837\":1,\"853\":1,\"868\":2,\"871\":1,\"883\":1,\"899\":1}}],[\"fegeler\",{\"1\":{\"26\":10,\"77\":1,\"83\":1}}],[\"feature\",{\"1\":{\"75\":1,\"414\":1,\"419\":5,\"638\":1,\"643\":5,\"684\":1,\"689\":5,\"730\":1,\"735\":5,\"776\":1,\"781\":5,\"822\":1,\"827\":5,\"868\":1,\"873\":5}}],[\"features\",{\"0\":{\"7\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1},\"1\":{\"43\":2,\"45\":2,\"47\":2,\"49\":2,\"51\":2,\"53\":2,\"55\":2,\"57\":2,\"59\":2,\"61\":2,\"63\":2,\"65\":2,\"67\":2,\"157\":1,\"158\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"feasibility\",{\"0\":{\"125\":1,\"127\":1},\"1\":{\"0\":1,\"8\":1,\"14\":2,\"17\":1,\"20\":1,\"26\":2,\"29\":1,\"32\":1,\"98\":1,\"102\":2,\"117\":1,\"124\":1,\"126\":2,\"127\":2,\"128\":8,\"290\":2,\"304\":4,\"307\":4,\"431\":1,\"550\":2,\"580\":2,\"610\":2,\"656\":2,\"702\":2,\"748\":2,\"793\":1,\"839\":1,\"885\":1}}],[\"federated\",{\"1\":{\"26\":1,\"29\":1,\"98\":2}}],[\"federation\",{\"1\":{\"1\":1}}],[\"federal\",{\"1\":{\"0\":1,\"6\":1,\"98\":2,\"116\":1,\"126\":1}}],[\"fhirwebserviceclientjersey\",{\"1\":{\"146\":1}}],[\"fhirjettyserverhttps\",{\"1\":{\"134\":1}}],[\"fhir\",{\"0\":{\"17\":1,\"89\":1,\"95\":1,\"97\":1,\"112\":1,\"144\":1,\"167\":1,\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"234\":1,\"235\":1,\"240\":1,\"241\":1,\"242\":1,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"268\":1,\"289\":1,\"300\":1,\"303\":1,\"306\":1,\"309\":1,\"312\":1,\"315\":1,\"333\":1,\"356\":1,\"357\":1,\"442\":1,\"452\":1,\"453\":1,\"461\":1,\"481\":1,\"504\":1,\"510\":1,\"530\":1,\"536\":1,\"560\":1,\"566\":1,\"590\":1,\"596\":1,\"620\":1,\"626\":1,\"666\":1,\"672\":1,\"712\":1,\"718\":1,\"758\":1,\"764\":1,\"804\":1,\"810\":1,\"850\":1,\"856\":1,\"896\":1,\"906\":1,\"907\":1,\"915\":1,\"948\":1,\"949\":1,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"986\":1,\"987\":1,\"1046\":1,\"1059\":1,\"1060\":1,\"1061\":2,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1122\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1193\":1,\"1194\":1,\"1226\":1,\"1227\":1,\"1228\":1,\"1229\":2,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1255\":1,\"1308\":1,\"1309\":1,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1344\":1,\"1345\":1,\"1352\":1,\"1365\":1,\"1366\":1,\"1367\":2,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1424\":1,\"1481\":1,\"1482\":1,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1519\":1,\"1520\":1,\"1528\":1,\"1541\":1,\"1542\":1,\"1543\":2,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1600\":1,\"1658\":1,\"1659\":1,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1696\":1,\"1697\":1,\"1705\":1,\"1718\":1,\"1719\":1,\"1720\":2,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1777\":1,\"1835\":1,\"1836\":1,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1873\":1,\"1874\":1,\"1882\":1,\"1895\":1,\"1896\":1,\"1897\":2,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1954\":1,\"2012\":1,\"2013\":1,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2050\":1,\"2051\":1,\"2059\":1,\"2072\":1,\"2073\":1,\"2074\":2,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2131\":1,\"2189\":1,\"2190\":1,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2227\":1,\"2228\":1,\"2236\":1,\"2249\":1,\"2250\":1,\"2251\":2,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2308\":1,\"2379\":1,\"2380\":1,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2417\":1,\"2418\":1,\"2451\":1,\"2464\":1,\"2465\":1,\"2466\":2,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2527\":1,\"2598\":1,\"2599\":1,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2636\":1,\"2637\":1,\"2670\":1,\"2683\":1,\"2684\":1,\"2685\":2,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2746\":1,\"2817\":1,\"2818\":1,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2855\":1,\"2856\":1,\"2889\":1,\"2902\":1,\"2903\":1,\"2904\":2,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2965\":1,\"3036\":1,\"3037\":1,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3074\":1,\"3075\":1,\"3108\":1,\"3121\":1,\"3122\":1,\"3123\":2,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3184\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3269\":1,\"3270\":1,\"3329\":1,\"3342\":1,\"3343\":1,\"3344\":2,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3405\":1},\"1\":{\"0\":2,\"5\":1,\"6\":1,\"8\":1,\"9\":1,\"14\":2,\"16\":1,\"17\":6,\"21\":1,\"32\":3,\"85\":1,\"88\":3,\"89\":3,\"90\":7,\"93\":2,\"94\":1,\"95\":5,\"97\":8,\"98\":1,\"99\":13,\"102\":1,\"109\":3,\"110\":1,\"112\":2,\"113\":2,\"116\":1,\"117\":1,\"126\":1,\"127\":1,\"134\":7,\"135\":4,\"138\":2,\"141\":1,\"142\":1,\"143\":1,\"144\":1,\"145\":4,\"146\":2,\"147\":9,\"148\":2,\"149\":2,\"150\":6,\"151\":2,\"165\":1,\"167\":1,\"168\":2,\"169\":13,\"170\":7,\"171\":2,\"187\":2,\"188\":3,\"189\":2,\"190\":3,\"191\":2,\"192\":2,\"193\":2,\"194\":2,\"195\":2,\"196\":2,\"197\":2,\"198\":2,\"199\":3,\"200\":1,\"201\":1,\"202\":2,\"203\":2,\"204\":2,\"205\":2,\"206\":3,\"207\":4,\"208\":1,\"209\":2,\"210\":2,\"211\":3,\"234\":2,\"235\":2,\"240\":1,\"241\":2,\"242\":3,\"243\":2,\"244\":3,\"245\":2,\"246\":2,\"247\":3,\"248\":2,\"249\":2,\"250\":2,\"251\":3,\"252\":2,\"253\":3,\"254\":3,\"255\":3,\"256\":3,\"257\":3,\"258\":4,\"259\":3,\"260\":4,\"261\":1,\"262\":3,\"263\":1,\"264\":3,\"265\":2,\"266\":2,\"269\":1,\"270\":1,\"282\":1,\"284\":1,\"285\":12,\"288\":2,\"289\":40,\"290\":13,\"293\":1,\"295\":1,\"296\":12,\"299\":2,\"300\":42,\"301\":13,\"303\":33,\"304\":12,\"306\":12,\"307\":9,\"309\":12,\"310\":6,\"312\":12,\"313\":5,\"315\":12,\"316\":5,\"327\":150,\"331\":5,\"332\":1,\"333\":1,\"334\":1,\"338\":17,\"341\":4,\"342\":2,\"347\":2,\"348\":5,\"349\":2,\"352\":5,\"356\":3,\"357\":2,\"358\":3,\"361\":5,\"362\":6,\"363\":6,\"364\":1,\"367\":20,\"377\":7,\"381\":2,\"384\":3,\"387\":5,\"388\":6,\"389\":8,\"390\":1,\"393\":24,\"400\":1,\"425\":2,\"428\":2,\"436\":1,\"438\":1,\"439\":11,\"441\":2,\"442\":38,\"443\":11,\"444\":3,\"446\":1,\"449\":1,\"450\":2,\"453\":3,\"455\":2,\"459\":5,\"460\":1,\"461\":14,\"462\":7,\"471\":2,\"475\":1,\"477\":1,\"478\":11,\"480\":2,\"481\":40,\"482\":13,\"483\":7,\"485\":3,\"491\":2,\"494\":2,\"498\":1,\"500\":1,\"501\":11,\"503\":2,\"504\":39,\"505\":12,\"506\":7,\"508\":3,\"510\":10,\"511\":5,\"517\":2,\"520\":2,\"524\":1,\"526\":1,\"527\":11,\"529\":2,\"530\":39,\"531\":12,\"532\":7,\"534\":3,\"536\":12,\"537\":5,\"543\":2,\"546\":2,\"554\":1,\"556\":1,\"557\":11,\"559\":2,\"560\":39,\"561\":12,\"562\":7,\"564\":5,\"566\":10,\"567\":5,\"573\":2,\"576\":2,\"584\":1,\"586\":1,\"587\":11,\"589\":2,\"590\":39,\"591\":11,\"592\":7,\"594\":5,\"596\":10,\"597\":5,\"603\":2,\"606\":2,\"614\":1,\"616\":1,\"617\":11,\"619\":2,\"620\":39,\"621\":11,\"622\":7,\"624\":5,\"626\":10,\"627\":5,\"649\":2,\"652\":2,\"660\":1,\"662\":1,\"663\":11,\"665\":2,\"666\":39,\"667\":11,\"668\":7,\"670\":5,\"672\":10,\"673\":5,\"695\":2,\"698\":2,\"706\":1,\"708\":1,\"709\":11,\"711\":2,\"712\":39,\"713\":11,\"714\":7,\"716\":5,\"718\":10,\"719\":5,\"741\":2,\"744\":2,\"752\":1,\"754\":1,\"755\":11,\"757\":2,\"758\":39,\"759\":11,\"760\":3,\"762\":5,\"764\":10,\"765\":5,\"787\":2,\"790\":2,\"798\":1,\"800\":1,\"801\":11,\"803\":2,\"804\":39,\"805\":11,\"806\":3,\"808\":5,\"810\":10,\"811\":5,\"833\":2,\"836\":2,\"844\":1,\"846\":1,\"847\":11,\"849\":2,\"850\":39,\"851\":11,\"852\":3,\"854\":5,\"856\":10,\"857\":5,\"879\":2,\"882\":2,\"890\":1,\"892\":1,\"893\":11,\"895\":2,\"896\":38,\"897\":11,\"898\":3,\"900\":1,\"903\":1,\"904\":2,\"907\":3,\"909\":2,\"913\":5,\"914\":1,\"915\":14,\"916\":7,\"948\":2,\"949\":3,\"950\":2,\"951\":2,\"952\":2,\"953\":2,\"954\":2,\"955\":2,\"956\":2,\"957\":2,\"958\":3,\"959\":4,\"960\":2,\"961\":2,\"962\":3,\"986\":2,\"987\":2,\"992\":1,\"1020\":2,\"1049\":7,\"1056\":2,\"1057\":5,\"1059\":2,\"1060\":3,\"1061\":2,\"1062\":3,\"1063\":2,\"1064\":2,\"1065\":2,\"1066\":1,\"1067\":1,\"1068\":3,\"1069\":2,\"1070\":3,\"1071\":3,\"1072\":3,\"1073\":3,\"1074\":3,\"1075\":4,\"1076\":3,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":4,\"1081\":3,\"1082\":1,\"1083\":1,\"1084\":3,\"1085\":2,\"1086\":1,\"1087\":1,\"1113\":2,\"1117\":4,\"1118\":2,\"1120\":1,\"1121\":2,\"1125\":1,\"1126\":1,\"1131\":1,\"1141\":2,\"1157\":2,\"1158\":3,\"1159\":2,\"1160\":2,\"1161\":2,\"1162\":2,\"1163\":2,\"1164\":2,\"1165\":2,\"1166\":2,\"1167\":3,\"1168\":4,\"1169\":1,\"1170\":2,\"1171\":2,\"1172\":3,\"1193\":2,\"1194\":2,\"1223\":2,\"1227\":2,\"1228\":3,\"1229\":2,\"1230\":3,\"1231\":2,\"1232\":2,\"1233\":2,\"1234\":1,\"1235\":1,\"1236\":3,\"1237\":2,\"1238\":3,\"1239\":3,\"1240\":3,\"1241\":3,\"1242\":3,\"1243\":4,\"1244\":3,\"1245\":4,\"1246\":3,\"1247\":1,\"1248\":3,\"1249\":1,\"1250\":1,\"1256\":1,\"1257\":1,\"1291\":2,\"1308\":2,\"1309\":3,\"1310\":2,\"1311\":2,\"1312\":2,\"1313\":2,\"1314\":2,\"1315\":2,\"1316\":2,\"1317\":2,\"1318\":3,\"1319\":4,\"1320\":1,\"1321\":2,\"1322\":2,\"1323\":3,\"1344\":2,\"1345\":2,\"1355\":7,\"1362\":2,\"1363\":5,\"1365\":2,\"1366\":3,\"1367\":2,\"1368\":3,\"1369\":2,\"1370\":2,\"1371\":2,\"1372\":1,\"1373\":1,\"1374\":3,\"1375\":2,\"1376\":3,\"1377\":3,\"1378\":3,\"1379\":3,\"1380\":3,\"1381\":4,\"1382\":3,\"1383\":4,\"1384\":3,\"1385\":1,\"1386\":1,\"1387\":3,\"1388\":2,\"1389\":1,\"1415\":2,\"1419\":4,\"1420\":2,\"1422\":1,\"1423\":2,\"1427\":1,\"1428\":1,\"1463\":2,\"1481\":2,\"1482\":3,\"1483\":2,\"1484\":2,\"1485\":2,\"1486\":2,\"1487\":2,\"1488\":2,\"1489\":2,\"1490\":2,\"1491\":3,\"1492\":4,\"1493\":2,\"1494\":2,\"1495\":3,\"1519\":2,\"1520\":2,\"1531\":7,\"1538\":2,\"1539\":5,\"1541\":2,\"1542\":3,\"1543\":2,\"1544\":3,\"1545\":2,\"1546\":2,\"1547\":2,\"1548\":1,\"1549\":1,\"1550\":3,\"1551\":2,\"1552\":3,\"1553\":3,\"1554\":3,\"1555\":3,\"1556\":3,\"1557\":4,\"1558\":3,\"1559\":4,\"1560\":3,\"1561\":1,\"1562\":1,\"1563\":3,\"1564\":2,\"1565\":1,\"1591\":2,\"1595\":4,\"1596\":2,\"1598\":1,\"1599\":2,\"1603\":1,\"1604\":1,\"1609\":1,\"1640\":2,\"1658\":2,\"1659\":3,\"1660\":2,\"1661\":2,\"1662\":2,\"1663\":2,\"1664\":2,\"1665\":2,\"1666\":2,\"1667\":2,\"1668\":3,\"1669\":4,\"1670\":2,\"1671\":2,\"1672\":3,\"1696\":2,\"1697\":2,\"1708\":7,\"1715\":2,\"1716\":5,\"1718\":2,\"1719\":3,\"1720\":2,\"1721\":3,\"1722\":2,\"1723\":2,\"1724\":2,\"1725\":1,\"1726\":1,\"1727\":3,\"1728\":2,\"1729\":3,\"1730\":3,\"1731\":3,\"1732\":3,\"1733\":3,\"1734\":4,\"1735\":3,\"1736\":4,\"1737\":3,\"1738\":1,\"1739\":1,\"1740\":3,\"1741\":2,\"1742\":1,\"1768\":2,\"1772\":4,\"1773\":2,\"1775\":1,\"1776\":2,\"1780\":1,\"1781\":1,\"1786\":1,\"1817\":2,\"1835\":2,\"1836\":3,\"1837\":2,\"1838\":2,\"1839\":2,\"1840\":2,\"1841\":2,\"1842\":2,\"1843\":2,\"1844\":2,\"1845\":3,\"1846\":4,\"1847\":2,\"1848\":2,\"1849\":3,\"1873\":2,\"1874\":2,\"1885\":7,\"1892\":2,\"1893\":5,\"1895\":2,\"1896\":3,\"1897\":2,\"1898\":3,\"1899\":2,\"1900\":2,\"1901\":2,\"1902\":1,\"1903\":1,\"1904\":3,\"1905\":2,\"1906\":3,\"1907\":3,\"1908\":3,\"1909\":3,\"1910\":3,\"1911\":4,\"1912\":3,\"1913\":4,\"1914\":3,\"1915\":1,\"1916\":1,\"1917\":3,\"1918\":2,\"1919\":1,\"1945\":2,\"1949\":4,\"1950\":2,\"1952\":1,\"1953\":2,\"1957\":1,\"1958\":1,\"1963\":1,\"1994\":2,\"2012\":2,\"2013\":3,\"2014\":2,\"2015\":2,\"2016\":2,\"2017\":2,\"2018\":2,\"2019\":2,\"2020\":2,\"2021\":2,\"2022\":3,\"2023\":4,\"2024\":2,\"2025\":2,\"2026\":3,\"2050\":2,\"2051\":2,\"2062\":7,\"2069\":2,\"2070\":5,\"2072\":2,\"2073\":3,\"2074\":2,\"2075\":3,\"2076\":2,\"2077\":2,\"2078\":2,\"2079\":1,\"2080\":1,\"2081\":3,\"2082\":2,\"2083\":3,\"2084\":3,\"2085\":3,\"2086\":3,\"2087\":3,\"2088\":4,\"2089\":3,\"2090\":4,\"2091\":3,\"2092\":1,\"2093\":1,\"2094\":3,\"2095\":2,\"2096\":1,\"2122\":2,\"2126\":4,\"2127\":2,\"2129\":1,\"2130\":2,\"2134\":1,\"2135\":1,\"2140\":1,\"2171\":2,\"2189\":2,\"2190\":3,\"2191\":2,\"2192\":2,\"2193\":2,\"2194\":2,\"2195\":2,\"2196\":2,\"2197\":2,\"2198\":2,\"2199\":3,\"2200\":4,\"2201\":2,\"2202\":2,\"2203\":3,\"2227\":2,\"2228\":2,\"2239\":7,\"2246\":2,\"2247\":5,\"2249\":2,\"2250\":3,\"2251\":2,\"2252\":3,\"2253\":2,\"2254\":2,\"2255\":2,\"2256\":1,\"2257\":1,\"2258\":3,\"2259\":2,\"2260\":3,\"2261\":3,\"2262\":3,\"2263\":3,\"2264\":3,\"2265\":4,\"2266\":3,\"2267\":4,\"2268\":3,\"2269\":1,\"2270\":1,\"2271\":3,\"2272\":2,\"2273\":1,\"2299\":2,\"2303\":4,\"2304\":2,\"2306\":1,\"2307\":2,\"2311\":1,\"2312\":1,\"2317\":1,\"2358\":2,\"2379\":2,\"2380\":3,\"2381\":2,\"2382\":2,\"2383\":2,\"2384\":2,\"2385\":2,\"2386\":2,\"2387\":2,\"2388\":2,\"2389\":3,\"2390\":4,\"2391\":2,\"2392\":2,\"2393\":3,\"2417\":2,\"2418\":2,\"2423\":1,\"2454\":7,\"2461\":2,\"2462\":5,\"2464\":2,\"2465\":3,\"2466\":2,\"2467\":3,\"2468\":2,\"2469\":2,\"2470\":2,\"2471\":1,\"2472\":1,\"2473\":3,\"2474\":2,\"2475\":3,\"2476\":3,\"2477\":3,\"2478\":3,\"2479\":3,\"2480\":4,\"2481\":3,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":4,\"2486\":3,\"2487\":1,\"2488\":1,\"2489\":3,\"2490\":2,\"2491\":1,\"2492\":1,\"2518\":2,\"2522\":4,\"2523\":2,\"2525\":1,\"2526\":2,\"2530\":1,\"2531\":1,\"2536\":1,\"2577\":2,\"2598\":2,\"2599\":3,\"2600\":2,\"2601\":2,\"2602\":2,\"2603\":2,\"2604\":2,\"2605\":2,\"2606\":2,\"2607\":2,\"2608\":3,\"2609\":4,\"2610\":2,\"2611\":2,\"2612\":3,\"2636\":2,\"2637\":2,\"2642\":1,\"2673\":7,\"2680\":2,\"2681\":5,\"2683\":2,\"2684\":3,\"2685\":2,\"2686\":3,\"2687\":2,\"2688\":2,\"2689\":2,\"2690\":1,\"2691\":1,\"2692\":3,\"2693\":2,\"2694\":3,\"2695\":3,\"2696\":3,\"2697\":3,\"2698\":3,\"2699\":4,\"2700\":3,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":4,\"2705\":3,\"2706\":1,\"2707\":1,\"2708\":3,\"2709\":2,\"2710\":1,\"2711\":1,\"2737\":2,\"2741\":4,\"2742\":2,\"2744\":1,\"2745\":2,\"2749\":1,\"2750\":1,\"2755\":1,\"2796\":2,\"2817\":2,\"2818\":3,\"2819\":2,\"2820\":2,\"2821\":2,\"2822\":2,\"2823\":2,\"2824\":2,\"2825\":2,\"2826\":2,\"2827\":3,\"2828\":4,\"2829\":2,\"2830\":2,\"2831\":3,\"2855\":2,\"2856\":2,\"2861\":1,\"2892\":7,\"2899\":2,\"2900\":5,\"2902\":2,\"2903\":3,\"2904\":2,\"2905\":3,\"2906\":2,\"2907\":2,\"2908\":2,\"2909\":1,\"2910\":1,\"2911\":3,\"2912\":2,\"2913\":3,\"2914\":3,\"2915\":3,\"2916\":3,\"2917\":3,\"2918\":4,\"2919\":3,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":4,\"2924\":3,\"2925\":1,\"2926\":1,\"2927\":3,\"2928\":2,\"2929\":1,\"2930\":1,\"2956\":2,\"2960\":4,\"2961\":2,\"2963\":1,\"2964\":2,\"2968\":1,\"2969\":1,\"2974\":1,\"3015\":2,\"3036\":2,\"3037\":3,\"3038\":2,\"3039\":2,\"3040\":2,\"3041\":2,\"3042\":2,\"3043\":2,\"3044\":2,\"3045\":2,\"3046\":3,\"3047\":4,\"3048\":2,\"3049\":2,\"3050\":3,\"3074\":2,\"3075\":2,\"3080\":1,\"3111\":7,\"3118\":2,\"3119\":5,\"3121\":2,\"3122\":3,\"3123\":2,\"3124\":3,\"3125\":2,\"3126\":2,\"3127\":2,\"3128\":1,\"3129\":1,\"3130\":3,\"3131\":2,\"3132\":3,\"3133\":3,\"3134\":3,\"3135\":3,\"3136\":3,\"3137\":4,\"3138\":3,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":4,\"3143\":3,\"3144\":1,\"3145\":1,\"3146\":3,\"3147\":2,\"3148\":1,\"3149\":1,\"3175\":2,\"3179\":4,\"3180\":2,\"3182\":1,\"3183\":2,\"3187\":1,\"3188\":1,\"3193\":1,\"3231\":2,\"3232\":3,\"3233\":2,\"3234\":2,\"3235\":2,\"3236\":2,\"3237\":2,\"3238\":2,\"3239\":2,\"3240\":2,\"3241\":3,\"3242\":4,\"3243\":2,\"3244\":2,\"3245\":3,\"3269\":2,\"3270\":2,\"3275\":1,\"3303\":2,\"3332\":7,\"3339\":2,\"3340\":5,\"3342\":2,\"3343\":3,\"3344\":2,\"3345\":3,\"3346\":2,\"3347\":2,\"3348\":2,\"3349\":1,\"3350\":1,\"3351\":3,\"3352\":2,\"3353\":3,\"3354\":3,\"3355\":3,\"3356\":3,\"3357\":3,\"3358\":4,\"3359\":3,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":4,\"3364\":3,\"3365\":1,\"3366\":1,\"3367\":3,\"3368\":2,\"3369\":1,\"3370\":1,\"3396\":2,\"3400\":4,\"3401\":2,\"3403\":1,\"3404\":2,\"3408\":1,\"3409\":1,\"3414\":1}}],[\"afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d\",{\"1\":{\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"after\",{\"1\":{\"1\":1,\"97\":1,\"105\":1,\"126\":1,\"128\":1,\"159\":74,\"162\":1,\"381\":1,\"390\":2,\"393\":1,\"398\":1,\"457\":27,\"458\":3,\"911\":27,\"912\":3}}],[\"ahead\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"aka\",{\"1\":{\"277\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"1264\":1,\"1435\":1,\"1612\":1,\"1789\":1,\"1966\":1,\"2143\":1,\"2320\":1,\"2447\":1,\"2539\":1,\"2666\":1,\"2758\":1,\"2885\":1,\"2977\":1,\"3104\":1,\"3196\":1}}],[\"aktiver\",{\"1\":{\"15\":1}}],[\"aktualisieren\",{\"1\":{\"15\":1}}],[\"available\",{\"1\":{\"98\":1,\"99\":1,\"110\":1,\"117\":1,\"126\":2,\"165\":1,\"169\":1,\"237\":1,\"318\":1,\"431\":1,\"793\":1,\"839\":1,\"885\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"avoid\",{\"1\":{\"37\":1,\"348\":1}}],[\"ap1\",{\"1\":{\"290\":2,\"301\":2,\"551\":1,\"581\":1,\"611\":1,\"657\":1,\"703\":1,\"749\":1}}],[\"apt\",{\"1\":{\"283\":6,\"294\":6,\"437\":6,\"476\":6,\"499\":6,\"525\":6,\"555\":6,\"585\":6,\"615\":6,\"661\":6,\"707\":6,\"753\":6,\"799\":6,\"845\":6,\"891\":6}}],[\"apache2\",{\"1\":{\"452\":1,\"454\":1,\"906\":1,\"908\":1}}],[\"apache\",{\"1\":{\"162\":4,\"163\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"398\":3,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1045\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1139\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3328\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3422\":1}}],[\"april\",{\"1\":{\"129\":1}}],[\"api\",{\"0\":{\"999\":1,\"1000\":1,\"1092\":1,\"1093\":1,\"1202\":1,\"1203\":1,\"1270\":1,\"1271\":1,\"1394\":1,\"1395\":1,\"1442\":1,\"1443\":1,\"1570\":1,\"1571\":1,\"1619\":1,\"1620\":1,\"1747\":1,\"1748\":1,\"1796\":1,\"1797\":1,\"1924\":1,\"1925\":1,\"1973\":1,\"1974\":1,\"2101\":1,\"2102\":1,\"2150\":1,\"2151\":1,\"2278\":1,\"2279\":1,\"2337\":1,\"2338\":1,\"2497\":1,\"2498\":1,\"2556\":1,\"2557\":1,\"2716\":1,\"2717\":1,\"2775\":1,\"2776\":1,\"2935\":1,\"2936\":1,\"2994\":1,\"2995\":1,\"3154\":1,\"3155\":1,\"3282\":1,\"3283\":1,\"3375\":1,\"3376\":1},\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"90\":1,\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"449\":1,\"536\":1,\"903\":1,\"999\":2,\"1000\":2,\"1049\":4,\"1055\":1,\"1092\":2,\"1093\":2,\"1117\":2,\"1202\":2,\"1203\":2,\"1270\":2,\"1271\":2,\"1355\":4,\"1361\":1,\"1394\":2,\"1395\":2,\"1419\":2,\"1442\":2,\"1443\":2,\"1531\":4,\"1537\":1,\"1570\":2,\"1571\":2,\"1595\":2,\"1619\":2,\"1620\":2,\"1708\":4,\"1714\":1,\"1747\":2,\"1748\":2,\"1772\":2,\"1796\":2,\"1797\":2,\"1885\":4,\"1891\":1,\"1924\":2,\"1925\":2,\"1949\":2,\"1973\":2,\"1974\":2,\"2062\":4,\"2068\":1,\"2101\":2,\"2102\":2,\"2126\":2,\"2150\":2,\"2151\":2,\"2239\":4,\"2245\":1,\"2278\":2,\"2279\":2,\"2303\":2,\"2337\":2,\"2338\":2,\"2454\":4,\"2460\":1,\"2497\":2,\"2498\":2,\"2522\":2,\"2556\":2,\"2557\":2,\"2673\":4,\"2679\":1,\"2716\":2,\"2717\":2,\"2741\":2,\"2775\":2,\"2776\":2,\"2892\":4,\"2898\":1,\"2935\":2,\"2936\":2,\"2960\":2,\"2994\":2,\"2995\":2,\"3111\":4,\"3117\":1,\"3154\":2,\"3155\":2,\"3179\":2,\"3282\":2,\"3283\":2,\"3332\":4,\"3338\":1,\"3375\":2,\"3376\":2,\"3400\":2}}],[\"appear\",{\"1\":{\"472\":1,\"495\":1,\"521\":1,\"547\":1}}],[\"appears\",{\"1\":{\"136\":1}}],[\"appended\",{\"1\":{\"446\":1,\"900\":1}}],[\"apply\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1,\"921\":1,\"1050\":1,\"1356\":1,\"1532\":1,\"1709\":1,\"1886\":1,\"2063\":1,\"2240\":1,\"2328\":1,\"2455\":1,\"2547\":1,\"2674\":1,\"2766\":1,\"2893\":1,\"2985\":1,\"3112\":1,\"3204\":1,\"3333\":1}}],[\"applied\",{\"0\":{\"77\":1},\"1\":{\"77\":1,\"120\":1,\"409\":1,\"633\":1,\"679\":1,\"725\":1,\"771\":1,\"817\":1,\"863\":1,\"920\":1,\"922\":1,\"925\":1,\"1049\":1,\"1051\":1,\"1054\":1,\"1355\":1,\"1357\":1,\"1360\":1,\"1531\":1,\"1533\":1,\"1536\":1,\"1708\":1,\"1710\":1,\"1713\":1,\"1885\":1,\"1887\":1,\"1890\":1,\"2062\":1,\"2064\":1,\"2067\":1,\"2239\":1,\"2241\":1,\"2244\":1,\"2327\":1,\"2329\":1,\"2332\":1,\"2454\":1,\"2456\":1,\"2459\":1,\"2546\":1,\"2548\":1,\"2551\":1,\"2673\":1,\"2675\":1,\"2678\":1,\"2765\":1,\"2767\":1,\"2770\":1,\"2892\":1,\"2894\":1,\"2897\":1,\"2984\":1,\"2986\":1,\"2989\":1,\"3111\":1,\"3113\":1,\"3116\":1,\"3203\":1,\"3205\":1,\"3208\":1,\"3332\":1,\"3334\":1,\"3337\":1}}],[\"applications\",{\"1\":{\"118\":1,\"341\":1,\"446\":1,\"900\":1}}],[\"application\",{\"1\":{\"26\":1,\"37\":1,\"81\":1,\"94\":2,\"120\":1,\"269\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"434\":1,\"442\":1,\"443\":1,\"447\":2,\"473\":1,\"481\":1,\"482\":1,\"496\":1,\"504\":1,\"505\":1,\"522\":1,\"530\":1,\"531\":1,\"552\":1,\"560\":1,\"561\":1,\"582\":1,\"590\":1,\"591\":1,\"612\":1,\"620\":1,\"621\":1,\"658\":1,\"666\":1,\"667\":1,\"704\":1,\"712\":1,\"713\":1,\"750\":1,\"758\":1,\"759\":1,\"796\":1,\"804\":1,\"805\":1,\"842\":1,\"850\":1,\"851\":1,\"888\":1,\"896\":1,\"897\":1,\"901\":2,\"1020\":1,\"1031\":1,\"1113\":1,\"1125\":1,\"1223\":1,\"1256\":1,\"1291\":1,\"1415\":1,\"1427\":1,\"1463\":1,\"1591\":1,\"1603\":1,\"1640\":1,\"1768\":1,\"1780\":1,\"1817\":1,\"1945\":1,\"1957\":1,\"1994\":1,\"2122\":1,\"2134\":1,\"2171\":1,\"2299\":1,\"2311\":1,\"2358\":1,\"2438\":1,\"2518\":1,\"2530\":1,\"2577\":1,\"2657\":1,\"2737\":1,\"2749\":1,\"2796\":1,\"2876\":1,\"2956\":1,\"2968\":1,\"3015\":1,\"3095\":1,\"3175\":1,\"3187\":1,\"3303\":1,\"3314\":1,\"3396\":1,\"3408\":1}}],[\"applicability\",{\"1\":{\"11\":1}}],[\"approval\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"approved\",{\"1\":{\"109\":1,\"156\":1,\"407\":1,\"631\":1,\"677\":1,\"723\":1,\"769\":1,\"815\":1,\"861\":1}}],[\"appropriately\",{\"1\":{\"332\":1}}],[\"appropriate\",{\"1\":{\"120\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"334\":1,\"335\":1,\"338\":3,\"352\":3,\"356\":1,\"364\":1,\"367\":1,\"377\":1,\"390\":1,\"393\":1,\"442\":1,\"443\":1,\"451\":1,\"473\":1,\"481\":1,\"482\":1,\"496\":1,\"504\":1,\"505\":1,\"522\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1,\"905\":1}}],[\"approaches\",{\"1\":{\"345\":1}}],[\"approach\",{\"1\":{\"36\":1,\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"app\",{\"0\":{\"269\":1,\"1031\":1,\"1125\":1,\"1256\":1,\"1427\":1,\"1603\":1,\"1780\":1,\"1957\":1,\"2134\":1,\"2311\":1,\"2438\":1,\"2530\":1,\"2657\":1,\"2749\":1,\"2876\":1,\"2968\":1,\"3095\":1,\"3187\":1,\"3314\":1,\"3408\":1},\"1\":{\"99\":8,\"169\":8,\"187\":1,\"188\":1,\"189\":1,\"205\":1,\"241\":1,\"242\":1,\"243\":1,\"249\":1,\"269\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"289\":4,\"290\":4,\"300\":4,\"301\":4,\"303\":2,\"304\":2,\"306\":2,\"307\":2,\"309\":2,\"310\":2,\"312\":2,\"313\":1,\"315\":2,\"316\":1,\"327\":64,\"442\":4,\"443\":4,\"449\":1,\"461\":8,\"462\":8,\"481\":4,\"482\":4,\"504\":4,\"505\":4,\"510\":1,\"511\":1,\"530\":4,\"531\":4,\"536\":2,\"537\":1,\"560\":4,\"561\":4,\"566\":1,\"567\":1,\"590\":4,\"591\":4,\"596\":1,\"597\":1,\"620\":4,\"621\":4,\"626\":1,\"627\":1,\"666\":4,\"667\":4,\"672\":1,\"673\":1,\"712\":4,\"713\":4,\"718\":1,\"719\":1,\"758\":4,\"759\":4,\"764\":1,\"765\":1,\"804\":4,\"805\":4,\"810\":1,\"811\":1,\"850\":4,\"851\":4,\"856\":1,\"857\":1,\"896\":4,\"897\":4,\"903\":1,\"915\":8,\"916\":8,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"1015\":1,\"1027\":1,\"1031\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1108\":1,\"1121\":1,\"1125\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1218\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1256\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1286\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1410\":1,\"1423\":1,\"1427\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1458\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1586\":1,\"1599\":1,\"1603\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1635\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1763\":1,\"1776\":1,\"1780\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1812\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1940\":1,\"1953\":1,\"1957\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1989\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2117\":1,\"2130\":1,\"2134\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2166\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2294\":1,\"2307\":1,\"2311\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2353\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2434\":1,\"2438\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2513\":1,\"2526\":1,\"2530\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2572\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2653\":1,\"2657\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2732\":1,\"2745\":1,\"2749\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2791\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2872\":1,\"2876\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2951\":1,\"2964\":1,\"2968\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"3010\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3091\":1,\"3095\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3170\":1,\"3183\":1,\"3187\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3298\":1,\"3310\":1,\"3314\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3391\":1,\"3404\":1,\"3408\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1}}],[\"ab12\",{\"1\":{\"289\":2,\"300\":2}}],[\"able\",{\"1\":{\"285\":2,\"290\":3,\"296\":2,\"301\":3,\"319\":1,\"356\":1,\"394\":1,\"399\":1,\"419\":1,\"439\":2,\"443\":3,\"478\":2,\"482\":3,\"501\":2,\"505\":3,\"527\":2,\"531\":3,\"557\":2,\"561\":3,\"587\":2,\"591\":3,\"617\":2,\"621\":3,\"643\":1,\"663\":2,\"667\":3,\"689\":1,\"709\":2,\"713\":3,\"735\":1,\"755\":2,\"759\":3,\"781\":1,\"801\":2,\"805\":3,\"827\":1,\"847\":2,\"851\":3,\"873\":1,\"893\":2,\"897\":3}}],[\"abstractservicedelegate\",{\"1\":{\"332\":1,\"333\":1,\"373\":1}}],[\"abstract\",{\"0\":{\"116\":1},\"1\":{\"147\":1,\"333\":1}}],[\"ability\",{\"1\":{\"94\":1,\"127\":1}}],[\"aborted\",{\"1\":{\"194\":1,\"203\":1,\"248\":1,\"952\":1,\"955\":1,\"1063\":1,\"1161\":1,\"1164\":1,\"1231\":1,\"1312\":1,\"1315\":1,\"1369\":1,\"1485\":1,\"1488\":1,\"1545\":1,\"1662\":1,\"1665\":1,\"1722\":1,\"1839\":1,\"1842\":1,\"1899\":1,\"2016\":1,\"2019\":1,\"2076\":1,\"2193\":1,\"2196\":1,\"2253\":1,\"2383\":1,\"2386\":1,\"2468\":1,\"2602\":1,\"2605\":1,\"2687\":1,\"2821\":1,\"2824\":1,\"2906\":1,\"3040\":1,\"3043\":1,\"3125\":1,\"3235\":1,\"3238\":1,\"3346\":1}}],[\"above\",{\"1\":{\"89\":1,\"138\":1,\"150\":1,\"151\":1,\"156\":1,\"290\":1,\"301\":1,\"383\":1,\"407\":1,\"443\":1,\"452\":1,\"454\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"631\":1,\"667\":1,\"677\":1,\"713\":1,\"723\":1,\"759\":1,\"769\":1,\"805\":1,\"815\":1,\"851\":1,\"861\":1,\"897\":1,\"906\":1,\"908\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"about\",{\"0\":{\"3\":1},\"1\":{\"13\":1,\"30\":1,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"90\":1,\"91\":1,\"92\":1,\"93\":2,\"96\":1,\"109\":1,\"110\":1,\"162\":1,\"163\":1,\"206\":1,\"211\":1,\"426\":1,\"430\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"792\":1,\"834\":1,\"838\":1,\"880\":1,\"884\":1,\"958\":1,\"962\":1,\"1167\":1,\"1172\":1,\"1318\":1,\"1323\":1,\"1491\":1,\"1495\":1,\"1668\":1,\"1672\":1,\"1845\":1,\"1849\":1,\"2022\":1,\"2026\":1,\"2199\":1,\"2203\":1,\"2389\":1,\"2393\":1,\"2608\":1,\"2612\":1,\"2827\":1,\"2831\":1,\"3046\":1,\"3050\":1,\"3241\":1,\"3245\":1}}],[\"ab\",{\"1\":{\"41\":1}}],[\"agianst\",{\"1\":{\"995\":1,\"1088\":1,\"1197\":1,\"1251\":1,\"1348\":1,\"1390\":1,\"1524\":1,\"1566\":1,\"1701\":1,\"1743\":1,\"1878\":1,\"1920\":1,\"2055\":1,\"2097\":1,\"2232\":1,\"2274\":1,\"2426\":1,\"2493\":1,\"2645\":1,\"2712\":1,\"2864\":1,\"2931\":1,\"3083\":1,\"3150\":1,\"3278\":1,\"3371\":1}}],[\"again\",{\"1\":{\"348\":1,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"against\",{\"1\":{\"39\":1,\"90\":1,\"110\":1,\"113\":1,\"139\":1,\"165\":1,\"167\":1,\"168\":1,\"212\":1,\"923\":3,\"924\":1,\"928\":2,\"963\":1,\"1052\":3,\"1053\":1,\"1057\":2,\"1173\":1,\"1324\":1,\"1358\":3,\"1359\":1,\"1363\":2,\"1496\":1,\"1534\":3,\"1535\":1,\"1539\":2,\"1673\":1,\"1711\":3,\"1712\":1,\"1716\":2,\"1850\":1,\"1888\":3,\"1889\":1,\"1893\":2,\"2027\":1,\"2065\":3,\"2066\":1,\"2070\":2,\"2204\":1,\"2242\":3,\"2243\":1,\"2247\":2,\"2330\":3,\"2331\":1,\"2335\":2,\"2394\":1,\"2457\":3,\"2458\":1,\"2462\":2,\"2549\":3,\"2550\":1,\"2554\":2,\"2613\":1,\"2676\":3,\"2677\":1,\"2681\":2,\"2768\":3,\"2769\":1,\"2773\":2,\"2832\":1,\"2895\":3,\"2896\":1,\"2900\":2,\"2987\":3,\"2988\":1,\"2992\":2,\"3051\":1,\"3114\":3,\"3115\":1,\"3119\":2,\"3206\":3,\"3207\":1,\"3211\":2,\"3246\":1,\"3335\":3,\"3336\":1,\"3340\":2}}],[\"agentlib\",{\"1\":{\"327\":6}}],[\"agnostic\",{\"1\":{\"5\":1,\"102\":1}}],[\"arbitrary\",{\"1\":{\"349\":1}}],[\"arrival\",{\"1\":{\"393\":1}}],[\"arrive\",{\"1\":{\"381\":1}}],[\"arrives\",{\"1\":{\"325\":1,\"379\":1}}],[\"arrow\",{\"1\":{\"159\":2,\"356\":1}}],[\"array\",{\"1\":{\"159\":21,\"160\":3}}],[\"arguments\",{\"1\":{\"159\":19,\"338\":1,\"341\":1}}],[\"args\",{\"1\":{\"138\":2,\"139\":3,\"327\":6,\"341\":2}}],[\"arch=amd64\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"arch\",{\"1\":{\"141\":1,\"142\":1}}],[\"archive\",{\"1\":{\"102\":1,\"283\":2,\"294\":2,\"437\":2,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"661\":2,\"707\":2,\"753\":2,\"799\":2,\"845\":2,\"891\":2}}],[\"architectures\",{\"1\":{\"26\":2,\"29\":1,\"95\":1,\"98\":1}}],[\"architecture\",{\"0\":{\"88\":1,\"99\":1,\"169\":1},\"1\":{\"24\":1,\"32\":1,\"33\":1,\"85\":1,\"88\":3,\"91\":1,\"93\":1,\"96\":1,\"116\":1,\"117\":1,\"118\":1,\"120\":1,\"164\":1,\"285\":1,\"296\":1}}],[\"article\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"artifacts\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"artifact\",{\"1\":{\"304\":2,\"307\":2,\"310\":2,\"313\":2,\"316\":2,\"462\":2,\"511\":2,\"537\":2,\"567\":2,\"597\":2,\"627\":2,\"673\":2,\"719\":2,\"765\":2,\"811\":2,\"857\":2,\"916\":2}}],[\"artifactid>\",{\"1\":{\"163\":1}}],[\"art\",{\"1\":{\"33\":1}}],[\"areas\",{\"1\":{\"77\":1,\"417\":1,\"419\":1,\"641\":1,\"643\":1,\"687\":1,\"689\":1,\"733\":1,\"735\":1,\"779\":1,\"781\":1,\"825\":1,\"827\":1,\"871\":1,\"873\":1}}],[\"area\",{\"1\":{\"77\":1}}],[\"are\",{\"0\":{\"97\":1},\"1\":{\"1\":1,\"5\":1,\"10\":1,\"75\":1,\"76\":1,\"81\":1,\"90\":4,\"91\":2,\"93\":1,\"94\":2,\"96\":1,\"97\":2,\"99\":2,\"103\":1,\"104\":1,\"109\":2,\"110\":2,\"112\":1,\"113\":2,\"117\":1,\"118\":1,\"126\":1,\"134\":2,\"135\":2,\"145\":2,\"146\":1,\"147\":2,\"149\":1,\"150\":1,\"156\":1,\"165\":2,\"169\":2,\"173\":1,\"237\":1,\"240\":1,\"276\":1,\"280\":1,\"284\":1,\"285\":1,\"286\":1,\"291\":1,\"295\":1,\"296\":1,\"297\":1,\"302\":1,\"304\":5,\"305\":2,\"307\":5,\"308\":1,\"310\":3,\"318\":1,\"322\":1,\"331\":2,\"332\":2,\"333\":1,\"334\":3,\"338\":1,\"341\":2,\"344\":1,\"346\":2,\"347\":3,\"348\":3,\"354\":1,\"356\":2,\"357\":1,\"358\":1,\"383\":1,\"384\":1,\"395\":1,\"396\":2,\"397\":1,\"399\":2,\"400\":1,\"408\":2,\"414\":1,\"415\":1,\"416\":1,\"417\":2,\"418\":2,\"419\":3,\"422\":1,\"423\":1,\"431\":1,\"434\":2,\"438\":3,\"439\":2,\"448\":1,\"450\":2,\"451\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"459\":1,\"460\":1,\"465\":1,\"466\":1,\"473\":3,\"477\":3,\"478\":2,\"488\":1,\"489\":1,\"496\":3,\"500\":3,\"501\":2,\"514\":1,\"515\":1,\"522\":3,\"526\":3,\"527\":2,\"540\":1,\"541\":1,\"552\":2,\"556\":3,\"557\":2,\"564\":1,\"570\":1,\"571\":1,\"582\":2,\"586\":3,\"587\":2,\"594\":1,\"600\":1,\"601\":1,\"612\":2,\"616\":3,\"617\":2,\"624\":1,\"632\":2,\"638\":1,\"639\":1,\"640\":1,\"641\":2,\"642\":2,\"643\":3,\"646\":1,\"647\":1,\"658\":2,\"662\":3,\"663\":2,\"670\":1,\"678\":2,\"684\":1,\"685\":1,\"686\":1,\"687\":2,\"688\":2,\"689\":3,\"692\":1,\"693\":1,\"704\":2,\"708\":3,\"709\":2,\"716\":1,\"724\":2,\"730\":1,\"731\":1,\"732\":1,\"733\":2,\"734\":2,\"735\":3,\"738\":1,\"739\":1,\"750\":2,\"754\":3,\"755\":2,\"762\":1,\"770\":2,\"776\":1,\"777\":1,\"778\":1,\"779\":2,\"780\":2,\"781\":3,\"784\":1,\"785\":1,\"793\":1,\"796\":2,\"800\":3,\"801\":2,\"808\":1,\"816\":2,\"822\":1,\"823\":1,\"824\":1,\"825\":2,\"826\":2,\"827\":3,\"830\":1,\"831\":1,\"839\":1,\"842\":2,\"846\":3,\"847\":2,\"854\":1,\"862\":2,\"868\":1,\"869\":1,\"870\":1,\"871\":2,\"872\":2,\"873\":3,\"876\":1,\"877\":1,\"885\":1,\"888\":2,\"892\":3,\"893\":2,\"902\":1,\"904\":2,\"905\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"913\":1,\"914\":1,\"922\":1,\"926\":1,\"928\":1,\"983\":1,\"984\":2,\"989\":1,\"995\":1,\"1024\":1,\"1026\":2,\"1039\":1,\"1051\":1,\"1055\":1,\"1056\":1,\"1057\":2,\"1088\":1,\"1117\":1,\"1120\":2,\"1133\":1,\"1196\":1,\"1197\":1,\"1251\":1,\"1263\":1,\"1347\":1,\"1348\":1,\"1357\":1,\"1361\":1,\"1362\":1,\"1363\":2,\"1390\":1,\"1419\":1,\"1422\":2,\"1434\":1,\"1516\":1,\"1517\":2,\"1522\":1,\"1524\":1,\"1533\":1,\"1537\":1,\"1538\":1,\"1539\":2,\"1566\":1,\"1595\":1,\"1598\":2,\"1611\":1,\"1693\":1,\"1694\":2,\"1699\":1,\"1701\":1,\"1710\":1,\"1714\":1,\"1715\":1,\"1716\":2,\"1743\":1,\"1772\":1,\"1775\":2,\"1788\":1,\"1870\":1,\"1871\":2,\"1876\":1,\"1878\":1,\"1887\":1,\"1891\":1,\"1892\":1,\"1893\":2,\"1920\":1,\"1949\":1,\"1952\":2,\"1965\":1,\"2047\":1,\"2048\":2,\"2053\":1,\"2055\":1,\"2064\":1,\"2068\":1,\"2069\":1,\"2070\":2,\"2097\":1,\"2126\":1,\"2129\":2,\"2142\":1,\"2224\":1,\"2225\":2,\"2230\":1,\"2232\":1,\"2241\":1,\"2245\":1,\"2246\":1,\"2247\":2,\"2274\":1,\"2303\":1,\"2306\":2,\"2319\":1,\"2329\":1,\"2333\":1,\"2335\":1,\"2414\":1,\"2415\":2,\"2420\":1,\"2426\":1,\"2431\":1,\"2433\":2,\"2446\":1,\"2456\":1,\"2460\":1,\"2461\":1,\"2462\":2,\"2493\":1,\"2522\":1,\"2525\":2,\"2538\":1,\"2548\":1,\"2552\":1,\"2554\":1,\"2633\":1,\"2634\":2,\"2639\":1,\"2645\":1,\"2650\":1,\"2652\":2,\"2665\":1,\"2675\":1,\"2679\":1,\"2680\":1,\"2681\":2,\"2712\":1,\"2741\":1,\"2744\":2,\"2757\":1,\"2767\":1,\"2771\":1,\"2773\":1,\"2852\":1,\"2853\":2,\"2858\":1,\"2864\":1,\"2869\":1,\"2871\":2,\"2884\":1,\"2894\":1,\"2898\":1,\"2899\":1,\"2900\":2,\"2931\":1,\"2960\":1,\"2963\":2,\"2976\":1,\"2986\":1,\"2990\":1,\"2992\":1,\"3071\":1,\"3072\":2,\"3077\":1,\"3083\":1,\"3088\":1,\"3090\":2,\"3103\":1,\"3113\":1,\"3117\":1,\"3118\":1,\"3119\":2,\"3150\":1,\"3179\":1,\"3182\":2,\"3195\":1,\"3205\":1,\"3209\":1,\"3211\":1,\"3266\":1,\"3267\":2,\"3272\":1,\"3278\":1,\"3307\":1,\"3309\":2,\"3322\":1,\"3334\":1,\"3338\":1,\"3339\":1,\"3340\":2,\"3371\":1,\"3400\":1,\"3403\":2,\"3416\":1}}],[\"audience\",{\"1\":{\"118\":1}}],[\"autostart\",{\"0\":{\"105\":1},\"1\":{\"105\":1}}],[\"automatically\",{\"1\":{\"354\":1,\"356\":1,\"383\":1}}],[\"automatic\",{\"1\":{\"99\":2,\"169\":2}}],[\"automated\",{\"0\":{\"337\":1,\"351\":1,\"366\":1,\"376\":1,\"392\":1},\"1\":{\"98\":1,\"127\":1,\"346\":1}}],[\"auth\",{\"0\":{\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1},\"1\":{\"447\":2,\"449\":1,\"453\":2,\"455\":2,\"461\":1,\"462\":1,\"901\":2,\"903\":1,\"907\":2,\"909\":2,\"915\":1,\"916\":1,\"1001\":1,\"1002\":4,\"1003\":4,\"1004\":1,\"1005\":2,\"1006\":2,\"1007\":2,\"1008\":1,\"1009\":3,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1025\":6,\"1026\":2,\"1027\":7,\"1094\":1,\"1095\":4,\"1096\":4,\"1097\":1,\"1098\":2,\"1099\":2,\"1100\":2,\"1101\":1,\"1102\":3,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1118\":6,\"1119\":2,\"1120\":2,\"1121\":7,\"1204\":1,\"1205\":4,\"1206\":4,\"1207\":1,\"1208\":2,\"1209\":2,\"1210\":2,\"1211\":1,\"1212\":3,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1272\":1,\"1273\":4,\"1274\":4,\"1275\":1,\"1276\":2,\"1277\":2,\"1278\":2,\"1279\":1,\"1280\":3,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1396\":1,\"1397\":4,\"1398\":4,\"1399\":1,\"1400\":2,\"1401\":2,\"1402\":2,\"1403\":1,\"1404\":3,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1420\":6,\"1421\":2,\"1422\":2,\"1423\":7,\"1444\":1,\"1445\":4,\"1446\":4,\"1447\":1,\"1448\":2,\"1449\":2,\"1450\":2,\"1451\":1,\"1452\":3,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1572\":1,\"1573\":4,\"1574\":4,\"1575\":1,\"1576\":2,\"1577\":2,\"1578\":2,\"1579\":1,\"1580\":3,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1596\":6,\"1597\":2,\"1598\":2,\"1599\":7,\"1621\":1,\"1622\":4,\"1623\":4,\"1624\":1,\"1625\":2,\"1626\":2,\"1627\":2,\"1628\":1,\"1629\":3,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1749\":1,\"1750\":4,\"1751\":4,\"1752\":1,\"1753\":2,\"1754\":2,\"1755\":2,\"1756\":1,\"1757\":3,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1773\":6,\"1774\":2,\"1775\":2,\"1776\":7,\"1798\":1,\"1799\":4,\"1800\":4,\"1801\":1,\"1802\":2,\"1803\":2,\"1804\":2,\"1805\":1,\"1806\":3,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1926\":1,\"1927\":4,\"1928\":4,\"1929\":1,\"1930\":2,\"1931\":2,\"1932\":2,\"1933\":1,\"1934\":3,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1950\":6,\"1951\":2,\"1952\":2,\"1953\":7,\"1975\":1,\"1976\":4,\"1977\":4,\"1978\":1,\"1979\":2,\"1980\":2,\"1981\":2,\"1982\":1,\"1983\":3,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"2103\":1,\"2104\":4,\"2105\":4,\"2106\":1,\"2107\":2,\"2108\":2,\"2109\":2,\"2110\":1,\"2111\":3,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2127\":6,\"2128\":2,\"2129\":2,\"2130\":7,\"2152\":1,\"2153\":4,\"2154\":4,\"2155\":1,\"2156\":2,\"2157\":2,\"2158\":2,\"2159\":1,\"2160\":3,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2280\":1,\"2281\":4,\"2282\":4,\"2283\":1,\"2284\":2,\"2285\":2,\"2286\":2,\"2287\":1,\"2288\":3,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2304\":6,\"2305\":2,\"2306\":2,\"2307\":7,\"2339\":1,\"2340\":4,\"2341\":4,\"2342\":1,\"2343\":2,\"2344\":2,\"2345\":2,\"2346\":1,\"2347\":3,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2432\":6,\"2433\":2,\"2434\":7,\"2499\":1,\"2500\":4,\"2501\":4,\"2502\":1,\"2503\":2,\"2504\":2,\"2505\":2,\"2506\":1,\"2507\":3,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2523\":6,\"2524\":2,\"2525\":2,\"2526\":7,\"2558\":1,\"2559\":4,\"2560\":4,\"2561\":1,\"2562\":2,\"2563\":2,\"2564\":2,\"2565\":1,\"2566\":3,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2651\":6,\"2652\":2,\"2653\":7,\"2718\":1,\"2719\":4,\"2720\":4,\"2721\":1,\"2722\":2,\"2723\":2,\"2724\":2,\"2725\":1,\"2726\":3,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2742\":6,\"2743\":2,\"2744\":2,\"2745\":7,\"2777\":1,\"2778\":4,\"2779\":4,\"2780\":1,\"2781\":2,\"2782\":2,\"2783\":2,\"2784\":1,\"2785\":3,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2870\":6,\"2871\":2,\"2872\":7,\"2937\":1,\"2938\":4,\"2939\":4,\"2940\":1,\"2941\":2,\"2942\":2,\"2943\":2,\"2944\":1,\"2945\":3,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2961\":6,\"2962\":2,\"2963\":2,\"2964\":7,\"2996\":1,\"2997\":4,\"2998\":4,\"2999\":1,\"3000\":2,\"3001\":2,\"3002\":2,\"3003\":1,\"3004\":3,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3089\":6,\"3090\":2,\"3091\":7,\"3156\":1,\"3157\":4,\"3158\":4,\"3159\":1,\"3160\":2,\"3161\":2,\"3162\":2,\"3163\":1,\"3164\":3,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3180\":6,\"3181\":2,\"3182\":2,\"3183\":7,\"3284\":1,\"3285\":4,\"3286\":4,\"3287\":1,\"3288\":2,\"3289\":2,\"3290\":2,\"3291\":1,\"3292\":3,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3308\":6,\"3309\":2,\"3310\":7,\"3377\":1,\"3378\":4,\"3379\":4,\"3380\":1,\"3381\":2,\"3382\":2,\"3383\":2,\"3384\":1,\"3385\":3,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3401\":6,\"3402\":2,\"3403\":2,\"3404\":7}}],[\"authority\",{\"1\":{\"289\":1,\"300\":1,\"457\":3,\"460\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"911\":3,\"914\":1}}],[\"authorities\",{\"0\":{\"451\":1,\"456\":1,\"905\":1,\"910\":1},\"1\":{\"110\":1,\"165\":1,\"450\":1,\"460\":1,\"904\":1,\"914\":1}}],[\"authorisation\",{\"1\":{\"97\":1}}],[\"authorized\",{\"1\":{\"5\":1,\"10\":1,\"85\":1}}],[\"authorizationruleprovider\",{\"1\":{\"149\":1}}],[\"authorizationconfig\",{\"1\":{\"149\":1}}],[\"authorization\",{\"0\":{\"149\":1,\"363\":1,\"389\":1,\"1002\":1,\"1025\":1,\"1095\":1,\"1118\":1,\"1205\":1,\"1273\":1,\"1397\":1,\"1420\":1,\"1445\":1,\"1573\":1,\"1596\":1,\"1622\":1,\"1750\":1,\"1773\":1,\"1799\":1,\"1927\":1,\"1950\":1,\"1976\":1,\"2104\":1,\"2127\":1,\"2153\":1,\"2281\":1,\"2304\":1,\"2340\":1,\"2432\":1,\"2500\":1,\"2523\":1,\"2559\":1,\"2651\":1,\"2719\":1,\"2742\":1,\"2778\":1,\"2870\":1,\"2938\":1,\"2961\":1,\"2997\":1,\"3089\":1,\"3157\":1,\"3180\":1,\"3285\":1,\"3308\":1,\"3378\":1,\"3401\":1},\"1\":{\"5\":1,\"10\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"99\":1,\"116\":1,\"117\":1,\"149\":1,\"169\":1,\"358\":4,\"359\":2,\"360\":2,\"361\":5,\"362\":3,\"363\":5,\"364\":1,\"384\":4,\"385\":2,\"386\":2,\"387\":5,\"388\":3,\"389\":5,\"1002\":2,\"1003\":1,\"1006\":1,\"1007\":1,\"1024\":1,\"1025\":2,\"1027\":1,\"1095\":2,\"1096\":1,\"1099\":1,\"1100\":1,\"1117\":1,\"1118\":2,\"1121\":1,\"1205\":2,\"1206\":1,\"1209\":1,\"1210\":1,\"1273\":2,\"1274\":1,\"1277\":1,\"1278\":1,\"1397\":2,\"1398\":1,\"1401\":1,\"1402\":1,\"1419\":1,\"1420\":2,\"1423\":1,\"1445\":2,\"1446\":1,\"1449\":1,\"1450\":1,\"1573\":2,\"1574\":1,\"1577\":1,\"1578\":1,\"1595\":1,\"1596\":2,\"1599\":1,\"1622\":2,\"1623\":1,\"1626\":1,\"1627\":1,\"1750\":2,\"1751\":1,\"1754\":1,\"1755\":1,\"1772\":1,\"1773\":2,\"1776\":1,\"1799\":2,\"1800\":1,\"1803\":1,\"1804\":1,\"1927\":2,\"1928\":1,\"1931\":1,\"1932\":1,\"1949\":1,\"1950\":2,\"1953\":1,\"1976\":2,\"1977\":1,\"1980\":1,\"1981\":1,\"2104\":2,\"2105\":1,\"2108\":1,\"2109\":1,\"2126\":1,\"2127\":2,\"2130\":1,\"2153\":2,\"2154\":1,\"2157\":1,\"2158\":1,\"2281\":2,\"2282\":1,\"2285\":1,\"2286\":1,\"2303\":1,\"2304\":2,\"2307\":1,\"2340\":2,\"2341\":1,\"2344\":1,\"2345\":1,\"2431\":1,\"2432\":2,\"2434\":1,\"2500\":2,\"2501\":1,\"2504\":1,\"2505\":1,\"2522\":1,\"2523\":2,\"2526\":1,\"2559\":2,\"2560\":1,\"2563\":1,\"2564\":1,\"2650\":1,\"2651\":2,\"2653\":1,\"2719\":2,\"2720\":1,\"2723\":1,\"2724\":1,\"2741\":1,\"2742\":2,\"2745\":1,\"2778\":2,\"2779\":1,\"2782\":1,\"2783\":1,\"2869\":1,\"2870\":2,\"2872\":1,\"2938\":2,\"2939\":1,\"2942\":1,\"2943\":1,\"2960\":1,\"2961\":2,\"2964\":1,\"2997\":2,\"2998\":1,\"3001\":1,\"3002\":1,\"3088\":1,\"3089\":2,\"3091\":1,\"3157\":2,\"3158\":1,\"3161\":1,\"3162\":1,\"3179\":1,\"3180\":2,\"3183\":1,\"3285\":2,\"3286\":1,\"3289\":1,\"3290\":1,\"3307\":1,\"3308\":2,\"3310\":1,\"3378\":2,\"3379\":1,\"3382\":1,\"3383\":1,\"3400\":1,\"3401\":2,\"3404\":1}}],[\"authenticates\",{\"1\":{\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"authenticated\",{\"1\":{\"920\":2,\"1024\":1,\"1049\":1,\"1117\":1,\"1355\":1,\"1419\":1,\"1531\":1,\"1595\":1,\"1708\":1,\"1772\":1,\"1885\":1,\"1949\":1,\"2062\":1,\"2126\":1,\"2239\":1,\"2303\":1,\"2327\":2,\"2431\":1,\"2454\":1,\"2522\":1,\"2546\":2,\"2650\":1,\"2673\":1,\"2741\":1,\"2765\":2,\"2869\":1,\"2892\":1,\"2960\":1,\"2984\":2,\"3088\":1,\"3111\":1,\"3179\":1,\"3203\":2,\"3307\":1,\"3332\":1,\"3400\":1}}],[\"authenticate\",{\"1\":{\"110\":1,\"112\":1,\"113\":2,\"165\":1,\"167\":1,\"168\":2,\"212\":1,\"338\":1,\"367\":1,\"393\":1,\"429\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1,\"963\":1,\"1173\":1,\"1324\":1,\"1496\":1,\"1673\":1,\"1850\":1,\"2027\":1,\"2204\":1,\"2394\":1,\"2613\":1,\"2832\":1,\"3051\":1,\"3246\":1}}],[\"authenticating\",{\"0\":{\"162\":1},\"1\":{\"91\":1,\"453\":1,\"455\":1,\"907\":1,\"909\":1,\"920\":1,\"922\":1,\"1049\":1,\"1051\":1,\"1355\":1,\"1357\":1,\"1531\":1,\"1533\":1,\"1708\":1,\"1710\":1,\"1885\":1,\"1887\":1,\"2062\":1,\"2064\":1,\"2239\":1,\"2241\":1,\"2327\":1,\"2329\":1,\"2454\":1,\"2456\":1,\"2546\":1,\"2548\":1,\"2673\":1,\"2675\":1,\"2765\":1,\"2767\":1,\"2892\":1,\"2894\":1,\"2984\":1,\"2986\":1,\"3111\":1,\"3113\":1,\"3203\":1,\"3205\":1,\"3332\":1,\"3334\":1}}],[\"authentication\",{\"0\":{\"110\":1,\"165\":1,\"1119\":1,\"1421\":1,\"1597\":1,\"1774\":1,\"1951\":1,\"2128\":1,\"2305\":1,\"2524\":1,\"2743\":1,\"2962\":1,\"3181\":1,\"3402\":1},\"1\":{\"5\":1,\"10\":1,\"32\":1,\"43\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"99\":1,\"110\":1,\"116\":1,\"117\":1,\"152\":1,\"153\":1,\"162\":1,\"164\":1,\"165\":1,\"169\":1,\"190\":1,\"192\":1,\"196\":1,\"198\":1,\"199\":1,\"201\":1,\"219\":2,\"229\":2,\"244\":1,\"246\":1,\"284\":1,\"295\":1,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"427\":1,\"438\":4,\"456\":2,\"462\":1,\"470\":1,\"477\":4,\"493\":1,\"500\":4,\"511\":1,\"519\":1,\"526\":4,\"537\":1,\"545\":1,\"556\":4,\"567\":1,\"575\":1,\"586\":4,\"597\":1,\"605\":1,\"616\":4,\"627\":1,\"651\":1,\"662\":4,\"673\":1,\"697\":1,\"708\":4,\"719\":1,\"743\":1,\"754\":4,\"765\":1,\"789\":1,\"800\":4,\"811\":1,\"835\":1,\"846\":4,\"857\":1,\"881\":1,\"892\":4,\"910\":2,\"916\":1,\"920\":1,\"970\":2,\"980\":2,\"996\":1,\"998\":1,\"1005\":1,\"1024\":2,\"1025\":1,\"1045\":1,\"1049\":1,\"1089\":1,\"1091\":1,\"1098\":1,\"1117\":3,\"1118\":1,\"1119\":1,\"1139\":1,\"1180\":2,\"1190\":2,\"1198\":1,\"1200\":1,\"1208\":1,\"1252\":1,\"1254\":1,\"1276\":1,\"1331\":2,\"1341\":2,\"1349\":1,\"1351\":1,\"1355\":1,\"1391\":1,\"1393\":1,\"1400\":1,\"1419\":3,\"1420\":1,\"1421\":1,\"1438\":1,\"1448\":1,\"1503\":2,\"1513\":2,\"1525\":1,\"1527\":1,\"1531\":1,\"1567\":1,\"1569\":1,\"1576\":1,\"1595\":3,\"1596\":1,\"1597\":1,\"1615\":1,\"1625\":1,\"1680\":2,\"1690\":2,\"1702\":1,\"1704\":1,\"1708\":1,\"1744\":1,\"1746\":1,\"1753\":1,\"1772\":3,\"1773\":1,\"1774\":1,\"1792\":1,\"1802\":1,\"1857\":2,\"1867\":2,\"1879\":1,\"1881\":1,\"1885\":1,\"1921\":1,\"1923\":1,\"1930\":1,\"1949\":3,\"1950\":1,\"1951\":1,\"1969\":1,\"1979\":1,\"2034\":2,\"2044\":2,\"2056\":1,\"2058\":1,\"2062\":1,\"2098\":1,\"2100\":1,\"2107\":1,\"2126\":3,\"2127\":1,\"2128\":1,\"2146\":1,\"2156\":1,\"2211\":2,\"2221\":2,\"2233\":1,\"2235\":1,\"2239\":1,\"2275\":1,\"2277\":1,\"2284\":1,\"2303\":3,\"2304\":1,\"2305\":1,\"2323\":1,\"2327\":1,\"2343\":1,\"2401\":2,\"2411\":2,\"2427\":1,\"2429\":1,\"2431\":2,\"2432\":1,\"2450\":1,\"2454\":1,\"2494\":1,\"2496\":1,\"2503\":1,\"2522\":3,\"2523\":1,\"2524\":1,\"2542\":1,\"2546\":1,\"2562\":1,\"2620\":2,\"2630\":2,\"2646\":1,\"2648\":1,\"2650\":2,\"2651\":1,\"2669\":1,\"2673\":1,\"2713\":1,\"2715\":1,\"2722\":1,\"2741\":3,\"2742\":1,\"2743\":1,\"2761\":1,\"2765\":1,\"2781\":1,\"2839\":2,\"2849\":2,\"2865\":1,\"2867\":1,\"2869\":2,\"2870\":1,\"2888\":1,\"2892\":1,\"2932\":1,\"2934\":1,\"2941\":1,\"2960\":3,\"2961\":1,\"2962\":1,\"2980\":1,\"2984\":1,\"3000\":1,\"3058\":2,\"3068\":2,\"3084\":1,\"3086\":1,\"3088\":2,\"3089\":1,\"3107\":1,\"3111\":1,\"3151\":1,\"3153\":1,\"3160\":1,\"3179\":3,\"3180\":1,\"3181\":1,\"3199\":1,\"3203\":1,\"3253\":2,\"3263\":2,\"3279\":1,\"3281\":1,\"3288\":1,\"3307\":2,\"3308\":1,\"3328\":1,\"3332\":1,\"3372\":1,\"3374\":1,\"3381\":1,\"3400\":3,\"3401\":1,\"3402\":1,\"3422\":1}}],[\"authenitication\",{\"1\":{\"45\":1}}],[\"auch\",{\"1\":{\"16\":4,\"17\":1}}],[\"ausgewählten\",{\"1\":{\"16\":1}}],[\"aus\",{\"1\":{\"16\":1}}],[\"aufgrund\",{\"1\":{\"41\":1}}],[\"aufgeführten\",{\"1\":{\"18\":1}}],[\"auf\",{\"1\":{\"14\":3,\"16\":1,\"17\":1}}],[\"ams\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"among\",{\"1\":{\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"am\",{\"1\":{\"14\":1}}],[\"adhere\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"admin\",{\"1\":{\"920\":1,\"926\":1,\"928\":5,\"1056\":1,\"1057\":4,\"1362\":1,\"1363\":4,\"1538\":1,\"1539\":4,\"1715\":1,\"1716\":4,\"1892\":1,\"1893\":4,\"2069\":1,\"2070\":4,\"2246\":1,\"2247\":4,\"2327\":1,\"2333\":1,\"2335\":5,\"2461\":1,\"2462\":4,\"2546\":1,\"2552\":1,\"2554\":5,\"2680\":1,\"2681\":4,\"2765\":1,\"2771\":1,\"2773\":5,\"2899\":1,\"2900\":4,\"2984\":1,\"2990\":1,\"2992\":5,\"3118\":1,\"3119\":4,\"3203\":1,\"3209\":1,\"3211\":5,\"3339\":1,\"3340\":4}}],[\"admins\",{\"1\":{\"289\":1,\"300\":1,\"442\":1,\"481\":1,\"504\":1,\"530\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"928\":3,\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2335\":3,\"2462\":2,\"2554\":3,\"2681\":2,\"2773\":3,\"2900\":2,\"2992\":3,\"3119\":2,\"3211\":3,\"3340\":2}}],[\"administrator\",{\"1\":{\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1,\"928\":1,\"2335\":1,\"2554\":1,\"2773\":1,\"2992\":1,\"3211\":1}}],[\"administrators\",{\"1\":{\"109\":1,\"920\":1,\"928\":2,\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2327\":1,\"2335\":2,\"2462\":2,\"2546\":1,\"2554\":2,\"2681\":2,\"2765\":1,\"2773\":2,\"2900\":2,\"2984\":1,\"2992\":2,\"3119\":2,\"3203\":1,\"3211\":2,\"3340\":2}}],[\"administration\",{\"1\":{\"265\":1,\"266\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1}}],[\"administrative\",{\"1\":{\"117\":1}}],[\"advanced\",{\"1\":{\"112\":1,\"167\":1}}],[\"advancing\",{\"1\":{\"12\":1,\"127\":1}}],[\"adaption\",{\"1\":{\"154\":1}}],[\"adapters\",{\"1\":{\"146\":1}}],[\"adapter\",{\"0\":{\"146\":1},\"1\":{\"146\":2,\"148\":2}}],[\"adapt\",{\"1\":{\"81\":1,\"147\":4,\"349\":2,\"459\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"adaptable\",{\"1\":{\"5\":1,\"9\":1}}],[\"adds\",{\"1\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"adduser\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1}}],[\"addgroup\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1}}],[\"adding\",{\"0\":{\"144\":1,\"152\":1,\"153\":1},\"1\":{\"143\":3,\"147\":1,\"149\":1,\"150\":1,\"346\":1,\"349\":2}}],[\"addition\",{\"1\":{\"95\":1,\"109\":2,\"113\":1,\"357\":1,\"419\":1,\"460\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1,\"914\":1}}],[\"additional\",{\"0\":{\"92\":1,\"100\":1,\"170\":1,\"1026\":1,\"1120\":1,\"1422\":1,\"1598\":1,\"1775\":1,\"1952\":1,\"2129\":1,\"2306\":1,\"2433\":1,\"2525\":1,\"2652\":1,\"2744\":1,\"2871\":1,\"2963\":1,\"3090\":1,\"3182\":1,\"3309\":1,\"3403\":1},\"1\":{\"83\":1,\"91\":1,\"100\":2,\"112\":1,\"167\":1,\"170\":2,\"173\":1,\"240\":1,\"285\":1,\"289\":4,\"290\":1,\"296\":1,\"300\":4,\"301\":1,\"347\":1,\"383\":1,\"442\":3,\"443\":1,\"459\":1,\"481\":4,\"482\":1,\"504\":3,\"505\":1,\"530\":3,\"531\":1,\"560\":3,\"561\":1,\"564\":1,\"590\":3,\"591\":1,\"594\":1,\"620\":3,\"621\":1,\"624\":1,\"666\":3,\"667\":1,\"670\":1,\"712\":3,\"713\":1,\"716\":1,\"758\":3,\"759\":1,\"762\":1,\"804\":3,\"805\":1,\"808\":1,\"850\":3,\"851\":1,\"854\":1,\"896\":3,\"897\":1,\"913\":1,\"920\":1,\"983\":1,\"1026\":1,\"1049\":2,\"1120\":1,\"1142\":1,\"1226\":1,\"1355\":2,\"1422\":1,\"1516\":1,\"1531\":2,\"1598\":1,\"1693\":1,\"1708\":2,\"1775\":1,\"1870\":1,\"1885\":2,\"1952\":1,\"2047\":1,\"2062\":2,\"2129\":1,\"2224\":1,\"2239\":2,\"2306\":1,\"2327\":1,\"2414\":1,\"2433\":1,\"2454\":2,\"2525\":1,\"2546\":1,\"2633\":1,\"2652\":1,\"2673\":2,\"2744\":1,\"2765\":1,\"2852\":1,\"2871\":1,\"2892\":2,\"2963\":1,\"2984\":1,\"3071\":1,\"3090\":1,\"3111\":2,\"3182\":1,\"3203\":1,\"3266\":1,\"3309\":1,\"3332\":2,\"3403\":1}}],[\"additionally\",{\"1\":{\"74\":1,\"422\":1,\"465\":1,\"488\":1,\"514\":1,\"540\":1,\"570\":1,\"600\":1,\"646\":1,\"692\":1,\"738\":1,\"784\":1,\"830\":1,\"876\":1}}],[\"add\",{\"1\":{\"134\":1,\"144\":1,\"147\":4,\"148\":1,\"149\":1,\"150\":2,\"152\":1,\"153\":1,\"162\":1,\"265\":1,\"266\":1,\"289\":8,\"290\":7,\"300\":8,\"301\":7,\"304\":2,\"335\":1,\"338\":2,\"349\":4,\"364\":1,\"374\":3,\"379\":1,\"381\":1,\"390\":3,\"398\":1,\"433\":1,\"442\":7,\"443\":5,\"470\":1,\"481\":8,\"482\":5,\"493\":1,\"504\":7,\"505\":5,\"519\":1,\"530\":7,\"531\":5,\"545\":1,\"560\":7,\"561\":5,\"590\":7,\"591\":5,\"620\":7,\"621\":5,\"666\":7,\"667\":5,\"712\":7,\"713\":5,\"758\":7,\"759\":5,\"795\":1,\"804\":7,\"805\":5,\"841\":1,\"850\":7,\"851\":5,\"887\":1,\"896\":7,\"897\":5}}],[\"added\",{\"1\":{\"90\":1,\"338\":1,\"352\":1,\"371\":1,\"427\":1,\"470\":1,\"493\":1,\"519\":1,\"537\":1,\"545\":1,\"575\":1,\"605\":1,\"651\":1,\"697\":1,\"743\":1,\"789\":1,\"835\":1,\"881\":1,\"984\":1,\"1517\":1,\"1694\":1,\"1871\":1,\"2048\":1,\"2225\":1,\"2415\":1,\"2634\":1,\"2853\":1,\"3072\":1,\"3267\":1}}],[\"address=\",{\"1\":{\"327\":6}}],[\"addressing\",{\"1\":{\"120\":1}}],[\"addresses\",{\"1\":{\"117\":1,\"221\":1,\"226\":1,\"227\":1,\"923\":2,\"928\":2,\"972\":1,\"977\":1,\"978\":1,\"1052\":2,\"1057\":2,\"1182\":1,\"1187\":1,\"1188\":1,\"1333\":1,\"1338\":1,\"1339\":1,\"1358\":2,\"1363\":2,\"1505\":1,\"1510\":1,\"1511\":1,\"1534\":2,\"1539\":2,\"1682\":1,\"1687\":1,\"1688\":1,\"1711\":2,\"1716\":2,\"1859\":1,\"1864\":1,\"1865\":1,\"1888\":2,\"1893\":2,\"2036\":1,\"2041\":1,\"2042\":1,\"2065\":2,\"2070\":2,\"2213\":1,\"2218\":1,\"2219\":1,\"2242\":2,\"2247\":2,\"2330\":2,\"2335\":2,\"2403\":1,\"2408\":1,\"2409\":1,\"2457\":2,\"2462\":2,\"2549\":2,\"2554\":2,\"2622\":1,\"2627\":1,\"2628\":1,\"2676\":2,\"2681\":2,\"2768\":2,\"2773\":2,\"2841\":1,\"2846\":1,\"2847\":1,\"2895\":2,\"2900\":2,\"2987\":2,\"2992\":2,\"3060\":1,\"3065\":1,\"3066\":1,\"3114\":2,\"3119\":2,\"3206\":2,\"3211\":2,\"3255\":1,\"3260\":1,\"3261\":1,\"3335\":2,\"3340\":2}}],[\"address\",{\"1\":{\"35\":1,\"37\":3,\"117\":1,\"127\":1,\"177\":1,\"207\":1,\"215\":1,\"253\":1,\"260\":1,\"269\":1,\"327\":6,\"417\":1,\"428\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"641\":1,\"652\":1,\"687\":1,\"698\":1,\"733\":1,\"744\":1,\"779\":1,\"790\":1,\"825\":1,\"836\":1,\"871\":1,\"882\":1,\"934\":1,\"959\":1,\"966\":1,\"991\":1,\"1031\":1,\"1070\":1,\"1080\":1,\"1125\":1,\"1147\":1,\"1168\":1,\"1176\":1,\"1238\":1,\"1245\":1,\"1256\":1,\"1298\":1,\"1319\":1,\"1327\":1,\"1376\":1,\"1383\":1,\"1427\":1,\"1470\":1,\"1492\":1,\"1499\":1,\"1552\":1,\"1559\":1,\"1603\":1,\"1647\":1,\"1669\":1,\"1676\":1,\"1729\":1,\"1736\":1,\"1780\":1,\"1824\":1,\"1846\":1,\"1853\":1,\"1906\":1,\"1913\":1,\"1957\":1,\"2001\":1,\"2023\":1,\"2030\":1,\"2083\":1,\"2090\":1,\"2134\":1,\"2178\":1,\"2200\":1,\"2207\":1,\"2260\":1,\"2267\":1,\"2311\":1,\"2365\":1,\"2390\":1,\"2397\":1,\"2422\":1,\"2438\":1,\"2475\":1,\"2485\":1,\"2530\":1,\"2584\":1,\"2609\":1,\"2616\":1,\"2641\":1,\"2657\":1,\"2694\":1,\"2704\":1,\"2749\":1,\"2803\":1,\"2828\":1,\"2835\":1,\"2860\":1,\"2876\":1,\"2913\":1,\"2923\":1,\"2968\":1,\"3022\":1,\"3047\":1,\"3054\":1,\"3079\":1,\"3095\":1,\"3132\":1,\"3142\":1,\"3187\":1,\"3217\":1,\"3242\":1,\"3249\":1,\"3274\":1,\"3314\":1,\"3353\":1,\"3363\":1,\"3408\":1}}],[\"aliases\",{\"1\":{\"327\":1}}],[\"alignment\",{\"1\":{\"159\":30}}],[\"align\",{\"1\":{\"159\":7,\"160\":2}}],[\"alert\",{\"1\":{\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"alexander\",{\"1\":{\"83\":1}}],[\"alpine\",{\"1\":{\"290\":1,\"301\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1}}],[\"alphabetic\",{\"1\":{\"145\":2,\"146\":1,\"147\":2,\"149\":1,\"150\":1}}],[\"alternative\",{\"1\":{\"112\":2,\"167\":2,\"923\":1,\"1052\":1,\"1358\":1,\"1534\":1,\"1711\":1,\"1888\":1,\"2065\":1,\"2242\":1,\"2330\":1,\"2457\":1,\"2549\":1,\"2676\":1,\"2768\":1,\"2895\":1,\"2987\":1,\"3114\":1,\"3206\":1,\"3335\":1}}],[\"almost\",{\"1\":{\"102\":1}}],[\"allocation\",{\"1\":{\"159\":8}}],[\"allowed\",{\"1\":{\"97\":1,\"261\":1,\"289\":1,\"300\":1,\"334\":1,\"348\":1,\"357\":1,\"377\":1,\"926\":1,\"1055\":1,\"1361\":1,\"1537\":1,\"1714\":1,\"1891\":1,\"2068\":1,\"2245\":1,\"2333\":1,\"2460\":1,\"2552\":1,\"2679\":1,\"2771\":1,\"2898\":1,\"2990\":1,\"3117\":1,\"3209\":1,\"3338\":1}}],[\"allow\",{\"0\":{\"84\":1,\"86\":1,\"426\":1,\"469\":1,\"492\":1,\"518\":1,\"544\":1,\"574\":1,\"604\":1,\"650\":1,\"696\":1,\"742\":1,\"788\":1,\"834\":1,\"880\":1},\"1\":{\"24\":1,\"33\":1,\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1,\"85\":8,\"86\":1,\"99\":1,\"104\":1,\"106\":2,\"109\":3,\"110\":1,\"128\":1,\"145\":1,\"165\":1,\"169\":1,\"208\":1,\"233\":1,\"261\":1,\"262\":3,\"263\":1,\"290\":3,\"304\":2,\"307\":2,\"335\":1,\"346\":1,\"348\":1,\"364\":1,\"425\":1,\"426\":1,\"427\":4,\"429\":3,\"431\":1,\"442\":1,\"468\":1,\"469\":2,\"470\":5,\"472\":2,\"481\":1,\"491\":1,\"492\":2,\"493\":5,\"495\":2,\"504\":1,\"517\":1,\"518\":2,\"519\":5,\"521\":2,\"530\":1,\"536\":1,\"537\":2,\"543\":1,\"544\":2,\"545\":4,\"547\":5,\"549\":1,\"560\":1,\"573\":1,\"574\":2,\"575\":4,\"577\":3,\"579\":1,\"590\":1,\"603\":1,\"604\":2,\"605\":4,\"607\":3,\"609\":1,\"620\":1,\"649\":1,\"650\":2,\"651\":4,\"653\":3,\"655\":1,\"666\":1,\"695\":1,\"696\":2,\"697\":4,\"699\":3,\"701\":1,\"712\":1,\"741\":1,\"742\":2,\"743\":4,\"745\":3,\"747\":1,\"758\":1,\"787\":1,\"788\":2,\"789\":4,\"791\":3,\"793\":1,\"804\":1,\"833\":1,\"834\":1,\"835\":4,\"837\":3,\"839\":1,\"850\":1,\"879\":1,\"880\":1,\"881\":4,\"883\":3,\"885\":1,\"896\":1,\"985\":1,\"1056\":1,\"1081\":3,\"1082\":1,\"1169\":1,\"1192\":1,\"1246\":3,\"1247\":1,\"1320\":1,\"1343\":1,\"1362\":1,\"1384\":3,\"1385\":1,\"1518\":1,\"1538\":1,\"1560\":3,\"1561\":1,\"1695\":1,\"1715\":1,\"1737\":3,\"1738\":1,\"1872\":1,\"1892\":1,\"1914\":3,\"1915\":1,\"2049\":1,\"2069\":1,\"2091\":3,\"2092\":1,\"2226\":1,\"2246\":1,\"2268\":3,\"2269\":1,\"2416\":1,\"2461\":1,\"2486\":3,\"2487\":1,\"2635\":1,\"2680\":1,\"2705\":3,\"2706\":1,\"2854\":1,\"2899\":1,\"2924\":3,\"2925\":1,\"3073\":1,\"3118\":1,\"3143\":3,\"3144\":1,\"3268\":1,\"3339\":1,\"3364\":3,\"3365\":1}}],[\"allowlist\",{\"1\":{\"14\":2,\"16\":3,\"20\":1,\"26\":1,\"422\":1,\"423\":1,\"465\":1,\"466\":1,\"488\":1,\"489\":1,\"514\":1,\"515\":1,\"540\":1,\"541\":1,\"549\":1,\"570\":1,\"571\":1,\"579\":1,\"600\":1,\"601\":1,\"609\":1,\"646\":1,\"647\":1,\"655\":1,\"692\":1,\"693\":1,\"701\":1,\"738\":1,\"739\":1,\"747\":1,\"784\":1,\"785\":1,\"830\":1,\"831\":1,\"876\":1,\"877\":1}}],[\"allows\",{\"1\":{\"9\":1,\"127\":1,\"128\":1,\"347\":1,\"363\":1,\"389\":1,\"399\":1,\"928\":1,\"1057\":1,\"1363\":1,\"1539\":1,\"1716\":1,\"1893\":1,\"2070\":1,\"2247\":1,\"2335\":1,\"2462\":1,\"2554\":1,\"2681\":1,\"2773\":1,\"2900\":1,\"2992\":1,\"3119\":1,\"3211\":1,\"3340\":1}}],[\"all\",{\"1\":{\"86\":1,\"91\":3,\"97\":2,\"110\":1,\"128\":1,\"129\":2,\"130\":1,\"134\":1,\"135\":1,\"165\":1,\"275\":1,\"276\":2,\"277\":1,\"331\":1,\"338\":1,\"341\":1,\"346\":2,\"348\":2,\"349\":1,\"352\":1,\"361\":4,\"362\":2,\"367\":1,\"371\":1,\"372\":1,\"377\":1,\"387\":4,\"388\":2,\"393\":1,\"403\":1,\"404\":1,\"408\":1,\"410\":1,\"416\":1,\"426\":1,\"429\":1,\"441\":1,\"442\":1,\"446\":1,\"469\":1,\"472\":1,\"492\":1,\"495\":1,\"518\":1,\"521\":1,\"544\":1,\"547\":1,\"574\":1,\"577\":1,\"604\":1,\"607\":1,\"628\":1,\"632\":1,\"634\":1,\"640\":1,\"650\":1,\"653\":1,\"674\":1,\"678\":1,\"680\":1,\"686\":1,\"696\":1,\"699\":1,\"720\":1,\"724\":1,\"726\":1,\"732\":1,\"742\":1,\"745\":1,\"766\":1,\"770\":1,\"772\":1,\"778\":1,\"788\":1,\"791\":1,\"812\":1,\"816\":1,\"818\":1,\"824\":1,\"834\":1,\"837\":1,\"858\":1,\"862\":1,\"864\":1,\"870\":1,\"880\":1,\"883\":1,\"895\":1,\"896\":1,\"900\":1,\"920\":2,\"984\":1,\"995\":1,\"1038\":1,\"1039\":2,\"1040\":1,\"1041\":1,\"1049\":2,\"1088\":1,\"1132\":1,\"1133\":2,\"1134\":1,\"1135\":1,\"1197\":1,\"1251\":1,\"1262\":1,\"1263\":2,\"1264\":1,\"1348\":1,\"1355\":2,\"1390\":1,\"1433\":1,\"1434\":2,\"1435\":1,\"1517\":1,\"1524\":1,\"1531\":2,\"1566\":1,\"1610\":1,\"1611\":2,\"1612\":1,\"1694\":1,\"1701\":1,\"1708\":2,\"1743\":1,\"1787\":1,\"1788\":2,\"1789\":1,\"1871\":1,\"1878\":1,\"1885\":2,\"1920\":1,\"1964\":1,\"1965\":2,\"1966\":1,\"2048\":1,\"2055\":1,\"2062\":2,\"2097\":1,\"2141\":1,\"2142\":2,\"2143\":1,\"2225\":1,\"2232\":1,\"2239\":2,\"2274\":1,\"2318\":1,\"2319\":2,\"2320\":1,\"2327\":2,\"2415\":1,\"2426\":1,\"2445\":1,\"2446\":2,\"2447\":1,\"2454\":2,\"2493\":1,\"2537\":1,\"2538\":2,\"2539\":1,\"2546\":2,\"2634\":1,\"2645\":1,\"2664\":1,\"2665\":2,\"2666\":1,\"2673\":2,\"2712\":1,\"2756\":1,\"2757\":2,\"2758\":1,\"2765\":2,\"2853\":1,\"2864\":1,\"2883\":1,\"2884\":2,\"2885\":1,\"2892\":2,\"2931\":1,\"2975\":1,\"2976\":2,\"2977\":1,\"2984\":2,\"3072\":1,\"3083\":1,\"3102\":1,\"3103\":2,\"3104\":1,\"3111\":2,\"3150\":1,\"3194\":1,\"3195\":2,\"3196\":1,\"3203\":2,\"3267\":1,\"3278\":1,\"3321\":1,\"3322\":2,\"3323\":1,\"3324\":1,\"3332\":2,\"3371\":1,\"3415\":1,\"3416\":2,\"3417\":1,\"3418\":1}}],[\"also\",{\"1\":{\"33\":1,\"81\":1,\"88\":1,\"99\":1,\"152\":1,\"169\":1,\"334\":1,\"338\":1,\"341\":1,\"348\":1,\"352\":1,\"356\":1,\"357\":1,\"367\":1,\"393\":1,\"444\":2,\"452\":2,\"454\":2,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"668\":2,\"714\":2,\"760\":2,\"806\":2,\"852\":2,\"898\":2,\"906\":2,\"908\":2,\"1024\":2,\"1056\":1,\"1117\":2,\"1142\":1,\"1226\":1,\"1362\":1,\"1419\":2,\"1538\":1,\"1595\":2,\"1715\":1,\"1772\":2,\"1892\":1,\"1949\":2,\"2069\":1,\"2126\":2,\"2246\":1,\"2303\":2,\"2431\":2,\"2461\":1,\"2522\":2,\"2650\":2,\"2680\":1,\"2741\":2,\"2869\":2,\"2899\":1,\"2960\":2,\"3088\":2,\"3118\":1,\"3179\":2,\"3307\":2,\"3339\":1,\"3400\":2}}],[\"always\",{\"1\":{\"33\":1,\"346\":1,\"416\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"640\":1,\"668\":1,\"686\":1,\"714\":1,\"732\":1,\"760\":1,\"778\":1,\"806\":1,\"824\":1,\"852\":1,\"870\":1,\"898\":1}}],[\"al\",{\"1\":{\"26\":1}}],[\"algorithm\",{\"1\":{\"26\":1,\"29\":1,\"374\":1,\"377\":1}}],[\"already\",{\"1\":{\"11\":1,\"237\":1,\"286\":1,\"297\":1,\"341\":1,\"434\":1,\"459\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"564\":1,\"582\":1,\"594\":1,\"612\":1,\"624\":1,\"658\":1,\"670\":1,\"704\":1,\"716\":1,\"750\":1,\"762\":1,\"796\":1,\"808\":1,\"842\":1,\"854\":1,\"888\":1,\"913\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"attributes\",{\"1\":{\"95\":1}}],[\"at\",{\"1\":{\"1\":2,\"11\":1,\"12\":1,\"37\":2,\"40\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"77\":1,\"81\":1,\"97\":1,\"98\":1,\"99\":1,\"103\":1,\"129\":1,\"134\":1,\"135\":1,\"159\":7,\"162\":2,\"163\":1,\"169\":1,\"226\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"318\":1,\"321\":1,\"322\":1,\"323\":2,\"325\":1,\"329\":1,\"331\":4,\"334\":1,\"338\":7,\"340\":1,\"341\":1,\"342\":2,\"344\":1,\"348\":1,\"352\":2,\"354\":3,\"356\":4,\"357\":1,\"358\":2,\"367\":8,\"377\":3,\"379\":1,\"381\":1,\"384\":2,\"393\":10,\"398\":1,\"400\":2,\"417\":2,\"422\":1,\"423\":1,\"427\":1,\"429\":1,\"434\":1,\"442\":1,\"443\":1,\"445\":1,\"450\":1,\"459\":1,\"465\":1,\"466\":1,\"470\":1,\"472\":2,\"473\":1,\"481\":1,\"482\":1,\"484\":1,\"485\":1,\"488\":1,\"489\":1,\"493\":1,\"495\":2,\"496\":1,\"504\":1,\"505\":1,\"507\":1,\"508\":1,\"514\":1,\"515\":1,\"519\":1,\"521\":2,\"522\":1,\"530\":1,\"531\":1,\"533\":1,\"534\":1,\"536\":1,\"540\":1,\"541\":1,\"545\":1,\"547\":2,\"552\":1,\"560\":1,\"561\":1,\"563\":1,\"564\":1,\"570\":1,\"571\":1,\"575\":1,\"577\":1,\"582\":1,\"590\":1,\"591\":1,\"593\":1,\"594\":1,\"600\":1,\"601\":1,\"605\":1,\"607\":1,\"612\":1,\"620\":1,\"621\":1,\"623\":1,\"624\":1,\"641\":2,\"646\":1,\"647\":1,\"651\":1,\"653\":1,\"658\":1,\"666\":1,\"667\":1,\"669\":1,\"670\":1,\"687\":2,\"692\":1,\"693\":1,\"697\":1,\"699\":1,\"704\":1,\"712\":1,\"713\":1,\"715\":1,\"716\":1,\"733\":2,\"738\":1,\"739\":1,\"743\":1,\"745\":1,\"750\":1,\"758\":1,\"759\":1,\"761\":1,\"762\":1,\"779\":2,\"784\":1,\"785\":1,\"789\":1,\"791\":1,\"796\":1,\"804\":1,\"805\":1,\"807\":1,\"808\":1,\"825\":2,\"830\":1,\"831\":1,\"835\":1,\"837\":1,\"842\":1,\"850\":1,\"851\":1,\"853\":1,\"854\":1,\"871\":2,\"876\":1,\"877\":1,\"881\":1,\"883\":1,\"888\":1,\"896\":1,\"897\":1,\"899\":1,\"904\":1,\"913\":1,\"977\":1,\"1025\":1,\"1037\":2,\"1118\":1,\"1131\":2,\"1187\":1,\"1338\":1,\"1420\":1,\"1510\":1,\"1596\":1,\"1609\":2,\"1687\":1,\"1773\":1,\"1786\":2,\"1864\":1,\"1950\":1,\"1963\":2,\"2041\":1,\"2127\":1,\"2140\":2,\"2218\":1,\"2304\":1,\"2317\":2,\"2408\":1,\"2432\":1,\"2444\":2,\"2523\":1,\"2536\":2,\"2627\":1,\"2651\":1,\"2663\":2,\"2742\":1,\"2755\":2,\"2846\":1,\"2870\":1,\"2882\":2,\"2961\":1,\"2974\":2,\"3065\":1,\"3089\":1,\"3101\":2,\"3180\":1,\"3193\":2,\"3260\":1,\"3308\":1,\"3320\":2,\"3401\":1,\"3414\":2}}],[\"award\",{\"1\":{\"1\":2}}],[\"asymmetrically\",{\"1\":{\"290\":1,\"301\":1}}],[\"aspects\",{\"1\":{\"94\":1,\"116\":1,\"117\":1}}],[\"assuming\",{\"1\":{\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"666\":1,\"667\":1,\"712\":1,\"713\":1,\"758\":1,\"759\":1,\"804\":1,\"805\":1,\"850\":1,\"851\":1,\"896\":1,\"897\":1}}],[\"assurance\",{\"1\":{\"81\":1}}],[\"assert\",{\"1\":{\"159\":2}}],[\"assign\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"assigning\",{\"1\":{\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"assignment\",{\"1\":{\"159\":5}}],[\"assist\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"assistance\",{\"1\":{\"12\":1}}],[\"asked\",{\"1\":{\"139\":1}}],[\"ask\",{\"1\":{\"36\":1,\"415\":2,\"639\":2,\"685\":2,\"731\":2,\"777\":2,\"823\":2,\"869\":2}}],[\"as\",{\"0\":{\"2\":2,\"87\":2,\"318\":1},\"1\":{\"0\":1,\"1\":2,\"6\":2,\"28\":1,\"35\":1,\"38\":2,\"71\":2,\"81\":2,\"85\":2,\"89\":2,\"90\":1,\"91\":2,\"94\":4,\"95\":4,\"98\":4,\"99\":5,\"100\":1,\"102\":1,\"103\":1,\"110\":1,\"113\":1,\"116\":6,\"117\":5,\"118\":2,\"120\":2,\"126\":1,\"128\":2,\"129\":2,\"138\":1,\"139\":1,\"154\":2,\"157\":1,\"163\":1,\"165\":1,\"168\":1,\"169\":5,\"170\":1,\"188\":1,\"213\":1,\"218\":1,\"242\":1,\"265\":1,\"266\":1,\"285\":2,\"288\":8,\"289\":1,\"290\":1,\"296\":2,\"299\":8,\"300\":1,\"301\":1,\"311\":1,\"314\":1,\"318\":1,\"322\":1,\"325\":2,\"331\":4,\"332\":2,\"334\":1,\"335\":2,\"338\":1,\"341\":1,\"344\":1,\"345\":1,\"347\":2,\"349\":2,\"352\":1,\"364\":6,\"379\":2,\"383\":1,\"390\":1,\"393\":1,\"403\":1,\"408\":1,\"413\":1,\"415\":6,\"417\":1,\"427\":1,\"441\":9,\"442\":2,\"443\":1,\"446\":1,\"448\":2,\"450\":3,\"451\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"459\":4,\"470\":1,\"480\":8,\"481\":2,\"482\":1,\"493\":1,\"503\":8,\"504\":2,\"505\":1,\"519\":1,\"529\":8,\"530\":2,\"531\":1,\"536\":1,\"537\":1,\"545\":1,\"559\":8,\"560\":2,\"561\":1,\"564\":4,\"575\":1,\"589\":8,\"590\":2,\"591\":1,\"594\":4,\"605\":1,\"619\":8,\"620\":2,\"621\":1,\"624\":4,\"632\":1,\"637\":1,\"639\":6,\"641\":1,\"651\":1,\"665\":8,\"666\":2,\"667\":1,\"670\":4,\"678\":1,\"683\":1,\"685\":6,\"687\":1,\"697\":1,\"711\":8,\"712\":2,\"713\":1,\"716\":4,\"724\":1,\"729\":1,\"731\":6,\"733\":1,\"743\":1,\"757\":8,\"758\":2,\"759\":1,\"762\":4,\"770\":1,\"775\":1,\"777\":6,\"779\":1,\"789\":1,\"803\":8,\"804\":2,\"805\":1,\"808\":4,\"816\":1,\"821\":1,\"823\":6,\"825\":1,\"835\":1,\"849\":8,\"850\":2,\"851\":1,\"854\":4,\"862\":1,\"867\":1,\"869\":6,\"871\":1,\"881\":1,\"895\":9,\"896\":2,\"897\":1,\"900\":1,\"902\":2,\"904\":3,\"905\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"913\":4,\"920\":3,\"949\":1,\"964\":1,\"969\":1,\"992\":1,\"1009\":1,\"1037\":1,\"1049\":3,\"1060\":1,\"1085\":1,\"1102\":1,\"1117\":2,\"1131\":1,\"1158\":1,\"1174\":1,\"1179\":1,\"1212\":1,\"1228\":1,\"1280\":1,\"1309\":1,\"1325\":1,\"1330\":1,\"1355\":2,\"1366\":1,\"1388\":1,\"1404\":1,\"1419\":2,\"1452\":1,\"1482\":1,\"1497\":1,\"1502\":1,\"1531\":2,\"1542\":1,\"1564\":1,\"1580\":1,\"1595\":2,\"1609\":1,\"1629\":1,\"1659\":1,\"1674\":1,\"1679\":1,\"1708\":2,\"1719\":1,\"1741\":1,\"1757\":1,\"1772\":2,\"1786\":1,\"1806\":1,\"1836\":1,\"1851\":1,\"1856\":1,\"1885\":2,\"1896\":1,\"1918\":1,\"1934\":1,\"1949\":2,\"1963\":1,\"1983\":1,\"2013\":1,\"2028\":1,\"2033\":1,\"2062\":2,\"2073\":1,\"2095\":1,\"2111\":1,\"2126\":2,\"2140\":1,\"2160\":1,\"2190\":1,\"2205\":1,\"2210\":1,\"2239\":2,\"2250\":1,\"2272\":1,\"2288\":1,\"2303\":2,\"2317\":1,\"2327\":3,\"2347\":1,\"2380\":1,\"2395\":1,\"2400\":1,\"2423\":1,\"2444\":1,\"2454\":3,\"2465\":1,\"2490\":1,\"2507\":1,\"2522\":2,\"2536\":1,\"2546\":3,\"2566\":1,\"2599\":1,\"2614\":1,\"2619\":1,\"2642\":1,\"2663\":1,\"2673\":3,\"2684\":1,\"2709\":1,\"2726\":1,\"2741\":2,\"2755\":1,\"2765\":3,\"2785\":1,\"2818\":1,\"2833\":1,\"2838\":1,\"2861\":1,\"2882\":1,\"2892\":3,\"2903\":1,\"2928\":1,\"2945\":1,\"2960\":2,\"2974\":1,\"2984\":3,\"3004\":1,\"3037\":1,\"3052\":1,\"3057\":1,\"3080\":1,\"3101\":1,\"3111\":3,\"3122\":1,\"3147\":1,\"3164\":1,\"3179\":2,\"3193\":1,\"3203\":3,\"3232\":1,\"3247\":1,\"3252\":1,\"3275\":1,\"3292\":1,\"3320\":1,\"3332\":3,\"3343\":1,\"3368\":1,\"3385\":1,\"3400\":2,\"3414\":1}}],[\"achieve\",{\"1\":{\"446\":1,\"900\":1}}],[\"achieved\",{\"1\":{\"324\":1,\"369\":1}}],[\"acitvitydefinition\",{\"1\":{\"390\":2}}],[\"actual\",{\"1\":{\"218\":1,\"331\":1,\"408\":1,\"632\":1,\"678\":1,\"724\":1,\"770\":1,\"816\":1,\"862\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1}}],[\"acting\",{\"1\":{\"168\":1}}],[\"activated\",{\"1\":{\"184\":1,\"185\":1,\"186\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1}}],[\"activity\",{\"1\":{\"184\":1,\"185\":1,\"186\":1,\"358\":1,\"384\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1}}],[\"activitydefinitions\",{\"0\":{\"358\":1,\"384\":1}}],[\"activitydefinition\",{\"0\":{\"357\":1},\"1\":{\"97\":4,\"304\":2,\"307\":2,\"310\":2,\"334\":3,\"335\":1,\"338\":3,\"348\":1,\"357\":2,\"358\":2,\"364\":1,\"367\":3,\"384\":2,\"393\":3,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"activeprofiles>\",{\"1\":{\"162\":1}}],[\"activeprofile>\",{\"1\":{\"162\":1}}],[\"active\",{\"1\":{\"141\":1,\"142\":1}}],[\"actively\",{\"1\":{\"109\":1}}],[\"actions\",{\"1\":{\"85\":1}}],[\"action\",{\"1\":{\"39\":1,\"333\":1}}],[\"acts\",{\"1\":{\"89\":1,\"113\":1}}],[\"acquisition\",{\"1\":{\"78\":1}}],[\"acknowledge\",{\"1\":{\"38\":1}}],[\"acknowledgement\",{\"1\":{\"38\":1}}],[\"accurate\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"accepts\",{\"1\":{\"1025\":1,\"1118\":1,\"1420\":1,\"1596\":1,\"1773\":1,\"1950\":1,\"2127\":1,\"2304\":1,\"2432\":1,\"2523\":1,\"2651\":1,\"2742\":1,\"2870\":1,\"2961\":1,\"3089\":1,\"3180\":1,\"3308\":1,\"3401\":1}}],[\"acceptable\",{\"1\":{\"276\":1,\"452\":1,\"454\":1,\"906\":1,\"908\":1,\"1039\":1,\"1133\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3416\":1}}],[\"accept\",{\"1\":{\"109\":1,\"170\":1}}],[\"accessing\",{\"1\":{\"37\":1,\"112\":2,\"113\":1,\"167\":2,\"168\":1,\"1026\":1,\"1049\":1,\"1120\":1,\"1355\":1,\"1422\":1,\"1531\":1,\"1598\":1,\"1708\":1,\"1775\":1,\"1885\":1,\"1952\":1,\"2062\":1,\"2129\":1,\"2239\":1,\"2306\":1,\"2433\":1,\"2454\":1,\"2525\":1,\"2652\":1,\"2673\":1,\"2744\":1,\"2871\":1,\"2892\":1,\"2963\":1,\"3090\":1,\"3111\":1,\"3182\":1,\"3309\":1,\"3332\":1,\"3403\":1}}],[\"accessible\",{\"1\":{\"0\":1,\"32\":1,\"88\":2,\"89\":1,\"99\":2,\"117\":1,\"169\":2,\"285\":2,\"296\":2,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"439\":2,\"462\":1,\"478\":2,\"501\":2,\"511\":1,\"527\":2,\"537\":1,\"557\":2,\"567\":1,\"587\":2,\"597\":1,\"617\":2,\"627\":1,\"663\":2,\"673\":1,\"709\":2,\"719\":1,\"755\":2,\"765\":1,\"801\":2,\"811\":1,\"847\":2,\"857\":1,\"893\":2,\"916\":1,\"920\":1,\"1049\":1,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":1,\"2454\":1,\"2546\":1,\"2673\":1,\"2765\":1,\"2892\":1,\"2984\":1,\"3111\":1,\"3203\":1,\"3332\":1}}],[\"accessed\",{\"1\":{\"5\":1,\"91\":1,\"372\":1,\"400\":1}}],[\"access\",{\"0\":{\"10\":1,\"285\":1,\"296\":1,\"334\":1,\"439\":1,\"478\":1,\"501\":1,\"527\":1,\"557\":1,\"587\":1,\"617\":1,\"663\":1,\"709\":1,\"755\":1,\"801\":1,\"847\":1,\"893\":1,\"919\":1,\"1048\":1,\"1354\":1,\"1530\":1,\"1707\":1,\"1884\":1,\"2061\":1,\"2238\":1,\"2326\":1,\"2453\":1,\"2545\":1,\"2672\":1,\"2764\":1,\"2891\":1,\"2983\":1,\"3110\":1,\"3202\":1,\"3331\":1},\"1\":{\"0\":2,\"10\":1,\"32\":2,\"39\":1,\"73\":1,\"85\":1,\"90\":1,\"99\":2,\"134\":2,\"135\":2,\"139\":1,\"145\":1,\"162\":2,\"169\":2,\"174\":1,\"175\":1,\"176\":1,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"251\":1,\"252\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"261\":1,\"265\":1,\"266\":1,\"285\":2,\"289\":1,\"296\":2,\"300\":1,\"333\":1,\"338\":2,\"348\":8,\"367\":1,\"393\":1,\"398\":2,\"425\":2,\"428\":1,\"429\":1,\"439\":2,\"442\":3,\"471\":1,\"472\":1,\"478\":2,\"481\":2,\"491\":1,\"494\":1,\"495\":1,\"501\":2,\"504\":3,\"517\":1,\"520\":1,\"521\":1,\"527\":2,\"530\":3,\"536\":1,\"543\":1,\"546\":1,\"547\":1,\"557\":2,\"560\":3,\"573\":1,\"576\":1,\"577\":1,\"587\":2,\"590\":3,\"603\":1,\"606\":1,\"607\":1,\"617\":2,\"620\":3,\"649\":1,\"652\":1,\"653\":1,\"663\":2,\"666\":3,\"695\":2,\"698\":1,\"699\":1,\"709\":2,\"712\":3,\"741\":2,\"744\":1,\"745\":1,\"755\":2,\"758\":3,\"787\":2,\"790\":1,\"791\":1,\"801\":2,\"804\":3,\"833\":2,\"836\":1,\"837\":1,\"847\":2,\"850\":3,\"879\":2,\"882\":1,\"883\":1,\"893\":2,\"896\":3,\"918\":1,\"920\":3,\"923\":2,\"924\":1,\"926\":1,\"928\":3,\"932\":1,\"933\":1,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"992\":1,\"1024\":2,\"1047\":1,\"1049\":3,\"1052\":2,\"1053\":1,\"1055\":1,\"1057\":3,\"1068\":1,\"1069\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1085\":1,\"1117\":2,\"1145\":1,\"1146\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1236\":1,\"1237\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1296\":1,\"1297\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1353\":1,\"1355\":3,\"1358\":2,\"1359\":1,\"1361\":1,\"1363\":3,\"1374\":1,\"1375\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1388\":1,\"1419\":2,\"1468\":1,\"1469\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1529\":1,\"1531\":3,\"1534\":2,\"1535\":1,\"1537\":1,\"1539\":3,\"1550\":1,\"1551\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1564\":1,\"1595\":2,\"1645\":1,\"1646\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1706\":1,\"1708\":3,\"1711\":2,\"1712\":1,\"1714\":1,\"1716\":3,\"1727\":1,\"1728\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1741\":1,\"1772\":2,\"1822\":1,\"1823\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1883\":1,\"1885\":3,\"1888\":2,\"1889\":1,\"1891\":1,\"1893\":3,\"1904\":1,\"1905\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1918\":1,\"1949\":2,\"1999\":1,\"2000\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2060\":1,\"2062\":3,\"2065\":2,\"2066\":1,\"2068\":1,\"2070\":3,\"2081\":1,\"2082\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2095\":1,\"2126\":2,\"2176\":1,\"2177\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2237\":1,\"2239\":3,\"2242\":2,\"2243\":1,\"2245\":1,\"2247\":3,\"2258\":1,\"2259\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2272\":1,\"2303\":2,\"2325\":1,\"2327\":3,\"2330\":2,\"2331\":1,\"2333\":1,\"2335\":3,\"2363\":1,\"2364\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2423\":1,\"2431\":2,\"2452\":1,\"2454\":3,\"2457\":2,\"2458\":1,\"2460\":1,\"2462\":3,\"2473\":1,\"2474\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2490\":1,\"2522\":2,\"2544\":1,\"2546\":3,\"2549\":2,\"2550\":1,\"2552\":1,\"2554\":3,\"2582\":1,\"2583\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2642\":1,\"2650\":2,\"2671\":1,\"2673\":3,\"2676\":2,\"2677\":1,\"2679\":1,\"2681\":3,\"2692\":1,\"2693\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2709\":1,\"2741\":2,\"2763\":1,\"2765\":3,\"2768\":2,\"2769\":1,\"2771\":1,\"2773\":3,\"2801\":1,\"2802\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2861\":1,\"2869\":2,\"2890\":1,\"2892\":3,\"2895\":2,\"2896\":1,\"2898\":1,\"2900\":3,\"2911\":1,\"2912\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"2928\":1,\"2960\":2,\"2982\":1,\"2984\":3,\"2987\":2,\"2988\":1,\"2990\":1,\"2992\":3,\"3020\":1,\"3021\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3080\":1,\"3088\":2,\"3109\":1,\"3111\":3,\"3114\":2,\"3115\":1,\"3117\":1,\"3119\":3,\"3130\":1,\"3131\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3147\":1,\"3179\":2,\"3201\":1,\"3203\":3,\"3206\":2,\"3207\":1,\"3209\":1,\"3211\":3,\"3215\":1,\"3216\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3275\":1,\"3307\":2,\"3330\":1,\"3332\":3,\"3335\":2,\"3336\":1,\"3338\":1,\"3340\":3,\"3351\":1,\"3352\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1,\"3368\":1,\"3400\":2}}],[\"account\",{\"1\":{\"152\":1,\"153\":1}}],[\"accomplished\",{\"1\":{\"100\":1,\"170\":1}}],[\"accordance\",{\"1\":{\"39\":1}}],[\"accordingly\",{\"1\":{\"447\":1,\"901\":1}}],[\"according\",{\"1\":{\"33\":1,\"81\":1,\"127\":1,\"146\":1,\"147\":3,\"149\":1,\"150\":1,\"156\":1,\"407\":1,\"419\":2,\"459\":3,\"485\":1,\"508\":1,\"534\":1,\"564\":3,\"594\":3,\"624\":3,\"631\":1,\"643\":2,\"670\":3,\"677\":1,\"689\":2,\"716\":3,\"723\":1,\"735\":2,\"762\":3,\"769\":1,\"781\":2,\"808\":3,\"815\":1,\"827\":2,\"854\":3,\"861\":1,\"873\":2,\"913\":3}}],[\"accidental\",{\"1\":{\"39\":1}}],[\"across\",{\"1\":{\"0\":1,\"5\":1,\"6\":2,\"8\":1,\"98\":2,\"99\":1,\"116\":1,\"117\":1,\"127\":2,\"169\":1,\"399\":1}}],[\"aims\",{\"1\":{\"6\":1,\"82\":1}}],[\"aim\",{\"1\":{\"0\":1,\"81\":1,\"98\":2,\"129\":1}}],[\"aiming\",{\"1\":{\"0\":1,\"98\":1}}],[\"anonymized\",{\"1\":{\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1}}],[\"anonymous\",{\"1\":{\"159\":3}}],[\"another\",{\"1\":{\"89\":1,\"94\":1,\"97\":1,\"262\":1,\"323\":1,\"354\":1,\"367\":2,\"381\":1,\"985\":1,\"1081\":1,\"1246\":1,\"1384\":1,\"1518\":1,\"1560\":1,\"1695\":1,\"1737\":1,\"1872\":1,\"1914\":1,\"2049\":1,\"2091\":1,\"2226\":1,\"2268\":1,\"2416\":1,\"2486\":1,\"2635\":1,\"2705\":1,\"2854\":1,\"2924\":1,\"3073\":1,\"3143\":1,\"3268\":1,\"3364\":1}}],[\"angle\",{\"1\":{\"159\":11}}],[\"announce\",{\"1\":{\"334\":1,\"357\":1,\"358\":1,\"384\":1}}],[\"annotations\",{\"1\":{\"346\":1}}],[\"annotation\",{\"1\":{\"159\":24,\"160\":3,\"346\":4}}],[\"annotated\",{\"1\":{\"154\":1}}],[\"annually\",{\"1\":{\"1\":1}}],[\"ansible\",{\"1\":{\"137\":2}}],[\"answers\",{\"1\":{\"1043\":1,\"1044\":1,\"1137\":1,\"1138\":1,\"3326\":1,\"3327\":1,\"3420\":1,\"3421\":1}}],[\"answering\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"answer\",{\"1\":{\"127\":1}}],[\"analysis\",{\"1\":{\"117\":1}}],[\"analyses\",{\"1\":{\"0\":1,\"8\":1,\"32\":1}}],[\"anwendungen\",{\"0\":{\"21\":1}}],[\"anymore\",{\"1\":{\"237\":1,\"989\":1,\"1196\":1,\"1347\":1,\"1522\":1,\"1699\":1,\"1876\":1,\"2053\":1,\"2230\":1,\"2420\":1,\"2639\":1,\"2858\":1,\"3077\":1,\"3272\":1}}],[\"anyone\",{\"1\":{\"72\":1}}],[\"any\",{\"1\":{\"5\":1,\"12\":1,\"35\":1,\"37\":1,\"40\":1,\"99\":1,\"102\":1,\"106\":1,\"107\":1,\"128\":1,\"169\":1,\"286\":1,\"297\":1,\"311\":1,\"314\":1,\"404\":1,\"414\":1,\"417\":1,\"419\":2,\"444\":2,\"483\":2,\"506\":2,\"532\":2,\"562\":2,\"592\":2,\"622\":2,\"628\":1,\"638\":1,\"641\":1,\"643\":2,\"668\":2,\"674\":1,\"684\":1,\"687\":1,\"689\":2,\"714\":2,\"720\":1,\"730\":1,\"733\":1,\"735\":2,\"760\":2,\"766\":1,\"776\":1,\"779\":1,\"781\":2,\"806\":2,\"812\":1,\"822\":1,\"825\":1,\"827\":2,\"852\":2,\"858\":1,\"868\":1,\"871\":1,\"873\":2,\"898\":2,\"920\":3,\"927\":1,\"1049\":2,\"1355\":1,\"1531\":1,\"1708\":1,\"1885\":1,\"2062\":1,\"2239\":1,\"2327\":3,\"2334\":1,\"2454\":2,\"2546\":3,\"2553\":1,\"2673\":2,\"2765\":3,\"2772\":1,\"2892\":2,\"2984\":3,\"2991\":1,\"3111\":2,\"3203\":3,\"3210\":1,\"3332\":2}}],[\"an\",{\"1\":{\"1\":2,\"14\":1,\"16\":1,\"30\":1,\"37\":1,\"73\":1,\"85\":1,\"86\":1,\"88\":2,\"89\":1,\"95\":2,\"97\":1,\"98\":1,\"99\":3,\"100\":3,\"102\":1,\"103\":1,\"109\":2,\"117\":2,\"118\":1,\"138\":1,\"152\":4,\"153\":7,\"154\":1,\"163\":1,\"169\":3,\"170\":3,\"217\":1,\"218\":1,\"232\":1,\"262\":1,\"338\":1,\"341\":1,\"346\":2,\"349\":2,\"352\":1,\"356\":1,\"363\":1,\"371\":1,\"374\":2,\"381\":4,\"383\":1,\"389\":1,\"390\":4,\"395\":1,\"397\":1,\"399\":2,\"401\":3,\"402\":1,\"414\":2,\"417\":2,\"419\":3,\"427\":1,\"429\":1,\"431\":1,\"432\":1,\"434\":1,\"445\":1,\"469\":2,\"470\":2,\"472\":1,\"473\":2,\"484\":1,\"492\":2,\"493\":2,\"495\":1,\"496\":2,\"507\":1,\"518\":2,\"519\":2,\"521\":1,\"522\":2,\"533\":1,\"544\":2,\"545\":1,\"547\":1,\"548\":1,\"552\":1,\"563\":1,\"574\":2,\"575\":1,\"577\":1,\"578\":1,\"582\":1,\"593\":1,\"604\":2,\"605\":1,\"607\":1,\"608\":1,\"612\":1,\"623\":1,\"638\":2,\"641\":2,\"643\":3,\"650\":2,\"651\":1,\"653\":1,\"654\":1,\"658\":1,\"669\":1,\"684\":2,\"687\":2,\"689\":3,\"696\":2,\"697\":1,\"699\":1,\"700\":1,\"704\":1,\"715\":1,\"730\":2,\"733\":2,\"735\":3,\"742\":2,\"743\":1,\"745\":1,\"746\":1,\"750\":1,\"761\":1,\"776\":2,\"779\":2,\"781\":3,\"788\":2,\"789\":1,\"791\":1,\"793\":1,\"794\":1,\"796\":1,\"807\":1,\"822\":2,\"825\":2,\"827\":3,\"835\":1,\"837\":1,\"839\":1,\"840\":1,\"842\":1,\"853\":1,\"868\":2,\"871\":2,\"873\":3,\"881\":1,\"883\":1,\"885\":1,\"886\":1,\"888\":1,\"899\":1,\"920\":2,\"928\":1,\"968\":1,\"969\":1,\"1049\":2,\"1057\":1,\"1081\":1,\"1178\":1,\"1179\":1,\"1246\":1,\"1329\":1,\"1330\":1,\"1355\":2,\"1363\":1,\"1384\":1,\"1388\":1,\"1501\":1,\"1502\":1,\"1531\":2,\"1539\":1,\"1560\":1,\"1678\":1,\"1679\":1,\"1708\":2,\"1716\":1,\"1737\":1,\"1855\":1,\"1856\":1,\"1885\":2,\"1893\":1,\"1914\":1,\"2032\":1,\"2033\":1,\"2062\":2,\"2070\":1,\"2091\":1,\"2209\":1,\"2210\":1,\"2239\":2,\"2247\":1,\"2268\":1,\"2327\":2,\"2335\":1,\"2399\":1,\"2400\":1,\"2454\":2,\"2462\":1,\"2486\":1,\"2546\":2,\"2554\":1,\"2618\":1,\"2619\":1,\"2673\":2,\"2681\":1,\"2705\":1,\"2765\":2,\"2773\":1,\"2837\":1,\"2838\":1,\"2892\":2,\"2900\":1,\"2924\":1,\"2984\":2,\"2992\":1,\"3056\":1,\"3057\":1,\"3111\":2,\"3119\":1,\"3143\":1,\"3203\":2,\"3211\":1,\"3251\":1,\"3252\":1,\"3332\":2,\"3340\":1,\"3364\":1}}],[\"and\",{\"0\":{\"2\":1,\"7\":1,\"10\":1,\"25\":1,\"82\":1,\"87\":1,\"93\":1,\"97\":1,\"99\":1,\"131\":1,\"132\":1,\"169\":1,\"171\":1,\"325\":1,\"331\":1,\"333\":1,\"337\":1,\"338\":1,\"348\":1,\"351\":1,\"352\":1,\"356\":1,\"357\":1,\"366\":1,\"367\":1,\"376\":1,\"377\":1,\"378\":1,\"379\":1,\"381\":1,\"392\":1,\"393\":1,\"399\":1,\"446\":1,\"457\":1,\"900\":1,\"911\":1,\"924\":1,\"925\":1,\"1053\":1,\"1054\":1,\"1359\":1,\"1360\":1,\"1535\":1,\"1536\":1,\"1712\":1,\"1713\":1,\"1889\":1,\"1890\":1,\"2066\":1,\"2067\":1,\"2243\":1,\"2244\":1,\"2331\":1,\"2332\":1,\"2458\":1,\"2459\":1,\"2550\":1,\"2551\":1,\"2677\":1,\"2678\":1,\"2769\":1,\"2770\":1,\"2896\":1,\"2897\":1,\"2988\":1,\"2989\":1,\"3115\":1,\"3116\":1,\"3207\":1,\"3208\":1,\"3336\":1,\"3337\":1},\"1\":{\"0\":10,\"1\":1,\"5\":5,\"6\":4,\"8\":3,\"9\":1,\"10\":3,\"11\":2,\"12\":1,\"13\":1,\"26\":3,\"29\":2,\"31\":2,\"32\":7,\"33\":4,\"35\":2,\"36\":2,\"37\":6,\"38\":4,\"40\":1,\"42\":1,\"43\":2,\"44\":1,\"45\":2,\"46\":1,\"47\":2,\"48\":1,\"49\":2,\"50\":1,\"51\":2,\"52\":1,\"53\":2,\"54\":1,\"55\":2,\"56\":1,\"57\":2,\"58\":1,\"59\":2,\"60\":1,\"61\":2,\"62\":1,\"63\":2,\"64\":1,\"65\":2,\"66\":1,\"67\":2,\"71\":1,\"72\":1,\"77\":5,\"78\":3,\"79\":2,\"81\":8,\"82\":4,\"85\":4,\"88\":4,\"89\":2,\"90\":7,\"91\":1,\"93\":3,\"94\":9,\"95\":4,\"96\":4,\"97\":8,\"98\":18,\"99\":9,\"102\":1,\"103\":1,\"106\":1,\"109\":3,\"110\":7,\"112\":1,\"116\":7,\"117\":13,\"118\":2,\"120\":3,\"126\":3,\"127\":1,\"129\":1,\"130\":2,\"134\":5,\"135\":4,\"137\":2,\"138\":1,\"141\":5,\"142\":4,\"145\":2,\"146\":1,\"147\":8,\"149\":3,\"150\":5,\"151\":3,\"152\":2,\"153\":2,\"156\":2,\"157\":4,\"159\":3,\"162\":1,\"164\":1,\"165\":6,\"167\":1,\"169\":9,\"187\":1,\"195\":1,\"204\":1,\"205\":1,\"224\":1,\"238\":1,\"247\":1,\"250\":1,\"275\":1,\"277\":1,\"283\":2,\"285\":5,\"286\":3,\"289\":10,\"290\":14,\"294\":2,\"296\":5,\"297\":3,\"300\":10,\"301\":14,\"302\":1,\"303\":1,\"304\":8,\"305\":2,\"307\":8,\"308\":1,\"310\":4,\"311\":1,\"314\":2,\"318\":1,\"319\":1,\"320\":2,\"327\":3,\"329\":3,\"331\":5,\"332\":5,\"333\":1,\"334\":3,\"337\":1,\"338\":9,\"341\":6,\"346\":4,\"347\":3,\"348\":6,\"349\":4,\"351\":1,\"352\":5,\"354\":2,\"356\":6,\"357\":3,\"358\":2,\"361\":2,\"362\":2,\"363\":1,\"364\":8,\"366\":1,\"367\":7,\"373\":2,\"374\":1,\"376\":1,\"377\":5,\"379\":1,\"381\":4,\"383\":2,\"384\":2,\"387\":2,\"388\":2,\"389\":1,\"390\":6,\"392\":1,\"393\":8,\"394\":1,\"395\":3,\"397\":1,\"398\":1,\"399\":3,\"400\":1,\"404\":2,\"405\":2,\"407\":3,\"410\":1,\"412\":1,\"414\":2,\"415\":5,\"416\":3,\"417\":8,\"418\":2,\"419\":20,\"423\":1,\"427\":1,\"429\":1,\"430\":1,\"431\":2,\"434\":1,\"437\":1,\"439\":3,\"441\":1,\"442\":14,\"443\":11,\"444\":7,\"446\":2,\"447\":2,\"450\":3,\"451\":1,\"452\":2,\"453\":2,\"454\":2,\"455\":4,\"456\":1,\"459\":10,\"460\":4,\"461\":2,\"462\":2,\"466\":1,\"470\":1,\"473\":2,\"476\":1,\"478\":3,\"481\":14,\"482\":11,\"483\":7,\"485\":3,\"489\":1,\"493\":1,\"496\":2,\"499\":1,\"501\":3,\"504\":14,\"505\":11,\"506\":7,\"508\":3,\"509\":1,\"515\":1,\"519\":1,\"522\":2,\"525\":1,\"527\":3,\"530\":14,\"531\":11,\"532\":7,\"534\":3,\"535\":1,\"536\":1,\"537\":3,\"541\":1,\"545\":1,\"547\":1,\"552\":1,\"555\":1,\"557\":3,\"560\":14,\"561\":11,\"562\":7,\"564\":10,\"565\":1,\"571\":1,\"575\":1,\"577\":1,\"582\":1,\"585\":1,\"587\":3,\"590\":14,\"591\":11,\"592\":7,\"594\":10,\"595\":1,\"601\":1,\"605\":1,\"607\":1,\"612\":1,\"615\":1,\"617\":3,\"620\":14,\"621\":11,\"622\":7,\"624\":10,\"625\":1,\"628\":2,\"629\":2,\"631\":3,\"634\":1,\"636\":1,\"638\":2,\"639\":5,\"640\":3,\"641\":8,\"642\":2,\"643\":20,\"647\":1,\"651\":1,\"653\":1,\"658\":1,\"661\":1,\"663\":3,\"666\":14,\"667\":11,\"668\":7,\"670\":10,\"671\":1,\"674\":2,\"675\":2,\"677\":3,\"680\":1,\"682\":1,\"684\":2,\"685\":5,\"686\":3,\"687\":8,\"688\":2,\"689\":20,\"693\":1,\"697\":1,\"699\":1,\"704\":1,\"707\":1,\"709\":3,\"712\":14,\"713\":11,\"714\":7,\"716\":10,\"717\":1,\"720\":2,\"721\":2,\"723\":3,\"726\":1,\"728\":1,\"730\":2,\"731\":5,\"732\":3,\"733\":8,\"734\":2,\"735\":20,\"739\":1,\"743\":1,\"745\":1,\"750\":1,\"753\":1,\"755\":3,\"758\":14,\"759\":11,\"760\":7,\"762\":10,\"763\":1,\"766\":2,\"767\":2,\"769\":3,\"772\":1,\"774\":1,\"776\":2,\"777\":5,\"778\":3,\"779\":8,\"780\":2,\"781\":20,\"785\":1,\"789\":1,\"791\":1,\"792\":1,\"793\":2,\"796\":1,\"799\":1,\"801\":3,\"804\":14,\"805\":11,\"806\":7,\"808\":10,\"809\":1,\"812\":2,\"813\":2,\"815\":3,\"818\":1,\"820\":1,\"822\":2,\"823\":5,\"824\":3,\"825\":8,\"826\":2,\"827\":20,\"831\":1,\"835\":1,\"837\":1,\"838\":1,\"839\":2,\"842\":1,\"845\":1,\"847\":3,\"850\":14,\"851\":11,\"852\":7,\"854\":10,\"855\":1,\"858\":2,\"859\":2,\"861\":3,\"864\":1,\"866\":1,\"868\":2,\"869\":5,\"870\":3,\"871\":8,\"872\":2,\"873\":20,\"877\":1,\"881\":1,\"883\":1,\"884\":1,\"885\":2,\"888\":1,\"891\":1,\"893\":3,\"895\":1,\"896\":14,\"897\":11,\"898\":7,\"900\":2,\"901\":2,\"904\":3,\"905\":1,\"906\":2,\"907\":2,\"908\":2,\"909\":4,\"910\":1,\"913\":10,\"914\":4,\"915\":2,\"916\":2,\"920\":3,\"923\":2,\"924\":3,\"928\":2,\"948\":1,\"953\":1,\"956\":1,\"957\":1,\"975\":1,\"994\":2,\"1002\":1,\"1003\":1,\"1015\":1,\"1025\":1,\"1038\":1,\"1040\":1,\"1041\":1,\"1049\":5,\"1052\":2,\"1053\":3,\"1055\":2,\"1056\":2,\"1057\":1,\"1062\":1,\"1065\":1,\"1087\":2,\"1095\":1,\"1096\":1,\"1108\":1,\"1117\":1,\"1118\":1,\"1119\":1,\"1132\":1,\"1134\":1,\"1135\":1,\"1157\":1,\"1162\":1,\"1165\":1,\"1166\":1,\"1185\":1,\"1205\":1,\"1206\":1,\"1218\":1,\"1230\":1,\"1233\":1,\"1262\":1,\"1264\":1,\"1273\":1,\"1274\":1,\"1286\":1,\"1308\":1,\"1313\":1,\"1316\":1,\"1317\":1,\"1336\":1,\"1355\":5,\"1358\":2,\"1359\":3,\"1361\":2,\"1362\":2,\"1363\":1,\"1368\":1,\"1371\":1,\"1397\":1,\"1398\":1,\"1410\":1,\"1419\":1,\"1420\":1,\"1421\":1,\"1433\":1,\"1435\":1,\"1445\":1,\"1446\":1,\"1458\":1,\"1481\":1,\"1486\":1,\"1489\":1,\"1490\":1,\"1508\":1,\"1531\":5,\"1534\":2,\"1535\":3,\"1537\":2,\"1538\":2,\"1539\":1,\"1544\":1,\"1547\":1,\"1573\":1,\"1574\":1,\"1586\":1,\"1595\":1,\"1596\":1,\"1597\":1,\"1610\":1,\"1612\":1,\"1622\":1,\"1623\":1,\"1635\":1,\"1658\":1,\"1663\":1,\"1666\":1,\"1667\":1,\"1685\":1,\"1708\":5,\"1711\":2,\"1712\":3,\"1714\":2,\"1715\":2,\"1716\":1,\"1721\":1,\"1724\":1,\"1750\":1,\"1751\":1,\"1763\":1,\"1772\":1,\"1773\":1,\"1774\":1,\"1787\":1,\"1789\":1,\"1799\":1,\"1800\":1,\"1812\":1,\"1835\":1,\"1840\":1,\"1843\":1,\"1844\":1,\"1862\":1,\"1885\":5,\"1888\":2,\"1889\":3,\"1891\":2,\"1892\":2,\"1893\":1,\"1898\":1,\"1901\":1,\"1927\":1,\"1928\":1,\"1940\":1,\"1949\":1,\"1950\":1,\"1951\":1,\"1964\":1,\"1966\":1,\"1976\":1,\"1977\":1,\"1989\":1,\"2012\":1,\"2017\":1,\"2020\":1,\"2021\":1,\"2039\":1,\"2062\":5,\"2065\":2,\"2066\":3,\"2068\":2,\"2069\":2,\"2070\":1,\"2075\":1,\"2078\":1,\"2104\":1,\"2105\":1,\"2117\":1,\"2126\":1,\"2127\":1,\"2128\":1,\"2141\":1,\"2143\":1,\"2153\":1,\"2154\":1,\"2166\":1,\"2189\":1,\"2194\":1,\"2197\":1,\"2198\":1,\"2216\":1,\"2239\":5,\"2242\":2,\"2243\":3,\"2245\":2,\"2246\":2,\"2247\":1,\"2252\":1,\"2255\":1,\"2281\":1,\"2282\":1,\"2294\":1,\"2303\":1,\"2304\":1,\"2305\":1,\"2318\":1,\"2320\":1,\"2327\":3,\"2330\":2,\"2331\":3,\"2335\":2,\"2340\":1,\"2341\":1,\"2353\":1,\"2379\":1,\"2384\":1,\"2387\":1,\"2388\":1,\"2406\":1,\"2425\":2,\"2432\":1,\"2445\":1,\"2447\":1,\"2454\":5,\"2457\":2,\"2458\":3,\"2460\":2,\"2461\":2,\"2462\":1,\"2467\":1,\"2470\":1,\"2492\":2,\"2500\":1,\"2501\":1,\"2513\":1,\"2522\":1,\"2523\":1,\"2524\":1,\"2537\":1,\"2539\":1,\"2546\":3,\"2549\":2,\"2550\":3,\"2554\":2,\"2559\":1,\"2560\":1,\"2572\":1,\"2598\":1,\"2603\":1,\"2606\":1,\"2607\":1,\"2625\":1,\"2644\":2,\"2651\":1,\"2664\":1,\"2666\":1,\"2673\":5,\"2676\":2,\"2677\":3,\"2679\":2,\"2680\":2,\"2681\":1,\"2686\":1,\"2689\":1,\"2711\":2,\"2719\":1,\"2720\":1,\"2732\":1,\"2741\":1,\"2742\":1,\"2743\":1,\"2756\":1,\"2758\":1,\"2765\":3,\"2768\":2,\"2769\":3,\"2773\":2,\"2778\":1,\"2779\":1,\"2791\":1,\"2817\":1,\"2822\":1,\"2825\":1,\"2826\":1,\"2844\":1,\"2863\":2,\"2870\":1,\"2883\":1,\"2885\":1,\"2892\":5,\"2895\":2,\"2896\":3,\"2898\":2,\"2899\":2,\"2900\":1,\"2905\":1,\"2908\":1,\"2930\":2,\"2938\":1,\"2939\":1,\"2951\":1,\"2960\":1,\"2961\":1,\"2962\":1,\"2975\":1,\"2977\":1,\"2984\":3,\"2987\":2,\"2988\":3,\"2992\":2,\"2997\":1,\"2998\":1,\"3010\":1,\"3036\":1,\"3041\":1,\"3044\":1,\"3045\":1,\"3063\":1,\"3082\":2,\"3089\":1,\"3102\":1,\"3104\":1,\"3111\":5,\"3114\":2,\"3115\":3,\"3117\":2,\"3118\":2,\"3119\":1,\"3124\":1,\"3127\":1,\"3149\":2,\"3157\":1,\"3158\":1,\"3170\":1,\"3179\":1,\"3180\":1,\"3181\":1,\"3194\":1,\"3196\":1,\"3203\":3,\"3206\":2,\"3207\":3,\"3211\":2,\"3231\":1,\"3236\":1,\"3239\":1,\"3240\":1,\"3258\":1,\"3277\":2,\"3285\":1,\"3286\":1,\"3298\":1,\"3308\":1,\"3321\":1,\"3323\":1,\"3324\":1,\"3332\":5,\"3335\":2,\"3336\":3,\"3338\":2,\"3339\":2,\"3340\":1,\"3345\":1,\"3348\":1,\"3370\":2,\"3378\":1,\"3379\":1,\"3391\":1,\"3400\":1,\"3401\":1,\"3402\":1,\"3415\":1,\"3417\":1,\"3418\":1}}],[\"a\",{\"0\":{\"37\":1,\"140\":1,\"141\":1,\"142\":1,\"163\":1,\"422\":1,\"424\":1,\"465\":1,\"467\":1,\"488\":1,\"490\":1,\"514\":1,\"516\":1,\"540\":1,\"542\":1,\"570\":1,\"572\":1,\"600\":1,\"602\":1,\"646\":1,\"648\":1,\"692\":1,\"694\":1,\"738\":1,\"740\":1,\"784\":1,\"786\":1,\"830\":1,\"832\":1,\"876\":1,\"878\":1},\"1\":{\"0\":4,\"1\":2,\"6\":1,\"8\":2,\"9\":1,\"10\":1,\"12\":1,\"26\":4,\"28\":1,\"29\":1,\"32\":3,\"33\":2,\"37\":4,\"38\":1,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"75\":1,\"77\":1,\"81\":2,\"82\":1,\"85\":4,\"88\":6,\"89\":2,\"90\":1,\"91\":4,\"93\":1,\"94\":1,\"95\":5,\"96\":6,\"97\":9,\"98\":4,\"99\":5,\"100\":1,\"102\":3,\"103\":2,\"104\":1,\"105\":3,\"106\":1,\"107\":1,\"110\":4,\"112\":1,\"116\":2,\"117\":1,\"119\":2,\"126\":2,\"127\":3,\"128\":1,\"129\":1,\"130\":1,\"131\":1,\"134\":1,\"135\":1,\"137\":2,\"138\":1,\"139\":1,\"143\":3,\"144\":1,\"147\":4,\"148\":1,\"149\":1,\"150\":1,\"152\":5,\"153\":5,\"154\":8,\"157\":3,\"162\":2,\"163\":1,\"165\":4,\"167\":1,\"168\":1,\"169\":5,\"170\":1,\"174\":4,\"180\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":2,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":2,\"203\":3,\"209\":1,\"210\":1,\"223\":1,\"231\":4,\"232\":3,\"234\":1,\"235\":1,\"238\":4,\"244\":1,\"245\":1,\"246\":1,\"247\":2,\"248\":3,\"258\":1,\"265\":2,\"266\":2,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"280\":1,\"284\":1,\"285\":1,\"288\":1,\"289\":11,\"290\":9,\"291\":1,\"295\":1,\"296\":1,\"299\":1,\"300\":11,\"301\":9,\"302\":1,\"303\":1,\"304\":7,\"306\":1,\"307\":7,\"309\":1,\"310\":5,\"312\":1,\"313\":5,\"315\":1,\"316\":5,\"318\":4,\"319\":4,\"320\":1,\"321\":1,\"322\":2,\"323\":2,\"324\":1,\"325\":1,\"329\":4,\"331\":4,\"332\":3,\"333\":3,\"334\":3,\"335\":3,\"337\":1,\"338\":14,\"340\":1,\"341\":3,\"342\":2,\"344\":2,\"345\":2,\"346\":2,\"347\":5,\"348\":5,\"349\":5,\"351\":1,\"352\":5,\"354\":3,\"356\":13,\"357\":6,\"358\":1,\"361\":10,\"362\":4,\"363\":3,\"364\":5,\"366\":1,\"367\":10,\"369\":1,\"371\":3,\"372\":4,\"373\":2,\"374\":2,\"376\":1,\"377\":5,\"379\":3,\"381\":5,\"383\":6,\"384\":1,\"387\":10,\"388\":4,\"389\":3,\"390\":4,\"392\":1,\"393\":19,\"394\":4,\"395\":1,\"398\":1,\"399\":1,\"402\":1,\"404\":1,\"405\":1,\"414\":3,\"415\":2,\"417\":7,\"418\":4,\"419\":7,\"421\":1,\"422\":2,\"423\":2,\"427\":2,\"428\":1,\"429\":3,\"432\":1,\"438\":1,\"439\":4,\"441\":1,\"442\":5,\"443\":7,\"444\":1,\"450\":1,\"457\":3,\"459\":3,\"460\":1,\"461\":1,\"462\":4,\"464\":1,\"465\":2,\"466\":2,\"470\":2,\"471\":1,\"472\":1,\"477\":1,\"478\":4,\"480\":1,\"481\":8,\"482\":7,\"483\":1,\"485\":2,\"487\":1,\"488\":2,\"489\":2,\"493\":2,\"494\":1,\"495\":1,\"500\":1,\"501\":4,\"503\":1,\"504\":6,\"505\":7,\"506\":1,\"508\":2,\"510\":1,\"511\":4,\"513\":1,\"514\":2,\"515\":2,\"519\":2,\"520\":1,\"521\":1,\"526\":1,\"527\":4,\"529\":1,\"530\":6,\"531\":7,\"532\":1,\"534\":2,\"536\":1,\"537\":5,\"539\":1,\"540\":2,\"541\":2,\"545\":2,\"546\":1,\"547\":1,\"556\":1,\"557\":4,\"559\":1,\"560\":6,\"561\":7,\"562\":1,\"564\":3,\"566\":1,\"567\":4,\"569\":1,\"570\":2,\"571\":2,\"575\":2,\"576\":1,\"577\":3,\"586\":1,\"587\":4,\"589\":1,\"590\":6,\"591\":7,\"592\":1,\"594\":3,\"596\":1,\"597\":4,\"599\":1,\"600\":2,\"601\":2,\"605\":2,\"606\":1,\"607\":3,\"616\":1,\"617\":4,\"619\":1,\"620\":6,\"621\":7,\"622\":1,\"624\":3,\"626\":1,\"627\":4,\"628\":1,\"629\":1,\"638\":3,\"639\":2,\"641\":7,\"642\":4,\"643\":7,\"645\":1,\"646\":2,\"647\":2,\"651\":2,\"652\":1,\"653\":3,\"662\":1,\"663\":4,\"665\":1,\"666\":6,\"667\":7,\"668\":1,\"670\":3,\"672\":1,\"673\":4,\"674\":1,\"675\":1,\"684\":3,\"685\":2,\"687\":7,\"688\":4,\"689\":7,\"691\":1,\"692\":2,\"693\":2,\"697\":2,\"698\":1,\"699\":3,\"708\":1,\"709\":4,\"711\":1,\"712\":6,\"713\":7,\"714\":1,\"716\":3,\"718\":1,\"719\":4,\"720\":1,\"721\":1,\"730\":3,\"731\":2,\"733\":7,\"734\":4,\"735\":7,\"737\":1,\"738\":2,\"739\":2,\"743\":2,\"744\":1,\"745\":3,\"754\":1,\"755\":4,\"757\":1,\"758\":6,\"759\":7,\"760\":1,\"762\":3,\"764\":1,\"765\":4,\"766\":1,\"767\":1,\"776\":3,\"777\":2,\"779\":7,\"780\":4,\"781\":7,\"783\":1,\"784\":2,\"785\":2,\"789\":2,\"790\":1,\"791\":3,\"794\":1,\"800\":1,\"801\":4,\"803\":1,\"804\":6,\"805\":7,\"806\":1,\"808\":3,\"810\":1,\"811\":4,\"812\":1,\"813\":1,\"822\":3,\"823\":2,\"825\":7,\"826\":4,\"827\":7,\"829\":1,\"830\":2,\"831\":2,\"835\":2,\"836\":1,\"837\":3,\"840\":1,\"846\":1,\"847\":4,\"849\":1,\"850\":6,\"851\":7,\"852\":1,\"854\":3,\"856\":1,\"857\":4,\"858\":1,\"859\":1,\"868\":3,\"869\":2,\"871\":7,\"872\":4,\"873\":7,\"875\":1,\"876\":2,\"877\":2,\"881\":2,\"882\":1,\"883\":3,\"886\":1,\"892\":1,\"893\":4,\"895\":1,\"896\":5,\"897\":7,\"898\":1,\"904\":1,\"911\":3,\"913\":3,\"914\":1,\"915\":1,\"916\":4,\"920\":8,\"921\":2,\"928\":2,\"930\":1,\"937\":1,\"951\":1,\"952\":1,\"954\":2,\"955\":3,\"960\":1,\"961\":1,\"974\":1,\"986\":1,\"987\":1,\"990\":1,\"994\":1,\"997\":1,\"1026\":2,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1043\":4,\"1044\":4,\"1049\":10,\"1050\":2,\"1056\":3,\"1057\":2,\"1062\":2,\"1063\":3,\"1066\":1,\"1075\":1,\"1087\":1,\"1090\":1,\"1120\":2,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1137\":4,\"1138\":4,\"1143\":1,\"1150\":1,\"1160\":1,\"1161\":1,\"1163\":2,\"1164\":3,\"1170\":1,\"1171\":1,\"1184\":1,\"1193\":1,\"1194\":1,\"1199\":1,\"1230\":2,\"1231\":3,\"1234\":1,\"1243\":1,\"1253\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1294\":1,\"1301\":1,\"1311\":1,\"1312\":1,\"1314\":2,\"1315\":3,\"1321\":1,\"1322\":1,\"1335\":1,\"1344\":1,\"1345\":1,\"1350\":1,\"1355\":10,\"1356\":2,\"1362\":3,\"1363\":2,\"1368\":2,\"1369\":3,\"1372\":1,\"1381\":1,\"1388\":1,\"1392\":1,\"1422\":2,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1466\":1,\"1473\":1,\"1484\":1,\"1485\":1,\"1487\":2,\"1488\":3,\"1493\":1,\"1494\":1,\"1507\":1,\"1519\":1,\"1520\":1,\"1523\":1,\"1526\":1,\"1531\":10,\"1532\":2,\"1538\":3,\"1539\":2,\"1544\":2,\"1545\":3,\"1548\":1,\"1557\":1,\"1568\":1,\"1598\":2,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1643\":1,\"1650\":1,\"1661\":1,\"1662\":1,\"1664\":2,\"1665\":3,\"1670\":1,\"1671\":1,\"1684\":1,\"1696\":1,\"1697\":1,\"1700\":1,\"1703\":1,\"1708\":10,\"1709\":2,\"1715\":3,\"1716\":2,\"1721\":2,\"1722\":3,\"1725\":1,\"1734\":1,\"1745\":1,\"1775\":2,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1820\":1,\"1827\":1,\"1838\":1,\"1839\":1,\"1841\":2,\"1842\":3,\"1847\":1,\"1848\":1,\"1861\":1,\"1873\":1,\"1874\":1,\"1877\":1,\"1880\":1,\"1885\":10,\"1886\":2,\"1892\":3,\"1893\":2,\"1898\":2,\"1899\":3,\"1902\":1,\"1911\":1,\"1922\":1,\"1952\":2,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1997\":1,\"2004\":1,\"2015\":1,\"2016\":1,\"2018\":2,\"2019\":3,\"2024\":1,\"2025\":1,\"2038\":1,\"2050\":1,\"2051\":1,\"2054\":1,\"2057\":1,\"2062\":10,\"2063\":2,\"2069\":3,\"2070\":2,\"2075\":2,\"2076\":3,\"2079\":1,\"2088\":1,\"2099\":1,\"2129\":2,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2174\":1,\"2181\":1,\"2192\":1,\"2193\":1,\"2195\":2,\"2196\":3,\"2201\":1,\"2202\":1,\"2215\":1,\"2227\":1,\"2228\":1,\"2231\":1,\"2234\":1,\"2239\":10,\"2240\":2,\"2246\":3,\"2247\":2,\"2252\":2,\"2253\":3,\"2256\":1,\"2265\":1,\"2276\":1,\"2306\":2,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2327\":8,\"2328\":2,\"2335\":2,\"2361\":1,\"2368\":1,\"2382\":1,\"2383\":1,\"2385\":2,\"2386\":3,\"2391\":1,\"2392\":1,\"2405\":1,\"2417\":1,\"2418\":1,\"2421\":1,\"2425\":1,\"2428\":1,\"2433\":2,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2454\":10,\"2455\":2,\"2461\":3,\"2462\":2,\"2467\":2,\"2468\":3,\"2471\":1,\"2480\":1,\"2492\":1,\"2495\":1,\"2525\":2,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2546\":8,\"2547\":2,\"2554\":2,\"2580\":1,\"2587\":1,\"2601\":1,\"2602\":1,\"2604\":2,\"2605\":3,\"2610\":1,\"2611\":1,\"2624\":1,\"2636\":1,\"2637\":1,\"2640\":1,\"2644\":1,\"2647\":1,\"2652\":2,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2673\":10,\"2674\":2,\"2680\":3,\"2681\":2,\"2686\":2,\"2687\":3,\"2690\":1,\"2699\":1,\"2711\":1,\"2714\":1,\"2744\":2,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2765\":8,\"2766\":2,\"2773\":2,\"2799\":1,\"2806\":1,\"2820\":1,\"2821\":1,\"2823\":2,\"2824\":3,\"2829\":1,\"2830\":1,\"2843\":1,\"2855\":1,\"2856\":1,\"2859\":1,\"2863\":1,\"2866\":1,\"2871\":2,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2892\":10,\"2893\":2,\"2899\":3,\"2900\":2,\"2905\":2,\"2906\":3,\"2909\":1,\"2918\":1,\"2930\":1,\"2933\":1,\"2963\":2,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2984\":8,\"2985\":2,\"2992\":2,\"3018\":1,\"3025\":1,\"3039\":1,\"3040\":1,\"3042\":2,\"3043\":3,\"3048\":1,\"3049\":1,\"3062\":1,\"3074\":1,\"3075\":1,\"3078\":1,\"3082\":1,\"3085\":1,\"3090\":2,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3111\":10,\"3112\":2,\"3118\":3,\"3119\":2,\"3124\":2,\"3125\":3,\"3128\":1,\"3137\":1,\"3149\":1,\"3152\":1,\"3182\":2,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3203\":8,\"3204\":2,\"3211\":2,\"3213\":1,\"3220\":1,\"3234\":1,\"3235\":1,\"3237\":2,\"3238\":3,\"3243\":1,\"3244\":1,\"3257\":1,\"3269\":1,\"3270\":1,\"3273\":1,\"3277\":1,\"3280\":1,\"3309\":2,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3326\":4,\"3327\":4,\"3332\":10,\"3333\":2,\"3339\":3,\"3340\":2,\"3345\":2,\"3346\":3,\"3349\":1,\"3358\":1,\"3370\":1,\"3373\":1,\"3403\":2,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3420\":4,\"3421\":4}}],[\"dts\",{\"1\":{\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"dth\",{\"1\":{\"91\":1}}],[\"dgpg\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"d+$\",{\"1\":{\"357\":1}}],[\"d+\",{\"1\":{\"357\":2}}],[\"dynamically\",{\"1\":{\"446\":1,\"900\":1}}],[\"dynamic\",{\"1\":{\"345\":1,\"347\":1}}],[\"dn\",{\"0\":{\"276\":1,\"1039\":1,\"1043\":1,\"1044\":1,\"1133\":1,\"1137\":1,\"1138\":1,\"1263\":1,\"1434\":1,\"1611\":1,\"1788\":1,\"1965\":1,\"2142\":1,\"2319\":1,\"2446\":1,\"2538\":1,\"2665\":1,\"2757\":1,\"2884\":1,\"2976\":1,\"3103\":1,\"3195\":1,\"3322\":1,\"3326\":1,\"3327\":1,\"3416\":1,\"3420\":1,\"3421\":1},\"1\":{\"276\":1,\"452\":3,\"454\":3,\"461\":5,\"906\":3,\"908\":3,\"915\":5,\"923\":1,\"1043\":1,\"1044\":1,\"1052\":1,\"1137\":1,\"1138\":1,\"1263\":1,\"1358\":1,\"1434\":1,\"1534\":1,\"1611\":1,\"1711\":1,\"1788\":1,\"1888\":1,\"1965\":1,\"2065\":1,\"2142\":1,\"2242\":1,\"2319\":1,\"2330\":1,\"2446\":1,\"2457\":1,\"2538\":1,\"2549\":1,\"2665\":1,\"2676\":1,\"2757\":1,\"2768\":1,\"2884\":1,\"2895\":1,\"2976\":1,\"2987\":1,\"3103\":1,\"3114\":1,\"3195\":1,\"3206\":1,\"3326\":1,\"3327\":1,\"3335\":1,\"3420\":1,\"3421\":1}}],[\"dns\",{\"1\":{\"112\":1,\"167\":1}}],[\"d\",{\"1\":{\"110\":1,\"112\":1,\"113\":1,\"165\":1,\"167\":1,\"168\":1,\"283\":1,\"284\":1,\"289\":1,\"290\":2,\"294\":1,\"295\":1,\"300\":1,\"301\":2,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"327\":4,\"419\":1,\"437\":1,\"438\":1,\"442\":1,\"443\":1,\"457\":2,\"458\":9,\"459\":1,\"461\":1,\"462\":1,\"476\":1,\"477\":1,\"481\":1,\"482\":1,\"499\":1,\"500\":1,\"504\":1,\"505\":1,\"510\":1,\"511\":1,\"525\":1,\"526\":1,\"530\":1,\"531\":1,\"536\":1,\"537\":1,\"555\":1,\"556\":1,\"560\":1,\"561\":1,\"564\":1,\"566\":1,\"567\":1,\"585\":1,\"586\":1,\"590\":1,\"591\":1,\"594\":1,\"596\":1,\"597\":1,\"615\":1,\"616\":1,\"620\":1,\"621\":1,\"624\":1,\"626\":1,\"627\":1,\"643\":1,\"661\":1,\"662\":1,\"666\":1,\"667\":1,\"670\":1,\"672\":1,\"673\":1,\"689\":1,\"707\":1,\"708\":1,\"712\":1,\"713\":1,\"716\":1,\"718\":1,\"719\":1,\"735\":1,\"753\":1,\"754\":1,\"758\":1,\"759\":1,\"762\":1,\"764\":1,\"765\":1,\"781\":1,\"799\":1,\"800\":1,\"804\":1,\"805\":1,\"808\":1,\"810\":1,\"811\":1,\"827\":1,\"845\":1,\"846\":1,\"850\":1,\"851\":1,\"854\":1,\"856\":1,\"857\":1,\"873\":1,\"891\":1,\"892\":1,\"896\":1,\"897\":1,\"911\":2,\"912\":9,\"913\":1,\"915\":1,\"916\":1,\"1044\":3,\"1138\":3,\"3327\":3,\"3421\":3}}],[\"dfn\",{\"1\":{\"110\":3,\"112\":3,\"113\":3,\"165\":3,\"167\":3,\"168\":3,\"284\":5,\"289\":3,\"295\":5,\"300\":3,\"438\":4,\"457\":2,\"460\":1,\"477\":4,\"481\":3,\"500\":4,\"504\":2,\"526\":4,\"530\":2,\"556\":4,\"560\":2,\"586\":4,\"590\":2,\"616\":4,\"620\":2,\"662\":4,\"666\":2,\"708\":4,\"712\":2,\"754\":4,\"758\":2,\"800\":4,\"804\":2,\"846\":4,\"850\":2,\"892\":4,\"911\":2,\"914\":1,\"1044\":1,\"1138\":1,\"3327\":1,\"3421\":1}}],[\"dbstatement\",{\"0\":{\"942\":1,\"1078\":1,\"2373\":1,\"2483\":1,\"2592\":1,\"2702\":1,\"2811\":1,\"2921\":1,\"3030\":1,\"3140\":1,\"3225\":1,\"3361\":1},\"1\":{\"942\":1,\"1078\":1,\"2373\":1,\"2483\":1,\"2592\":1,\"2702\":1,\"2811\":1,\"2921\":1,\"3030\":1,\"3140\":1,\"3225\":1,\"3361\":1}}],[\"db\",{\"0\":{\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"934\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1},\"1\":{\"99\":3,\"134\":1,\"136\":1,\"145\":8,\"169\":3,\"175\":3,\"176\":1,\"177\":2,\"178\":1,\"179\":3,\"180\":2,\"181\":1,\"182\":3,\"183\":1,\"251\":3,\"252\":1,\"253\":2,\"254\":1,\"255\":3,\"256\":1,\"257\":3,\"258\":2,\"259\":1,\"289\":3,\"290\":3,\"300\":3,\"301\":3,\"327\":132,\"442\":3,\"443\":3,\"447\":4,\"449\":5,\"461\":7,\"462\":7,\"481\":3,\"482\":3,\"504\":3,\"505\":3,\"530\":3,\"531\":3,\"560\":3,\"561\":3,\"590\":3,\"591\":3,\"620\":3,\"621\":3,\"666\":3,\"667\":3,\"712\":3,\"713\":3,\"758\":3,\"759\":3,\"804\":3,\"805\":3,\"850\":3,\"851\":3,\"896\":3,\"897\":3,\"901\":4,\"903\":5,\"915\":7,\"916\":7,\"930\":2,\"931\":1,\"932\":3,\"933\":1,\"934\":2,\"935\":1,\"936\":3,\"937\":2,\"938\":1,\"939\":3,\"940\":1,\"942\":1,\"1066\":2,\"1067\":1,\"1068\":3,\"1069\":1,\"1070\":2,\"1071\":1,\"1072\":3,\"1073\":1,\"1074\":3,\"1075\":2,\"1076\":1,\"1078\":1,\"1143\":2,\"1144\":1,\"1145\":3,\"1146\":1,\"1147\":2,\"1148\":1,\"1149\":3,\"1150\":2,\"1151\":1,\"1152\":3,\"1153\":1,\"1234\":2,\"1235\":1,\"1236\":3,\"1237\":1,\"1238\":2,\"1239\":1,\"1240\":3,\"1241\":1,\"1242\":3,\"1243\":2,\"1244\":1,\"1294\":2,\"1295\":1,\"1296\":3,\"1297\":1,\"1298\":2,\"1299\":1,\"1300\":3,\"1301\":2,\"1302\":1,\"1303\":3,\"1304\":1,\"1372\":2,\"1373\":1,\"1374\":3,\"1375\":1,\"1376\":2,\"1377\":1,\"1378\":3,\"1379\":1,\"1380\":3,\"1381\":2,\"1382\":1,\"1466\":2,\"1467\":1,\"1468\":3,\"1469\":1,\"1470\":2,\"1471\":1,\"1472\":3,\"1473\":2,\"1474\":1,\"1475\":3,\"1476\":1,\"1548\":2,\"1549\":1,\"1550\":3,\"1551\":1,\"1552\":2,\"1553\":1,\"1554\":3,\"1555\":1,\"1556\":3,\"1557\":2,\"1558\":1,\"1643\":2,\"1644\":1,\"1645\":3,\"1646\":1,\"1647\":2,\"1648\":1,\"1649\":3,\"1650\":2,\"1651\":1,\"1652\":3,\"1653\":1,\"1725\":2,\"1726\":1,\"1727\":3,\"1728\":1,\"1729\":2,\"1730\":1,\"1731\":3,\"1732\":1,\"1733\":3,\"1734\":2,\"1735\":1,\"1820\":2,\"1821\":1,\"1822\":3,\"1823\":1,\"1824\":2,\"1825\":1,\"1826\":3,\"1827\":2,\"1828\":1,\"1829\":3,\"1830\":1,\"1902\":2,\"1903\":1,\"1904\":3,\"1905\":1,\"1906\":2,\"1907\":1,\"1908\":3,\"1909\":1,\"1910\":3,\"1911\":2,\"1912\":1,\"1997\":2,\"1998\":1,\"1999\":3,\"2000\":1,\"2001\":2,\"2002\":1,\"2003\":3,\"2004\":2,\"2005\":1,\"2006\":3,\"2007\":1,\"2079\":2,\"2080\":1,\"2081\":3,\"2082\":1,\"2083\":2,\"2084\":1,\"2085\":3,\"2086\":1,\"2087\":3,\"2088\":2,\"2089\":1,\"2174\":2,\"2175\":1,\"2176\":3,\"2177\":1,\"2178\":2,\"2179\":1,\"2180\":3,\"2181\":2,\"2182\":1,\"2183\":3,\"2184\":1,\"2256\":2,\"2257\":1,\"2258\":3,\"2259\":1,\"2260\":2,\"2261\":1,\"2262\":3,\"2263\":1,\"2264\":3,\"2265\":2,\"2266\":1,\"2361\":2,\"2362\":1,\"2363\":3,\"2364\":1,\"2365\":2,\"2366\":1,\"2367\":3,\"2368\":2,\"2369\":1,\"2370\":3,\"2371\":1,\"2373\":1,\"2471\":2,\"2472\":1,\"2473\":3,\"2474\":1,\"2475\":2,\"2476\":1,\"2477\":3,\"2478\":1,\"2479\":3,\"2480\":2,\"2481\":1,\"2483\":1,\"2580\":2,\"2581\":1,\"2582\":3,\"2583\":1,\"2584\":2,\"2585\":1,\"2586\":3,\"2587\":2,\"2588\":1,\"2589\":3,\"2590\":1,\"2592\":1,\"2690\":2,\"2691\":1,\"2692\":3,\"2693\":1,\"2694\":2,\"2695\":1,\"2696\":3,\"2697\":1,\"2698\":3,\"2699\":2,\"2700\":1,\"2702\":1,\"2799\":2,\"2800\":1,\"2801\":3,\"2802\":1,\"2803\":2,\"2804\":1,\"2805\":3,\"2806\":2,\"2807\":1,\"2808\":3,\"2809\":1,\"2811\":1,\"2909\":2,\"2910\":1,\"2911\":3,\"2912\":1,\"2913\":2,\"2914\":1,\"2915\":3,\"2916\":1,\"2917\":3,\"2918\":2,\"2919\":1,\"2921\":1,\"3018\":2,\"3019\":1,\"3020\":3,\"3021\":1,\"3022\":2,\"3023\":1,\"3024\":3,\"3025\":2,\"3026\":1,\"3027\":3,\"3028\":1,\"3030\":1,\"3128\":2,\"3129\":1,\"3130\":3,\"3131\":1,\"3132\":2,\"3133\":1,\"3134\":3,\"3135\":1,\"3136\":3,\"3137\":2,\"3138\":1,\"3140\":1,\"3213\":2,\"3214\":1,\"3215\":3,\"3216\":1,\"3217\":2,\"3218\":1,\"3219\":3,\"3220\":2,\"3221\":1,\"3222\":3,\"3223\":1,\"3225\":1,\"3349\":2,\"3350\":1,\"3351\":3,\"3352\":1,\"3353\":2,\"3354\":1,\"3355\":3,\"3356\":1,\"3357\":3,\"3358\":2,\"3359\":1,\"3361\":1}}],[\"dmu=data\",{\"1\":{\"98\":1}}],[\"dmz\",{\"0\":{\"92\":1,\"100\":1,\"170\":1},\"1\":{\"88\":1,\"100\":1,\"109\":1,\"170\":1}}],[\"dmsen\",{\"1\":{\"16\":2}}],[\"dms\",{\"1\":{\"16\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"dmst\",{\"1\":{\"14\":1}}],[\"drives\",{\"1\":{\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"drivers\",{\"1\":{\"400\":1}}],[\"driver\",{\"1\":{\"327\":6}}],[\"draft\",{\"1\":{\"141\":1,\"142\":1}}],[\"drug\",{\"1\":{\"126\":1}}],[\"drops\",{\"1\":{\"89\":1}}],[\"dr\",{\"1\":{\"83\":1}}],[\"durations\",{\"1\":{\"382\":1}}],[\"duration\",{\"1\":{\"382\":1}}],[\"during\",{\"1\":{\"107\":1,\"134\":1,\"135\":1,\"184\":1,\"185\":1,\"186\":1,\"233\":1,\"234\":1,\"235\":1,\"237\":1,\"276\":1,\"290\":3,\"301\":3,\"331\":1,\"338\":1,\"345\":1,\"346\":2,\"348\":1,\"367\":1,\"371\":1,\"393\":1,\"416\":1,\"443\":3,\"482\":3,\"505\":3,\"531\":3,\"561\":3,\"591\":3,\"621\":3,\"640\":1,\"667\":3,\"686\":1,\"713\":3,\"732\":1,\"759\":3,\"778\":1,\"805\":3,\"824\":1,\"851\":3,\"870\":1,\"897\":3,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"985\":1,\"986\":1,\"987\":1,\"989\":1,\"1039\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1133\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1196\":1,\"1263\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1347\":1,\"1434\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1522\":1,\"1611\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1699\":1,\"1788\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1876\":1,\"1965\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2053\":1,\"2142\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2230\":1,\"2319\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2420\":1,\"2446\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2538\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2639\":1,\"2665\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2757\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2858\":1,\"2884\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2976\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3077\":1,\"3103\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3195\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3272\":1,\"3322\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3416\":1}}],[\"durchgeführt\",{\"1\":{\"17\":1}}],[\"durchzuführen\",{\"1\":{\"16\":1}}],[\"dugas\",{\"1\":{\"26\":1}}],[\"daoproviderimpl\",{\"1\":{\"147\":1}}],[\"daoprovider\",{\"1\":{\"147\":1}}],[\"daoconfig\",{\"1\":{\"147\":2}}],[\"dao\",{\"0\":{\"147\":1},\"1\":{\"147\":7,\"151\":1}}],[\"dana\",{\"1\":{\"41\":1}}],[\"dabei\",{\"1\":{\"17\":1}}],[\"dafür\",{\"1\":{\"16\":1}}],[\"dashed\",{\"1\":{\"356\":1}}],[\"dass\",{\"1\":{\"16\":1}}],[\"das\",{\"1\":{\"15\":2}}],[\"dazu\",{\"1\":{\"14\":1,\"16\":1}}],[\"dates\",{\"1\":{\"141\":1,\"142\":1}}],[\"date\",{\"0\":{\"73\":1,\"348\":1},\"1\":{\"33\":1,\"99\":2,\"141\":1,\"142\":1,\"169\":2,\"348\":2}}],[\"datenausleitungssprechstunde\",{\"1\":{\"41\":1}}],[\"datenausleitung\",{\"1\":{\"17\":1}}],[\"datenselektion\",{\"1\":{\"14\":3}}],[\"datasharingframework\",{\"1\":{\"449\":1,\"461\":4,\"462\":2,\"510\":4,\"511\":2,\"536\":4,\"537\":2,\"549\":2,\"566\":4,\"567\":2,\"579\":2,\"596\":4,\"597\":2,\"609\":2,\"626\":4,\"627\":2,\"655\":2,\"672\":4,\"673\":2,\"701\":2,\"718\":4,\"719\":2,\"747\":2,\"764\":4,\"765\":2,\"810\":4,\"811\":2,\"856\":4,\"857\":2,\"903\":1,\"915\":4,\"916\":2,\"1027\":1,\"1121\":1,\"1423\":1,\"1599\":1,\"1776\":1,\"1953\":1,\"2130\":1,\"2307\":1,\"2434\":1,\"2526\":1,\"2653\":1,\"2745\":1,\"2872\":1,\"2964\":1,\"3091\":1,\"3183\":1,\"3310\":1,\"3404\":1}}],[\"datasets\",{\"1\":{\"129\":1}}],[\"datareceive\",{\"1\":{\"304\":4,\"307\":1}}],[\"datatranslate\",{\"1\":{\"304\":4,\"307\":1}}],[\"databases\",{\"1\":{\"134\":1}}],[\"database\",{\"0\":{\"145\":1},\"1\":{\"99\":2,\"134\":2,\"169\":2,\"175\":2,\"176\":2,\"177\":2,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"251\":2,\"252\":2,\"253\":2,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"331\":1,\"412\":1,\"442\":1,\"443\":1,\"481\":1,\"482\":1,\"504\":1,\"505\":1,\"530\":1,\"531\":1,\"560\":1,\"561\":1,\"590\":1,\"591\":1,\"620\":1,\"621\":1,\"636\":1,\"666\":1,\"667\":1,\"682\":1,\"712\":1,\"713\":1,\"728\":1,\"758\":1,\"759\":1,\"774\":1,\"804\":1,\"805\":1,\"820\":1,\"850\":1,\"851\":1,\"866\":1,\"896\":1,\"897\":1,\"932\":2,\"933\":2,\"934\":2,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"1068\":2,\"1069\":2,\"1070\":2,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1145\":2,\"1146\":2,\"1147\":2,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1236\":2,\"1237\":2,\"1238\":2,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1296\":2,\"1297\":2,\"1298\":2,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1374\":2,\"1375\":2,\"1376\":2,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1468\":2,\"1469\":2,\"1470\":2,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1550\":2,\"1551\":2,\"1552\":2,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1645\":2,\"1646\":2,\"1647\":2,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1727\":2,\"1728\":2,\"1729\":2,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1822\":2,\"1823\":2,\"1824\":2,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1904\":2,\"1905\":2,\"1906\":2,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1999\":2,\"2000\":2,\"2001\":2,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2081\":2,\"2082\":2,\"2083\":2,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2176\":2,\"2177\":2,\"2178\":2,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2258\":2,\"2259\":2,\"2260\":2,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2363\":2,\"2364\":2,\"2365\":2,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2473\":2,\"2474\":2,\"2475\":2,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2582\":2,\"2583\":2,\"2584\":2,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2692\":2,\"2693\":2,\"2694\":2,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2801\":2,\"2802\":2,\"2803\":2,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2911\":2,\"2912\":2,\"2913\":2,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"3020\":2,\"3021\":2,\"3022\":2,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3130\":2,\"3131\":2,\"3132\":2,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3215\":2,\"3216\":2,\"3217\":2,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3351\":2,\"3352\":2,\"3353\":2,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1}}],[\"data\",{\"0\":{\"0\":1,\"8\":1,\"9\":1,\"22\":1,\"81\":1,\"130\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1},\"1\":{\"0\":7,\"1\":1,\"5\":3,\"6\":4,\"8\":3,\"9\":3,\"10\":2,\"11\":1,\"12\":2,\"14\":3,\"15\":1,\"17\":3,\"20\":2,\"26\":7,\"28\":1,\"29\":2,\"30\":2,\"32\":4,\"35\":1,\"36\":1,\"37\":1,\"39\":1,\"40\":1,\"42\":2,\"44\":2,\"46\":2,\"48\":2,\"50\":2,\"52\":2,\"54\":2,\"56\":2,\"58\":2,\"60\":2,\"62\":2,\"64\":2,\"66\":2,\"76\":1,\"78\":4,\"81\":3,\"82\":1,\"85\":1,\"88\":1,\"89\":1,\"90\":2,\"91\":6,\"94\":6,\"95\":3,\"97\":1,\"98\":11,\"99\":2,\"109\":1,\"116\":1,\"117\":6,\"118\":2,\"126\":4,\"127\":7,\"128\":3,\"129\":2,\"130\":4,\"134\":2,\"135\":2,\"136\":1,\"138\":1,\"169\":2,\"174\":1,\"231\":1,\"232\":1,\"238\":1,\"290\":1,\"304\":6,\"307\":6,\"318\":1,\"327\":3,\"331\":1,\"338\":3,\"367\":1,\"393\":1,\"404\":2,\"405\":1,\"416\":8,\"417\":2,\"431\":2,\"433\":4,\"610\":2,\"628\":2,\"629\":1,\"640\":8,\"641\":2,\"656\":2,\"674\":2,\"675\":1,\"686\":8,\"687\":2,\"702\":2,\"720\":2,\"721\":1,\"732\":8,\"733\":2,\"748\":4,\"766\":2,\"767\":1,\"778\":8,\"779\":2,\"793\":2,\"795\":4,\"812\":2,\"813\":1,\"824\":8,\"825\":2,\"839\":2,\"841\":4,\"858\":2,\"859\":1,\"870\":8,\"871\":2,\"885\":2,\"887\":4}}],[\"domains\",{\"1\":{\"995\":1,\"997\":1,\"1088\":1,\"1090\":1,\"1197\":1,\"1199\":1,\"1251\":1,\"1253\":1,\"1348\":1,\"1350\":1,\"1390\":1,\"1392\":1,\"1524\":1,\"1526\":1,\"1566\":1,\"1568\":1,\"1701\":1,\"1703\":1,\"1743\":1,\"1745\":1,\"1878\":1,\"1880\":1,\"1920\":1,\"1922\":1,\"2055\":1,\"2057\":1,\"2097\":1,\"2099\":1,\"2232\":1,\"2234\":1,\"2274\":1,\"2276\":1,\"2426\":1,\"2428\":1,\"2493\":1,\"2495\":1,\"2645\":1,\"2647\":1,\"2712\":1,\"2714\":1,\"2864\":1,\"2866\":1,\"2931\":1,\"2933\":1,\"3083\":1,\"3085\":1,\"3150\":1,\"3152\":1,\"3278\":1,\"3280\":1,\"3371\":1,\"3373\":1}}],[\"domain\",{\"1\":{\"357\":1}}],[\"domainorg\",{\"1\":{\"357\":1}}],[\"dot\",{\"1\":{\"346\":1}}],[\"doexecute\",{\"1\":{\"154\":1,\"335\":1,\"342\":2,\"373\":1}}],[\"does\",{\"1\":{\"99\":1,\"169\":1,\"218\":1,\"311\":1,\"314\":1,\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1,\"927\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2334\":1,\"2400\":1,\"2553\":1,\"2619\":1,\"2772\":1,\"2838\":1,\"2991\":1,\"3057\":1,\"3210\":1,\"3252\":1}}],[\"docs\",{\"1\":{\"283\":2,\"294\":2,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"docker\",{\"0\":{\"134\":1,\"135\":1,\"137\":1,\"283\":2,\"294\":2,\"327\":1,\"331\":1,\"399\":2,\"412\":1,\"437\":2,\"448\":1,\"449\":1,\"476\":2,\"499\":2,\"525\":2,\"555\":2,\"585\":2,\"615\":2,\"636\":1,\"661\":2,\"682\":1,\"707\":2,\"728\":1,\"753\":2,\"774\":1,\"799\":2,\"820\":1,\"845\":2,\"866\":1,\"891\":2,\"902\":1,\"903\":1},\"1\":{\"99\":1,\"133\":1,\"135\":17,\"136\":4,\"137\":2,\"141\":4,\"142\":4,\"169\":1,\"175\":1,\"177\":2,\"179\":1,\"182\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"196\":1,\"199\":1,\"205\":1,\"212\":1,\"213\":1,\"214\":1,\"219\":1,\"224\":1,\"225\":1,\"228\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"249\":1,\"251\":1,\"253\":2,\"255\":1,\"257\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"280\":1,\"283\":17,\"289\":10,\"290\":12,\"291\":1,\"294\":17,\"300\":10,\"301\":12,\"302\":1,\"303\":3,\"304\":3,\"305\":1,\"306\":3,\"307\":3,\"308\":1,\"309\":3,\"310\":3,\"311\":1,\"312\":3,\"313\":3,\"314\":1,\"315\":3,\"316\":3,\"319\":2,\"327\":1,\"331\":2,\"338\":3,\"341\":5,\"342\":2,\"349\":1,\"352\":5,\"354\":1,\"367\":5,\"377\":4,\"393\":7,\"394\":2,\"399\":8,\"403\":1,\"412\":1,\"433\":2,\"437\":14,\"442\":13,\"443\":8,\"444\":2,\"448\":2,\"450\":1,\"451\":2,\"452\":2,\"453\":2,\"454\":2,\"455\":2,\"460\":2,\"461\":3,\"462\":3,\"476\":14,\"481\":14,\"482\":8,\"483\":2,\"499\":14,\"504\":13,\"505\":8,\"506\":2,\"509\":1,\"510\":3,\"511\":3,\"525\":14,\"530\":13,\"531\":8,\"532\":2,\"535\":1,\"536\":4,\"537\":4,\"555\":14,\"560\":13,\"561\":8,\"562\":2,\"565\":1,\"566\":3,\"567\":3,\"585\":14,\"590\":13,\"591\":8,\"592\":2,\"595\":1,\"596\":3,\"597\":3,\"615\":14,\"620\":13,\"621\":8,\"622\":2,\"625\":1,\"626\":3,\"627\":3,\"636\":1,\"661\":14,\"666\":13,\"667\":8,\"668\":2,\"671\":1,\"672\":3,\"673\":3,\"682\":1,\"707\":14,\"712\":13,\"713\":8,\"714\":2,\"717\":1,\"718\":3,\"719\":3,\"728\":1,\"753\":14,\"758\":13,\"759\":8,\"760\":2,\"763\":1,\"764\":3,\"765\":3,\"774\":1,\"795\":2,\"799\":14,\"804\":13,\"805\":8,\"806\":2,\"809\":1,\"810\":3,\"811\":3,\"820\":1,\"841\":2,\"845\":14,\"850\":13,\"851\":8,\"852\":2,\"855\":1,\"856\":3,\"857\":3,\"866\":1,\"887\":2,\"891\":14,\"896\":13,\"897\":8,\"898\":2,\"902\":2,\"904\":1,\"905\":2,\"906\":2,\"907\":2,\"908\":2,\"909\":2,\"914\":2,\"915\":3,\"916\":3,\"932\":1,\"934\":2,\"936\":1,\"939\":1,\"948\":1,\"949\":1,\"950\":1,\"957\":1,\"963\":1,\"964\":1,\"965\":1,\"970\":1,\"975\":1,\"976\":1,\"979\":1,\"996\":1,\"999\":1,\"1000\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1013\":1,\"1015\":1,\"1020\":2,\"1022\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1064\":1,\"1068\":1,\"1070\":2,\"1072\":1,\"1074\":1,\"1089\":1,\"1092\":1,\"1093\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1106\":1,\"1108\":1,\"1113\":2,\"1115\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1145\":1,\"1147\":2,\"1149\":1,\"1152\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1166\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1180\":1,\"1185\":1,\"1186\":1,\"1189\":1,\"1198\":1,\"1202\":1,\"1203\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1216\":1,\"1218\":1,\"1223\":2,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1232\":1,\"1236\":1,\"1238\":2,\"1240\":1,\"1242\":1,\"1252\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1270\":1,\"1271\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1284\":1,\"1286\":1,\"1291\":2,\"1293\":1,\"1296\":1,\"1298\":2,\"1300\":1,\"1303\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1317\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1331\":1,\"1336\":1,\"1337\":1,\"1340\":1,\"1349\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1370\":1,\"1374\":1,\"1376\":2,\"1378\":1,\"1380\":1,\"1391\":1,\"1394\":1,\"1395\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1408\":1,\"1410\":1,\"1415\":2,\"1417\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1442\":1,\"1443\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1456\":1,\"1458\":1,\"1463\":2,\"1465\":1,\"1468\":1,\"1470\":2,\"1472\":1,\"1475\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1490\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1503\":1,\"1508\":1,\"1509\":1,\"1512\":1,\"1525\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1546\":1,\"1550\":1,\"1552\":2,\"1554\":1,\"1556\":1,\"1567\":1,\"1570\":1,\"1571\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1584\":1,\"1586\":1,\"1591\":2,\"1593\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1619\":1,\"1620\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1633\":1,\"1635\":1,\"1640\":2,\"1642\":1,\"1645\":1,\"1647\":2,\"1649\":1,\"1652\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1667\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1680\":1,\"1685\":1,\"1686\":1,\"1689\":1,\"1702\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1723\":1,\"1727\":1,\"1729\":2,\"1731\":1,\"1733\":1,\"1744\":1,\"1747\":1,\"1748\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1761\":1,\"1763\":1,\"1768\":2,\"1770\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1796\":1,\"1797\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1810\":1,\"1812\":1,\"1817\":2,\"1819\":1,\"1822\":1,\"1824\":2,\"1826\":1,\"1829\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1844\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1857\":1,\"1862\":1,\"1863\":1,\"1866\":1,\"1879\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1900\":1,\"1904\":1,\"1906\":2,\"1908\":1,\"1910\":1,\"1921\":1,\"1924\":1,\"1925\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1938\":1,\"1940\":1,\"1945\":2,\"1947\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1973\":1,\"1974\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1987\":1,\"1989\":1,\"1994\":2,\"1996\":1,\"1999\":1,\"2001\":2,\"2003\":1,\"2006\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2021\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2034\":1,\"2039\":1,\"2040\":1,\"2043\":1,\"2056\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2077\":1,\"2081\":1,\"2083\":2,\"2085\":1,\"2087\":1,\"2098\":1,\"2101\":1,\"2102\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2115\":1,\"2117\":1,\"2122\":2,\"2124\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2150\":1,\"2151\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2164\":1,\"2166\":1,\"2171\":2,\"2173\":1,\"2176\":1,\"2178\":2,\"2180\":1,\"2183\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2198\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2211\":1,\"2216\":1,\"2217\":1,\"2220\":1,\"2233\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2254\":1,\"2258\":1,\"2260\":2,\"2262\":1,\"2264\":1,\"2275\":1,\"2278\":1,\"2279\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2292\":1,\"2294\":1,\"2299\":2,\"2301\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2337\":1,\"2338\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2351\":1,\"2353\":1,\"2358\":2,\"2360\":1,\"2363\":1,\"2365\":2,\"2367\":1,\"2370\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2388\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2401\":1,\"2406\":1,\"2407\":1,\"2410\":1,\"2427\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2469\":1,\"2473\":1,\"2475\":2,\"2477\":1,\"2479\":1,\"2494\":1,\"2497\":1,\"2498\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2511\":1,\"2513\":1,\"2518\":2,\"2520\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2556\":1,\"2557\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2570\":1,\"2572\":1,\"2577\":2,\"2579\":1,\"2582\":1,\"2584\":2,\"2586\":1,\"2589\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2607\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2620\":1,\"2625\":1,\"2626\":1,\"2629\":1,\"2646\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2688\":1,\"2692\":1,\"2694\":2,\"2696\":1,\"2698\":1,\"2713\":1,\"2716\":1,\"2717\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2730\":1,\"2732\":1,\"2737\":2,\"2739\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2775\":1,\"2776\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2789\":1,\"2791\":1,\"2796\":2,\"2798\":1,\"2801\":1,\"2803\":2,\"2805\":1,\"2808\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2826\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2839\":1,\"2844\":1,\"2845\":1,\"2848\":1,\"2865\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2907\":1,\"2911\":1,\"2913\":2,\"2915\":1,\"2917\":1,\"2932\":1,\"2935\":1,\"2936\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2949\":1,\"2951\":1,\"2956\":2,\"2958\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2994\":1,\"2995\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3008\":1,\"3010\":1,\"3015\":2,\"3017\":1,\"3020\":1,\"3022\":2,\"3024\":1,\"3027\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3045\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3058\":1,\"3063\":1,\"3064\":1,\"3067\":1,\"3084\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3126\":1,\"3130\":1,\"3132\":2,\"3134\":1,\"3136\":1,\"3151\":1,\"3154\":1,\"3155\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3168\":1,\"3170\":1,\"3175\":2,\"3177\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3215\":1,\"3217\":2,\"3219\":1,\"3222\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3240\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3253\":1,\"3258\":1,\"3259\":1,\"3262\":1,\"3279\":1,\"3282\":1,\"3283\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3296\":1,\"3298\":1,\"3303\":2,\"3305\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3347\":1,\"3351\":1,\"3353\":2,\"3355\":1,\"3357\":1,\"3372\":1,\"3375\":1,\"3376\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3389\":1,\"3391\":1,\"3396\":2,\"3398\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1}}],[\"documented\",{\"1\":{\"434\":1,\"473\":1,\"496\":1,\"522\":1,\"552\":1,\"582\":1,\"612\":1,\"658\":1,\"704\":1,\"750\":1,\"796\":1,\"842\":1,\"888\":1}}],[\"documentgenerator\",{\"1\":{\"346\":1}}],[\"document\",{\"1\":{\"319\":1}}],[\"documentreference\",{\"1\":{\"97\":1}}],[\"documentation\",{\"0\":{\"23\":1,\"417\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1},\"1\":{\"13\":1,\"24\":1,\"74\":1,\"96\":1,\"162\":2,\"163\":1,\"304\":2,\"346\":2,\"373\":1,\"382\":1,\"397\":1,\"398\":1,\"417\":7,\"419\":6,\"422\":1,\"423\":1,\"434\":1,\"439\":1,\"459\":1,\"465\":1,\"466\":1,\"469\":1,\"473\":1,\"478\":1,\"488\":1,\"489\":1,\"492\":1,\"496\":1,\"501\":1,\"514\":1,\"515\":1,\"518\":1,\"522\":1,\"527\":1,\"536\":1,\"540\":1,\"541\":1,\"544\":1,\"552\":1,\"557\":1,\"564\":1,\"570\":1,\"571\":1,\"574\":1,\"582\":1,\"587\":1,\"594\":1,\"600\":1,\"601\":1,\"604\":1,\"612\":1,\"617\":1,\"624\":1,\"641\":7,\"643\":6,\"646\":1,\"647\":1,\"650\":1,\"658\":1,\"663\":1,\"670\":1,\"687\":7,\"689\":6,\"692\":1,\"693\":1,\"696\":1,\"704\":1,\"709\":1,\"716\":1,\"733\":7,\"735\":6,\"738\":1,\"739\":1,\"742\":1,\"750\":1,\"755\":1,\"762\":1,\"779\":7,\"781\":6,\"784\":1,\"785\":1,\"788\":1,\"796\":1,\"801\":1,\"808\":1,\"825\":7,\"827\":6,\"830\":1,\"831\":1,\"842\":1,\"847\":1,\"854\":1,\"871\":7,\"873\":6,\"876\":1,\"877\":1,\"888\":1,\"893\":1,\"913\":1}}],[\"down\",{\"1\":{\"136\":1,\"157\":1,\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"670\":1,\"716\":1,\"762\":1,\"808\":1,\"854\":1,\"913\":1}}],[\"downwards\",{\"1\":{\"43\":1,\"45\":1,\"47\":1,\"49\":1,\"51\":1,\"53\":1,\"55\":1,\"57\":1,\"59\":1,\"61\":1,\"63\":1,\"65\":1,\"67\":1}}],[\"downloaded\",{\"1\":{\"407\":2,\"631\":2,\"677\":2,\"723\":2,\"769\":2,\"815\":2,\"861\":2}}],[\"download\",{\"1\":{\"16\":1,\"99\":2,\"169\":2,\"283\":3,\"289\":2,\"290\":5,\"294\":3,\"300\":2,\"301\":5,\"303\":1,\"318\":1,\"398\":1,\"433\":2,\"437\":2,\"442\":3,\"443\":5,\"476\":2,\"481\":3,\"482\":5,\"499\":2,\"504\":3,\"505\":5,\"525\":2,\"530\":3,\"531\":5,\"549\":1,\"555\":2,\"560\":3,\"561\":5,\"579\":1,\"585\":2,\"590\":3,\"591\":5,\"609\":1,\"615\":2,\"620\":3,\"621\":5,\"655\":1,\"661\":2,\"666\":3,\"667\":5,\"701\":1,\"707\":2,\"712\":3,\"713\":5,\"747\":1,\"753\":2,\"758\":3,\"759\":5,\"795\":2,\"799\":2,\"804\":3,\"805\":5,\"841\":2,\"845\":2,\"850\":3,\"851\":5,\"887\":2,\"891\":2,\"896\":3,\"897\":5}}],[\"do\",{\"1\":{\"37\":3,\"85\":2,\"97\":4,\"154\":1,\"159\":103,\"286\":1,\"297\":1,\"459\":3,\"485\":4,\"508\":4,\"534\":4,\"564\":3,\"594\":3,\"624\":3,\"670\":3,\"716\":3,\"762\":3,\"808\":3,\"854\":3,\"913\":3,\"997\":1,\"1090\":1,\"1199\":1,\"1253\":1,\"1350\":1,\"1392\":1,\"1526\":1,\"1568\":1,\"1703\":1,\"1745\":1,\"1880\":1,\"1922\":1,\"2057\":1,\"2099\":1,\"2234\":1,\"2276\":1,\"2428\":1,\"2495\":1,\"2647\":1,\"2714\":1,\"2866\":1,\"2933\":1,\"3085\":1,\"3152\":1,\"3280\":1,\"3373\":1}}],[\"done\",{\"1\":{\"97\":2,\"157\":1,\"347\":1}}],[\"don\",{\"1\":{\"12\":1,\"97\":1,\"145\":1,\"177\":1,\"236\":1,\"253\":1,\"262\":1,\"417\":1,\"481\":1,\"536\":1,\"641\":1,\"687\":1,\"733\":1,\"779\":1,\"825\":1,\"871\":1,\"934\":1,\"988\":1,\"1070\":1,\"1081\":1,\"1147\":1,\"1195\":1,\"1238\":1,\"1246\":1,\"1298\":1,\"1346\":1,\"1376\":1,\"1384\":1,\"1470\":1,\"1521\":1,\"1552\":1,\"1560\":1,\"1647\":1,\"1698\":1,\"1729\":1,\"1737\":1,\"1824\":1,\"1875\":1,\"1906\":1,\"1914\":1,\"2001\":1,\"2052\":1,\"2083\":1,\"2091\":1,\"2178\":1,\"2229\":1,\"2260\":1,\"2268\":1,\"2365\":1,\"2419\":1,\"2475\":1,\"2486\":1,\"2584\":1,\"2638\":1,\"2694\":1,\"2705\":1,\"2803\":1,\"2857\":1,\"2913\":1,\"2924\":1,\"3022\":1,\"3076\":1,\"3132\":1,\"3143\":1,\"3217\":1,\"3271\":1,\"3353\":1,\"3364\":1}}],[\"doi\",{\"1\":{\"1\":1,\"26\":10}}],[\"dialog\",{\"1\":{\"429\":1,\"577\":1,\"607\":1,\"653\":1,\"699\":1,\"745\":1,\"791\":1,\"837\":1,\"883\":1}}],[\"diagnoses\",{\"1\":{\"126\":1}}],[\"diagramm\",{\"1\":{\"99\":1,\"100\":1,\"169\":1,\"170\":1}}],[\"diagram\",{\"1\":{\"88\":1,\"356\":1,\"381\":1}}],[\"diversification\",{\"1\":{\"405\":1,\"629\":1,\"675\":1,\"721\":1,\"767\":1,\"813\":1,\"859\":1}}],[\"divided\",{\"1\":{\"318\":1}}],[\"divide\",{\"1\":{\"94\":1}}],[\"directories\",{\"1\":{\"444\":1,\"459\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"564\":1,\"592\":1,\"594\":1,\"622\":1,\"624\":1,\"668\":1,\"670\":1,\"714\":1,\"716\":1,\"760\":1,\"762\":1,\"806\":1,\"808\":1,\"852\":1,\"854\":1,\"898\":1,\"913\":1}}],[\"directory\",{\"1\":{\"134\":1,\"135\":1,\"236\":2,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"442\":1,\"443\":1,\"444\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"461\":1,\"462\":1,\"481\":1,\"482\":1,\"483\":1,\"504\":1,\"505\":1,\"506\":1,\"510\":1,\"511\":1,\"530\":1,\"531\":1,\"532\":1,\"536\":1,\"537\":1,\"560\":1,\"561\":1,\"562\":1,\"566\":1,\"567\":1,\"590\":1,\"591\":1,\"592\":1,\"596\":1,\"597\":1,\"620\":1,\"621\":1,\"622\":1,\"626\":1,\"627\":1,\"666\":1,\"667\":1,\"668\":1,\"672\":1,\"673\":1,\"712\":1,\"713\":1,\"714\":1,\"718\":1,\"719\":1,\"758\":1,\"759\":1,\"760\":1,\"764\":1,\"765\":1,\"804\":1,\"805\":1,\"806\":1,\"810\":1,\"811\":1,\"850\":1,\"851\":1,\"852\":1,\"856\":1,\"857\":1,\"896\":1,\"897\":1,\"898\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"915\":1,\"916\":1,\"988\":2,\"1195\":2,\"1346\":2,\"1521\":2,\"1698\":2,\"1875\":2,\"2052\":2,\"2229\":2,\"2419\":2,\"2638\":2,\"2857\":2,\"3076\":2,\"3271\":2}}],[\"direct\",{\"1\":{\"417\":1,\"459\":1,\"485\":1,\"508\":1,\"534\":1,\"564\":1,\"594\":1,\"624\":1,\"641\":1,\"670\":1,\"687\":1,\"716\":1,\"733\":1,\"762\":1,\"779\":1,\"808\":1,\"825\":1,\"854\":1,\"871\":1,\"913\":1}}],[\"directroy\",{\"0\":{\"236\":1,\"988\":1,\"1195\":1,\"1346\":1,\"1521\":1,\"1698\":1,\"1875\":1,\"2052\":1,\"2229\":1,\"2419\":1,\"2638\":1,\"2857\":1,\"3076\":1,\"3271\":1},\"1\":{\"236\":1,\"988\":1,\"1195\":1,\"1346\":1,\"1521\":1,\"1698\":1,\"1875\":1,\"2052\":1,\"2229\":1,\"2419\":1,\"2638\":1,\"2857\":1,\"3076\":1,\"3271\":1}}],[\"directly\",{\"1\":{\"12\":1,\"91\":1,\"311\":1,\"314\":1,\"405\":1,\"417\":1,\"629\":1,\"641\":1,\"675\":1,\"687\":1,\"721\":1,\"733\":1,\"767\":1,\"779\":1,\"813\":1,\"825\":1,\"859\":1,\"871\":1}}],[\"difference\",{\"1\":{\"404\":1,\"628\":1,\"674\":1,\"720\":1,\"766\":1,\"812\":1,\"858\":1}}],[\"differentiation\",{\"1\":{\"333\":1}}],[\"different\",{\"1\":{\"6\":1,\"8\":1,\"85\":2,\"90\":1,\"94\":2,\"96\":1,\"97\":1,\"98\":1,\"102\":1,\"104\":1,\"112\":1,\"116\":1,\"117\":1,\"167\":1,\"180\":1,\"258\":1,\"324\":1,\"331\":1,\"341\":1,\"345\":1,\"356\":3,\"369\":1,\"371\":1,\"381\":1,\"399\":1,\"429\":1,\"434\":1,\"451\":1,\"473\":1,\"496\":1,\"522\":1,\"547\":1,\"552\":1,\"577\":1,\"582\":1,\"607\":1,\"612\":1,\"653\":1,\"658\":1,\"699\":1,\"704\":1,\"745\":1,\"750\":1,\"791\":1,\"796\":1,\"837\":1,\"842\":1,\"883\":1,\"888\":1,\"905\":1,\"937\":1,\"1075\":1,\"1150\":1,\"1243\":1,\"1301\":1,\"1381\":1,\"1473\":1,\"1557\":1,\"1650\":1,\"1734\":1,\"1827\":1,\"1911\":1,\"2004\":1,\"2088\":1,\"2181\":1,\"2265\":1,\"2368\":1,\"2480\":1,\"2587\":1,\"2699\":1,\"2806\":1,\"2918\":1,\"3025\":1,\"3137\":1,\"3220\":1,\"3358\":1}}],[\"difficulties\",{\"1\":{\"120\":1}}],[\"dics\",{\"1\":{\"98\":4}}],[\"dic\",{\"1\":{\"81\":1,\"91\":3,\"98\":1,\"130\":1,\"327\":65,\"335\":1,\"338\":8,\"342\":4,\"349\":2,\"352\":5,\"354\":2,\"364\":2,\"367\":7,\"377\":5,\"379\":2,\"393\":8,\"400\":1,\"1056\":1,\"1362\":1,\"1538\":1,\"1715\":1,\"1892\":1,\"2069\":1,\"2246\":1,\"2461\":1,\"2680\":1,\"2899\":1,\"3118\":1,\"3339\":1}}],[\"digitally\",{\"1\":{\"98\":1}}],[\"digital\",{\"1\":{\"77\":1,\"81\":1}}],[\"diligently\",{\"1\":{\"38\":1}}],[\"distinguish\",{\"1\":{\"994\":1,\"1087\":1,\"2425\":1,\"2492\":1,\"2644\":1,\"2711\":1,\"2863\":1,\"2930\":1,\"3082\":1,\"3149\":1,\"3277\":1,\"3370\":1}}],[\"distributed\",{\"0\":{\"8\":1},\"1\":{\"0\":1,\"5\":1,\"8\":1,\"26\":5,\"29\":2,\"32\":1,\"88\":1,\"97\":1,\"98\":2,\"110\":1,\"116\":2,\"117\":3,\"120\":2,\"127\":1,\"165\":1,\"395\":1,\"427\":2,\"470\":2,\"493\":2,\"519\":2,\"545\":2,\"575\":2,\"605\":2,\"651\":2,\"697\":2,\"743\":2,\"789\":2,\"835\":2,\"881\":2}}],[\"distribute\",{\"1\":{\"0\":1,\"98\":1}}],[\"disable\",{\"1\":{\"349\":1,\"352\":1,\"993\":1,\"1086\":1,\"1250\":1,\"1389\":1,\"1565\":1,\"1742\":1,\"1919\":1,\"2096\":1,\"2273\":1,\"2424\":1,\"2491\":1,\"2643\":1,\"2710\":1,\"2862\":1,\"2929\":1,\"3081\":1,\"3148\":1,\"3276\":1,\"3369\":1}}],[\"disabling\",{\"1\":{\"159\":1}}],[\"displayed\",{\"1\":{\"218\":1,\"969\":1,\"1179\":1,\"1330\":1,\"1502\":1,\"1679\":1,\"1856\":1,\"2033\":1,\"2210\":1,\"2400\":1,\"2619\":1,\"2838\":1,\"3057\":1,\"3252\":1}}],[\"discussions\",{\"1\":{\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"disclose\",{\"1\":{\"37\":1}}],[\"disclosure\",{\"0\":{\"34\":1,\"36\":1},\"1\":{\"36\":2}}],[\"discovered\",{\"1\":{\"35\":1}}],[\"dizen\",{\"1\":{\"16\":1}}],[\"diz\",{\"1\":{\"14\":1}}],[\"diesem\",{\"1\":{\"15\":1,\"16\":1}}],[\"die\",{\"1\":{\"14\":4,\"16\":4,\"17\":1,\"41\":1}}],[\"deb\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"debugger\",{\"1\":{\"321\":1,\"340\":1,\"342\":2}}],[\"debugging\",{\"0\":{\"321\":1,\"326\":1,\"339\":1,\"340\":1},\"1\":{\"341\":1,\"342\":1,\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"debug\",{\"0\":{\"184\":1,\"185\":1,\"186\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3360\":1,\"3361\":1,\"3362\":1},\"1\":{\"184\":3,\"185\":3,\"186\":3,\"218\":2,\"290\":1,\"301\":1,\"321\":1,\"340\":1,\"342\":1,\"443\":1,\"482\":1,\"505\":1,\"531\":1,\"561\":1,\"591\":1,\"621\":1,\"667\":1,\"713\":1,\"759\":1,\"805\":1,\"851\":1,\"897\":1,\"941\":3,\"942\":3,\"943\":3,\"944\":3,\"945\":3,\"946\":3,\"947\":3,\"969\":2,\"1077\":3,\"1078\":3,\"1079\":3,\"1154\":3,\"1155\":3,\"1156\":3,\"1179\":2,\"1305\":3,\"1306\":3,\"1307\":3,\"1330\":2,\"1477\":3,\"1478\":3,\"1479\":3,\"1480\":3,\"1502\":2,\"1654\":3,\"1655\":3,\"1656\":3,\"1657\":3,\"1679\":2,\"1831\":3,\"1832\":3,\"1833\":3,\"1834\":3,\"1856\":2,\"2008\":3,\"2009\":3,\"2010\":3,\"2011\":3,\"2033\":2,\"2185\":3,\"2186\":3,\"2187\":3,\"2188\":3,\"2210\":2,\"2372\":3,\"2373\":3,\"2374\":3,\"2375\":3,\"2376\":3,\"2377\":3,\"2378\":3,\"2400\":2,\"2482\":3,\"2483\":3,\"2484\":3,\"2591\":3,\"2592\":3,\"2593\":3,\"2594\":3,\"2595\":3,\"2596\":3,\"2597\":3,\"2619\":2,\"2701\":3,\"2702\":3,\"2703\":3,\"2810\":3,\"2811\":3,\"2812\":3,\"2813\":3,\"2814\":3,\"2815\":3,\"2816\":3,\"2838\":2,\"2920\":3,\"2921\":3,\"2922\":3,\"3029\":3,\"3030\":3,\"3031\":3,\"3032\":3,\"3033\":3,\"3034\":3,\"3035\":3,\"3057\":2,\"3139\":3,\"3140\":3,\"3141\":3,\"3224\":3,\"3225\":3,\"3226\":3,\"3227\":3,\"3228\":3,\"3229\":3,\"3230\":3,\"3252\":2,\"3360\":3,\"3361\":3,\"3362\":3}}],[\"dearmor\",{\"1\":{\"283\":1,\"294\":1,\"437\":1,\"476\":1,\"499\":1,\"525\":1,\"555\":1,\"585\":1,\"615\":1,\"661\":1,\"707\":1,\"753\":1,\"799\":1,\"845\":1,\"891\":1}}],[\"depends\",{\"1\":{\"327\":6}}],[\"depending\",{\"1\":{\"233\":1,\"377\":1,\"985\":1,\"1192\":1,\"1343\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1}}],[\"dependencies\",{\"1\":{\"163\":1}}],[\"dependency>\",{\"1\":{\"163\":1}}],[\"dependency\",{\"1\":{\"154\":1}}],[\"deprecated\",{\"1\":{\"154\":1}}],[\"deploying\",{\"1\":{\"338\":1,\"367\":1,\"393\":1,\"431\":1,\"793\":1,\"839\":1,\"885\":1}}],[\"deploy\",{\"1\":{\"102\":1,\"233\":1,\"290\":1,\"301\":2,\"338\":1,\"352\":1,\"367\":1,\"377\":1,\"393\":1,\"985\":1,\"1192\":1,\"1343\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1}}],[\"deployment\",{\"0\":{\"11\":1,\"91\":1,\"171\":1,\"433\":1,\"795\":1,\"841\":1,\"887\":1},\"1\":{\"14\":1,\"31\":1,\"91\":1,\"130\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"290\":2,\"301\":2,\"345\":1,\"348\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1}}],[\"deployed\",{\"1\":{\"5\":1,\"11\":1,\"14\":1,\"90\":1,\"91\":1,\"102\":1,\"139\":1,\"237\":2,\"332\":1,\"338\":2,\"352\":1,\"367\":3,\"377\":1,\"393\":4,\"428\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"836\":1,\"882\":1,\"989\":2,\"1196\":2,\"1347\":2,\"1522\":2,\"1699\":2,\"1876\":2,\"2053\":2,\"2230\":2,\"2420\":2,\"2639\":2,\"2858\":2,\"3077\":2,\"3272\":2}}],[\"determine\",{\"1\":{\"413\":1,\"637\":1,\"683\":1,\"729\":1,\"775\":1,\"821\":1,\"867\":1}}],[\"determined\",{\"1\":{\"152\":1,\"153\":1}}],[\"detailled\",{\"1\":{\"444\":1,\"483\":1,\"506\":1,\"532\":1,\"562\":1,\"592\":1,\"622\":1,\"668\":1,\"714\":1,\"760\":1,\"806\":1,\"852\":1,\"898\":1}}],[\"detail\",{\"1\":{\"89\":1,\"347\":1}}],[\"detailed\",{\"1\":{\"37\":1,\"116\":1,\"319\":1,\"419\":2,\"643\":2,\"689\":2,\"735\":2,\"781\":2,\"827\":2,\"873\":2}}],[\"details\",{\"1\":{\"16\":1,\"17\":1,\"93\":1,\"319\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"373\":1,\"428\":1,\"431\":1,\"460\":1,\"471\":1,\"494\":1,\"520\":1,\"546\":1,\"576\":1,\"606\":1,\"652\":1,\"698\":1,\"744\":1,\"790\":1,\"793\":1,\"836\":1,\"839\":1,\"882\":1,\"885\":1,\"914\":1}}],[\"delay\",{\"1\":{\"170\":1}}],[\"delcaration\",{\"1\":{\"159\":1}}],[\"delve\",{\"1\":{\"117\":1}}],[\"delivery\",{\"1\":{\"116\":1,\"117\":1}}],[\"delete\",{\"0\":{\"256\":1,\"257\":2,\"258\":1,\"266\":1,\"1073\":1,\"1074\":2,\"1075\":1,\"1241\":1,\"1242\":2,\"1243\":1,\"1379\":1,\"1380\":2,\"1381\":1,\"1555\":1,\"1556\":2,\"1557\":1,\"1732\":1,\"1733\":2,\"1734\":1,\"1909\":1,\"1910\":2,\"1911\":1,\"2086\":1,\"2087\":2,\"2088\":1,\"2263\":1,\"2264\":2,\"2265\":1,\"2478\":1,\"2479\":2,\"2480\":1,\"2697\":1,\"2698\":2,\"2699\":1,\"2916\":1,\"2917\":2,\"2918\":1,\"3135\":1,\"3136\":2,\"3137\":1,\"3356\":1,\"3357\":2,\"3358\":1},\"1\":{\"256\":2,\"257\":3,\"258\":2,\"266\":1,\"289\":3,\"300\":3,\"327\":33,\"442\":1,\"461\":3,\"481\":1,\"504\":1,\"530\":1,\"537\":1,\"560\":1,\"590\":1,\"620\":1,\"666\":1,\"712\":1,\"758\":1,\"804\":1,\"850\":1,\"896\":1,\"915\":3,\"1055\":2,\"1057\":2,\"1073\":2,\"1074\":3,\"1075\":2,\"1241\":2,\"1242\":3,\"1243\":2,\"1361\":2,\"1363\":2,\"1379\":2,\"1380\":3,\"1381\":2,\"1537\":2,\"1539\":2,\"1555\":2,\"1556\":3,\"1557\":2,\"1714\":2,\"1716\":2,\"1732\":2,\"1733\":3,\"1734\":2,\"1891\":2,\"1893\":2,\"1909\":2,\"1910\":3,\"1911\":2,\"2068\":2,\"2070\":2,\"2086\":2,\"2087\":3,\"2088\":2,\"2245\":2,\"2247\":2,\"2263\":2,\"2264\":3,\"2265\":2,\"2460\":2,\"2462\":2,\"2478\":2,\"2479\":3,\"2480\":2,\"2679\":2,\"2681\":2,\"2697\":2,\"2698\":3,\"2699\":2,\"2898\":2,\"2900\":2,\"2916\":2,\"2917\":3,\"2918\":2,\"3117\":2,\"3119\":2,\"3135\":2,\"3136\":3,\"3137\":2,\"3338\":2,\"3340\":2,\"3356\":2,\"3357\":3,\"3358\":2}}],[\"deletes\",{\"1\":{\"145\":1,\"256\":1,\"257\":1,\"258\":1,\"266\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3356\":1,\"3357\":1,\"3358\":1}}],[\"deleted\",{\"1\":{\"90\":1,\"304\":1,\"307\":1,\"310\":1}}],[\"delegates\",{\"1\":{\"1037\":1,\"1131\":1,\"1609\":1,\"1786\":1,\"1963\":1,\"2140\":1,\"2317\":1,\"2444\":1,\"2536\":1,\"2663\":1,\"2755\":1,\"2882\":1,\"2974\":1,\"3101\":1,\"3193\":1,\"3320\":1,\"3414\":1}}],[\"delegateexecution\",{\"1\":{\"154\":1,\"373\":1}}],[\"delegate\",{\"1\":{\"99\":1,\"169\":1,\"332\":1,\"333\":1}}],[\"defining\",{\"1\":{\"452\":1,\"454\":1,\"906\":1,\"908\":1}}],[\"definition\",{\"0\":{\"357\":1},\"1\":{\"357\":1,\"358\":1,\"364\":1,\"384\":1,\"390\":1,\"536\":1,\"537\":1}}],[\"define\",{\"1\":{\"240\":1,\"332\":1,\"347\":1,\"383\":1,\"446\":1,\"900\":1,\"926\":1,\"1055\":1,\"1361\":1,\"1537\":1,\"1714\":1,\"1891\":1,\"2068\":1,\"2245\":1,\"2333\":1,\"2460\":1,\"2552\":1,\"2679\":1,\"2771\":1,\"2898\":1,\"2990\":1,\"3117\":1,\"3209\":1,\"3338\":1}}],[\"defines\",{\"1\":{\"85\":1,\"94\":2,\"152\":1,\"153\":1,\"334\":1,\"347\":1,\"928\":2,\"1057\":2,\"1363\":2,\"1539\":2,\"1716\":2,\"1893\":2,\"2070\":2,\"2247\":2,\"2335\":2,\"2462\":2,\"2554\":2,\"2681\":2,\"2773\":2,\"2900\":2,\"2992\":2,\"3119\":2,\"3211\":2,\"3340\":2}}],[\"defined\",{\"1\":{\"82\":1,\"109\":1,\"332\":1,\"342\":1,\"346\":1,\"347\":1,\"348\":3,\"361\":2,\"362\":1,\"381\":1,\"387\":2,\"388\":1,\"446\":2,\"536\":1,\"537\":1,\"900\":2,\"992\":1,\"1056\":1,\"1085\":1,\"1362\":1,\"1388\":1,\"1538\":1,\"1564\":1,\"1715\":1,\"1741\":1,\"1892\":1,\"1918\":1,\"2069\":1,\"2095\":1,\"2246\":1,\"2272\":1,\"2423\":1,\"2461\":1,\"2490\":1,\"2642\":1,\"2680\":1,\"2709\":1,\"2861\":1,\"2899\":1,\"2928\":1,\"3080\":1,\"3118\":1,\"3147\":1,\"3275\":1,\"3339\":1,\"3368\":1}}],[\"defaultvalue\",{\"1\":{\"346\":1}}],[\"defaults\",{\"1\":{\"170\":1,\"452\":1,\"453\":1,\"454\":1,\"455\":1,\"460\":1,\"906\":1,\"907\":1,\"908\":1,\"909\":1,\"914\":1}}],[\"default\",{\"0\":{\"450\":1,\"456\":1,\"904\":1,\"910\":1},\"1\":{\"105\":1,\"159\":1,\"174\":2,\"176\":1,\"178\":1,\"180\":1,\"181\":1,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"193\":2,\"194\":2,\"195\":1,\"202\":2,\"203\":2,\"204\":1,\"206\":1,\"209\":1,\"210\":1,\"211\":1,\"217\":1,\"218\":1,\"220\":1,\"222\":1,\"223\":1,\"230\":1,\"231\":2,\"232\":2,\"234\":1,\"235\":1,\"236\":1,\"238\":2,\"247\":2,\"248\":2,\"250\":1,\"252\":1,\"254\":1,\"256\":1,\"258\":1,\"259\":1,\"262\":1,\"264\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"327\":3,\"347\":2,\"349\":1,\"438\":1,\"444\":1,\"450\":1,\"451\":1,\"452\":6,\"453\":5,\"454\":6,\"455\":6,\"460\":2,\"477\":1,\"483\":1,\"500\":1,\"506\":1,\"526\":1,\"532\":1,\"536\":1,\"556\":1,\"562\":1,\"586\":1,\"592\":1,\"616\":1,\"622\":1,\"662\":1,\"668\":1,\"708\":1,\"714\":1,\"754\":1,\"760\":1,\"800\":1,\"806\":1,\"846\":1,\"852\":1,\"892\":1,\"898\":1,\"904\":1,\"905\":1,\"906\":6,\"907\":5,\"908\":6,\"909\":6,\"914\":2,\"930\":1,\"931\":2,\"933\":1,\"935\":1,\"937\":1,\"938\":1,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"951\":2,\"952\":2,\"953\":1,\"954\":2,\"955\":2,\"956\":1,\"957\":1,\"958\":1,\"960\":1,\"961\":1,\"962\":1,\"968\":1,\"969\":1,\"971\":1,\"973\":1,\"974\":1,\"979\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"986\":1,\"987\":1,\"988\":1,\"990\":1,\"991\":1,\"993\":1,\"999\":2,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1011\":1,\"1012\":1,\"1013\":1,\"1015\":1,\"1020\":2,\"1021\":1,\"1022\":1,\"1024\":2,\"1026\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1038\":1,\"1039\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1062\":2,\"1063\":2,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":2,\"1069\":1,\"1071\":1,\"1073\":1,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1081\":1,\"1084\":1,\"1086\":1,\"1092\":2,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1104\":1,\"1105\":1,\"1106\":1,\"1108\":1,\"1113\":2,\"1114\":1,\"1115\":1,\"1117\":2,\"1120\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1132\":1,\"1133\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1143\":1,\"1144\":2,\"1146\":1,\"1148\":1,\"1150\":1,\"1151\":1,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1160\":2,\"1161\":2,\"1162\":1,\"1163\":2,\"1164\":2,\"1165\":1,\"1167\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1178\":1,\"1179\":1,\"1181\":1,\"1183\":1,\"1184\":1,\"1191\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1202\":2,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1214\":1,\"1215\":1,\"1223\":2,\"1224\":1,\"1225\":1,\"1230\":2,\"1231\":2,\"1233\":1,\"1234\":1,\"1235\":2,\"1237\":1,\"1239\":1,\"1241\":1,\"1243\":1,\"1244\":1,\"1246\":1,\"1248\":1,\"1250\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1270\":2,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1282\":1,\"1283\":1,\"1291\":2,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":2,\"1297\":1,\"1299\":1,\"1301\":1,\"1302\":1,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1311\":2,\"1312\":2,\"1313\":1,\"1314\":2,\"1315\":2,\"1316\":1,\"1318\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1329\":1,\"1330\":1,\"1332\":1,\"1334\":1,\"1335\":1,\"1342\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1368\":2,\"1369\":2,\"1371\":1,\"1372\":1,\"1373\":2,\"1375\":1,\"1377\":1,\"1379\":1,\"1381\":1,\"1382\":1,\"1384\":1,\"1387\":1,\"1389\":1,\"1394\":2,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1406\":1,\"1407\":1,\"1415\":2,\"1416\":1,\"1417\":1,\"1419\":2,\"1422\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1438\":1,\"1442\":2,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1454\":1,\"1455\":1,\"1463\":2,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":2,\"1469\":1,\"1471\":1,\"1473\":1,\"1474\":1,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1484\":2,\"1485\":2,\"1486\":1,\"1487\":2,\"1488\":2,\"1489\":1,\"1491\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1501\":1,\"1502\":1,\"1504\":1,\"1506\":1,\"1507\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1523\":1,\"1544\":2,\"1545\":2,\"1547\":1,\"1548\":1,\"1549\":2,\"1551\":1,\"1553\":1,\"1555\":1,\"1557\":1,\"1558\":1,\"1560\":1,\"1563\":1,\"1565\":1,\"1570\":2,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1582\":1,\"1583\":1,\"1591\":2,\"1592\":1,\"1593\":1,\"1595\":2,\"1598\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1615\":1,\"1619\":2,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1631\":1,\"1632\":1,\"1640\":2,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":2,\"1646\":1,\"1648\":1,\"1650\":1,\"1651\":1,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1661\":2,\"1662\":2,\"1663\":1,\"1664\":2,\"1665\":2,\"1666\":1,\"1668\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1678\":1,\"1679\":1,\"1681\":1,\"1683\":1,\"1684\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1700\":1,\"1721\":2,\"1722\":2,\"1724\":1,\"1725\":1,\"1726\":2,\"1728\":1,\"1730\":1,\"1732\":1,\"1734\":1,\"1735\":1,\"1737\":1,\"1740\":1,\"1742\":1,\"1747\":2,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1759\":1,\"1760\":1,\"1768\":2,\"1769\":1,\"1770\":1,\"1772\":2,\"1775\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1792\":1,\"1796\":2,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1808\":1,\"1809\":1,\"1817\":2,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":2,\"1823\":1,\"1825\":1,\"1827\":1,\"1828\":1,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1838\":2,\"1839\":2,\"1840\":1,\"1841\":2,\"1842\":2,\"1843\":1,\"1845\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1855\":1,\"1856\":1,\"1858\":1,\"1860\":1,\"1861\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1877\":1,\"1898\":2,\"1899\":2,\"1901\":1,\"1902\":1,\"1903\":2,\"1905\":1,\"1907\":1,\"1909\":1,\"1911\":1,\"1912\":1,\"1914\":1,\"1917\":1,\"1919\":1,\"1924\":2,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1936\":1,\"1937\":1,\"1945\":2,\"1946\":1,\"1947\":1,\"1949\":2,\"1952\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1969\":1,\"1973\":2,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1985\":1,\"1986\":1,\"1994\":2,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":2,\"2000\":1,\"2002\":1,\"2004\":1,\"2005\":1,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2015\":2,\"2016\":2,\"2017\":1,\"2018\":2,\"2019\":2,\"2020\":1,\"2022\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2032\":1,\"2033\":1,\"2035\":1,\"2037\":1,\"2038\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2054\":1,\"2075\":2,\"2076\":2,\"2078\":1,\"2079\":1,\"2080\":2,\"2082\":1,\"2084\":1,\"2086\":1,\"2088\":1,\"2089\":1,\"2091\":1,\"2094\":1,\"2096\":1,\"2101\":2,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2113\":1,\"2114\":1,\"2122\":2,\"2123\":1,\"2124\":1,\"2126\":2,\"2129\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2146\":1,\"2150\":2,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2162\":1,\"2163\":1,\"2171\":2,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":2,\"2177\":1,\"2179\":1,\"2181\":1,\"2182\":1,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2192\":2,\"2193\":2,\"2194\":1,\"2195\":2,\"2196\":2,\"2197\":1,\"2199\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2209\":1,\"2210\":1,\"2212\":1,\"2214\":1,\"2215\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2231\":1,\"2252\":2,\"2253\":2,\"2255\":1,\"2256\":1,\"2257\":2,\"2259\":1,\"2261\":1,\"2263\":1,\"2265\":1,\"2266\":1,\"2268\":1,\"2271\":1,\"2273\":1,\"2278\":2,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2290\":1,\"2291\":1,\"2299\":2,\"2300\":1,\"2301\":1,\"2303\":2,\"2306\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2323\":1,\"2337\":2,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2349\":1,\"2350\":1,\"2358\":2,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":2,\"2364\":1,\"2366\":1,\"2368\":1,\"2369\":1,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2382\":2,\"2383\":2,\"2384\":1,\"2385\":2,\"2386\":2,\"2387\":1,\"2389\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2399\":1,\"2400\":1,\"2402\":1,\"2404\":1,\"2405\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2421\":1,\"2422\":1,\"2424\":1,\"2431\":2,\"2433\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2450\":1,\"2467\":2,\"2468\":2,\"2470\":1,\"2471\":1,\"2472\":2,\"2474\":1,\"2476\":1,\"2478\":1,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2486\":1,\"2489\":1,\"2491\":1,\"2497\":2,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2509\":1,\"2510\":1,\"2518\":2,\"2519\":1,\"2520\":1,\"2522\":2,\"2525\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2542\":1,\"2556\":2,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2568\":1,\"2569\":1,\"2577\":2,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":2,\"2583\":1,\"2585\":1,\"2587\":1,\"2588\":1,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2601\":2,\"2602\":2,\"2603\":1,\"2604\":2,\"2605\":2,\"2606\":1,\"2608\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2618\":1,\"2619\":1,\"2621\":1,\"2623\":1,\"2624\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2640\":1,\"2641\":1,\"2643\":1,\"2650\":2,\"2652\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2669\":1,\"2686\":2,\"2687\":2,\"2689\":1,\"2690\":1,\"2691\":2,\"2693\":1,\"2695\":1,\"2697\":1,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2705\":1,\"2708\":1,\"2710\":1,\"2716\":2,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2728\":1,\"2729\":1,\"2737\":2,\"2738\":1,\"2739\":1,\"2741\":2,\"2744\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2761\":1,\"2775\":2,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2787\":1,\"2788\":1,\"2796\":2,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":2,\"2802\":1,\"2804\":1,\"2806\":1,\"2807\":1,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2820\":2,\"2821\":2,\"2822\":1,\"2823\":2,\"2824\":2,\"2825\":1,\"2827\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2837\":1,\"2838\":1,\"2840\":1,\"2842\":1,\"2843\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2859\":1,\"2860\":1,\"2862\":1,\"2869\":2,\"2871\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2888\":1,\"2905\":2,\"2906\":2,\"2908\":1,\"2909\":1,\"2910\":2,\"2912\":1,\"2914\":1,\"2916\":1,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2924\":1,\"2927\":1,\"2929\":1,\"2935\":2,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2947\":1,\"2948\":1,\"2956\":2,\"2957\":1,\"2958\":1,\"2960\":2,\"2963\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2980\":1,\"2994\":2,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3006\":1,\"3007\":1,\"3015\":2,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":2,\"3021\":1,\"3023\":1,\"3025\":1,\"3026\":1,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3039\":2,\"3040\":2,\"3041\":1,\"3042\":2,\"3043\":2,\"3044\":1,\"3046\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3056\":1,\"3057\":1,\"3059\":1,\"3061\":1,\"3062\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3078\":1,\"3079\":1,\"3081\":1,\"3088\":2,\"3090\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3107\":1,\"3124\":2,\"3125\":2,\"3127\":1,\"3128\":1,\"3129\":2,\"3131\":1,\"3133\":1,\"3135\":1,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3143\":1,\"3146\":1,\"3148\":1,\"3154\":2,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3166\":1,\"3167\":1,\"3175\":2,\"3176\":1,\"3177\":1,\"3179\":2,\"3182\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3199\":1,\"3213\":1,\"3214\":2,\"3216\":1,\"3218\":1,\"3220\":1,\"3221\":1,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3234\":2,\"3235\":2,\"3236\":1,\"3237\":2,\"3238\":2,\"3239\":1,\"3240\":1,\"3241\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3251\":1,\"3252\":1,\"3254\":1,\"3256\":1,\"3257\":1,\"3262\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3273\":1,\"3274\":1,\"3276\":1,\"3282\":2,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3294\":1,\"3295\":1,\"3296\":1,\"3298\":1,\"3303\":2,\"3304\":1,\"3305\":1,\"3307\":2,\"3309\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3321\":1,\"3322\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3345\":2,\"3346\":2,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":2,\"3352\":1,\"3354\":1,\"3356\":1,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3364\":1,\"3367\":1,\"3369\":1,\"3375\":2,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3387\":1,\"3388\":1,\"3389\":1,\"3391\":1,\"3396\":2,\"3397\":1,\"3398\":1,\"3400\":2,\"3403\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1,\"3415\":1,\"3416\":1,\"3420\":1,\"3421\":1,\"3422\":1}}],[\"dedicated\",{\"1\":{\"99\":1,\"169\":1}}],[\"deeper\",{\"1\":{\"93\":1}}],[\"dec\",{\"1\":{\"457\":6,\"911\":6}}],[\"decrypt\",{\"1\":{\"189\":1,\"214\":1,\"225\":1,\"243\":1,\"950\":1,\"965\":1,\"976\":1,\"1010\":1,\"1061\":1,\"1103\":1,\"1159\":1,\"1175\":1,\"1186\":1,\"1213\":1,\"1229\":1,\"1281\":1,\"1310\":1,\"1326\":1,\"1337\":1,\"1367\":1,\"1405\":1,\"1453\":1,\"1483\":1,\"1498\":1,\"1509\":1,\"1543\":1,\"1581\":1,\"1630\":1,\"1660\":1,\"1675\":1,\"1686\":1,\"1720\":1,\"1758\":1,\"1807\":1,\"1837\":1,\"1852\":1,\"1863\":1,\"1897\":1,\"1935\":1,\"1984\":1,\"2014\":1,\"2029\":1,\"2040\":1,\"2074\":1,\"2112\":1,\"2161\":1,\"2191\":1,\"2206\":1,\"2217\":1,\"2251\":1,\"2289\":1,\"2348\":1,\"2381\":1,\"2396\":1,\"2407\":1,\"2466\":1,\"2508\":1,\"2567\":1,\"2600\":1,\"2615\":1,\"2626\":1,\"2685\":1,\"2727\":1,\"2786\":1,\"2819\":1,\"2834\":1,\"2845\":1,\"2904\":1,\"2946\":1,\"3005\":1,\"3038\":1,\"3053\":1,\"3064\":1,\"3123\":1,\"3165\":1,\"3233\":1,\"3248\":1,\"3259\":1,\"3293\":1,\"3344\":1,\"3386\":1}}],[\"declaration\",{\"1\":{\"159\":50}}],[\"declarations\",{\"1\":{\"159\":12,\"160\":1}}],[\"decides\",{\"1\":{\"381\":1}}],[\"decide\",{\"1\":{\"349\":1}}],[\"deciding\",{\"1\":{\"99\":1,\"169\":1,\"371\":1,\"374\":1}}],[\"decisions\",{\"1\":{\"371\":1}}],[\"decision\",{\"1\":{\"0\":1,\"32\":1,\"99\":1,\"118\":1,\"169\":1,\"374\":1,\"377\":1}}],[\"decentralized\",{\"1\":{\"26\":1}}],[\"demand\",{\"1\":{\"160\":3}}],[\"demilitarised\",{\"1\":{\"88\":1}}],[\"demo\",{\"1\":{\"329\":1}}],[\"demographic\",{\"1\":{\"231\":1,\"238\":1}}],[\"demonstrate\",{\"1\":{\"116\":1,\"354\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"demonstrating\",{\"1\":{\"11\":1}}],[\"demodaten\",{\"0\":{\"22\":1},\"1\":{\"22\":1}}],[\"dem\",{\"1\":{\"14\":3,\"15\":1,\"16\":1,\"41\":1}}],[\"deny\",{\"1\":{\"442\":2,\"481\":2,\"504\":2,\"530\":2,\"560\":2,\"590\":2,\"620\":2,\"666\":2,\"712\":2,\"758\":2,\"804\":2,\"850\":2,\"896\":2}}],[\"den\",{\"1\":{\"14\":3,\"16\":1,\"22\":1}}],[\"developer\",{\"1\":{\"396\":1,\"418\":1,\"642\":1,\"688\":1,\"734\":1,\"780\":1,\"826\":1,\"872\":1}}],[\"developers\",{\"1\":{\"95\":1,\"116\":1,\"117\":1,\"118\":1,\"415\":1,\"639\":1,\"685\":1,\"731\":1,\"777\":1,\"823\":1,\"869\":1}}],[\"developed\",{\"1\":{\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"82\":1,\"98\":1,\"109\":1,\"117\":1}}],[\"develop\",{\"0\":{\"420\":1,\"463\":1,\"486\":1,\"512\":1,\"538\":1,\"568\":1,\"598\":1,\"644\":1,\"690\":1,\"736\":1,\"782\":1,\"828\":1,\"874\":1},\"1\":{\"74\":1,\"81\":1,\"141\":2,\"142\":1,\"157\":4,\"408\":1,\"419\":2,\"632\":1,\"643\":2,\"678\":1,\"689\":2,\"724\":1,\"735\":2,\"770\":1,\"781\":2,\"816\":1,\"827\":2,\"862\":1,\"873\":2}}],[\"developments\",{\"1\":{\"117\":1}}],[\"development\",{\"0\":{\"82\":1,\"114\":1,\"416\":1,\"640\":1,\"686\":1,\"732\":1,\"778\":1,\"824\":1,\"870\":1},\"1\":{\"35\":1,\"74\":1,\"76\":1,\"77\":1,\"81\":3,\"82\":2,\"141\":2,\"157\":1,\"184\":1,\"185\":1,\"186\":1,\"319\":1,\"394\":1,\"401\":1,\"415\":1,\"416\":3,\"419\":2,\"639\":1,\"640\":3,\"643\":2,\"685\":1,\"686\":3,\"689\":2,\"731\":1,\"732\":3,\"735\":2,\"777\":1,\"778\":3,\"781\":2,\"823\":1,\"824\":3,\"827\":2,\"869\":1,\"870\":3,\"873\":2,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"993\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1086\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1250\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1389\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1565\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1742\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1919\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2096\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2273\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2424\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2491\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2643\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2710\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2862\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2929\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3081\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3148\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3276\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3369\":1}}],[\"dev\",{\"0\":{\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"934\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":2,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":2,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":2,\"1020\":1,\"1021\":1,\"1022\":1,\"1059\":1,\"1060\":1,\"1061\":2,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":2,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":2,\"1113\":1,\"1114\":1,\"1115\":1,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":2,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":2,\"1199\":1,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":2,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":2,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":2,\"1253\":1,\"1254\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":2,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":2,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":2,\"1350\":1,\"1351\":1,\"1365\":1,\"1366\":1,\"1367\":2,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":2,\"1392\":1,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":2,\"1415\":1,\"1416\":1,\"1417\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":2,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":2,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":2,\"1526\":1,\"1527\":1,\"1541\":1,\"1542\":1,\"1543\":2,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":2,\"1568\":1,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":2,\"1591\":1,\"1592\":1,\"1593\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":2,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":2,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":2,\"1703\":1,\"1704\":1,\"1718\":1,\"1719\":1,\"1720\":2,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":2,\"1745\":1,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":2,\"1768\":1,\"1769\":1,\"1770\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":2,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":2,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":2,\"1880\":1,\"1881\":1,\"1895\":1,\"1896\":1,\"1897\":2,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":2,\"1922\":1,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":2,\"1945\":1,\"1946\":1,\"1947\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":2,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":2,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":2,\"2057\":1,\"2058\":1,\"2072\":1,\"2073\":1,\"2074\":2,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":2,\"2099\":1,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":2,\"2122\":1,\"2123\":1,\"2124\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":2,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":2,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":2,\"2234\":1,\"2235\":1,\"2249\":1,\"2250\":1,\"2251\":2,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":2,\"2276\":1,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":2,\"2299\":1,\"2300\":1,\"2301\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":2,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":2,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":2,\"2428\":1,\"2429\":1,\"2464\":1,\"2465\":1,\"2466\":2,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":2,\"2495\":1,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":2,\"2518\":1,\"2519\":1,\"2520\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":2,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":2,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":2,\"2647\":1,\"2648\":1,\"2683\":1,\"2684\":1,\"2685\":2,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":2,\"2714\":1,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":2,\"2737\":1,\"2738\":1,\"2739\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":2,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":2,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":2,\"2866\":1,\"2867\":1,\"2902\":1,\"2903\":1,\"2904\":2,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":2,\"2933\":1,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":2,\"2956\":1,\"2957\":1,\"2958\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":2,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":2,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":2,\"3085\":1,\"3086\":1,\"3121\":1,\"3122\":1,\"3123\":2,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":2,\"3152\":1,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":2,\"3175\":1,\"3176\":1,\"3177\":1,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":2,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":2,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":2,\"3303\":1,\"3304\":1,\"3305\":1,\"3342\":1,\"3343\":1,\"3344\":2,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":2,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":2,\"3396\":1,\"3397\":1,\"3398\":1},\"1\":{\"14\":1,\"41\":1,\"135\":2,\"283\":1,\"294\":1,\"437\":1,\"442\":6,\"443\":3,\"447\":4,\"449\":2,\"453\":3,\"455\":3,\"459\":1,\"461\":5,\"462\":5,\"476\":1,\"481\":7,\"482\":4,\"499\":1,\"504\":6,\"505\":4,\"525\":1,\"530\":6,\"531\":4,\"536\":3,\"537\":1,\"555\":1,\"560\":6,\"561\":4,\"564\":1,\"585\":1,\"590\":6,\"591\":3,\"594\":1,\"615\":1,\"620\":6,\"621\":3,\"624\":1,\"661\":1,\"666\":6,\"667\":3,\"670\":1,\"707\":1,\"712\":6,\"713\":3,\"716\":1,\"753\":1,\"758\":6,\"759\":3,\"762\":1,\"799\":1,\"804\":6,\"805\":3,\"808\":1,\"845\":1,\"850\":6,\"851\":3,\"854\":1,\"891\":1,\"896\":6,\"897\":3,\"901\":4,\"903\":2,\"907\":3,\"909\":3,\"913\":1,\"915\":5,\"916\":5,\"920\":3,\"928\":3,\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"934\":1,\"935\":1,\"936\":2,\"937\":2,\"938\":1,\"939\":2,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":3,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":2,\"964\":4,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":3,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":2,\"980\":2,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":3,\"995\":1,\"996\":2,\"997\":2,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":4,\"1003\":4,\"1004\":1,\"1005\":2,\"1006\":2,\"1007\":2,\"1008\":1,\"1009\":3,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1025\":7,\"1026\":2,\"1027\":7,\"1049\":4,\"1056\":1,\"1057\":5,\"1059\":1,\"1060\":3,\"1061\":2,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":2,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":3,\"1088\":1,\"1089\":2,\"1090\":2,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":4,\"1096\":4,\"1097\":1,\"1098\":2,\"1099\":2,\"1100\":2,\"1101\":1,\"1102\":3,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1118\":7,\"1119\":2,\"1120\":2,\"1121\":7,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":2,\"1151\":1,\"1152\":2,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":3,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":2,\"1174\":4,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":3,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":2,\"1190\":2,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":2,\"1199\":2,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":4,\"1206\":4,\"1207\":1,\"1208\":2,\"1209\":2,\"1210\":2,\"1211\":1,\"1212\":3,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":3,\"1229\":2,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":2,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":2,\"1253\":2,\"1254\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":4,\"1274\":4,\"1275\":1,\"1276\":2,\"1277\":2,\"1278\":2,\"1279\":1,\"1280\":3,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":2,\"1302\":1,\"1303\":2,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":3,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":2,\"1325\":4,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":3,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":2,\"1341\":2,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":2,\"1350\":2,\"1351\":1,\"1355\":4,\"1362\":1,\"1363\":5,\"1365\":1,\"1366\":3,\"1367\":2,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":2,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":2,\"1392\":2,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":4,\"1398\":4,\"1399\":1,\"1400\":2,\"1401\":2,\"1402\":2,\"1403\":1,\"1404\":3,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1420\":7,\"1421\":2,\"1422\":2,\"1423\":7,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":4,\"1446\":4,\"1447\":1,\"1448\":2,\"1449\":2,\"1450\":2,\"1451\":1,\"1452\":3,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":2,\"1474\":1,\"1475\":2,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":3,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":2,\"1497\":4,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":3,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":2,\"1513\":2,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":2,\"1526\":2,\"1527\":1,\"1531\":4,\"1538\":1,\"1539\":5,\"1541\":1,\"1542\":3,\"1543\":2,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":2,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":2,\"1568\":2,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":4,\"1574\":4,\"1575\":1,\"1576\":2,\"1577\":2,\"1578\":2,\"1579\":1,\"1580\":3,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1596\":7,\"1597\":2,\"1598\":2,\"1599\":7,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":4,\"1623\":4,\"1624\":1,\"1625\":2,\"1626\":2,\"1627\":2,\"1628\":1,\"1629\":3,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":2,\"1651\":1,\"1652\":2,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":3,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":2,\"1674\":4,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":3,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":2,\"1690\":2,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":2,\"1703\":2,\"1704\":1,\"1708\":4,\"1715\":1,\"1716\":5,\"1718\":1,\"1719\":3,\"1720\":2,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":2,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":2,\"1745\":2,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":4,\"1751\":4,\"1752\":1,\"1753\":2,\"1754\":2,\"1755\":2,\"1756\":1,\"1757\":3,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1773\":7,\"1774\":2,\"1775\":2,\"1776\":7,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":4,\"1800\":4,\"1801\":1,\"1802\":2,\"1803\":2,\"1804\":2,\"1805\":1,\"1806\":3,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":2,\"1828\":1,\"1829\":2,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":3,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":2,\"1851\":4,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":3,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":2,\"1867\":2,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":2,\"1880\":2,\"1881\":1,\"1885\":4,\"1892\":1,\"1893\":5,\"1895\":1,\"1896\":3,\"1897\":2,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":2,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":2,\"1922\":2,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":4,\"1928\":4,\"1929\":1,\"1930\":2,\"1931\":2,\"1932\":2,\"1933\":1,\"1934\":3,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1950\":7,\"1951\":2,\"1952\":2,\"1953\":7,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":4,\"1977\":4,\"1978\":1,\"1979\":2,\"1980\":2,\"1981\":2,\"1982\":1,\"1983\":3,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":2,\"2005\":1,\"2006\":2,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":3,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":2,\"2028\":4,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":3,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":2,\"2044\":2,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":2,\"2057\":2,\"2058\":1,\"2062\":4,\"2069\":1,\"2070\":5,\"2072\":1,\"2073\":3,\"2074\":2,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":2,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":2,\"2099\":2,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":4,\"2105\":4,\"2106\":1,\"2107\":2,\"2108\":2,\"2109\":2,\"2110\":1,\"2111\":3,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2127\":7,\"2128\":2,\"2129\":2,\"2130\":7,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":4,\"2154\":4,\"2155\":1,\"2156\":2,\"2157\":2,\"2158\":2,\"2159\":1,\"2160\":3,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":2,\"2182\":1,\"2183\":2,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":3,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":2,\"2205\":4,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":3,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":2,\"2221\":2,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":2,\"2234\":2,\"2235\":1,\"2239\":4,\"2246\":1,\"2247\":5,\"2249\":1,\"2250\":3,\"2251\":2,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":2,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":2,\"2276\":2,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":4,\"2282\":4,\"2283\":1,\"2284\":2,\"2285\":2,\"2286\":2,\"2287\":1,\"2288\":3,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2304\":7,\"2305\":2,\"2306\":2,\"2307\":7,\"2327\":3,\"2335\":3,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":4,\"2341\":4,\"2342\":1,\"2343\":2,\"2344\":2,\"2345\":2,\"2346\":1,\"2347\":3,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":2,\"2369\":1,\"2370\":2,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":3,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":2,\"2395\":4,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":3,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":2,\"2411\":2,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":3,\"2426\":1,\"2427\":2,\"2428\":2,\"2429\":1,\"2432\":7,\"2433\":2,\"2434\":7,\"2454\":4,\"2461\":1,\"2462\":5,\"2464\":1,\"2465\":3,\"2466\":2,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":2,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":3,\"2493\":1,\"2494\":2,\"2495\":2,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":4,\"2501\":4,\"2502\":1,\"2503\":2,\"2504\":2,\"2505\":2,\"2506\":1,\"2507\":3,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2523\":7,\"2524\":2,\"2525\":2,\"2526\":7,\"2546\":3,\"2554\":3,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":4,\"2560\":4,\"2561\":1,\"2562\":2,\"2563\":2,\"2564\":2,\"2565\":1,\"2566\":3,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":2,\"2588\":1,\"2589\":2,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":3,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":2,\"2614\":4,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":3,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":2,\"2630\":2,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":3,\"2645\":1,\"2646\":2,\"2647\":2,\"2648\":1,\"2651\":7,\"2652\":2,\"2653\":7,\"2673\":4,\"2680\":1,\"2681\":5,\"2683\":1,\"2684\":3,\"2685\":2,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":2,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":3,\"2712\":1,\"2713\":2,\"2714\":2,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":4,\"2720\":4,\"2721\":1,\"2722\":2,\"2723\":2,\"2724\":2,\"2725\":1,\"2726\":3,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2742\":7,\"2743\":2,\"2744\":2,\"2745\":7,\"2765\":3,\"2773\":3,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":4,\"2779\":4,\"2780\":1,\"2781\":2,\"2782\":2,\"2783\":2,\"2784\":1,\"2785\":3,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":2,\"2807\":1,\"2808\":2,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":3,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":2,\"2833\":4,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":3,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":2,\"2849\":2,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":3,\"2864\":1,\"2865\":2,\"2866\":2,\"2867\":1,\"2870\":7,\"2871\":2,\"2872\":7,\"2892\":4,\"2899\":1,\"2900\":5,\"2902\":1,\"2903\":3,\"2904\":2,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":2,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":3,\"2931\":1,\"2932\":2,\"2933\":2,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":4,\"2939\":4,\"2940\":1,\"2941\":2,\"2942\":2,\"2943\":2,\"2944\":1,\"2945\":3,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2961\":7,\"2962\":2,\"2963\":2,\"2964\":7,\"2984\":3,\"2992\":3,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":4,\"2998\":4,\"2999\":1,\"3000\":2,\"3001\":2,\"3002\":2,\"3003\":1,\"3004\":3,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":2,\"3026\":1,\"3027\":2,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":3,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":2,\"3052\":4,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":3,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":2,\"3068\":2,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":3,\"3083\":1,\"3084\":2,\"3085\":2,\"3086\":1,\"3089\":7,\"3090\":2,\"3091\":7,\"3111\":4,\"3118\":1,\"3119\":5,\"3121\":1,\"3122\":3,\"3123\":2,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":2,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":3,\"3150\":1,\"3151\":2,\"3152\":2,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":4,\"3158\":4,\"3159\":1,\"3160\":2,\"3161\":2,\"3162\":2,\"3163\":1,\"3164\":3,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3180\":7,\"3181\":2,\"3182\":2,\"3183\":7,\"3203\":3,\"3211\":3,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":2,\"3221\":1,\"3222\":2,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":3,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":2,\"3247\":4,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":3,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":2,\"3263\":2,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":3,\"3278\":1,\"3279\":2,\"3280\":2,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":4,\"3286\":4,\"3287\":1,\"3288\":2,\"3289\":2,\"3290\":2,\"3291\":1,\"3292\":3,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3308\":7,\"3309\":2,\"3310\":7,\"3332\":4,\"3339\":1,\"3340\":5,\"3342\":1,\"3343\":3,\"3344\":2,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":2,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":3,\"3371\":1,\"3372\":2,\"3373\":2,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":4,\"3379\":4,\"3380\":1,\"3381\":2,\"3382\":2,\"3383\":2,\"3384\":1,\"3385\":3,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1,\"3401\":7,\"3402\":2,\"3403\":2,\"3404\":7}}],[\"desire\",{\"1\":{\"414\":1,\"638\":1,\"684\":1,\"730\":1,\"776\":1,\"822\":1,\"868\":1}}],[\"desired\",{\"1\":{\"38\":1}}],[\"designated\",{\"1\":{\"138\":1}}],[\"design\",{\"0\":{\"108\":1},\"1\":{\"96\":1,\"109\":1,\"120\":1}}],[\"designed\",{\"1\":{\"6\":1,\"9\":1,\"116\":1,\"395\":1}}],[\"descriptions\",{\"1\":{\"159\":2}}],[\"description\",{\"1\":{\"37\":1,\"97\":1,\"159\":1,\"174\":1,\"175\":1,\"176\":1,\"177\":1,\"178\":1,\"179\":1,\"180\":1,\"181\":1,\"182\":1,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":1,\"190\":1,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":1,\"197\":1,\"198\":1,\"199\":1,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":1,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":1,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":1,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"241\":1,\"242\":1,\"243\":1,\"244\":1,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":1,\"252\":1,\"253\":1,\"254\":1,\"255\":1,\"256\":1,\"257\":1,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"269\":1,\"270\":1,\"271\":1,\"272\":1,\"273\":1,\"274\":1,\"275\":1,\"276\":1,\"277\":1,\"278\":1,\"279\":1,\"320\":1,\"321\":1,\"322\":1,\"323\":1,\"324\":1,\"325\":1,\"930\":1,\"931\":1,\"932\":1,\"933\":1,\"934\":1,\"935\":1,\"936\":1,\"937\":1,\"938\":1,\"939\":1,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":1,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":1,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":1,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":1,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":1,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":1,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1031\":1,\"1032\":1,\"1033\":1,\"1034\":1,\"1035\":1,\"1036\":1,\"1037\":1,\"1038\":1,\"1039\":1,\"1040\":1,\"1041\":1,\"1042\":1,\"1043\":1,\"1044\":1,\"1045\":1,\"1059\":1,\"1060\":1,\"1061\":1,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":1,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":1,\"1073\":1,\"1074\":1,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":1,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":1,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1125\":1,\"1126\":1,\"1127\":1,\"1128\":1,\"1129\":1,\"1130\":1,\"1131\":1,\"1132\":1,\"1133\":1,\"1134\":1,\"1135\":1,\"1136\":1,\"1137\":1,\"1138\":1,\"1139\":1,\"1143\":1,\"1144\":1,\"1145\":1,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":1,\"1150\":1,\"1151\":1,\"1152\":1,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":1,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":1,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":1,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":1,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":1,\"1199\":1,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":1,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":1,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":1,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":1,\"1241\":1,\"1242\":1,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":1,\"1253\":1,\"1254\":1,\"1256\":1,\"1257\":1,\"1258\":1,\"1259\":1,\"1260\":1,\"1261\":1,\"1262\":1,\"1263\":1,\"1264\":1,\"1265\":1,\"1266\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":1,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":1,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":1,\"1301\":1,\"1302\":1,\"1303\":1,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":1,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":1,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":1,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":1,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":1,\"1350\":1,\"1351\":1,\"1365\":1,\"1366\":1,\"1367\":1,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":1,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":1,\"1379\":1,\"1380\":1,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":1,\"1392\":1,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":1,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1427\":1,\"1428\":1,\"1429\":1,\"1430\":1,\"1431\":1,\"1432\":1,\"1433\":1,\"1434\":1,\"1435\":1,\"1436\":1,\"1437\":1,\"1438\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":1,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":1,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":1,\"1473\":1,\"1474\":1,\"1475\":1,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":1,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":1,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":1,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":1,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":1,\"1526\":1,\"1527\":1,\"1541\":1,\"1542\":1,\"1543\":1,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":1,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":1,\"1555\":1,\"1556\":1,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":1,\"1568\":1,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":1,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1603\":1,\"1604\":1,\"1605\":1,\"1606\":1,\"1607\":1,\"1608\":1,\"1609\":1,\"1610\":1,\"1611\":1,\"1612\":1,\"1613\":1,\"1614\":1,\"1615\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":1,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":1,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":1,\"1650\":1,\"1651\":1,\"1652\":1,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":1,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":1,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":1,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":1,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":1,\"1703\":1,\"1704\":1,\"1718\":1,\"1719\":1,\"1720\":1,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":1,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":1,\"1732\":1,\"1733\":1,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":1,\"1745\":1,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":1,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1780\":1,\"1781\":1,\"1782\":1,\"1783\":1,\"1784\":1,\"1785\":1,\"1786\":1,\"1787\":1,\"1788\":1,\"1789\":1,\"1790\":1,\"1791\":1,\"1792\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":1,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":1,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":1,\"1827\":1,\"1828\":1,\"1829\":1,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":1,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":1,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":1,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":1,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":1,\"1880\":1,\"1881\":1,\"1895\":1,\"1896\":1,\"1897\":1,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":1,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":1,\"1909\":1,\"1910\":1,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":1,\"1922\":1,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":1,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1957\":1,\"1958\":1,\"1959\":1,\"1960\":1,\"1961\":1,\"1962\":1,\"1963\":1,\"1964\":1,\"1965\":1,\"1966\":1,\"1967\":1,\"1968\":1,\"1969\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":1,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":1,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":1,\"2004\":1,\"2005\":1,\"2006\":1,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":1,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":1,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":1,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":1,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":1,\"2057\":1,\"2058\":1,\"2072\":1,\"2073\":1,\"2074\":1,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":1,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":1,\"2086\":1,\"2087\":1,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":1,\"2099\":1,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":1,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2134\":1,\"2135\":1,\"2136\":1,\"2137\":1,\"2138\":1,\"2139\":1,\"2140\":1,\"2141\":1,\"2142\":1,\"2143\":1,\"2144\":1,\"2145\":1,\"2146\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":1,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":1,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":1,\"2181\":1,\"2182\":1,\"2183\":1,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":1,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":1,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":1,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":1,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":1,\"2234\":1,\"2235\":1,\"2249\":1,\"2250\":1,\"2251\":1,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":1,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":1,\"2263\":1,\"2264\":1,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":1,\"2276\":1,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":1,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2311\":1,\"2312\":1,\"2313\":1,\"2314\":1,\"2315\":1,\"2316\":1,\"2317\":1,\"2318\":1,\"2319\":1,\"2320\":1,\"2321\":1,\"2322\":1,\"2323\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":1,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":1,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":1,\"2368\":1,\"2369\":1,\"2370\":1,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":1,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":1,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":1,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":1,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":1,\"2428\":1,\"2429\":1,\"2438\":1,\"2439\":1,\"2440\":1,\"2441\":1,\"2442\":1,\"2443\":1,\"2444\":1,\"2445\":1,\"2446\":1,\"2447\":1,\"2448\":1,\"2449\":1,\"2450\":1,\"2464\":1,\"2465\":1,\"2466\":1,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":1,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":1,\"2478\":1,\"2479\":1,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":1,\"2495\":1,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":1,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2530\":1,\"2531\":1,\"2532\":1,\"2533\":1,\"2534\":1,\"2535\":1,\"2536\":1,\"2537\":1,\"2538\":1,\"2539\":1,\"2540\":1,\"2541\":1,\"2542\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":1,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":1,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":1,\"2587\":1,\"2588\":1,\"2589\":1,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":1,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":1,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":1,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":1,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":1,\"2647\":1,\"2648\":1,\"2657\":1,\"2658\":1,\"2659\":1,\"2660\":1,\"2661\":1,\"2662\":1,\"2663\":1,\"2664\":1,\"2665\":1,\"2666\":1,\"2667\":1,\"2668\":1,\"2669\":1,\"2683\":1,\"2684\":1,\"2685\":1,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":1,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":1,\"2697\":1,\"2698\":1,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":1,\"2714\":1,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":1,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2749\":1,\"2750\":1,\"2751\":1,\"2752\":1,\"2753\":1,\"2754\":1,\"2755\":1,\"2756\":1,\"2757\":1,\"2758\":1,\"2759\":1,\"2760\":1,\"2761\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":1,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":1,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":1,\"2806\":1,\"2807\":1,\"2808\":1,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":1,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":1,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":1,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":1,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":1,\"2866\":1,\"2867\":1,\"2876\":1,\"2877\":1,\"2878\":1,\"2879\":1,\"2880\":1,\"2881\":1,\"2882\":1,\"2883\":1,\"2884\":1,\"2885\":1,\"2886\":1,\"2887\":1,\"2888\":1,\"2902\":1,\"2903\":1,\"2904\":1,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":1,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":1,\"2916\":1,\"2917\":1,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":1,\"2933\":1,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":1,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2968\":1,\"2969\":1,\"2970\":1,\"2971\":1,\"2972\":1,\"2973\":1,\"2974\":1,\"2975\":1,\"2976\":1,\"2977\":1,\"2978\":1,\"2979\":1,\"2980\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":1,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":1,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":1,\"3025\":1,\"3026\":1,\"3027\":1,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":1,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":1,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":1,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":1,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":1,\"3085\":1,\"3086\":1,\"3095\":1,\"3096\":1,\"3097\":1,\"3098\":1,\"3099\":1,\"3100\":1,\"3101\":1,\"3102\":1,\"3103\":1,\"3104\":1,\"3105\":1,\"3106\":1,\"3107\":1,\"3121\":1,\"3122\":1,\"3123\":1,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":1,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":1,\"3135\":1,\"3136\":1,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":1,\"3152\":1,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":1,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3187\":1,\"3188\":1,\"3189\":1,\"3190\":1,\"3191\":1,\"3192\":1,\"3193\":1,\"3194\":1,\"3195\":1,\"3196\":1,\"3197\":1,\"3198\":1,\"3199\":1,\"3213\":1,\"3214\":1,\"3215\":1,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":1,\"3220\":1,\"3221\":1,\"3222\":1,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":1,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":1,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":1,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":1,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":1,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":1,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3314\":1,\"3315\":1,\"3316\":1,\"3317\":1,\"3318\":1,\"3319\":1,\"3320\":1,\"3321\":1,\"3322\":1,\"3323\":1,\"3324\":1,\"3325\":1,\"3326\":1,\"3327\":1,\"3328\":1,\"3342\":1,\"3343\":1,\"3344\":1,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":1,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":1,\"3356\":1,\"3357\":1,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":1,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":1,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1,\"3408\":1,\"3409\":1,\"3410\":1,\"3411\":1,\"3412\":1,\"3413\":1,\"3414\":1,\"3415\":1,\"3416\":1,\"3417\":1,\"3418\":1,\"3419\":1,\"3420\":1,\"3421\":1,\"3422\":1}}],[\"described\",{\"1\":{\"33\":1,\"157\":1,\"319\":1,\"394\":1,\"395\":1,\"397\":1,\"399\":2}}],[\"describe\",{\"1\":{\"33\":1,\"93\":1,\"95\":1,\"419\":1,\"643\":1,\"689\":1,\"735\":1,\"781\":1,\"827\":1,\"873\":1}}],[\"despite\",{\"1\":{\"35\":1}}],[\"des\",{\"1\":{\"14\":3,\"16\":1,\"17\":2,\"22\":1,\"41\":1}}],[\"derived\",{\"1\":{\"457\":3,\"911\":3}}],[\"der\",{\"1\":{\"14\":6,\"15\":2,\"16\":5,\"17\":2,\"18\":1,\"22\":1,\"41\":3}}],[\"de\",{\"1\":{\"12\":1,\"16\":2,\"22\":1,\"37\":1,\"40\":1,\"71\":1,\"116\":1,\"139\":2,\"160\":1,\"216\":1,\"289\":5,\"290\":5,\"300\":6,\"301\":5,\"304\":1,\"307\":1,\"310\":1,\"313\":1,\"316\":1,\"428\":2,\"429\":1,\"442\":5,\"443\":2,\"445\":1,\"462\":1,\"471\":2,\"472\":1,\"481\":5,\"482\":3,\"484\":1,\"494\":2,\"495\":1,\"504\":5,\"505\":3,\"507\":1,\"511\":1,\"520\":2,\"521\":1,\"530\":5,\"531\":3,\"533\":1,\"537\":1,\"546\":2,\"547\":1,\"560\":5,\"561\":3,\"563\":1,\"567\":1,\"576\":2,\"577\":1,\"590\":5,\"591\":2,\"593\":1,\"597\":1,\"606\":2,\"607\":1,\"620\":5,\"621\":2,\"623\":1,\"627\":1,\"652\":2,\"653\":1,\"666\":5,\"667\":2,\"669\":1,\"673\":1,\"698\":2,\"699\":1,\"712\":5,\"713\":2,\"715\":1,\"719\":1,\"744\":2,\"745\":1,\"758\":5,\"759\":2,\"761\":1,\"765\":1,\"790\":2,\"791\":1,\"804\":5,\"805\":2,\"807\":1,\"811\":1,\"836\":2,\"837\":1,\"850\":5,\"851\":2,\"853\":1,\"857\":1,\"882\":2,\"883\":1,\"896\":5,\"897\":2,\"899\":1,\"916\":1,\"967\":1,\"1043\":2,\"1137\":2,\"1177\":1,\"1328\":1,\"1500\":1,\"1677\":1,\"1854\":1,\"2031\":1,\"2208\":1,\"2398\":1,\"2617\":1,\"2836\":1,\"3055\":1,\"3250\":1,\"3326\":2,\"3420\":2}}],[\"dsfdev\",{\"1\":{\"985\":1,\"1518\":1,\"1695\":1,\"1872\":1,\"2049\":1,\"2226\":1,\"2416\":1,\"2635\":1,\"2854\":1,\"3073\":1,\"3268\":1}}],[\"dsf<\",{\"1\":{\"162\":1,\"163\":1}}],[\"dsfs\",{\"1\":{\"116\":1,\"117\":1}}],[\"dsf\",{\"0\":{\"5\":1,\"6\":1,\"12\":1,\"19\":1,\"42\":1,\"44\":1,\"46\":1,\"48\":1,\"50\":1,\"52\":1,\"54\":1,\"56\":1,\"58\":1,\"60\":1,\"62\":1,\"64\":1,\"66\":1,\"81\":1,\"82\":1,\"89\":1,\"173\":1,\"174\":1,\"175\":2,\"176\":1,\"177\":1,\"178\":1,\"179\":2,\"180\":1,\"181\":1,\"182\":2,\"183\":1,\"184\":1,\"185\":1,\"186\":1,\"187\":1,\"188\":1,\"189\":2,\"190\":2,\"191\":1,\"192\":1,\"193\":1,\"194\":1,\"195\":1,\"196\":2,\"197\":1,\"198\":1,\"199\":2,\"200\":1,\"201\":1,\"202\":1,\"203\":1,\"204\":1,\"205\":1,\"206\":1,\"207\":1,\"208\":1,\"209\":1,\"210\":1,\"211\":1,\"212\":1,\"213\":1,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":2,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":1,\"229\":1,\"230\":1,\"231\":1,\"232\":1,\"233\":1,\"234\":1,\"235\":1,\"236\":1,\"237\":1,\"238\":1,\"240\":1,\"241\":1,\"242\":1,\"243\":2,\"244\":2,\"245\":1,\"246\":1,\"247\":1,\"248\":1,\"249\":1,\"250\":1,\"251\":2,\"252\":1,\"253\":1,\"254\":1,\"255\":2,\"256\":1,\"257\":2,\"258\":1,\"259\":1,\"260\":1,\"261\":1,\"262\":1,\"263\":1,\"264\":1,\"265\":1,\"266\":1,\"268\":1,\"289\":1,\"290\":1,\"300\":1,\"301\":1,\"303\":1,\"304\":1,\"306\":1,\"307\":1,\"309\":1,\"310\":1,\"312\":1,\"313\":1,\"315\":1,\"316\":1,\"317\":1,\"318\":1,\"358\":1,\"384\":1,\"416\":1,\"424\":1,\"434\":1,\"442\":1,\"443\":1,\"459\":1,\"460\":1,\"461\":1,\"462\":1,\"467\":1,\"473\":1,\"481\":1,\"482\":1,\"485\":1,\"490\":1,\"496\":1,\"504\":1,\"505\":1,\"508\":1,\"509\":1,\"510\":1,\"511\":1,\"516\":1,\"522\":1,\"530\":1,\"531\":1,\"534\":1,\"535\":1,\"536\":1,\"537\":1,\"542\":1,\"552\":1,\"560\":1,\"561\":1,\"564\":1,\"565\":1,\"566\":1,\"567\":1,\"572\":1,\"582\":1,\"590\":1,\"591\":1,\"594\":1,\"595\":1,\"596\":1,\"597\":1,\"602\":1,\"612\":1,\"620\":1,\"621\":1,\"624\":1,\"625\":1,\"626\":1,\"627\":1,\"640\":1,\"648\":1,\"658\":1,\"666\":1,\"667\":1,\"670\":1,\"671\":1,\"672\":1,\"673\":1,\"686\":1,\"694\":1,\"704\":1,\"712\":1,\"713\":1,\"716\":1,\"717\":1,\"718\":1,\"719\":1,\"732\":1,\"740\":1,\"750\":1,\"758\":1,\"759\":1,\"762\":1,\"763\":1,\"764\":1,\"765\":1,\"778\":1,\"786\":1,\"796\":1,\"804\":1,\"805\":1,\"808\":1,\"809\":1,\"810\":1,\"811\":1,\"824\":1,\"832\":1,\"842\":1,\"850\":1,\"851\":1,\"854\":1,\"855\":1,\"856\":1,\"857\":1,\"870\":1,\"878\":1,\"888\":1,\"896\":1,\"897\":1,\"913\":1,\"914\":1,\"915\":1,\"916\":1,\"925\":1,\"926\":1,\"930\":1,\"931\":1,\"932\":2,\"933\":1,\"934\":1,\"935\":1,\"936\":2,\"937\":1,\"938\":1,\"939\":2,\"940\":1,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":1,\"949\":1,\"950\":2,\"951\":1,\"952\":1,\"953\":1,\"954\":1,\"955\":1,\"956\":1,\"957\":1,\"958\":1,\"959\":1,\"960\":1,\"961\":1,\"962\":1,\"963\":1,\"964\":1,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":2,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":1,\"980\":1,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":1,\"986\":1,\"987\":1,\"988\":1,\"989\":1,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":2,\"997\":1,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":1,\"1003\":1,\"1004\":1,\"1005\":1,\"1006\":1,\"1007\":1,\"1008\":1,\"1009\":1,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":2,\"1020\":1,\"1021\":1,\"1022\":1,\"1054\":1,\"1055\":1,\"1059\":1,\"1060\":1,\"1061\":2,\"1062\":1,\"1063\":1,\"1064\":1,\"1065\":1,\"1066\":1,\"1067\":1,\"1068\":2,\"1069\":1,\"1070\":1,\"1071\":1,\"1072\":2,\"1073\":1,\"1074\":2,\"1075\":1,\"1076\":1,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":1,\"1081\":1,\"1082\":1,\"1083\":1,\"1084\":1,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":2,\"1090\":1,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":1,\"1096\":1,\"1097\":1,\"1098\":1,\"1099\":1,\"1100\":1,\"1101\":1,\"1102\":1,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":2,\"1113\":1,\"1114\":1,\"1115\":1,\"1143\":1,\"1144\":1,\"1145\":2,\"1146\":1,\"1147\":1,\"1148\":1,\"1149\":2,\"1150\":1,\"1151\":1,\"1152\":2,\"1153\":1,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":1,\"1158\":1,\"1159\":2,\"1160\":1,\"1161\":1,\"1162\":1,\"1163\":1,\"1164\":1,\"1165\":1,\"1166\":1,\"1167\":1,\"1168\":1,\"1169\":1,\"1170\":1,\"1171\":1,\"1172\":1,\"1173\":1,\"1174\":1,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":2,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":1,\"1190\":1,\"1191\":1,\"1192\":1,\"1193\":1,\"1194\":1,\"1195\":1,\"1196\":1,\"1197\":1,\"1198\":2,\"1199\":1,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":1,\"1206\":1,\"1207\":1,\"1208\":1,\"1209\":1,\"1210\":1,\"1211\":1,\"1212\":1,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":2,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":1,\"1228\":1,\"1229\":2,\"1230\":1,\"1231\":1,\"1232\":1,\"1233\":1,\"1234\":1,\"1235\":1,\"1236\":2,\"1237\":1,\"1238\":1,\"1239\":1,\"1240\":2,\"1241\":1,\"1242\":2,\"1243\":1,\"1244\":1,\"1245\":1,\"1246\":1,\"1247\":1,\"1248\":1,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":2,\"1253\":1,\"1254\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":1,\"1274\":1,\"1275\":1,\"1276\":1,\"1277\":1,\"1278\":1,\"1279\":1,\"1280\":1,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":2,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":2,\"1297\":1,\"1298\":1,\"1299\":1,\"1300\":2,\"1301\":1,\"1302\":1,\"1303\":2,\"1304\":1,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":1,\"1309\":1,\"1310\":2,\"1311\":1,\"1312\":1,\"1313\":1,\"1314\":1,\"1315\":1,\"1316\":1,\"1317\":1,\"1318\":1,\"1319\":1,\"1320\":1,\"1321\":1,\"1322\":1,\"1323\":1,\"1324\":1,\"1325\":1,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":2,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":1,\"1341\":1,\"1342\":1,\"1343\":1,\"1344\":1,\"1345\":1,\"1346\":1,\"1347\":1,\"1348\":1,\"1349\":2,\"1350\":1,\"1351\":1,\"1360\":1,\"1361\":1,\"1365\":1,\"1366\":1,\"1367\":2,\"1368\":1,\"1369\":1,\"1370\":1,\"1371\":1,\"1372\":1,\"1373\":1,\"1374\":2,\"1375\":1,\"1376\":1,\"1377\":1,\"1378\":2,\"1379\":1,\"1380\":2,\"1381\":1,\"1382\":1,\"1383\":1,\"1384\":1,\"1385\":1,\"1386\":1,\"1387\":1,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":2,\"1392\":1,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":1,\"1398\":1,\"1399\":1,\"1400\":1,\"1401\":1,\"1402\":1,\"1403\":1,\"1404\":1,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":2,\"1415\":1,\"1416\":1,\"1417\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":1,\"1446\":1,\"1447\":1,\"1448\":1,\"1449\":1,\"1450\":1,\"1451\":1,\"1452\":1,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":2,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":2,\"1469\":1,\"1470\":1,\"1471\":1,\"1472\":2,\"1473\":1,\"1474\":1,\"1475\":2,\"1476\":1,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":1,\"1482\":1,\"1483\":2,\"1484\":1,\"1485\":1,\"1486\":1,\"1487\":1,\"1488\":1,\"1489\":1,\"1490\":1,\"1491\":1,\"1492\":1,\"1493\":1,\"1494\":1,\"1495\":1,\"1496\":1,\"1497\":1,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":2,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":1,\"1513\":1,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":1,\"1519\":1,\"1520\":1,\"1521\":1,\"1522\":1,\"1523\":1,\"1524\":1,\"1525\":2,\"1526\":1,\"1527\":1,\"1536\":1,\"1537\":1,\"1541\":1,\"1542\":1,\"1543\":2,\"1544\":1,\"1545\":1,\"1546\":1,\"1547\":1,\"1548\":1,\"1549\":1,\"1550\":2,\"1551\":1,\"1552\":1,\"1553\":1,\"1554\":2,\"1555\":1,\"1556\":2,\"1557\":1,\"1558\":1,\"1559\":1,\"1560\":1,\"1561\":1,\"1562\":1,\"1563\":1,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":2,\"1568\":1,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":1,\"1574\":1,\"1575\":1,\"1576\":1,\"1577\":1,\"1578\":1,\"1579\":1,\"1580\":1,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":2,\"1591\":1,\"1592\":1,\"1593\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":1,\"1623\":1,\"1624\":1,\"1625\":1,\"1626\":1,\"1627\":1,\"1628\":1,\"1629\":1,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":2,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":2,\"1646\":1,\"1647\":1,\"1648\":1,\"1649\":2,\"1650\":1,\"1651\":1,\"1652\":2,\"1653\":1,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":1,\"1659\":1,\"1660\":2,\"1661\":1,\"1662\":1,\"1663\":1,\"1664\":1,\"1665\":1,\"1666\":1,\"1667\":1,\"1668\":1,\"1669\":1,\"1670\":1,\"1671\":1,\"1672\":1,\"1673\":1,\"1674\":1,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":2,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":1,\"1690\":1,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":1,\"1696\":1,\"1697\":1,\"1698\":1,\"1699\":1,\"1700\":1,\"1701\":1,\"1702\":2,\"1703\":1,\"1704\":1,\"1713\":1,\"1714\":1,\"1718\":1,\"1719\":1,\"1720\":2,\"1721\":1,\"1722\":1,\"1723\":1,\"1724\":1,\"1725\":1,\"1726\":1,\"1727\":2,\"1728\":1,\"1729\":1,\"1730\":1,\"1731\":2,\"1732\":1,\"1733\":2,\"1734\":1,\"1735\":1,\"1736\":1,\"1737\":1,\"1738\":1,\"1739\":1,\"1740\":1,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":2,\"1745\":1,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":1,\"1751\":1,\"1752\":1,\"1753\":1,\"1754\":1,\"1755\":1,\"1756\":1,\"1757\":1,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":2,\"1768\":1,\"1769\":1,\"1770\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":1,\"1800\":1,\"1801\":1,\"1802\":1,\"1803\":1,\"1804\":1,\"1805\":1,\"1806\":1,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":2,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":2,\"1823\":1,\"1824\":1,\"1825\":1,\"1826\":2,\"1827\":1,\"1828\":1,\"1829\":2,\"1830\":1,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":1,\"1836\":1,\"1837\":2,\"1838\":1,\"1839\":1,\"1840\":1,\"1841\":1,\"1842\":1,\"1843\":1,\"1844\":1,\"1845\":1,\"1846\":1,\"1847\":1,\"1848\":1,\"1849\":1,\"1850\":1,\"1851\":1,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":2,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":1,\"1867\":1,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":1,\"1873\":1,\"1874\":1,\"1875\":1,\"1876\":1,\"1877\":1,\"1878\":1,\"1879\":2,\"1880\":1,\"1881\":1,\"1890\":1,\"1891\":1,\"1895\":1,\"1896\":1,\"1897\":2,\"1898\":1,\"1899\":1,\"1900\":1,\"1901\":1,\"1902\":1,\"1903\":1,\"1904\":2,\"1905\":1,\"1906\":1,\"1907\":1,\"1908\":2,\"1909\":1,\"1910\":2,\"1911\":1,\"1912\":1,\"1913\":1,\"1914\":1,\"1915\":1,\"1916\":1,\"1917\":1,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":2,\"1922\":1,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":1,\"1928\":1,\"1929\":1,\"1930\":1,\"1931\":1,\"1932\":1,\"1933\":1,\"1934\":1,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":2,\"1945\":1,\"1946\":1,\"1947\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":1,\"1977\":1,\"1978\":1,\"1979\":1,\"1980\":1,\"1981\":1,\"1982\":1,\"1983\":1,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":2,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":2,\"2000\":1,\"2001\":1,\"2002\":1,\"2003\":2,\"2004\":1,\"2005\":1,\"2006\":2,\"2007\":1,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":1,\"2013\":1,\"2014\":2,\"2015\":1,\"2016\":1,\"2017\":1,\"2018\":1,\"2019\":1,\"2020\":1,\"2021\":1,\"2022\":1,\"2023\":1,\"2024\":1,\"2025\":1,\"2026\":1,\"2027\":1,\"2028\":1,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":2,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":1,\"2044\":1,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":1,\"2050\":1,\"2051\":1,\"2052\":1,\"2053\":1,\"2054\":1,\"2055\":1,\"2056\":2,\"2057\":1,\"2058\":1,\"2067\":1,\"2068\":1,\"2072\":1,\"2073\":1,\"2074\":2,\"2075\":1,\"2076\":1,\"2077\":1,\"2078\":1,\"2079\":1,\"2080\":1,\"2081\":2,\"2082\":1,\"2083\":1,\"2084\":1,\"2085\":2,\"2086\":1,\"2087\":2,\"2088\":1,\"2089\":1,\"2090\":1,\"2091\":1,\"2092\":1,\"2093\":1,\"2094\":1,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":2,\"2099\":1,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":1,\"2105\":1,\"2106\":1,\"2107\":1,\"2108\":1,\"2109\":1,\"2110\":1,\"2111\":1,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":2,\"2122\":1,\"2123\":1,\"2124\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":1,\"2154\":1,\"2155\":1,\"2156\":1,\"2157\":1,\"2158\":1,\"2159\":1,\"2160\":1,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":2,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":2,\"2177\":1,\"2178\":1,\"2179\":1,\"2180\":2,\"2181\":1,\"2182\":1,\"2183\":2,\"2184\":1,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":1,\"2190\":1,\"2191\":2,\"2192\":1,\"2193\":1,\"2194\":1,\"2195\":1,\"2196\":1,\"2197\":1,\"2198\":1,\"2199\":1,\"2200\":1,\"2201\":1,\"2202\":1,\"2203\":1,\"2204\":1,\"2205\":1,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":2,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":1,\"2221\":1,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":1,\"2227\":1,\"2228\":1,\"2229\":1,\"2230\":1,\"2231\":1,\"2232\":1,\"2233\":2,\"2234\":1,\"2235\":1,\"2244\":1,\"2245\":1,\"2249\":1,\"2250\":1,\"2251\":2,\"2252\":1,\"2253\":1,\"2254\":1,\"2255\":1,\"2256\":1,\"2257\":1,\"2258\":2,\"2259\":1,\"2260\":1,\"2261\":1,\"2262\":2,\"2263\":1,\"2264\":2,\"2265\":1,\"2266\":1,\"2267\":1,\"2268\":1,\"2269\":1,\"2270\":1,\"2271\":1,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":2,\"2276\":1,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":1,\"2282\":1,\"2283\":1,\"2284\":1,\"2285\":1,\"2286\":1,\"2287\":1,\"2288\":1,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":2,\"2299\":1,\"2300\":1,\"2301\":1,\"2332\":1,\"2333\":1,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":1,\"2341\":1,\"2342\":1,\"2343\":1,\"2344\":1,\"2345\":1,\"2346\":1,\"2347\":1,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":2,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":2,\"2364\":1,\"2365\":1,\"2366\":1,\"2367\":2,\"2368\":1,\"2369\":1,\"2370\":2,\"2371\":1,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":1,\"2380\":1,\"2381\":2,\"2382\":1,\"2383\":1,\"2384\":1,\"2385\":1,\"2386\":1,\"2387\":1,\"2388\":1,\"2389\":1,\"2390\":1,\"2391\":1,\"2392\":1,\"2393\":1,\"2394\":1,\"2395\":1,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":2,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":1,\"2411\":1,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":1,\"2417\":1,\"2418\":1,\"2419\":1,\"2420\":1,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":2,\"2428\":1,\"2429\":1,\"2459\":1,\"2460\":1,\"2464\":1,\"2465\":1,\"2466\":2,\"2467\":1,\"2468\":1,\"2469\":1,\"2470\":1,\"2471\":1,\"2472\":1,\"2473\":2,\"2474\":1,\"2475\":1,\"2476\":1,\"2477\":2,\"2478\":1,\"2479\":2,\"2480\":1,\"2481\":1,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":1,\"2486\":1,\"2487\":1,\"2488\":1,\"2489\":1,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":2,\"2495\":1,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":1,\"2501\":1,\"2502\":1,\"2503\":1,\"2504\":1,\"2505\":1,\"2506\":1,\"2507\":1,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":2,\"2518\":1,\"2519\":1,\"2520\":1,\"2551\":1,\"2552\":1,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":1,\"2560\":1,\"2561\":1,\"2562\":1,\"2563\":1,\"2564\":1,\"2565\":1,\"2566\":1,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":2,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":2,\"2583\":1,\"2584\":1,\"2585\":1,\"2586\":2,\"2587\":1,\"2588\":1,\"2589\":2,\"2590\":1,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":1,\"2599\":1,\"2600\":2,\"2601\":1,\"2602\":1,\"2603\":1,\"2604\":1,\"2605\":1,\"2606\":1,\"2607\":1,\"2608\":1,\"2609\":1,\"2610\":1,\"2611\":1,\"2612\":1,\"2613\":1,\"2614\":1,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":2,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":1,\"2630\":1,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":1,\"2636\":1,\"2637\":1,\"2638\":1,\"2639\":1,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":2,\"2647\":1,\"2648\":1,\"2678\":1,\"2679\":1,\"2683\":1,\"2684\":1,\"2685\":2,\"2686\":1,\"2687\":1,\"2688\":1,\"2689\":1,\"2690\":1,\"2691\":1,\"2692\":2,\"2693\":1,\"2694\":1,\"2695\":1,\"2696\":2,\"2697\":1,\"2698\":2,\"2699\":1,\"2700\":1,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":1,\"2705\":1,\"2706\":1,\"2707\":1,\"2708\":1,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":2,\"2714\":1,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":1,\"2720\":1,\"2721\":1,\"2722\":1,\"2723\":1,\"2724\":1,\"2725\":1,\"2726\":1,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":2,\"2737\":1,\"2738\":1,\"2739\":1,\"2770\":1,\"2771\":1,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":1,\"2779\":1,\"2780\":1,\"2781\":1,\"2782\":1,\"2783\":1,\"2784\":1,\"2785\":1,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":2,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":2,\"2802\":1,\"2803\":1,\"2804\":1,\"2805\":2,\"2806\":1,\"2807\":1,\"2808\":2,\"2809\":1,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":1,\"2818\":1,\"2819\":2,\"2820\":1,\"2821\":1,\"2822\":1,\"2823\":1,\"2824\":1,\"2825\":1,\"2826\":1,\"2827\":1,\"2828\":1,\"2829\":1,\"2830\":1,\"2831\":1,\"2832\":1,\"2833\":1,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":2,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":1,\"2849\":1,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":1,\"2855\":1,\"2856\":1,\"2857\":1,\"2858\":1,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":2,\"2866\":1,\"2867\":1,\"2897\":1,\"2898\":1,\"2902\":1,\"2903\":1,\"2904\":2,\"2905\":1,\"2906\":1,\"2907\":1,\"2908\":1,\"2909\":1,\"2910\":1,\"2911\":2,\"2912\":1,\"2913\":1,\"2914\":1,\"2915\":2,\"2916\":1,\"2917\":2,\"2918\":1,\"2919\":1,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":1,\"2924\":1,\"2925\":1,\"2926\":1,\"2927\":1,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":2,\"2933\":1,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":1,\"2939\":1,\"2940\":1,\"2941\":1,\"2942\":1,\"2943\":1,\"2944\":1,\"2945\":1,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":2,\"2956\":1,\"2957\":1,\"2958\":1,\"2989\":1,\"2990\":1,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":1,\"2998\":1,\"2999\":1,\"3000\":1,\"3001\":1,\"3002\":1,\"3003\":1,\"3004\":1,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":2,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":2,\"3021\":1,\"3022\":1,\"3023\":1,\"3024\":2,\"3025\":1,\"3026\":1,\"3027\":2,\"3028\":1,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":1,\"3037\":1,\"3038\":2,\"3039\":1,\"3040\":1,\"3041\":1,\"3042\":1,\"3043\":1,\"3044\":1,\"3045\":1,\"3046\":1,\"3047\":1,\"3048\":1,\"3049\":1,\"3050\":1,\"3051\":1,\"3052\":1,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":2,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":1,\"3068\":1,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":1,\"3074\":1,\"3075\":1,\"3076\":1,\"3077\":1,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":2,\"3085\":1,\"3086\":1,\"3116\":1,\"3117\":1,\"3121\":1,\"3122\":1,\"3123\":2,\"3124\":1,\"3125\":1,\"3126\":1,\"3127\":1,\"3128\":1,\"3129\":1,\"3130\":2,\"3131\":1,\"3132\":1,\"3133\":1,\"3134\":2,\"3135\":1,\"3136\":2,\"3137\":1,\"3138\":1,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":1,\"3143\":1,\"3144\":1,\"3145\":1,\"3146\":1,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":2,\"3152\":1,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":1,\"3158\":1,\"3159\":1,\"3160\":1,\"3161\":1,\"3162\":1,\"3163\":1,\"3164\":1,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":2,\"3175\":1,\"3176\":1,\"3177\":1,\"3208\":1,\"3209\":1,\"3213\":1,\"3214\":1,\"3215\":2,\"3216\":1,\"3217\":1,\"3218\":1,\"3219\":2,\"3220\":1,\"3221\":1,\"3222\":2,\"3223\":1,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":1,\"3232\":1,\"3233\":2,\"3234\":1,\"3235\":1,\"3236\":1,\"3237\":1,\"3238\":1,\"3239\":1,\"3240\":1,\"3241\":1,\"3242\":1,\"3243\":1,\"3244\":1,\"3245\":1,\"3246\":1,\"3247\":1,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":2,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":1,\"3263\":1,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":1,\"3269\":1,\"3270\":1,\"3271\":1,\"3272\":1,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":2,\"3280\":1,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":1,\"3286\":1,\"3287\":1,\"3288\":1,\"3289\":1,\"3290\":1,\"3291\":1,\"3292\":1,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":2,\"3303\":1,\"3304\":1,\"3305\":1,\"3337\":1,\"3338\":1,\"3342\":1,\"3343\":1,\"3344\":2,\"3345\":1,\"3346\":1,\"3347\":1,\"3348\":1,\"3349\":1,\"3350\":1,\"3351\":2,\"3352\":1,\"3353\":1,\"3354\":1,\"3355\":2,\"3356\":1,\"3357\":2,\"3358\":1,\"3359\":1,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":1,\"3364\":1,\"3365\":1,\"3366\":1,\"3367\":1,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":2,\"3373\":1,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":1,\"3379\":1,\"3380\":1,\"3381\":1,\"3382\":1,\"3383\":1,\"3384\":1,\"3385\":1,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":2,\"3396\":1,\"3397\":1,\"3398\":1},\"1\":{\"0\":4,\"5\":4,\"6\":2,\"8\":1,\"9\":1,\"10\":1,\"11\":1,\"12\":5,\"13\":1,\"14\":10,\"16\":1,\"20\":2,\"22\":3,\"28\":1,\"30\":1,\"31\":1,\"32\":4,\"33\":5,\"35\":1,\"37\":1,\"40\":1,\"41\":2,\"42\":7,\"44\":6,\"46\":7,\"48\":7,\"50\":7,\"52\":7,\"54\":7,\"56\":7,\"58\":7,\"60\":7,\"62\":7,\"64\":7,\"66\":7,\"71\":1,\"72\":1,\"74\":1,\"77\":1,\"81\":10,\"82\":2,\"85\":1,\"88\":4,\"89\":4,\"90\":3,\"93\":2,\"96\":1,\"98\":6,\"102\":3,\"104\":1,\"109\":3,\"110\":1,\"116\":5,\"117\":6,\"120\":3,\"121\":1,\"126\":1,\"128\":2,\"129\":1,\"130\":1,\"134\":14,\"135\":10,\"138\":5,\"139\":2,\"145\":4,\"146\":2,\"147\":9,\"148\":2,\"149\":2,\"150\":6,\"151\":2,\"152\":4,\"153\":4,\"154\":3,\"156\":1,\"159\":1,\"160\":1,\"162\":1,\"163\":1,\"165\":1,\"174\":1,\"175\":3,\"176\":2,\"177\":2,\"178\":2,\"179\":3,\"180\":3,\"181\":2,\"182\":3,\"183\":2,\"184\":1,\"185\":1,\"186\":1,\"187\":2,\"188\":3,\"189\":2,\"190\":4,\"191\":3,\"192\":3,\"193\":2,\"194\":2,\"195\":2,\"196\":3,\"197\":3,\"198\":3,\"199\":3,\"200\":2,\"201\":2,\"202\":2,\"203\":2,\"204\":2,\"205\":2,\"206\":2,\"207\":2,\"208\":1,\"209\":2,\"210\":2,\"211\":2,\"212\":2,\"213\":4,\"214\":2,\"215\":1,\"216\":1,\"217\":1,\"218\":1,\"219\":3,\"220\":1,\"221\":1,\"222\":1,\"223\":1,\"224\":1,\"225\":2,\"226\":1,\"227\":1,\"228\":2,\"229\":2,\"230\":1,\"231\":1,\"232\":1,\"233\":2,\"234\":2,\"235\":2,\"236\":3,\"237\":2,\"238\":1,\"241\":2,\"242\":3,\"243\":2,\"244\":3,\"245\":2,\"246\":2,\"247\":3,\"248\":2,\"249\":2,\"250\":2,\"251\":3,\"252\":2,\"253\":2,\"254\":2,\"255\":3,\"256\":2,\"257\":3,\"258\":3,\"259\":2,\"260\":2,\"261\":1,\"262\":2,\"263\":1,\"264\":2,\"265\":3,\"266\":3,\"269\":1,\"270\":1,\"280\":1,\"282\":2,\"284\":2,\"285\":12,\"288\":3,\"289\":27,\"290\":28,\"291\":1,\"293\":2,\"295\":2,\"296\":12,\"299\":3,\"300\":29,\"301\":28,\"302\":1,\"303\":25,\"304\":47,\"305\":1,\"306\":4,\"307\":41,\"308\":1,\"309\":4,\"310\":23,\"311\":1,\"312\":4,\"313\":12,\"314\":1,\"315\":4,\"316\":12,\"318\":1,\"327\":91,\"331\":5,\"332\":10,\"333\":1,\"334\":2,\"337\":1,\"338\":23,\"341\":6,\"342\":4,\"345\":1,\"346\":3,\"347\":2,\"348\":2,\"351\":1,\"352\":10,\"356\":5,\"357\":1,\"358\":2,\"362\":5,\"363\":1,\"366\":1,\"367\":25,\"376\":1,\"377\":14,\"381\":1,\"383\":3,\"384\":2,\"388\":5,\"389\":1,\"392\":1,\"393\":32,\"396\":1,\"397\":1,\"398\":1,\"404\":2,\"405\":2,\"416\":1,\"419\":3,\"422\":3,\"423\":3,\"425\":2,\"427\":4,\"428\":2,\"429\":1,\"431\":1,\"432\":1,\"433\":1,\"434\":3,\"436\":2,\"438\":2,\"439\":16,\"441\":3,\"442\":15,\"443\":15,\"446\":2,\"447\":4,\"449\":2,\"450\":1,\"453\":4,\"455\":5,\"459\":14,\"460\":1,\"461\":7,\"462\":15,\"465\":2,\"466\":3,\"468\":2,\"469\":1,\"470\":5,\"471\":1,\"472\":1,\"473\":5,\"475\":2,\"477\":2,\"478\":16,\"480\":3,\"481\":20,\"482\":18,\"485\":12,\"488\":2,\"489\":3,\"491\":2,\"492\":1,\"493\":5,\"494\":1,\"495\":1,\"496\":5,\"498\":2,\"500\":2,\"501\":16,\"503\":3,\"504\":17,\"505\":17,\"508\":12,\"509\":2,\"510\":2,\"511\":10,\"514\":2,\"515\":3,\"517\":2,\"518\":1,\"519\":5,\"520\":1,\"521\":1,\"522\":5,\"524\":2,\"526\":2,\"527\":16,\"529\":3,\"530\":17,\"531\":17,\"534\":12,\"535\":2,\"536\":6,\"537\":13,\"540\":2,\"541\":3,\"543\":2,\"544\":1,\"545\":4,\"546\":1,\"547\":3,\"549\":2,\"550\":1,\"552\":3,\"554\":2,\"556\":2,\"557\":16,\"559\":3,\"560\":17,\"561\":17,\"564\":14,\"565\":4,\"566\":2,\"567\":10,\"570\":2,\"571\":3,\"573\":2,\"574\":1,\"575\":4,\"576\":2,\"577\":1,\"579\":2,\"580\":1,\"582\":3,\"584\":2,\"586\":2,\"587\":16,\"589\":3,\"590\":17,\"591\":15,\"594\":14,\"595\":3,\"596\":2,\"597\":10,\"600\":2,\"601\":3,\"603\":2,\"604\":1,\"605\":4,\"606\":2,\"607\":1,\"609\":2,\"610\":1,\"612\":3,\"614\":2,\"616\":2,\"617\":16,\"619\":3,\"620\":17,\"621\":15,\"624\":14,\"625\":3,\"626\":2,\"627\":10,\"628\":2,\"629\":2,\"640\":1,\"643\":3,\"646\":3,\"647\":3,\"649\":2,\"650\":1,\"651\":4,\"652\":2,\"653\":1,\"655\":2,\"658\":3,\"660\":2,\"662\":2,\"663\":16,\"665\":3,\"666\":17,\"667\":15,\"670\":14,\"671\":3,\"672\":2,\"673\":10,\"674\":2,\"675\":2,\"686\":1,\"689\":3,\"692\":3,\"693\":3,\"695\":2,\"696\":1,\"697\":4,\"698\":2,\"699\":1,\"701\":2,\"704\":3,\"706\":2,\"708\":2,\"709\":16,\"711\":3,\"712\":17,\"713\":15,\"716\":14,\"717\":3,\"718\":2,\"719\":10,\"720\":2,\"721\":2,\"732\":1,\"735\":3,\"738\":3,\"739\":3,\"741\":2,\"742\":1,\"743\":4,\"744\":2,\"745\":1,\"747\":2,\"750\":3,\"752\":2,\"754\":2,\"755\":16,\"757\":3,\"758\":17,\"759\":15,\"762\":14,\"763\":3,\"764\":2,\"765\":10,\"766\":2,\"767\":2,\"778\":1,\"781\":3,\"784\":3,\"785\":3,\"787\":2,\"788\":1,\"789\":4,\"790\":2,\"791\":1,\"793\":1,\"794\":1,\"795\":1,\"796\":3,\"798\":2,\"800\":2,\"801\":16,\"803\":3,\"804\":17,\"805\":15,\"808\":14,\"809\":3,\"810\":2,\"811\":10,\"812\":2,\"813\":2,\"824\":1,\"827\":3,\"830\":3,\"831\":3,\"833\":2,\"835\":4,\"836\":2,\"837\":1,\"839\":1,\"840\":1,\"841\":1,\"842\":3,\"844\":2,\"846\":2,\"847\":16,\"849\":3,\"850\":17,\"851\":15,\"854\":14,\"855\":1,\"856\":2,\"857\":10,\"858\":2,\"859\":2,\"870\":1,\"873\":3,\"876\":3,\"877\":3,\"879\":2,\"881\":4,\"882\":2,\"883\":1,\"885\":1,\"886\":1,\"887\":1,\"888\":3,\"890\":2,\"892\":2,\"893\":16,\"895\":3,\"896\":15,\"897\":15,\"900\":2,\"901\":4,\"903\":2,\"904\":1,\"907\":4,\"909\":5,\"913\":14,\"914\":1,\"915\":7,\"916\":15,\"920\":7,\"926\":2,\"928\":8,\"930\":1,\"931\":1,\"932\":3,\"933\":2,\"934\":2,\"935\":2,\"936\":3,\"937\":3,\"938\":2,\"939\":3,\"940\":2,\"941\":1,\"942\":1,\"943\":1,\"944\":1,\"945\":1,\"946\":1,\"947\":1,\"948\":2,\"949\":3,\"950\":2,\"951\":2,\"952\":2,\"953\":2,\"954\":2,\"955\":2,\"956\":2,\"957\":2,\"958\":2,\"959\":2,\"960\":2,\"961\":2,\"962\":2,\"963\":2,\"964\":4,\"965\":2,\"966\":1,\"967\":1,\"968\":1,\"969\":1,\"970\":3,\"971\":1,\"972\":1,\"973\":1,\"974\":1,\"975\":1,\"976\":2,\"977\":1,\"978\":1,\"979\":2,\"980\":2,\"981\":1,\"982\":1,\"983\":1,\"984\":1,\"985\":2,\"986\":2,\"987\":2,\"988\":3,\"989\":2,\"990\":1,\"991\":1,\"992\":1,\"993\":1,\"994\":1,\"995\":1,\"996\":2,\"997\":2,\"998\":1,\"999\":1,\"1000\":1,\"1001\":1,\"1002\":4,\"1003\":4,\"1004\":1,\"1005\":2,\"1006\":2,\"1007\":2,\"1008\":1,\"1009\":3,\"1010\":2,\"1011\":1,\"1012\":1,\"1013\":1,\"1014\":1,\"1015\":1,\"1016\":1,\"1017\":1,\"1018\":1,\"1019\":1,\"1020\":1,\"1021\":1,\"1022\":1,\"1024\":3,\"1025\":8,\"1026\":3,\"1027\":9,\"1031\":1,\"1032\":1,\"1049\":8,\"1055\":2,\"1056\":4,\"1057\":10,\"1059\":2,\"1060\":3,\"1061\":2,\"1062\":3,\"1063\":2,\"1064\":2,\"1065\":2,\"1066\":1,\"1067\":1,\"1068\":3,\"1069\":2,\"1070\":2,\"1071\":2,\"1072\":3,\"1073\":2,\"1074\":3,\"1075\":3,\"1076\":2,\"1077\":1,\"1078\":1,\"1079\":1,\"1080\":2,\"1081\":2,\"1082\":1,\"1083\":1,\"1084\":2,\"1085\":1,\"1086\":1,\"1087\":1,\"1088\":1,\"1089\":2,\"1090\":2,\"1091\":1,\"1092\":1,\"1093\":1,\"1094\":1,\"1095\":4,\"1096\":4,\"1097\":1,\"1098\":2,\"1099\":2,\"1100\":2,\"1101\":1,\"1102\":3,\"1103\":2,\"1104\":1,\"1105\":1,\"1106\":1,\"1107\":1,\"1108\":1,\"1109\":1,\"1110\":1,\"1111\":1,\"1112\":1,\"1113\":1,\"1114\":1,\"1115\":1,\"1117\":3,\"1118\":8,\"1119\":2,\"1120\":3,\"1121\":9,\"1125\":1,\"1126\":1,\"1143\":1,\"1144\":1,\"1145\":3,\"1146\":2,\"1147\":2,\"1148\":2,\"1149\":3,\"1150\":3,\"1151\":2,\"1152\":3,\"1153\":2,\"1154\":1,\"1155\":1,\"1156\":1,\"1157\":2,\"1158\":3,\"1159\":2,\"1160\":2,\"1161\":2,\"1162\":2,\"1163\":2,\"1164\":2,\"1165\":2,\"1166\":2,\"1167\":2,\"1168\":2,\"1169\":1,\"1170\":2,\"1171\":2,\"1172\":2,\"1173\":2,\"1174\":4,\"1175\":2,\"1176\":1,\"1177\":1,\"1178\":1,\"1179\":1,\"1180\":3,\"1181\":1,\"1182\":1,\"1183\":1,\"1184\":1,\"1185\":1,\"1186\":2,\"1187\":1,\"1188\":1,\"1189\":2,\"1190\":2,\"1191\":1,\"1192\":2,\"1193\":2,\"1194\":2,\"1195\":3,\"1196\":2,\"1197\":1,\"1198\":2,\"1199\":2,\"1200\":1,\"1202\":1,\"1203\":1,\"1204\":1,\"1205\":4,\"1206\":4,\"1207\":1,\"1208\":2,\"1209\":2,\"1210\":2,\"1211\":1,\"1212\":3,\"1213\":2,\"1214\":1,\"1215\":1,\"1216\":1,\"1217\":1,\"1218\":1,\"1219\":1,\"1220\":1,\"1221\":1,\"1222\":1,\"1223\":1,\"1224\":1,\"1225\":1,\"1227\":2,\"1228\":3,\"1229\":2,\"1230\":3,\"1231\":2,\"1232\":2,\"1233\":2,\"1234\":1,\"1235\":1,\"1236\":3,\"1237\":2,\"1238\":2,\"1239\":2,\"1240\":3,\"1241\":2,\"1242\":3,\"1243\":3,\"1244\":2,\"1245\":2,\"1246\":2,\"1247\":1,\"1248\":2,\"1249\":1,\"1250\":1,\"1251\":1,\"1252\":2,\"1253\":2,\"1254\":1,\"1256\":1,\"1257\":1,\"1270\":1,\"1271\":1,\"1272\":1,\"1273\":4,\"1274\":4,\"1275\":1,\"1276\":2,\"1277\":2,\"1278\":2,\"1279\":1,\"1280\":3,\"1281\":2,\"1282\":1,\"1283\":1,\"1284\":1,\"1285\":1,\"1286\":1,\"1287\":1,\"1288\":1,\"1289\":1,\"1290\":1,\"1291\":1,\"1292\":1,\"1293\":1,\"1294\":1,\"1295\":1,\"1296\":3,\"1297\":2,\"1298\":2,\"1299\":2,\"1300\":3,\"1301\":3,\"1302\":2,\"1303\":3,\"1304\":2,\"1305\":1,\"1306\":1,\"1307\":1,\"1308\":2,\"1309\":3,\"1310\":2,\"1311\":2,\"1312\":2,\"1313\":2,\"1314\":2,\"1315\":2,\"1316\":2,\"1317\":2,\"1318\":2,\"1319\":2,\"1320\":1,\"1321\":2,\"1322\":2,\"1323\":2,\"1324\":2,\"1325\":4,\"1326\":2,\"1327\":1,\"1328\":1,\"1329\":1,\"1330\":1,\"1331\":3,\"1332\":1,\"1333\":1,\"1334\":1,\"1335\":1,\"1336\":1,\"1337\":2,\"1338\":1,\"1339\":1,\"1340\":2,\"1341\":2,\"1342\":1,\"1343\":2,\"1344\":2,\"1345\":2,\"1346\":3,\"1347\":2,\"1348\":1,\"1349\":2,\"1350\":2,\"1351\":1,\"1355\":8,\"1361\":2,\"1362\":4,\"1363\":10,\"1365\":2,\"1366\":3,\"1367\":2,\"1368\":3,\"1369\":2,\"1370\":2,\"1371\":2,\"1372\":1,\"1373\":1,\"1374\":3,\"1375\":2,\"1376\":2,\"1377\":2,\"1378\":3,\"1379\":2,\"1380\":3,\"1381\":3,\"1382\":2,\"1383\":2,\"1384\":2,\"1385\":1,\"1386\":1,\"1387\":2,\"1388\":1,\"1389\":1,\"1390\":1,\"1391\":2,\"1392\":2,\"1393\":1,\"1394\":1,\"1395\":1,\"1396\":1,\"1397\":4,\"1398\":4,\"1399\":1,\"1400\":2,\"1401\":2,\"1402\":2,\"1403\":1,\"1404\":3,\"1405\":2,\"1406\":1,\"1407\":1,\"1408\":1,\"1409\":1,\"1410\":1,\"1411\":1,\"1412\":1,\"1413\":1,\"1414\":1,\"1415\":1,\"1416\":1,\"1417\":1,\"1419\":3,\"1420\":8,\"1421\":2,\"1422\":3,\"1423\":9,\"1427\":1,\"1428\":1,\"1442\":1,\"1443\":1,\"1444\":1,\"1445\":4,\"1446\":4,\"1447\":1,\"1448\":2,\"1449\":2,\"1450\":2,\"1451\":1,\"1452\":3,\"1453\":2,\"1454\":1,\"1455\":1,\"1456\":1,\"1457\":1,\"1458\":1,\"1459\":1,\"1460\":1,\"1461\":1,\"1462\":1,\"1463\":1,\"1464\":1,\"1465\":1,\"1466\":1,\"1467\":1,\"1468\":3,\"1469\":2,\"1470\":2,\"1471\":2,\"1472\":3,\"1473\":3,\"1474\":2,\"1475\":3,\"1476\":2,\"1477\":1,\"1478\":1,\"1479\":1,\"1480\":1,\"1481\":2,\"1482\":3,\"1483\":2,\"1484\":2,\"1485\":2,\"1486\":2,\"1487\":2,\"1488\":2,\"1489\":2,\"1490\":2,\"1491\":2,\"1492\":2,\"1493\":2,\"1494\":2,\"1495\":2,\"1496\":2,\"1497\":4,\"1498\":2,\"1499\":1,\"1500\":1,\"1501\":1,\"1502\":1,\"1503\":3,\"1504\":1,\"1505\":1,\"1506\":1,\"1507\":1,\"1508\":1,\"1509\":2,\"1510\":1,\"1511\":1,\"1512\":2,\"1513\":2,\"1514\":1,\"1515\":1,\"1516\":1,\"1517\":1,\"1518\":2,\"1519\":2,\"1520\":2,\"1521\":3,\"1522\":2,\"1523\":1,\"1524\":1,\"1525\":2,\"1526\":2,\"1527\":1,\"1531\":8,\"1537\":2,\"1538\":4,\"1539\":10,\"1541\":2,\"1542\":3,\"1543\":2,\"1544\":3,\"1545\":2,\"1546\":2,\"1547\":2,\"1548\":1,\"1549\":1,\"1550\":3,\"1551\":2,\"1552\":2,\"1553\":2,\"1554\":3,\"1555\":2,\"1556\":3,\"1557\":3,\"1558\":2,\"1559\":2,\"1560\":2,\"1561\":1,\"1562\":1,\"1563\":2,\"1564\":1,\"1565\":1,\"1566\":1,\"1567\":2,\"1568\":2,\"1569\":1,\"1570\":1,\"1571\":1,\"1572\":1,\"1573\":4,\"1574\":4,\"1575\":1,\"1576\":2,\"1577\":2,\"1578\":2,\"1579\":1,\"1580\":3,\"1581\":2,\"1582\":1,\"1583\":1,\"1584\":1,\"1585\":1,\"1586\":1,\"1587\":1,\"1588\":1,\"1589\":1,\"1590\":1,\"1591\":1,\"1592\":1,\"1593\":1,\"1595\":3,\"1596\":8,\"1597\":2,\"1598\":3,\"1599\":9,\"1603\":1,\"1604\":1,\"1619\":1,\"1620\":1,\"1621\":1,\"1622\":4,\"1623\":4,\"1624\":1,\"1625\":2,\"1626\":2,\"1627\":2,\"1628\":1,\"1629\":3,\"1630\":2,\"1631\":1,\"1632\":1,\"1633\":1,\"1634\":1,\"1635\":1,\"1636\":1,\"1637\":1,\"1638\":1,\"1639\":1,\"1640\":1,\"1641\":1,\"1642\":1,\"1643\":1,\"1644\":1,\"1645\":3,\"1646\":2,\"1647\":2,\"1648\":2,\"1649\":3,\"1650\":3,\"1651\":2,\"1652\":3,\"1653\":2,\"1654\":1,\"1655\":1,\"1656\":1,\"1657\":1,\"1658\":2,\"1659\":3,\"1660\":2,\"1661\":2,\"1662\":2,\"1663\":2,\"1664\":2,\"1665\":2,\"1666\":2,\"1667\":2,\"1668\":2,\"1669\":2,\"1670\":2,\"1671\":2,\"1672\":2,\"1673\":2,\"1674\":4,\"1675\":2,\"1676\":1,\"1677\":1,\"1678\":1,\"1679\":1,\"1680\":3,\"1681\":1,\"1682\":1,\"1683\":1,\"1684\":1,\"1685\":1,\"1686\":2,\"1687\":1,\"1688\":1,\"1689\":2,\"1690\":2,\"1691\":1,\"1692\":1,\"1693\":1,\"1694\":1,\"1695\":2,\"1696\":2,\"1697\":2,\"1698\":3,\"1699\":2,\"1700\":1,\"1701\":1,\"1702\":2,\"1703\":2,\"1704\":1,\"1708\":8,\"1714\":2,\"1715\":4,\"1716\":10,\"1718\":2,\"1719\":3,\"1720\":2,\"1721\":3,\"1722\":2,\"1723\":2,\"1724\":2,\"1725\":1,\"1726\":1,\"1727\":3,\"1728\":2,\"1729\":2,\"1730\":2,\"1731\":3,\"1732\":2,\"1733\":3,\"1734\":3,\"1735\":2,\"1736\":2,\"1737\":2,\"1738\":1,\"1739\":1,\"1740\":2,\"1741\":1,\"1742\":1,\"1743\":1,\"1744\":2,\"1745\":2,\"1746\":1,\"1747\":1,\"1748\":1,\"1749\":1,\"1750\":4,\"1751\":4,\"1752\":1,\"1753\":2,\"1754\":2,\"1755\":2,\"1756\":1,\"1757\":3,\"1758\":2,\"1759\":1,\"1760\":1,\"1761\":1,\"1762\":1,\"1763\":1,\"1764\":1,\"1765\":1,\"1766\":1,\"1767\":1,\"1768\":1,\"1769\":1,\"1770\":1,\"1772\":3,\"1773\":8,\"1774\":2,\"1775\":3,\"1776\":9,\"1780\":1,\"1781\":1,\"1796\":1,\"1797\":1,\"1798\":1,\"1799\":4,\"1800\":4,\"1801\":1,\"1802\":2,\"1803\":2,\"1804\":2,\"1805\":1,\"1806\":3,\"1807\":2,\"1808\":1,\"1809\":1,\"1810\":1,\"1811\":1,\"1812\":1,\"1813\":1,\"1814\":1,\"1815\":1,\"1816\":1,\"1817\":1,\"1818\":1,\"1819\":1,\"1820\":1,\"1821\":1,\"1822\":3,\"1823\":2,\"1824\":2,\"1825\":2,\"1826\":3,\"1827\":3,\"1828\":2,\"1829\":3,\"1830\":2,\"1831\":1,\"1832\":1,\"1833\":1,\"1834\":1,\"1835\":2,\"1836\":3,\"1837\":2,\"1838\":2,\"1839\":2,\"1840\":2,\"1841\":2,\"1842\":2,\"1843\":2,\"1844\":2,\"1845\":2,\"1846\":2,\"1847\":2,\"1848\":2,\"1849\":2,\"1850\":2,\"1851\":4,\"1852\":2,\"1853\":1,\"1854\":1,\"1855\":1,\"1856\":1,\"1857\":3,\"1858\":1,\"1859\":1,\"1860\":1,\"1861\":1,\"1862\":1,\"1863\":2,\"1864\":1,\"1865\":1,\"1866\":2,\"1867\":2,\"1868\":1,\"1869\":1,\"1870\":1,\"1871\":1,\"1872\":2,\"1873\":2,\"1874\":2,\"1875\":3,\"1876\":2,\"1877\":1,\"1878\":1,\"1879\":2,\"1880\":2,\"1881\":1,\"1885\":8,\"1891\":2,\"1892\":4,\"1893\":10,\"1895\":2,\"1896\":3,\"1897\":2,\"1898\":3,\"1899\":2,\"1900\":2,\"1901\":2,\"1902\":1,\"1903\":1,\"1904\":3,\"1905\":2,\"1906\":2,\"1907\":2,\"1908\":3,\"1909\":2,\"1910\":3,\"1911\":3,\"1912\":2,\"1913\":2,\"1914\":2,\"1915\":1,\"1916\":1,\"1917\":2,\"1918\":1,\"1919\":1,\"1920\":1,\"1921\":2,\"1922\":2,\"1923\":1,\"1924\":1,\"1925\":1,\"1926\":1,\"1927\":4,\"1928\":4,\"1929\":1,\"1930\":2,\"1931\":2,\"1932\":2,\"1933\":1,\"1934\":3,\"1935\":2,\"1936\":1,\"1937\":1,\"1938\":1,\"1939\":1,\"1940\":1,\"1941\":1,\"1942\":1,\"1943\":1,\"1944\":1,\"1945\":1,\"1946\":1,\"1947\":1,\"1949\":3,\"1950\":8,\"1951\":2,\"1952\":3,\"1953\":9,\"1957\":1,\"1958\":1,\"1973\":1,\"1974\":1,\"1975\":1,\"1976\":4,\"1977\":4,\"1978\":1,\"1979\":2,\"1980\":2,\"1981\":2,\"1982\":1,\"1983\":3,\"1984\":2,\"1985\":1,\"1986\":1,\"1987\":1,\"1988\":1,\"1989\":1,\"1990\":1,\"1991\":1,\"1992\":1,\"1993\":1,\"1994\":1,\"1995\":1,\"1996\":1,\"1997\":1,\"1998\":1,\"1999\":3,\"2000\":2,\"2001\":2,\"2002\":2,\"2003\":3,\"2004\":3,\"2005\":2,\"2006\":3,\"2007\":2,\"2008\":1,\"2009\":1,\"2010\":1,\"2011\":1,\"2012\":2,\"2013\":3,\"2014\":2,\"2015\":2,\"2016\":2,\"2017\":2,\"2018\":2,\"2019\":2,\"2020\":2,\"2021\":2,\"2022\":2,\"2023\":2,\"2024\":2,\"2025\":2,\"2026\":2,\"2027\":2,\"2028\":4,\"2029\":2,\"2030\":1,\"2031\":1,\"2032\":1,\"2033\":1,\"2034\":3,\"2035\":1,\"2036\":1,\"2037\":1,\"2038\":1,\"2039\":1,\"2040\":2,\"2041\":1,\"2042\":1,\"2043\":2,\"2044\":2,\"2045\":1,\"2046\":1,\"2047\":1,\"2048\":1,\"2049\":2,\"2050\":2,\"2051\":2,\"2052\":3,\"2053\":2,\"2054\":1,\"2055\":1,\"2056\":2,\"2057\":2,\"2058\":1,\"2062\":8,\"2068\":2,\"2069\":4,\"2070\":10,\"2072\":2,\"2073\":3,\"2074\":2,\"2075\":3,\"2076\":2,\"2077\":2,\"2078\":2,\"2079\":1,\"2080\":1,\"2081\":3,\"2082\":2,\"2083\":2,\"2084\":2,\"2085\":3,\"2086\":2,\"2087\":3,\"2088\":3,\"2089\":2,\"2090\":2,\"2091\":2,\"2092\":1,\"2093\":1,\"2094\":2,\"2095\":1,\"2096\":1,\"2097\":1,\"2098\":2,\"2099\":2,\"2100\":1,\"2101\":1,\"2102\":1,\"2103\":1,\"2104\":4,\"2105\":4,\"2106\":1,\"2107\":2,\"2108\":2,\"2109\":2,\"2110\":1,\"2111\":3,\"2112\":2,\"2113\":1,\"2114\":1,\"2115\":1,\"2116\":1,\"2117\":1,\"2118\":1,\"2119\":1,\"2120\":1,\"2121\":1,\"2122\":1,\"2123\":1,\"2124\":1,\"2126\":3,\"2127\":8,\"2128\":2,\"2129\":3,\"2130\":9,\"2134\":1,\"2135\":1,\"2150\":1,\"2151\":1,\"2152\":1,\"2153\":4,\"2154\":4,\"2155\":1,\"2156\":2,\"2157\":2,\"2158\":2,\"2159\":1,\"2160\":3,\"2161\":2,\"2162\":1,\"2163\":1,\"2164\":1,\"2165\":1,\"2166\":1,\"2167\":1,\"2168\":1,\"2169\":1,\"2170\":1,\"2171\":1,\"2172\":1,\"2173\":1,\"2174\":1,\"2175\":1,\"2176\":3,\"2177\":2,\"2178\":2,\"2179\":2,\"2180\":3,\"2181\":3,\"2182\":2,\"2183\":3,\"2184\":2,\"2185\":1,\"2186\":1,\"2187\":1,\"2188\":1,\"2189\":2,\"2190\":3,\"2191\":2,\"2192\":2,\"2193\":2,\"2194\":2,\"2195\":2,\"2196\":2,\"2197\":2,\"2198\":2,\"2199\":2,\"2200\":2,\"2201\":2,\"2202\":2,\"2203\":2,\"2204\":2,\"2205\":4,\"2206\":2,\"2207\":1,\"2208\":1,\"2209\":1,\"2210\":1,\"2211\":3,\"2212\":1,\"2213\":1,\"2214\":1,\"2215\":1,\"2216\":1,\"2217\":2,\"2218\":1,\"2219\":1,\"2220\":2,\"2221\":2,\"2222\":1,\"2223\":1,\"2224\":1,\"2225\":1,\"2226\":2,\"2227\":2,\"2228\":2,\"2229\":3,\"2230\":2,\"2231\":1,\"2232\":1,\"2233\":2,\"2234\":2,\"2235\":1,\"2239\":8,\"2245\":2,\"2246\":4,\"2247\":10,\"2249\":2,\"2250\":3,\"2251\":2,\"2252\":3,\"2253\":2,\"2254\":2,\"2255\":2,\"2256\":1,\"2257\":1,\"2258\":3,\"2259\":2,\"2260\":2,\"2261\":2,\"2262\":3,\"2263\":2,\"2264\":3,\"2265\":3,\"2266\":2,\"2267\":2,\"2268\":2,\"2269\":1,\"2270\":1,\"2271\":2,\"2272\":1,\"2273\":1,\"2274\":1,\"2275\":2,\"2276\":2,\"2277\":1,\"2278\":1,\"2279\":1,\"2280\":1,\"2281\":4,\"2282\":4,\"2283\":1,\"2284\":2,\"2285\":2,\"2286\":2,\"2287\":1,\"2288\":3,\"2289\":2,\"2290\":1,\"2291\":1,\"2292\":1,\"2293\":1,\"2294\":1,\"2295\":1,\"2296\":1,\"2297\":1,\"2298\":1,\"2299\":1,\"2300\":1,\"2301\":1,\"2303\":3,\"2304\":8,\"2305\":2,\"2306\":3,\"2307\":9,\"2311\":1,\"2312\":1,\"2327\":7,\"2333\":2,\"2335\":8,\"2337\":1,\"2338\":1,\"2339\":1,\"2340\":4,\"2341\":4,\"2342\":1,\"2343\":2,\"2344\":2,\"2345\":2,\"2346\":1,\"2347\":3,\"2348\":2,\"2349\":1,\"2350\":1,\"2351\":1,\"2352\":1,\"2353\":1,\"2354\":1,\"2355\":1,\"2356\":1,\"2357\":1,\"2358\":1,\"2359\":1,\"2360\":1,\"2361\":1,\"2362\":1,\"2363\":3,\"2364\":2,\"2365\":2,\"2366\":2,\"2367\":3,\"2368\":3,\"2369\":2,\"2370\":3,\"2371\":2,\"2372\":1,\"2373\":1,\"2374\":1,\"2375\":1,\"2376\":1,\"2377\":1,\"2378\":1,\"2379\":2,\"2380\":3,\"2381\":2,\"2382\":2,\"2383\":2,\"2384\":2,\"2385\":2,\"2386\":2,\"2387\":2,\"2388\":2,\"2389\":2,\"2390\":2,\"2391\":2,\"2392\":2,\"2393\":2,\"2394\":2,\"2395\":4,\"2396\":2,\"2397\":1,\"2398\":1,\"2399\":1,\"2400\":1,\"2401\":3,\"2402\":1,\"2403\":1,\"2404\":1,\"2405\":1,\"2406\":1,\"2407\":2,\"2408\":1,\"2409\":1,\"2410\":2,\"2411\":2,\"2412\":1,\"2413\":1,\"2414\":1,\"2415\":1,\"2416\":2,\"2417\":2,\"2418\":2,\"2419\":3,\"2420\":2,\"2421\":1,\"2422\":1,\"2423\":1,\"2424\":1,\"2425\":1,\"2426\":1,\"2427\":2,\"2428\":2,\"2429\":1,\"2431\":3,\"2432\":8,\"2433\":3,\"2434\":9,\"2438\":1,\"2439\":1,\"2454\":8,\"2460\":2,\"2461\":4,\"2462\":10,\"2464\":2,\"2465\":3,\"2466\":2,\"2467\":3,\"2468\":2,\"2469\":2,\"2470\":2,\"2471\":1,\"2472\":1,\"2473\":3,\"2474\":2,\"2475\":2,\"2476\":2,\"2477\":3,\"2478\":2,\"2479\":3,\"2480\":3,\"2481\":2,\"2482\":1,\"2483\":1,\"2484\":1,\"2485\":2,\"2486\":2,\"2487\":1,\"2488\":1,\"2489\":2,\"2490\":1,\"2491\":1,\"2492\":1,\"2493\":1,\"2494\":2,\"2495\":2,\"2496\":1,\"2497\":1,\"2498\":1,\"2499\":1,\"2500\":4,\"2501\":4,\"2502\":1,\"2503\":2,\"2504\":2,\"2505\":2,\"2506\":1,\"2507\":3,\"2508\":2,\"2509\":1,\"2510\":1,\"2511\":1,\"2512\":1,\"2513\":1,\"2514\":1,\"2515\":1,\"2516\":1,\"2517\":1,\"2518\":1,\"2519\":1,\"2520\":1,\"2522\":3,\"2523\":8,\"2524\":2,\"2525\":3,\"2526\":9,\"2530\":1,\"2531\":1,\"2546\":7,\"2552\":2,\"2554\":8,\"2556\":1,\"2557\":1,\"2558\":1,\"2559\":4,\"2560\":4,\"2561\":1,\"2562\":2,\"2563\":2,\"2564\":2,\"2565\":1,\"2566\":3,\"2567\":2,\"2568\":1,\"2569\":1,\"2570\":1,\"2571\":1,\"2572\":1,\"2573\":1,\"2574\":1,\"2575\":1,\"2576\":1,\"2577\":1,\"2578\":1,\"2579\":1,\"2580\":1,\"2581\":1,\"2582\":3,\"2583\":2,\"2584\":2,\"2585\":2,\"2586\":3,\"2587\":3,\"2588\":2,\"2589\":3,\"2590\":2,\"2591\":1,\"2592\":1,\"2593\":1,\"2594\":1,\"2595\":1,\"2596\":1,\"2597\":1,\"2598\":2,\"2599\":3,\"2600\":2,\"2601\":2,\"2602\":2,\"2603\":2,\"2604\":2,\"2605\":2,\"2606\":2,\"2607\":2,\"2608\":2,\"2609\":2,\"2610\":2,\"2611\":2,\"2612\":2,\"2613\":2,\"2614\":4,\"2615\":2,\"2616\":1,\"2617\":1,\"2618\":1,\"2619\":1,\"2620\":3,\"2621\":1,\"2622\":1,\"2623\":1,\"2624\":1,\"2625\":1,\"2626\":2,\"2627\":1,\"2628\":1,\"2629\":2,\"2630\":2,\"2631\":1,\"2632\":1,\"2633\":1,\"2634\":1,\"2635\":2,\"2636\":2,\"2637\":2,\"2638\":3,\"2639\":2,\"2640\":1,\"2641\":1,\"2642\":1,\"2643\":1,\"2644\":1,\"2645\":1,\"2646\":2,\"2647\":2,\"2648\":1,\"2650\":3,\"2651\":8,\"2652\":3,\"2653\":9,\"2657\":1,\"2658\":1,\"2673\":8,\"2679\":2,\"2680\":4,\"2681\":10,\"2683\":2,\"2684\":3,\"2685\":2,\"2686\":3,\"2687\":2,\"2688\":2,\"2689\":2,\"2690\":1,\"2691\":1,\"2692\":3,\"2693\":2,\"2694\":2,\"2695\":2,\"2696\":3,\"2697\":2,\"2698\":3,\"2699\":3,\"2700\":2,\"2701\":1,\"2702\":1,\"2703\":1,\"2704\":2,\"2705\":2,\"2706\":1,\"2707\":1,\"2708\":2,\"2709\":1,\"2710\":1,\"2711\":1,\"2712\":1,\"2713\":2,\"2714\":2,\"2715\":1,\"2716\":1,\"2717\":1,\"2718\":1,\"2719\":4,\"2720\":4,\"2721\":1,\"2722\":2,\"2723\":2,\"2724\":2,\"2725\":1,\"2726\":3,\"2727\":2,\"2728\":1,\"2729\":1,\"2730\":1,\"2731\":1,\"2732\":1,\"2733\":1,\"2734\":1,\"2735\":1,\"2736\":1,\"2737\":1,\"2738\":1,\"2739\":1,\"2741\":3,\"2742\":8,\"2743\":2,\"2744\":3,\"2745\":9,\"2749\":1,\"2750\":1,\"2765\":7,\"2771\":2,\"2773\":8,\"2775\":1,\"2776\":1,\"2777\":1,\"2778\":4,\"2779\":4,\"2780\":1,\"2781\":2,\"2782\":2,\"2783\":2,\"2784\":1,\"2785\":3,\"2786\":2,\"2787\":1,\"2788\":1,\"2789\":1,\"2790\":1,\"2791\":1,\"2792\":1,\"2793\":1,\"2794\":1,\"2795\":1,\"2796\":1,\"2797\":1,\"2798\":1,\"2799\":1,\"2800\":1,\"2801\":3,\"2802\":2,\"2803\":2,\"2804\":2,\"2805\":3,\"2806\":3,\"2807\":2,\"2808\":3,\"2809\":2,\"2810\":1,\"2811\":1,\"2812\":1,\"2813\":1,\"2814\":1,\"2815\":1,\"2816\":1,\"2817\":2,\"2818\":3,\"2819\":2,\"2820\":2,\"2821\":2,\"2822\":2,\"2823\":2,\"2824\":2,\"2825\":2,\"2826\":2,\"2827\":2,\"2828\":2,\"2829\":2,\"2830\":2,\"2831\":2,\"2832\":2,\"2833\":4,\"2834\":2,\"2835\":1,\"2836\":1,\"2837\":1,\"2838\":1,\"2839\":3,\"2840\":1,\"2841\":1,\"2842\":1,\"2843\":1,\"2844\":1,\"2845\":2,\"2846\":1,\"2847\":1,\"2848\":2,\"2849\":2,\"2850\":1,\"2851\":1,\"2852\":1,\"2853\":1,\"2854\":2,\"2855\":2,\"2856\":2,\"2857\":3,\"2858\":2,\"2859\":1,\"2860\":1,\"2861\":1,\"2862\":1,\"2863\":1,\"2864\":1,\"2865\":2,\"2866\":2,\"2867\":1,\"2869\":3,\"2870\":8,\"2871\":3,\"2872\":9,\"2876\":1,\"2877\":1,\"2892\":8,\"2898\":2,\"2899\":4,\"2900\":10,\"2902\":2,\"2903\":3,\"2904\":2,\"2905\":3,\"2906\":2,\"2907\":2,\"2908\":2,\"2909\":1,\"2910\":1,\"2911\":3,\"2912\":2,\"2913\":2,\"2914\":2,\"2915\":3,\"2916\":2,\"2917\":3,\"2918\":3,\"2919\":2,\"2920\":1,\"2921\":1,\"2922\":1,\"2923\":2,\"2924\":2,\"2925\":1,\"2926\":1,\"2927\":2,\"2928\":1,\"2929\":1,\"2930\":1,\"2931\":1,\"2932\":2,\"2933\":2,\"2934\":1,\"2935\":1,\"2936\":1,\"2937\":1,\"2938\":4,\"2939\":4,\"2940\":1,\"2941\":2,\"2942\":2,\"2943\":2,\"2944\":1,\"2945\":3,\"2946\":2,\"2947\":1,\"2948\":1,\"2949\":1,\"2950\":1,\"2951\":1,\"2952\":1,\"2953\":1,\"2954\":1,\"2955\":1,\"2956\":1,\"2957\":1,\"2958\":1,\"2960\":3,\"2961\":8,\"2962\":2,\"2963\":3,\"2964\":9,\"2968\":1,\"2969\":1,\"2984\":7,\"2990\":2,\"2992\":8,\"2994\":1,\"2995\":1,\"2996\":1,\"2997\":4,\"2998\":4,\"2999\":1,\"3000\":2,\"3001\":2,\"3002\":2,\"3003\":1,\"3004\":3,\"3005\":2,\"3006\":1,\"3007\":1,\"3008\":1,\"3009\":1,\"3010\":1,\"3011\":1,\"3012\":1,\"3013\":1,\"3014\":1,\"3015\":1,\"3016\":1,\"3017\":1,\"3018\":1,\"3019\":1,\"3020\":3,\"3021\":2,\"3022\":2,\"3023\":2,\"3024\":3,\"3025\":3,\"3026\":2,\"3027\":3,\"3028\":2,\"3029\":1,\"3030\":1,\"3031\":1,\"3032\":1,\"3033\":1,\"3034\":1,\"3035\":1,\"3036\":2,\"3037\":3,\"3038\":2,\"3039\":2,\"3040\":2,\"3041\":2,\"3042\":2,\"3043\":2,\"3044\":2,\"3045\":2,\"3046\":2,\"3047\":2,\"3048\":2,\"3049\":2,\"3050\":2,\"3051\":2,\"3052\":4,\"3053\":2,\"3054\":1,\"3055\":1,\"3056\":1,\"3057\":1,\"3058\":3,\"3059\":1,\"3060\":1,\"3061\":1,\"3062\":1,\"3063\":1,\"3064\":2,\"3065\":1,\"3066\":1,\"3067\":2,\"3068\":2,\"3069\":1,\"3070\":1,\"3071\":1,\"3072\":1,\"3073\":2,\"3074\":2,\"3075\":2,\"3076\":3,\"3077\":2,\"3078\":1,\"3079\":1,\"3080\":1,\"3081\":1,\"3082\":1,\"3083\":1,\"3084\":2,\"3085\":2,\"3086\":1,\"3088\":3,\"3089\":8,\"3090\":3,\"3091\":9,\"3095\":1,\"3096\":1,\"3111\":8,\"3117\":2,\"3118\":4,\"3119\":10,\"3121\":2,\"3122\":3,\"3123\":2,\"3124\":3,\"3125\":2,\"3126\":2,\"3127\":2,\"3128\":1,\"3129\":1,\"3130\":3,\"3131\":2,\"3132\":2,\"3133\":2,\"3134\":3,\"3135\":2,\"3136\":3,\"3137\":3,\"3138\":2,\"3139\":1,\"3140\":1,\"3141\":1,\"3142\":2,\"3143\":2,\"3144\":1,\"3145\":1,\"3146\":2,\"3147\":1,\"3148\":1,\"3149\":1,\"3150\":1,\"3151\":2,\"3152\":2,\"3153\":1,\"3154\":1,\"3155\":1,\"3156\":1,\"3157\":4,\"3158\":4,\"3159\":1,\"3160\":2,\"3161\":2,\"3162\":2,\"3163\":1,\"3164\":3,\"3165\":2,\"3166\":1,\"3167\":1,\"3168\":1,\"3169\":1,\"3170\":1,\"3171\":1,\"3172\":1,\"3173\":1,\"3174\":1,\"3175\":1,\"3176\":1,\"3177\":1,\"3179\":3,\"3180\":8,\"3181\":2,\"3182\":3,\"3183\":9,\"3187\":1,\"3188\":1,\"3203\":7,\"3209\":2,\"3211\":8,\"3213\":1,\"3214\":1,\"3215\":3,\"3216\":2,\"3217\":2,\"3218\":2,\"3219\":3,\"3220\":3,\"3221\":2,\"3222\":3,\"3223\":2,\"3224\":1,\"3225\":1,\"3226\":1,\"3227\":1,\"3228\":1,\"3229\":1,\"3230\":1,\"3231\":2,\"3232\":3,\"3233\":2,\"3234\":2,\"3235\":2,\"3236\":2,\"3237\":2,\"3238\":2,\"3239\":2,\"3240\":2,\"3241\":2,\"3242\":2,\"3243\":2,\"3244\":2,\"3245\":2,\"3246\":2,\"3247\":4,\"3248\":2,\"3249\":1,\"3250\":1,\"3251\":1,\"3252\":1,\"3253\":3,\"3254\":1,\"3255\":1,\"3256\":1,\"3257\":1,\"3258\":1,\"3259\":2,\"3260\":1,\"3261\":1,\"3262\":2,\"3263\":2,\"3264\":1,\"3265\":1,\"3266\":1,\"3267\":1,\"3268\":2,\"3269\":2,\"3270\":2,\"3271\":3,\"3272\":2,\"3273\":1,\"3274\":1,\"3275\":1,\"3276\":1,\"3277\":1,\"3278\":1,\"3279\":2,\"3280\":2,\"3281\":1,\"3282\":1,\"3283\":1,\"3284\":1,\"3285\":4,\"3286\":4,\"3287\":1,\"3288\":2,\"3289\":2,\"3290\":2,\"3291\":1,\"3292\":3,\"3293\":2,\"3294\":1,\"3295\":1,\"3296\":1,\"3297\":1,\"3298\":1,\"3299\":1,\"3300\":1,\"3301\":1,\"3302\":1,\"3303\":1,\"3304\":1,\"3305\":1,\"3307\":3,\"3308\":8,\"3309\":3,\"3310\":9,\"3314\":1,\"3315\":1,\"3332\":8,\"3338\":2,\"3339\":4,\"3340\":10,\"3342\":2,\"3343\":3,\"3344\":2,\"3345\":3,\"3346\":2,\"3347\":2,\"3348\":2,\"3349\":1,\"3350\":1,\"3351\":3,\"3352\":2,\"3353\":2,\"3354\":2,\"3355\":3,\"3356\":2,\"3357\":3,\"3358\":3,\"3359\":2,\"3360\":1,\"3361\":1,\"3362\":1,\"3363\":2,\"3364\":2,\"3365\":1,\"3366\":1,\"3367\":2,\"3368\":1,\"3369\":1,\"3370\":1,\"3371\":1,\"3372\":2,\"3373\":2,\"3374\":1,\"3375\":1,\"3376\":1,\"3377\":1,\"3378\":4,\"3379\":4,\"3380\":1,\"3381\":2,\"3382\":2,\"3383\":2,\"3384\":1,\"3385\":3,\"3386\":2,\"3387\":1,\"3388\":1,\"3389\":1,\"3390\":1,\"3391\":1,\"3392\":1,\"3393\":1,\"3394\":1,\"3395\":1,\"3396\":1,\"3397\":1,\"3398\":1,\"3400\":3,\"3401\":8,\"3402\":2,\"3403\":3,\"3404\":9,\"3408\":1,\"3409\":1}}]],\"serializationVersion\":2}}")).map(([e,t])=>[e,zt(t,{fields:["h","t","c"],storeFields:["h","t","c"]})]));self.onmessage=({data:{type:e="all",query:t,locale:s,options:n,id:o}})=>{const u=bt[s];e==="suggest"?self.postMessage([e,o,tt(t,u,n)]):e==="search"?self.postMessage([e,o,Z(t,u,n)]):self.postMessage({suggestions:[e,o,tt(t,u,n)],results:[e,o,Z(t,u,n)]})}; +//# sourceMappingURL=index.js.map diff --git a/security/index.html b/security/index.html new file mode 100644 index 000000000..ab0f3bef5 --- /dev/null +++ b/security/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Security + + + + + +
    Skip to main content

    Security

    DSF-TeamAbout 2 min

    We take security of the DSF, its process plugins, services and tools we operate very seriously.

    We describe the security mechanisms used by the DSF to implement secure communication on the pages Architecture, Security and Allow List.

    To ensure a high level of security, you should always install the latest DSF version and use the latest versions of the process plugins. Use the instructions to install the latest version of the DSF or to upgrade on the latest version. The instructions described there implement the security configuration recommended by us.

    It is also important that you ensure a secure operating environment in which you verify firewall configurations, keep the operating systems on which the DSF is running up to date and harden it according to the latest state of the art.

    Security vulnerability disclosure policy

    Our commitment to security

    We as the DSF development team take security of our software, services and data very seriously. We understand that despite our best efforts, vulnerabilities can exist. To address this, we encourage responsible reporting of any security vulnerabilities discovered in our software and systems.

    Responsible disclosure

    We kindly ask security researchers and the general public to follow the principles of Coordinated Vulnerability Disclosure (CVD) or Responsible Disclosure when reporting vulnerabilities to us. This approach helps us to mitigate potential risks and protect our users' data effectively.

    How to Report a Vulnerability

    If you believe you have found a security vulnerability in our system, please email us at dsf-security@hs-heilbronn.de. If you want to use end-to-end-encryption, you can send us mails using s-mime with the certificate chain provided here. We kindly request the following:

    • Provide a detailed description of the vulnerability, including if possible the potential impact and how it can be exploited.
    • Include steps to reproduce the vulnerability or proof-of-concept code, if possible.
    • Avoid accessing or modifying user data without permission, and do not exploit a security issue for any reason other than testing.
    • Maintain confidentiality and do not publicly disclose the vulnerability, until we have had the opportunity to investigate and address it.

    Please do not file an issue on a security-related topic and use the e-mail address provided. You can verify the address both in the application repository and at the homepage (this page).

    Our promise

    • Acknowledgement: We usually will acknowledge receipt of your vulnerability report within 48 hours.
    • Investigation: Our security team will investigate the issue and work diligently to verify and reproduce the vulnerability.
    • Communication: We will keep you informed of our progress as we work to resolve the issue.
    • Resolution: We will strive to resolve security issues in a timely manner and release updates, patches, or remediations as needed.
    • Recognition: We value your effort in making our systems more secure and will recognize your contribution, if desired, once the vulnerability is resolved.

    We promise not to initiate legal action against individuals who report vulnerabilities responsibly in accordance with this policy. This includes not suing for accidental access to data or reporting in good faith.

    Questions?

    If you have any questions about this policy or security of the Data Sharing Framework, the services and tools we provide, please contact us at dsf-security@hs-heilbronn.de. You can send us encrypted e-mails using s-mime. You can find the certificate chain here.

    + + + diff --git a/sprechstunde/index.html b/sprechstunde/index.html new file mode 100644 index 000000000..2422013c5 --- /dev/null +++ b/sprechstunde/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Sprechstunde + + + + + +
    Skip to main content

    Sprechstunde

    DSF-TeamLess than 1 minute

    Terminverschiebung

    Die Sprechstunde wird aufgrund der FDPG Datenausleitungssprechstunde (DANA) ab dem 20.01.2025 von 14:00-14:50 Uhr stattfinden.

    Gemeinsame technische Sprechstunde der DSF-Community und des FDPG+

    Klicken Sie hier, um der Sprechstunde beizutreten.

    + + + diff --git a/stable/contribute/code.html b/stable/contribute/code.html new file mode 100644 index 000000000..e263cab1f --- /dev/null +++ b/stable/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/stable/contribute/documentation.html b/stable/contribute/documentation.html new file mode 100644 index 000000000..f6f1370cd --- /dev/null +++ b/stable/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/stable/contribute/index.html b/stable/contribute/index.html new file mode 100644 index 000000000..7e3d2fb64 --- /dev/null +++ b/stable/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/stable/develop/create.html b/stable/develop/create.html new file mode 100644 index 000000000..e83f321a8 --- /dev/null +++ b/stable/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/stable/develop/index.html b/stable/develop/index.html new file mode 100644 index 000000000..bdcb247b2 --- /dev/null +++ b/stable/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/stable/develop/upgrade-from-0.html b/stable/develop/upgrade-from-0.html new file mode 100644 index 000000000..8a5137a48 --- /dev/null +++ b/stable/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/stable/dsf-for-dev.html b/stable/dsf-for-dev.html new file mode 100644 index 000000000..cf68a9957 --- /dev/null +++ b/stable/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/stable/index.html b/stable/index.html new file mode 100644 index 000000000..9ea9e0bfa --- /dev/null +++ b/stable/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.7.0 + + + + + +
    Skip to main content

    DSF 1.7.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/stable/maintain/allowList-mgm.html b/stable/maintain/allowList-mgm.html new file mode 100644 index 000000000..82bca24ad --- /dev/null +++ b/stable/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/stable/maintain/bpe-reverse-proxy/configuration.html b/stable/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..606183cbf --- /dev/null +++ b/stable/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 2 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: No
    • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_ca_chains.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_issuing_cas.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_EXPECTED_CLIENT_S_DN_C_VALUES

    • Required: No
    • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
    • Default: 'DE'

    SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

    • Required: No
    • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
    • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/stable/maintain/bpe-reverse-proxy/index.html b/stable/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..465fae47a --- /dev/null +++ b/stable/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/stable/maintain/bpe/access-control.html b/stable/maintain/bpe/access-control.html new file mode 100644 index 000000000..9c7a68681 --- /dev/null +++ b/stable/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/stable/maintain/bpe/configuration.html b/stable/maintain/bpe/configuration.html new file mode 100644 index 000000000..29aa99fc0 --- /dev/null +++ b/stable/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true
    • Recommendation: This debug function should only be activated during process plugin development
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true
    • Recommendation: This debug function should only be activated during process plugin development
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
    • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
    • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: No
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: No
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: No
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/client_cert_ca_chains.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: No
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: No
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: No
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/stable/maintain/bpe/index.html b/stable/maintain/bpe/index.html new file mode 100644 index 000000000..85a66951d --- /dev/null +++ b/stable/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/stable/maintain/bpe/oidc.html b/stable/maintain/bpe/oidc.html new file mode 100644 index 000000000..e8ea0c2aa --- /dev/null +++ b/stable/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/stable/maintain/fhir-reverse-proxy/configuration.html b/stable/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..4f453ec30 --- /dev/null +++ b/stable/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 2 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: No
    • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_ca_chains.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_issuing_cas.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_EXPECTED_CLIENT_S_DN_C_VALUES

    • Required: No
    • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
    • Default: 'DE'

    SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

    • Required: No
    • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
    • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/stable/maintain/fhir-reverse-proxy/index.html b/stable/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..6dbaa3404 --- /dev/null +++ b/stable/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/stable/maintain/fhir/access-control.html b/stable/maintain/fhir/access-control.html new file mode 100644 index 000000000..d21e601bb --- /dev/null +++ b/stable/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/stable/maintain/fhir/configuration.html b/stable/maintain/fhir/configuration.html new file mode 100644 index 000000000..ffb000449 --- /dev/null +++ b/stable/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: No
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: No
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: No
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/client_cert_ca_chains.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: No
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: No
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: No
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/stable/maintain/fhir/index.html b/stable/maintain/fhir/index.html new file mode 100644 index 000000000..09108b19e --- /dev/null +++ b/stable/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/stable/maintain/fhir/oidc.html b/stable/maintain/fhir/oidc.html new file mode 100644 index 000000000..2bf974261 --- /dev/null +++ b/stable/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/stable/maintain/index.html b/stable/maintain/index.html new file mode 100644 index 000000000..945fd6905 --- /dev/null +++ b/stable/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/stable/maintain/install-plugins.html b/stable/maintain/install-plugins.html new file mode 100644 index 000000000..64bd41cc0 --- /dev/null +++ b/stable/maintain/install-plugins.html @@ -0,0 +1,43 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamAbout 1 min

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 2025-01-22).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.2.0v1.1.2.0
    MII Process Data Transferv1.0.3.0v1.0.3.0
    MII Process Data Sharingv1.0.2.0v1.0.2.0
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    + + + diff --git a/stable/maintain/install.html b/stable/maintain/install.html new file mode 100644 index 000000000..277043593 --- /dev/null +++ b/stable/maintain/install.html @@ -0,0 +1,65 @@ + + + + + + + + + + Install DSF 1.7.0 + + + + + +
    Skip to main content

    Install DSF 1.7.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem
      • Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L34:      - app_client_certificate_private_key.pem.password
+...
+L47:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L109:  app_client_certificate_private_key.pem.password:
+L110:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
        • HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443
          Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443
        • For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see the FHIR server Configuration Parameters page.

    7. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L12:      - app_client_certificate_private_key.pem.password
+...
+L32:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L83:  app_client_certificate_private_key.pem.password:
+L84:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/stable/maintain/passwords-secrets.html b/stable/maintain/passwords-secrets.html new file mode 100644 index 000000000..525a6a72b --- /dev/null +++ b/stable/maintain/passwords-secrets.html @@ -0,0 +1,55 @@ + + + + + + + + + + Passwords and Secrets + + + + + +
    Skip to main content

    Passwords and Secrets

    DSF-TeamLess than 1 minute

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    Example Environment Variables

    • DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.
    • DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.

    Docker Secrets

    It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/<secret_name> inside the container.

    Example docker-compose

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir
+    secrets:
+      - db_user_password
+      - oidc_client_secret
+    environment:
+      DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret
+
+secrets:
+  db_user_password:
+    file: ./secrets/db_user.password
+  api_key:
+    file: ./secrets/oidc_client.secret
    + + + diff --git a/stable/maintain/root-certificates.html b/stable/maintain/root-certificates.html new file mode 100644 index 000000000..60e8f9004 --- /dev/null +++ b/stable/maintain/root-certificates.html @@ -0,0 +1,41 @@ + + + + + + + + + + Default Root Certificates + + + + + +
    Skip to main content

    Default Root Certificates

    DSF-TeamAbout 6 min

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    Extending or Replacing Trusted Certificate Authorities

    X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.

    FHIR Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /usr/local/apache2.
    Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.

    FHIR Server

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using OpenID Connect for authenticating local users.
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /opt/fhir.

    BPE Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /usr/local/apache2.
    Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.

    BPE Server

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using OpenID Connect for authenticating local users.
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /opt/bpe.

    List of Default Trusted Certificate Authorities

    If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.

    CAs Trusted by Common Web Browsers and Operating Systems

    Other CAs

    + + + diff --git a/stable/maintain/upgrade-from-0.html b/stable/maintain/upgrade-from-0.html new file mode 100644 index 000000000..4249c586b --- /dev/null +++ b/stable/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/stable/maintain/upgrade-from-1.html b/stable/maintain/upgrade-from-1.html new file mode 100644 index 000000000..769c95e10 --- /dev/null +++ b/stable/maintain/upgrade-from-1.html @@ -0,0 +1,129 @@ + + + + + + + + + + Upgrade from DSF 1.6.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.6.0

    DSF-TeamAbout 2 min

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
++    image: ghcr.io/datasharingframework/fhir_proxy:1.7.0
+     restart: on-failure
+...
+       - ssl_certificate_file.pem
+       - ssl_certificate_key_file.pem
+       - ssl_certificate_chain_file.pem
+-      - ssl_ca_certificate_file.pem
+-      - ssl_ca_dn_request_file.pem
+     environment:
+...
+       SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem
+       SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem
+       SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem
+-      SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem
+-      SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem
+     networks:
+...
+   app:
+-    image: ghcr.io/datasharingframework/fhir:1.6.0
++    image: ghcr.io/datasharingframework/fhir:1.7.0
+     restart: on-failure
+...
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_permanent_delete.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS:  /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password
+-      DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+-  ssl_ca_dn_request_file.pem:
+-    file: ./secrets/ssl_ca_dn_request_file.pem
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/datasharingframework/bpe:1.6.0
++    image: ghcr.io/datasharingframework/bpe:1.7.0
+     restart: on-failure
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_camunda.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password
+-      DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/stable/process-plugins-advanced.html b/stable/process-plugins-advanced.html new file mode 100644 index 000000000..36ab10a01 --- /dev/null +++ b/stable/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.0.0/develop/create.html b/v1.0.0/develop/create.html new file mode 100644 index 000000000..525c1f644 --- /dev/null +++ b/v1.0.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.0.0/develop/index.html b/v1.0.0/develop/index.html new file mode 100644 index 000000000..a6c918acd --- /dev/null +++ b/v1.0.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.0.0/develop/upgrade-from-0.html b/v1.0.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..39f9895b6 --- /dev/null +++ b/v1.0.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.0.0/dsf-for-dev.html b/v1.0.0/dsf-for-dev.html new file mode 100644 index 000000000..affbce44d --- /dev/null +++ b/v1.0.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.0.0/index.html b/v1.0.0/index.html new file mode 100644 index 000000000..4ae4265b3 --- /dev/null +++ b/v1.0.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.0.0 + + + + + +
    Skip to main content

    DSF 1.0.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.0.0 is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow user authenitication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features
    + + + diff --git a/v1.0.0/maintain/allowList-mgm.html b/v1.0.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..b7a434fbf --- /dev/null +++ b/v1.0.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists here.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
    Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

    Prerequisites

    1. Deployed DSF instance (test infrastructure)
      1.1 If none exists yet, read here
    2. Certificate
      2.1 If none exists yet, read here
    3. Organization identifier (FQDN of your organization, e.g. hs-heilbronn.de)
    4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
    At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.0.0/maintain/configuration/bpe.html b/v1.0.0/maintain/configuration/bpe.html new file mode 100644 index 000000000..7855f05a8 --- /dev/null +++ b/v1.0.0/maintain/configuration/bpe.html @@ -0,0 +1,41 @@ + + + + + + + + + + Parameters BPE Server + + + + + +
    Skip to main content

    Parameters BPE Server

    DSF-TeamAbout 6 min

    Parameters BPE Server

    Please also check common parameters for additional configuration options.

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.bpe.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.0.0/maintain/configuration/common.html b/v1.0.0/maintain/configuration/common.html new file mode 100644 index 000000000..670dea0ff --- /dev/null +++ b/v1.0.0/maintain/configuration/common.html @@ -0,0 +1,41 @@ + + + + + + + + + + Common Parameters + + + + + +
    Skip to main content

    Common Parameters

    DSF-TeamAbout 2 min

    Common Parameters

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.0.0/maintain/configuration/fhir.html b/v1.0.0/maintain/configuration/fhir.html new file mode 100644 index 000000000..195c994f0 --- /dev/null +++ b/v1.0.0/maintain/configuration/fhir.html @@ -0,0 +1,41 @@ + + + + + + + + + + Parameters FHIR Server + + + + + +
    Skip to main content

    Parameters FHIR Server

    DSF-TeamAbout 3 min

    Parameters FHIR Server

    Please also check common parameters for additional configuration options.

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    • Property: dev.dsf.fhir.server.roleConfig
    • Required: Yes
    • Description: Role config YAML

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.0.0/maintain/configuration/index.html b/v1.0.0/maintain/configuration/index.html new file mode 100644 index 000000000..bc4b8a76d --- /dev/null +++ b/v1.0.0/maintain/configuration/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + + + + + diff --git a/v1.0.0/maintain/configuration/reverseproxy.html b/v1.0.0/maintain/configuration/reverseproxy.html new file mode 100644 index 000000000..37a996d4b --- /dev/null +++ b/v1.0.0/maintain/configuration/reverseproxy.html @@ -0,0 +1,41 @@ + + + + + + + + + + Parameters FHIR Reverse Proxy + + + + + +
    Skip to main content

    Parameters FHIR Reverse Proxy

    DSF-TeamAbout 1 min

    Parameters FHIR Reverse Proxy

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem
    + + + diff --git a/v1.0.0/maintain/index.html b/v1.0.0/maintain/index.html new file mode 100644 index 000000000..131461c1f --- /dev/null +++ b/v1.0.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.0.0/maintain/install.html b/v1.0.0/maintain/install.html new file mode 100644 index 000000000..cbf6d3244 --- /dev/null +++ b/v1.0.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.0.0 + + + + + +
    Skip to main content

    Install DSF 1.0.0

    DSF-TeamAbout 6 min

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_0_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_0_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L149:  app_client_certificate_private_key.pem.password:
+L150:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:
        • DEV_DSF_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_EXTERNAL_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de
        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: TODO_CLIENT_CERTIFICATE_THUMBPRINT
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.
        • DEV_DSF_FHIR_SERVER_ROLECONFIG: You can add other client certificates (e.g. personal DFN PKI S/MIME certificates, e.g. from admins) to your DSF instance.
          Set the SHA-512 Hash (lowercase hex) of your additional client certificates. The parameter TODO_WEBUSER_CLIENT_CERTIFICATE_THUMBPRINT can be a single thumbprint or can be expanded to a list (like dsf-role). If you don't have additional thumbprints you want to add, simply remove the DEV_DSF_FHIR_SERVER_ROLECONFIG variable from your docker-compose file.
        • For additional environment variables, see DSF configuration parameters - FHIR Server

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_0_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_0_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:
        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: TODO_ORGANIZATION_IDENTIFIER
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de
        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://TODO_DSF_FHIR_SERVER_FQDN/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir
        • For additional environment variables, see DSF configuration parameters - BPE Server

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.0.0/maintain/upgrade-from-0.html b/v1.0.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..cbbe32c4d --- /dev/null +++ b/v1.0.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamLess than 1 minute

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    + + + diff --git a/v1.0.0/process-plugins-advanced.html b/v1.0.0/process-plugins-advanced.html new file mode 100644 index 000000000..54a2acaf7 --- /dev/null +++ b/v1.0.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.1.0/develop/create.html b/v1.1.0/develop/create.html new file mode 100644 index 000000000..dc47c07b5 --- /dev/null +++ b/v1.1.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.1.0/develop/index.html b/v1.1.0/develop/index.html new file mode 100644 index 000000000..7f973ce0b --- /dev/null +++ b/v1.1.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.1.0/develop/upgrade-from-0.html b/v1.1.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..cf7b629b6 --- /dev/null +++ b/v1.1.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.1.0/dsf-for-dev.html b/v1.1.0/dsf-for-dev.html new file mode 100644 index 000000000..f9500074b --- /dev/null +++ b/v1.1.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.1.0/index.html b/v1.1.0/index.html new file mode 100644 index 000000000..b56ff501a --- /dev/null +++ b/v1.1.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.1.0 + + + + + +
    Skip to main content

    DSF 1.1.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.1.0/maintain/allowList-mgm.html b/v1.1.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..25a07674a --- /dev/null +++ b/v1.1.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists here.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
    Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

    Prerequisites

    1. Deployed DSF instance (test infrastructure)
      1.1 If none exists yet, read here
    2. Certificate
      2.1 If none exists yet, read here
    3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
    4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
    At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.1.0/maintain/bpe/configuration.html b/v1.1.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..68cf64838 --- /dev/null +++ b/v1.1.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable loging bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.bpe.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.1.0/maintain/bpe/index.html b/v1.1.0/maintain/bpe/index.html new file mode 100644 index 000000000..510312899 --- /dev/null +++ b/v1.1.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.1.0/maintain/fhir-reverse-proxy/configuration.html b/v1.1.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..6940e2322 --- /dev/null +++ b/v1.1.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.1.0/maintain/fhir-reverse-proxy/index.html b/v1.1.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..a9135d41d --- /dev/null +++ b/v1.1.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.1.0/maintain/fhir/access-control.html b/v1.1.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..6a326b3f0 --- /dev/null +++ b/v1.1.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.1.0/maintain/fhir/configuration.html b/v1.1.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..b87d937c4 --- /dev/null +++ b/v1.1.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    • Property: dev.dsf.fhir.server.roleConfig
    • Required: Yes
    • Description: Role config YAML as defined in FHIR Server: Access Control.
    • Recommendation: Use an empty string "" or a single block scalar | character if no roles should be configured

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.1.0/maintain/fhir/index.html b/v1.1.0/maintain/fhir/index.html new file mode 100644 index 000000000..30677dc35 --- /dev/null +++ b/v1.1.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.1.0/maintain/fhir/oidc.html b/v1.1.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..065765858 --- /dev/null +++ b/v1.1.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.1.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.1.0/maintain/index.html b/v1.1.0/maintain/index.html new file mode 100644 index 000000000..25a828535 --- /dev/null +++ b/v1.1.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.1.0/maintain/install.html b/v1.1.0/maintain/install.html new file mode 100644 index 000000000..0acf6e25e --- /dev/null +++ b/v1.1.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.1.0 + + + + + +
    Skip to main content

    Install DSF 1.1.0

    DSF-TeamAbout 6 min

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2101 fhir
+sudo adduser --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_1_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_1_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo addgroup --gid 2202 bpe
+sudo adduser --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_1_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_1_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.1.0/maintain/upgrade-from-0.html b/v1.1.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..a9df08d0e --- /dev/null +++ b/v1.1.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamLess than 1 minute

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    + + + diff --git a/v1.1.0/maintain/upgrade-from-1.html b/v1.1.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..d18c5d05e --- /dev/null +++ b/v1.1.0/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.x + + + + + +
    Skip to main content

    Upgrade from DSF 1.x

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.0.0 to 1.1.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.1.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.1.0

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.0.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.1.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.0.0
++   image: ghcr.io/datasharingframework/fhir:1.1.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.1.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.1.0

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.0.0
++   image: ghcr.io/datasharingframework/bpe:1.1.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.1.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.1.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.1.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.1.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.1.0/process-plugins-advanced.html b/v1.1.0/process-plugins-advanced.html new file mode 100644 index 000000000..b28e8e8b6 --- /dev/null +++ b/v1.1.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.2.0/develop/create.html b/v1.2.0/develop/create.html new file mode 100644 index 000000000..9b940b64a --- /dev/null +++ b/v1.2.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.2.0/develop/index.html b/v1.2.0/develop/index.html new file mode 100644 index 000000000..e4994494f --- /dev/null +++ b/v1.2.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.2.0/develop/upgrade-from-0.html b/v1.2.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..49fd2726c --- /dev/null +++ b/v1.2.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.2.0/dsf-for-dev.html b/v1.2.0/dsf-for-dev.html new file mode 100644 index 000000000..9e60d5d99 --- /dev/null +++ b/v1.2.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.2.0/index.html b/v1.2.0/index.html new file mode 100644 index 000000000..b4f1f0afc --- /dev/null +++ b/v1.2.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.2.0 + + + + + +
    Skip to main content

    DSF 1.2.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.2.0/maintain/allowList-mgm.html b/v1.2.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..0bec6efa1 --- /dev/null +++ b/v1.2.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists here.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.
    Currently, the Allow List Management Tool is only for DSF TEST infrastructure. For production, please write us an E-Mail with your information.

    Prerequisites

    1. Deployed DSF instance (test infrastructure)
      1.1 If none exists yet, read here
    2. Certificate
      2.1 If none exists yet, read here
    3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
    4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists on the DSF Allow List Management Tool.
    At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.2.0/maintain/bpe/configuration.html b/v1.2.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..d1cba8496 --- /dev/null +++ b/v1.2.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.2.0/maintain/bpe/index.html b/v1.2.0/maintain/bpe/index.html new file mode 100644 index 000000000..c5891344e --- /dev/null +++ b/v1.2.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.2.0/maintain/fhir-reverse-proxy/configuration.html b/v1.2.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..c1da83b13 --- /dev/null +++ b/v1.2.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.2.0/maintain/fhir-reverse-proxy/index.html b/v1.2.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..9d548745f --- /dev/null +++ b/v1.2.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.2.0/maintain/fhir/access-control.html b/v1.2.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..2d148cd7a --- /dev/null +++ b/v1.2.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.2.0/maintain/fhir/configuration.html b/v1.2.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..43e554725 --- /dev/null +++ b/v1.2.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_server_trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.2.0/maintain/fhir/index.html b/v1.2.0/maintain/fhir/index.html new file mode 100644 index 000000000..b90c58e7d --- /dev/null +++ b/v1.2.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.2.0/maintain/fhir/oidc.html b/v1.2.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..cd0d35f33 --- /dev/null +++ b/v1.2.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.2.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.2.0/maintain/index.html b/v1.2.0/maintain/index.html new file mode 100644 index 000000000..4e6e286dc --- /dev/null +++ b/v1.2.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.2.0/maintain/install.html b/v1.2.0/maintain/install.html new file mode 100644 index 000000000..5bfe30539 --- /dev/null +++ b/v1.2.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.2.0 + + + + + +
    Skip to main content

    Install DSF 1.2.0

    DSF-TeamAbout 6 min

    Member of existing networks

    If you are part of an existing network (e.g. the German MII), please install the appropriate DSF version. For the production environment of MII and NUM this is currently DSF 0.9.x.

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_2_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_2_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_2_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_2_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.2.0/maintain/upgrade-from-0.html b/v1.2.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..c264c0896 --- /dev/null +++ b/v1.2.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamLess than 1 minute

    Do not upgrade unless prompted!

    Please do not upgrade your DSF installation from DSF 0.9.x to DSF 1.x unless prompted to do so (e.g. from the German MII).

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported. Instead, please perform the following steps:

    1. shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. install the new DSF according to the instructions.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    + + + diff --git a/v1.2.0/maintain/upgrade-from-1.html b/v1.2.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..0f24bbbb3 --- /dev/null +++ b/v1.2.0/maintain/upgrade-from-1.html @@ -0,0 +1,73 @@ + + + + + + + + + + Upgrade from DSF 1.1.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.1.0

    DSF-TeamAbout 2 min

    Upgrading the DSF from 1.1.0 to 1.2.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.2.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.1.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.2.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.1.0
++   image: ghcr.io/datasharingframework/fhir:1.2.0
+    restart: on-failure
+-   healthcheck:
+-     test: ["CMD", "java", "-cp", "dsf_fhir.jar", "dev.dsf.common.status.client.StatusClient"]
+-     interval: 10s
+-     timeout: 15s
+-     retries: 5
+...
    1. The role configuration is now optional. If you don't use roles, you can remove the role config (default for new installations):
      app:
+...
+    environment:
+...
+-     # TODO specify role configuration to allow access to the UI via web-browser or REST API for specific users, see documentation at dsf.dev
+-     DEV_DSF_FHIR_SERVER_ROLECONFIG: |
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.2.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.2.0 and remove the old healthcheck definition. The new healthcheck is defined as part of the docker image.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.1.0
++   image: ghcr.io/datasharingframework/bpe:1.2.0
+    restart: on-failure
+-   healthcheck:
+-     test: ["CMD", "java", "-cp", "dsf_bpe.jar", "dev.dsf.common.status.client.StatusClient"]
+-     interval: 10s
+-     timeout: 15s
+-     retries: 5
+...

    1. DSF v1.2.0 is not compatible with the Ping/Pong process plugin v1.0.0.0, upgrade to the Ping/Pong plugin v1.0.1.0 by removing the old jar file and replacing it with the new v1.0.1.0 one.

    2. We have released a new version of the Allow List Process plugin where we added support for delete operations. Please upgrade to the Allow-List process v1.0.0.1 by removing the old jar file and replacing it with the new v1.0.0.1 one.

    3. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    4. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.2.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.2.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.2.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.2.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.2.0/process-plugins-advanced.html b/v1.2.0/process-plugins-advanced.html new file mode 100644 index 000000000..e11fbe5db --- /dev/null +++ b/v1.2.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.3.0/develop/create.html b/v1.3.0/develop/create.html new file mode 100644 index 000000000..abb0ddb47 --- /dev/null +++ b/v1.3.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.3.0/develop/index.html b/v1.3.0/develop/index.html new file mode 100644 index 000000000..d61f46064 --- /dev/null +++ b/v1.3.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.3.0/develop/upgrade-from-0.html b/v1.3.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..f6fbefd15 --- /dev/null +++ b/v1.3.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.3.0/dsf-for-dev.html b/v1.3.0/dsf-for-dev.html new file mode 100644 index 000000000..ab1928667 --- /dev/null +++ b/v1.3.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.3.0/index.html b/v1.3.0/index.html new file mode 100644 index 000000000..8b5954b71 --- /dev/null +++ b/v1.3.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.3.0 + + + + + +
    Skip to main content

    DSF 1.3.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.3.0/maintain/allowList-mgm.html b/v1.3.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..84213686a --- /dev/null +++ b/v1.3.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the Gecko Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use your personal client certificate or the client certificate from your DSF BPE, which needs to be added to your webbrowser. For instructions on how to add a client certificate to your browser, please follow here.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier (FQDN of your organization website, e.g. hs-heilbronn.de)
    4. FHIR Endpoint URL (e.g. https://gth.gecko.hs-heilbronn.de/fhir )
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists respective Allow List Management Tool.

    Click here to open the DSF Allow List Management Tool for the Test infrastructure.

    Click here to open the DSF Allow List Management Tool for the Production infrastructure.

    We use different colors for the DSF Allow List Management Tools in the Test (green) and Production (blue) infastructure.

    At the beginning, a popup will appear where you have to select your certificate. Only then you will have access to the website.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.0/maintain/bpe/configuration.html b/v1.3.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..12c9dd4aa --- /dev/null +++ b/v1.3.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.3.0/maintain/bpe/index.html b/v1.3.0/maintain/bpe/index.html new file mode 100644 index 000000000..bf5ed7043 --- /dev/null +++ b/v1.3.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.3.0/maintain/fhir-reverse-proxy/configuration.html b/v1.3.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..17ba8c1e7 --- /dev/null +++ b/v1.3.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.3.0/maintain/fhir-reverse-proxy/index.html b/v1.3.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..1459e5f73 --- /dev/null +++ b/v1.3.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.3.0/maintain/fhir/access-control.html b/v1.3.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..fb443cd21 --- /dev/null +++ b/v1.3.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.3.0/maintain/fhir/configuration.html b/v1.3.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..ef25e589a --- /dev/null +++ b/v1.3.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.3.0/maintain/fhir/index.html b/v1.3.0/maintain/fhir/index.html new file mode 100644 index 000000000..22a07b430 --- /dev/null +++ b/v1.3.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.3.0/maintain/fhir/oidc.html b/v1.3.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..e75cc7304 --- /dev/null +++ b/v1.3.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.3.0/maintain/index.html b/v1.3.0/maintain/index.html new file mode 100644 index 000000000..d517c7495 --- /dev/null +++ b/v1.3.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.3.0/maintain/install-plugins.html b/v1.3.0/maintain/install-plugins.html new file mode 100644 index 000000000..d982ca27c --- /dev/null +++ b/v1.3.0/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + + + + + diff --git a/v1.3.0/maintain/install.html b/v1.3.0/maintain/install.html new file mode 100644 index 000000000..774f561cc --- /dev/null +++ b/v1.3.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.3.0 + + + + + +
    Skip to main content

    Install DSF 1.3.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L44:      - app_client_certificate_private_key.pem.password
+...
+L59:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L146:  app_client_certificate_private_key.pem.password:
+L147:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L18:      - app_client_certificate_private_key.pem.password
+...
+L40:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L97:  app_client_certificate_private_key.pem.password:
+L98:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.0/maintain/upgrade-from-0.html b/v1.3.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..b2ce36028 --- /dev/null +++ b/v1.3.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.3.0/maintain/upgrade-from-1.html b/v1.3.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..d77d962bc --- /dev/null +++ b/v1.3.0/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.2.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.2.0

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.2.0 to 1.3.0 involves modifying the docker-compose.yml files and recreating the containers.

    Upgrade from 0.9.x

    If you want to migrate from DSF 0.9.x, please follow these instructions.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.2.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.2.0
++   image: ghcr.io/datasharingframework/fhir:1.3.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.2.0
++   image: ghcr.io/datasharingframework/bpe:1.3.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.3.0/process-plugins-advanced.html b/v1.3.0/process-plugins-advanced.html new file mode 100644 index 000000000..dca5249ee --- /dev/null +++ b/v1.3.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.3.1/develop/create.html b/v1.3.1/develop/create.html new file mode 100644 index 000000000..5ca4ca6c2 --- /dev/null +++ b/v1.3.1/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.3.1/develop/index.html b/v1.3.1/develop/index.html new file mode 100644 index 000000000..564e8c4cf --- /dev/null +++ b/v1.3.1/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.3.1/develop/upgrade-from-0.html b/v1.3.1/develop/upgrade-from-0.html new file mode 100644 index 000000000..301d5982c --- /dev/null +++ b/v1.3.1/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.3.1/dsf-for-dev.html b/v1.3.1/dsf-for-dev.html new file mode 100644 index 000000000..1dfea6918 --- /dev/null +++ b/v1.3.1/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.3.1/index.html b/v1.3.1/index.html new file mode 100644 index 000000000..907b44017 --- /dev/null +++ b/v1.3.1/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.3.1 + + + + + +
    Skip to main content

    DSF 1.3.1

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.3.1/maintain/allowList-mgm.html b/v1.3.1/maintain/allowList-mgm.html new file mode 100644 index 000000000..1c0c6aa5a --- /dev/null +++ b/v1.3.1/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.1/maintain/bpe/configuration.html b/v1.3.1/maintain/bpe/configuration.html new file mode 100644 index 000000000..59ecafe70 --- /dev/null +++ b/v1.3.1/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.3.1/maintain/bpe/index.html b/v1.3.1/maintain/bpe/index.html new file mode 100644 index 000000000..7c8b3c3d2 --- /dev/null +++ b/v1.3.1/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.3.1/maintain/fhir-reverse-proxy/configuration.html b/v1.3.1/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..6b01cddf2 --- /dev/null +++ b/v1.3.1/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.3.1/maintain/fhir-reverse-proxy/index.html b/v1.3.1/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..3a40bfb7d --- /dev/null +++ b/v1.3.1/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.3.1/maintain/fhir/access-control.html b/v1.3.1/maintain/fhir/access-control.html new file mode 100644 index 000000000..996283a56 --- /dev/null +++ b/v1.3.1/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.3.1/maintain/fhir/configuration.html b/v1.3.1/maintain/fhir/configuration.html new file mode 100644 index 000000000..2fc5d436a --- /dev/null +++ b/v1.3.1/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.3.1/maintain/fhir/index.html b/v1.3.1/maintain/fhir/index.html new file mode 100644 index 000000000..a03ee504d --- /dev/null +++ b/v1.3.1/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.3.1/maintain/fhir/oidc.html b/v1.3.1/maintain/fhir/oidc.html new file mode 100644 index 000000000..6d5269679 --- /dev/null +++ b/v1.3.1/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.3.1/maintain/index.html b/v1.3.1/maintain/index.html new file mode 100644 index 000000000..87957545c --- /dev/null +++ b/v1.3.1/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.3.1/maintain/install-plugins.html b/v1.3.1/maintain/install-plugins.html new file mode 100644 index 000000000..e4a494079 --- /dev/null +++ b/v1.3.1/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + + + + + diff --git a/v1.3.1/maintain/install.html b/v1.3.1/maintain/install.html new file mode 100644 index 000000000..b807cad19 --- /dev/null +++ b/v1.3.1/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.3.1 + + + + + +
    Skip to main content

    Install DSF 1.3.1

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_1.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_1.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_1.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_1.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.1/maintain/upgrade-from-0.html b/v1.3.1/maintain/upgrade-from-0.html new file mode 100644 index 000000000..556ae71e9 --- /dev/null +++ b/v1.3.1/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.3.1/maintain/upgrade-from-1.html b/v1.3.1/maintain/upgrade-from-1.html new file mode 100644 index 000000000..9eec00671 --- /dev/null +++ b/v1.3.1/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.3.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.3.0

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.3.0 to 1.3.1 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.1.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.1
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.0
++   image: ghcr.io/datasharingframework/fhir:1.3.1
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.1.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.0
++   image: ghcr.io/datasharingframework/bpe:1.3.1
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.3.1/process-plugins-advanced.html b/v1.3.1/process-plugins-advanced.html new file mode 100644 index 000000000..194d0b34e --- /dev/null +++ b/v1.3.1/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.3.2/develop/create.html b/v1.3.2/develop/create.html new file mode 100644 index 000000000..3998e040f --- /dev/null +++ b/v1.3.2/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.3.2/develop/index.html b/v1.3.2/develop/index.html new file mode 100644 index 000000000..8b62cf6d2 --- /dev/null +++ b/v1.3.2/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.3.2/develop/upgrade-from-0.html b/v1.3.2/develop/upgrade-from-0.html new file mode 100644 index 000000000..6c9766126 --- /dev/null +++ b/v1.3.2/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.3.2/dsf-for-dev.html b/v1.3.2/dsf-for-dev.html new file mode 100644 index 000000000..322593c32 --- /dev/null +++ b/v1.3.2/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.3.2/index.html b/v1.3.2/index.html new file mode 100644 index 000000000..6ede8df62 --- /dev/null +++ b/v1.3.2/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.3.2 + + + + + +
    Skip to main content

    DSF 1.3.2

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.3.2/maintain/allowList-mgm.html b/v1.3.2/maintain/allowList-mgm.html new file mode 100644 index 000000000..621ad397f --- /dev/null +++ b/v1.3.2/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.2/maintain/bpe/configuration.html b/v1.3.2/maintain/bpe/configuration.html new file mode 100644 index 000000000..1ee36b8bb --- /dev/null +++ b/v1.3.2/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.3.2/maintain/bpe/index.html b/v1.3.2/maintain/bpe/index.html new file mode 100644 index 000000000..794b1c1f3 --- /dev/null +++ b/v1.3.2/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.3.2/maintain/fhir-reverse-proxy/configuration.html b/v1.3.2/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..3ecd05252 --- /dev/null +++ b/v1.3.2/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.3.2/maintain/fhir-reverse-proxy/index.html b/v1.3.2/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..bafd6ef73 --- /dev/null +++ b/v1.3.2/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.3.2/maintain/fhir/access-control.html b/v1.3.2/maintain/fhir/access-control.html new file mode 100644 index 000000000..715403d2a --- /dev/null +++ b/v1.3.2/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.3.2/maintain/fhir/configuration.html b/v1.3.2/maintain/fhir/configuration.html new file mode 100644 index 000000000..3536e2972 --- /dev/null +++ b/v1.3.2/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.3.2/maintain/fhir/index.html b/v1.3.2/maintain/fhir/index.html new file mode 100644 index 000000000..1588c94fa --- /dev/null +++ b/v1.3.2/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.3.2/maintain/fhir/oidc.html b/v1.3.2/maintain/fhir/oidc.html new file mode 100644 index 000000000..117098f1e --- /dev/null +++ b/v1.3.2/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.3.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.3.2/maintain/index.html b/v1.3.2/maintain/index.html new file mode 100644 index 000000000..a1bf296d1 --- /dev/null +++ b/v1.3.2/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.3.2/maintain/install-plugins.html b/v1.3.2/maintain/install-plugins.html new file mode 100644 index 000000000..a0d12a1af --- /dev/null +++ b/v1.3.2/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamLess than 1 minute

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    + + + diff --git a/v1.3.2/maintain/install.html b/v1.3.2/maintain/install.html new file mode 100644 index 000000000..45c1a4098 --- /dev/null +++ b/v1.3.2/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.3.2 + + + + + +
    Skip to main content

    Install DSF 1.3.2

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_3_2.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_3_2.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_3_2.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_3_2.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.3.2/maintain/upgrade-from-0.html b/v1.3.2/maintain/upgrade-from-0.html new file mode 100644 index 000000000..55e74f41d --- /dev/null +++ b/v1.3.2/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.3.2/maintain/upgrade-from-1.html b/v1.3.2/maintain/upgrade-from-1.html new file mode 100644 index 000000000..d4782a7dd --- /dev/null +++ b/v1.3.2/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.3.1 + + + + + +
    Skip to main content

    Upgrade from DSF 1.3.1

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.3.1 to 1.3.2 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.3.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.3.2.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.1
++   image: ghcr.io/datasharingframework/fhir_proxy:1.3.2
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.1
++   image: ghcr.io/datasharingframework/fhir:1.3.2
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.3.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.3.2.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.1
++   image: ghcr.io/datasharingframework/bpe:1.3.2
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.3.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.3.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.3.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.3.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.3.2/process-plugins-advanced.html b/v1.3.2/process-plugins-advanced.html new file mode 100644 index 000000000..88b74a870 --- /dev/null +++ b/v1.3.2/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.4.0/contribute/code.html b/v1.4.0/contribute/code.html new file mode 100644 index 000000000..3abd6eb2f --- /dev/null +++ b/v1.4.0/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.4.0/contribute/documentation.html b/v1.4.0/contribute/documentation.html new file mode 100644 index 000000000..3772b6ec4 --- /dev/null +++ b/v1.4.0/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.4.0/contribute/index.html b/v1.4.0/contribute/index.html new file mode 100644 index 000000000..e30ee6c47 --- /dev/null +++ b/v1.4.0/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.4.0/develop/create.html b/v1.4.0/develop/create.html new file mode 100644 index 000000000..bce23f2ec --- /dev/null +++ b/v1.4.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.4.0/develop/index.html b/v1.4.0/develop/index.html new file mode 100644 index 000000000..0af7b6343 --- /dev/null +++ b/v1.4.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.4.0/develop/upgrade-from-0.html b/v1.4.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..d8f522d3d --- /dev/null +++ b/v1.4.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.4.0/dsf-for-dev.html b/v1.4.0/dsf-for-dev.html new file mode 100644 index 000000000..8c145ab54 --- /dev/null +++ b/v1.4.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.4.0/index.html b/v1.4.0/index.html new file mode 100644 index 000000000..d82273b11 --- /dev/null +++ b/v1.4.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.4.0 + + + + + +
    Skip to main content

    DSF 1.4.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.4.0/maintain/allowList-mgm.html b/v1.4.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..9e60b5395 --- /dev/null +++ b/v1.4.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.4.0/maintain/bpe/configuration.html b/v1.4.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..fb24e4a92 --- /dev/null +++ b/v1.4.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 8 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: The base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.4.0/maintain/bpe/index.html b/v1.4.0/maintain/bpe/index.html new file mode 100644 index 000000000..e9cbf9b33 --- /dev/null +++ b/v1.4.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.4.0/maintain/fhir-reverse-proxy/configuration.html b/v1.4.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..fc7e85d98 --- /dev/null +++ b/v1.4.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR servers application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.4.0/maintain/fhir-reverse-proxy/index.html b/v1.4.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..ff897d57a --- /dev/null +++ b/v1.4.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.4.0/maintain/fhir/access-control.html b/v1.4.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..fe89984d8 --- /dev/null +++ b/v1.4.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    To types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.4.0/maintain/fhir/configuration.html b/v1.4.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..37caa296d --- /dev/null +++ b/v1.4.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: The timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: The timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: The address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: The base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: The fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: The local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: The page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.4.0/maintain/fhir/index.html b/v1.4.0/maintain/fhir/index.html new file mode 100644 index 000000000..5653936d0 --- /dev/null +++ b/v1.4.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.4.0/maintain/fhir/oidc.html b/v1.4.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..b9efb0314 --- /dev/null +++ b/v1.4.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.4.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.4.0/maintain/index.html b/v1.4.0/maintain/index.html new file mode 100644 index 000000000..1618a3895 --- /dev/null +++ b/v1.4.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.4.0/maintain/install-plugins.html b/v1.4.0/maintain/install-plugins.html new file mode 100644 index 000000000..81f7535d4 --- /dev/null +++ b/v1.4.0/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamLess than 1 minute

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    + + + diff --git a/v1.4.0/maintain/install.html b/v1.4.0/maintain/install.html new file mode 100644 index 000000000..d8ee2ff2b --- /dev/null +++ b/v1.4.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.4.0 + + + + + +
    Skip to main content

    Install DSF 1.4.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_4_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_4_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_4_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_4_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.4.0/maintain/upgrade-from-0.html b/v1.4.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..50f3585c1 --- /dev/null +++ b/v1.4.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.4.0/maintain/upgrade-from-1.html b/v1.4.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..8bdc9fef1 --- /dev/null +++ b/v1.4.0/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.3.2 + + + + + +
    Skip to main content

    Upgrade from DSF 1.3.2

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.3.2 to 1.4.0 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.4.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.4.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.3.2
++   image: ghcr.io/datasharingframework/fhir_proxy:1.4.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.3.2
++   image: ghcr.io/datasharingframework/fhir:1.4.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.4.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.4.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.3.2
++   image: ghcr.io/datasharingframework/bpe:1.4.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.4.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.4.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.4.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.4.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.4.0/process-plugins-advanced.html b/v1.4.0/process-plugins-advanced.html new file mode 100644 index 000000000..d5354bb86 --- /dev/null +++ b/v1.4.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.5.0/contribute/code.html b/v1.5.0/contribute/code.html new file mode 100644 index 000000000..0abd530eb --- /dev/null +++ b/v1.5.0/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.5.0/contribute/documentation.html b/v1.5.0/contribute/documentation.html new file mode 100644 index 000000000..e7929b27e --- /dev/null +++ b/v1.5.0/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.5.0/contribute/index.html b/v1.5.0/contribute/index.html new file mode 100644 index 000000000..d134f2dbf --- /dev/null +++ b/v1.5.0/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.5.0/develop/create.html b/v1.5.0/develop/create.html new file mode 100644 index 000000000..88ad4c7a6 --- /dev/null +++ b/v1.5.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.5.0/develop/index.html b/v1.5.0/develop/index.html new file mode 100644 index 000000000..6afe2ea6c --- /dev/null +++ b/v1.5.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.5.0/develop/upgrade-from-0.html b/v1.5.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..c0422e56d --- /dev/null +++ b/v1.5.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.5.0/dsf-for-dev.html b/v1.5.0/dsf-for-dev.html new file mode 100644 index 000000000..da8455953 --- /dev/null +++ b/v1.5.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.5.0/index.html b/v1.5.0/index.html new file mode 100644 index 000000000..9d2e6c06e --- /dev/null +++ b/v1.5.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.5.0 + + + + + +
    Skip to main content

    DSF 1.5.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.5.0/maintain/allowList-mgm.html b/v1.5.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..8d879c7db --- /dev/null +++ b/v1.5.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.0/maintain/bpe-reverse-proxy/configuration.html b/v1.5.0/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..30334e622 --- /dev/null +++ b/v1.5.0/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.0/maintain/bpe-reverse-proxy/index.html b/v1.5.0/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..6d4c6203a --- /dev/null +++ b/v1.5.0/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/v1.5.0/maintain/bpe/access-control.html b/v1.5.0/maintain/bpe/access-control.html new file mode 100644 index 000000000..1d7f7009f --- /dev/null +++ b/v1.5.0/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/v1.5.0/maintain/bpe/configuration.html b/v1.5.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..22e0a4e68 --- /dev/null +++ b/v1.5.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.5.0/maintain/bpe/index.html b/v1.5.0/maintain/bpe/index.html new file mode 100644 index 000000000..357242dba --- /dev/null +++ b/v1.5.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.5.0/maintain/bpe/oidc.html b/v1.5.0/maintain/bpe/oidc.html new file mode 100644 index 000000000..0ee8352d3 --- /dev/null +++ b/v1.5.0/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.0/maintain/fhir-reverse-proxy/configuration.html b/v1.5.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..acd7daa8a --- /dev/null +++ b/v1.5.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.0/maintain/fhir-reverse-proxy/index.html b/v1.5.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..4c4f4e902 --- /dev/null +++ b/v1.5.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.5.0/maintain/fhir/access-control.html b/v1.5.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..5196032ce --- /dev/null +++ b/v1.5.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.5.0/maintain/fhir/configuration.html b/v1.5.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..beed2f0cf --- /dev/null +++ b/v1.5.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.5.0/maintain/fhir/index.html b/v1.5.0/maintain/fhir/index.html new file mode 100644 index 000000000..da641bea6 --- /dev/null +++ b/v1.5.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.5.0/maintain/fhir/oidc.html b/v1.5.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..b41b6c14e --- /dev/null +++ b/v1.5.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.0
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.0/maintain/index.html b/v1.5.0/maintain/index.html new file mode 100644 index 000000000..377f10322 --- /dev/null +++ b/v1.5.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.5.0/maintain/install-plugins.html b/v1.5.0/maintain/install-plugins.html new file mode 100644 index 000000000..fcd479c58 --- /dev/null +++ b/v1.5.0/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamLess than 1 minute

    You can find an overview of compatable process plugins below.

    Common processes

    MII processes

    NUM processes

    + + + diff --git a/v1.5.0/maintain/install.html b/v1.5.0/maintain/install.html new file mode 100644 index 000000000..19f0230d9 --- /dev/null +++ b/v1.5.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.5.0 + + + + + +
    Skip to main content

    Install DSF 1.5.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID1}
+INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket connected {uri: wss://FHIR_SERVER_FQDN/fhir/ws, session-id: SOME_RANDOM_UUID2}

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.0/maintain/upgrade-from-0.html b/v1.5.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..b12cf68be --- /dev/null +++ b/v1.5.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.5.0/maintain/upgrade-from-1.html b/v1.5.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..89a6ff9ff --- /dev/null +++ b/v1.5.0/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.4.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.4.0

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.4.0 to 1.5.0 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.4.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.4.0
++   image: ghcr.io/datasharingframework/fhir:1.5.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.4.0
++   image: ghcr.io/datasharingframework/bpe:1.5.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.5.0/process-plugins-advanced.html b/v1.5.0/process-plugins-advanced.html new file mode 100644 index 000000000..0e873968c --- /dev/null +++ b/v1.5.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.5.1/contribute/code.html b/v1.5.1/contribute/code.html new file mode 100644 index 000000000..ecadcd436 --- /dev/null +++ b/v1.5.1/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.5.1/contribute/documentation.html b/v1.5.1/contribute/documentation.html new file mode 100644 index 000000000..9592eae35 --- /dev/null +++ b/v1.5.1/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.5.1/contribute/index.html b/v1.5.1/contribute/index.html new file mode 100644 index 000000000..ad9aad38b --- /dev/null +++ b/v1.5.1/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.5.1/develop/create.html b/v1.5.1/develop/create.html new file mode 100644 index 000000000..6b08fc003 --- /dev/null +++ b/v1.5.1/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.5.1/develop/index.html b/v1.5.1/develop/index.html new file mode 100644 index 000000000..1b8f46624 --- /dev/null +++ b/v1.5.1/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.5.1/develop/upgrade-from-0.html b/v1.5.1/develop/upgrade-from-0.html new file mode 100644 index 000000000..99bd894c4 --- /dev/null +++ b/v1.5.1/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.5.1/dsf-for-dev.html b/v1.5.1/dsf-for-dev.html new file mode 100644 index 000000000..e00f24dcf --- /dev/null +++ b/v1.5.1/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.5.1/index.html b/v1.5.1/index.html new file mode 100644 index 000000000..a58e9eb2a --- /dev/null +++ b/v1.5.1/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.5.1 + + + + + +
    Skip to main content

    DSF 1.5.1

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.5.1/maintain/allowList-mgm.html b/v1.5.1/maintain/allowList-mgm.html new file mode 100644 index 000000000..2a1a7add1 --- /dev/null +++ b/v1.5.1/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.1/maintain/bpe-reverse-proxy/configuration.html b/v1.5.1/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..d8e1dbbbc --- /dev/null +++ b/v1.5.1/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.1/maintain/bpe-reverse-proxy/index.html b/v1.5.1/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..eb3095901 --- /dev/null +++ b/v1.5.1/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/v1.5.1/maintain/bpe/access-control.html b/v1.5.1/maintain/bpe/access-control.html new file mode 100644 index 000000000..ec7df253c --- /dev/null +++ b/v1.5.1/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/v1.5.1/maintain/bpe/configuration.html b/v1.5.1/maintain/bpe/configuration.html new file mode 100644 index 000000000..f90e6873f --- /dev/null +++ b/v1.5.1/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.5.1/maintain/bpe/index.html b/v1.5.1/maintain/bpe/index.html new file mode 100644 index 000000000..3725467f0 --- /dev/null +++ b/v1.5.1/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.5.1/maintain/bpe/oidc.html b/v1.5.1/maintain/bpe/oidc.html new file mode 100644 index 000000000..87ecc52c4 --- /dev/null +++ b/v1.5.1/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.1/maintain/fhir-reverse-proxy/configuration.html b/v1.5.1/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..c7ececc1b --- /dev/null +++ b/v1.5.1/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.1/maintain/fhir-reverse-proxy/index.html b/v1.5.1/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..a9d5e3cbf --- /dev/null +++ b/v1.5.1/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.5.1/maintain/fhir/access-control.html b/v1.5.1/maintain/fhir/access-control.html new file mode 100644 index 000000000..dcb4b7fcf --- /dev/null +++ b/v1.5.1/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.5.1/maintain/fhir/configuration.html b/v1.5.1/maintain/fhir/configuration.html new file mode 100644 index 000000000..1d90cdf56 --- /dev/null +++ b/v1.5.1/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.5.1/maintain/fhir/index.html b/v1.5.1/maintain/fhir/index.html new file mode 100644 index 000000000..e02160d40 --- /dev/null +++ b/v1.5.1/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.5.1/maintain/fhir/oidc.html b/v1.5.1/maintain/fhir/oidc.html new file mode 100644 index 000000000..53e8f4f92 --- /dev/null +++ b/v1.5.1/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.1
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.1/maintain/index.html b/v1.5.1/maintain/index.html new file mode 100644 index 000000000..1419a063b --- /dev/null +++ b/v1.5.1/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.5.1/maintain/install-plugins.html b/v1.5.1/maintain/install-plugins.html new file mode 100644 index 000000000..b1ad74302 --- /dev/null +++ b/v1.5.1/maintain/install-plugins.html @@ -0,0 +1,41 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamLess than 1 minute

    You can find an overview of compatible process plugins below.

    Common processes

    MII processes

    NUM processes

    + + + diff --git a/v1.5.1/maintain/install.html b/v1.5.1/maintain/install.html new file mode 100644 index 000000000..e9551bbf9 --- /dev/null +++ b/v1.5.1/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.5.1 + + + + + +
    Skip to main content

    Install DSF 1.5.1

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_1.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_1.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_1.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_1.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.1/maintain/upgrade-from-0.html b/v1.5.1/maintain/upgrade-from-0.html new file mode 100644 index 000000000..ca81388f6 --- /dev/null +++ b/v1.5.1/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.5.1/maintain/upgrade-from-1.html b/v1.5.1/maintain/upgrade-from-1.html new file mode 100644 index 000000000..25aaf987e --- /dev/null +++ b/v1.5.1/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.5.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.5.0

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.5.0 to 1.5.1 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.1_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.1.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.0
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.1
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.0
++   image: ghcr.io/datasharingframework/fhir:1.5.1
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.1_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.1.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.0
++   image: ghcr.io/datasharingframework/bpe:1.5.1
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.1, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.1. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.1, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.5.1/process-plugins-advanced.html b/v1.5.1/process-plugins-advanced.html new file mode 100644 index 000000000..ebf01cb08 --- /dev/null +++ b/v1.5.1/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.5.2/contribute/code.html b/v1.5.2/contribute/code.html new file mode 100644 index 000000000..d9aeab27d --- /dev/null +++ b/v1.5.2/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.5.2/contribute/documentation.html b/v1.5.2/contribute/documentation.html new file mode 100644 index 000000000..19c731491 --- /dev/null +++ b/v1.5.2/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.5.2/contribute/index.html b/v1.5.2/contribute/index.html new file mode 100644 index 000000000..77d9bd6d5 --- /dev/null +++ b/v1.5.2/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.5.2/develop/create.html b/v1.5.2/develop/create.html new file mode 100644 index 000000000..f7406540a --- /dev/null +++ b/v1.5.2/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.5.2/develop/index.html b/v1.5.2/develop/index.html new file mode 100644 index 000000000..a8aa54e6f --- /dev/null +++ b/v1.5.2/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.5.2/develop/upgrade-from-0.html b/v1.5.2/develop/upgrade-from-0.html new file mode 100644 index 000000000..a59ecae62 --- /dev/null +++ b/v1.5.2/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.5.2/dsf-for-dev.html b/v1.5.2/dsf-for-dev.html new file mode 100644 index 000000000..f794968fe --- /dev/null +++ b/v1.5.2/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.5.2/index.html b/v1.5.2/index.html new file mode 100644 index 000000000..9fdc25a35 --- /dev/null +++ b/v1.5.2/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.5.2 + + + + + +
    Skip to main content

    DSF 1.5.2

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.5.2/maintain/allowList-mgm.html b/v1.5.2/maintain/allowList-mgm.html new file mode 100644 index 000000000..573ef307c --- /dev/null +++ b/v1.5.2/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    Caution

    This is an outdated version of the Allow List Management documentation. Please use the current version, even if you use an outdated DSF version.

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.2/maintain/bpe-reverse-proxy/configuration.html b/v1.5.2/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..ec5634ab0 --- /dev/null +++ b/v1.5.2/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.2/maintain/bpe-reverse-proxy/index.html b/v1.5.2/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..af1d816ec --- /dev/null +++ b/v1.5.2/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/v1.5.2/maintain/bpe/access-control.html b/v1.5.2/maintain/bpe/access-control.html new file mode 100644 index 000000000..f2918d950 --- /dev/null +++ b/v1.5.2/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/v1.5.2/maintain/bpe/configuration.html b/v1.5.2/maintain/bpe/configuration.html new file mode 100644 index 000000000..3d0898a9f --- /dev/null +++ b/v1.5.2/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.5.2/maintain/bpe/index.html b/v1.5.2/maintain/bpe/index.html new file mode 100644 index 000000000..214792233 --- /dev/null +++ b/v1.5.2/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.5.2/maintain/bpe/oidc.html b/v1.5.2/maintain/bpe/oidc.html new file mode 100644 index 000000000..c6a5f5bc8 --- /dev/null +++ b/v1.5.2/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.2/maintain/fhir-reverse-proxy/configuration.html b/v1.5.2/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..2b632cfeb --- /dev/null +++ b/v1.5.2/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.5.2/maintain/fhir-reverse-proxy/index.html b/v1.5.2/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..eb70e4e90 --- /dev/null +++ b/v1.5.2/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.5.2/maintain/fhir/access-control.html b/v1.5.2/maintain/fhir/access-control.html new file mode 100644 index 000000000..74d428d4c --- /dev/null +++ b/v1.5.2/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.5.2/maintain/fhir/configuration.html b/v1.5.2/maintain/fhir/configuration.html new file mode 100644 index 000000000..e12c2cc08 --- /dev/null +++ b/v1.5.2/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.5.2/maintain/fhir/index.html b/v1.5.2/maintain/fhir/index.html new file mode 100644 index 000000000..fbc0e6c77 --- /dev/null +++ b/v1.5.2/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.5.2/maintain/fhir/oidc.html b/v1.5.2/maintain/fhir/oidc.html new file mode 100644 index 000000000..166aa267b --- /dev/null +++ b/v1.5.2/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.5.2/maintain/index.html b/v1.5.2/maintain/index.html new file mode 100644 index 000000000..c8dac9d7b --- /dev/null +++ b/v1.5.2/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.5.2/maintain/install-plugins.html b/v1.5.2/maintain/install-plugins.html new file mode 100644 index 000000000..c74596ff2 --- /dev/null +++ b/v1.5.2/maintain/install-plugins.html @@ -0,0 +1,43 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamAbout 1 min

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 14/08/2024).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.6v1.0.0.6
    MII Process Reportv1.1.1.1v1.1.1.1
    MII Process Data Transferv1.0.2.1v1.0.2.1
    MII Process Data Sharingv1.0.1.1v1.0.1.1
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    + + + diff --git a/v1.5.2/maintain/install.html b/v1.5.2/maintain/install.html new file mode 100644 index 000000000..91b9a8fed --- /dev/null +++ b/v1.5.2/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.5.2 + + + + + +
    Skip to main content

    Install DSF 1.5.2

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_5_2.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_5_2.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_5_2.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_5_2.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.5.2/maintain/upgrade-from-0.html b/v1.5.2/maintain/upgrade-from-0.html new file mode 100644 index 000000000..a56e92052 --- /dev/null +++ b/v1.5.2/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.5.2/maintain/upgrade-from-1.html b/v1.5.2/maintain/upgrade-from-1.html new file mode 100644 index 000000000..65abeeabb --- /dev/null +++ b/v1.5.2/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.5.1 + + + + + +
    Skip to main content

    Upgrade from DSF 1.5.1

    DSF-TeamAbout 1 min

    Upgrading the DSF from 1.5.1 to 1.5.2 involves modifying the docker-compose.yml files and recreating the containers.

    Update to DSF 1.2.0 first

    When upgrading from 1.0.0 or 1.1.0 it is important to migrate to DSF 1.2.0 first.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.5.2_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.5.2.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.1
++   image: ghcr.io/datasharingframework/fhir_proxy:1.5.2
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.1
++   image: ghcr.io/datasharingframework/fhir:1.5.2
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.5.2_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.5.2.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.1
++   image: ghcr.io/datasharingframework/bpe:1.5.2
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.5.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.5.2, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.5.2. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.5.2, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.5.2/process-plugins-advanced.html b/v1.5.2/process-plugins-advanced.html new file mode 100644 index 000000000..e85992fc9 --- /dev/null +++ b/v1.5.2/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.6.0/contribute/code.html b/v1.6.0/contribute/code.html new file mode 100644 index 000000000..aac9d2f9e --- /dev/null +++ b/v1.6.0/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.6.0/contribute/documentation.html b/v1.6.0/contribute/documentation.html new file mode 100644 index 000000000..3876921d6 --- /dev/null +++ b/v1.6.0/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.6.0/contribute/index.html b/v1.6.0/contribute/index.html new file mode 100644 index 000000000..c4773883e --- /dev/null +++ b/v1.6.0/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.6.0/develop/create.html b/v1.6.0/develop/create.html new file mode 100644 index 000000000..5ab60a882 --- /dev/null +++ b/v1.6.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.6.0/develop/index.html b/v1.6.0/develop/index.html new file mode 100644 index 000000000..afc03b67d --- /dev/null +++ b/v1.6.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.6.0/develop/upgrade-from-0.html b/v1.6.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..367e522b9 --- /dev/null +++ b/v1.6.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.6.0/dsf-for-dev.html b/v1.6.0/dsf-for-dev.html new file mode 100644 index 000000000..f13d12bed --- /dev/null +++ b/v1.6.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.6.0/index.html b/v1.6.0/index.html new file mode 100644 index 000000000..7584eb7b5 --- /dev/null +++ b/v1.6.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.6.0 + + + + + +
    Skip to main content

    DSF 1.6.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.6.0/maintain/allowList-mgm.html b/v1.6.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..d90378e0a --- /dev/null +++ b/v1.6.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.6.0/maintain/bpe-reverse-proxy/configuration.html b/v1.6.0/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..2a1186b20 --- /dev/null +++ b/v1.6.0/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.6.0/maintain/bpe-reverse-proxy/index.html b/v1.6.0/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..f9198754f --- /dev/null +++ b/v1.6.0/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/v1.6.0/maintain/bpe/access-control.html b/v1.6.0/maintain/bpe/access-control.html new file mode 100644 index 000000000..d88256657 --- /dev/null +++ b/v1.6.0/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/v1.6.0/maintain/bpe/configuration.html b/v1.6.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..6a3a067d9 --- /dev/null +++ b/v1.6.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true.
    • Recommendation: This debug function should only be activated during process plugin development.
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true.
    • Recommendation: This debug function should only be activated during process plugin development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0). Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file. Requires send mail on ERROR log event option to be enabled to have an effect.
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true. Requires SMTP server to be configured.
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication
    + + + diff --git a/v1.6.0/maintain/bpe/index.html b/v1.6.0/maintain/bpe/index.html new file mode 100644 index 000000000..d1f260215 --- /dev/null +++ b/v1.6.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.6.0/maintain/bpe/oidc.html b/v1.6.0/maintain/bpe/oidc.html new file mode 100644 index 000000000..764796b8f --- /dev/null +++ b/v1.6.0/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.6.0/maintain/fhir-reverse-proxy/configuration.html b/v1.6.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..7abfe40d7 --- /dev/null +++ b/v1.6.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 1 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path.
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: Yes
    • Description: Certificate chain file including all signing, intermediate and ca certificate used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_certificate_file.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_ca_dn_request_file.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate, sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (aka self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.6.0/maintain/fhir-reverse-proxy/index.html b/v1.6.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..51b51f11d --- /dev/null +++ b/v1.6.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.6.0/maintain/fhir/access-control.html b/v1.6.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..8363a0e7f --- /dev/null +++ b/v1.6.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.6.0/maintain/fhir/configuration.html b/v1.6.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..0af6143d1 --- /dev/null +++ b/v1.6.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client _trust_certificates.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: The password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: The user name to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: The name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true.
    • Recommendation: This debug function should only be activated during development. WARNNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: Yes
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: Yes
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: Yes
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: Yes
    • Description: PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: Yes
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: Yes
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: Yes
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.6.0/maintain/fhir/index.html b/v1.6.0/maintain/fhir/index.html new file mode 100644 index 000000000..5d9a94e0f --- /dev/null +++ b/v1.6.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.6.0/maintain/fhir/oidc.html b/v1.6.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..8df442d3b --- /dev/null +++ b/v1.6.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.6.0/maintain/index.html b/v1.6.0/maintain/index.html new file mode 100644 index 000000000..bb1e10e02 --- /dev/null +++ b/v1.6.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.6.0/maintain/install-plugins.html b/v1.6.0/maintain/install-plugins.html new file mode 100644 index 000000000..ced6664c0 --- /dev/null +++ b/v1.6.0/maintain/install-plugins.html @@ -0,0 +1,43 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamAbout 1 min

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 14/08/2024).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.1.1v1.1.1.1
    MII Process Data Transferv1.0.2.1v1.0.2.1
    MII Process Data Sharingv1.0.1.1v1.0.1.1
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    + + + diff --git a/v1.6.0/maintain/install.html b/v1.6.0/maintain/install.html new file mode 100644 index 000000000..4b5ba54e0 --- /dev/null +++ b/v1.6.0/maintain/install.html @@ -0,0 +1,66 @@ + + + + + + + + + + Install DSF 1.6.0 + + + + + +
    Skip to main content

    Install DSF 1.6.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_6_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_6_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A) and the corresponding private-key to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L39:      - app_client_certificate_private_key.pem.password
+...
+L54:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L141:  app_client_certificate_private_key.pem.password:
+L142:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Uncomment one of the certificate chain entries in the docker-compose file base on the certificate authority that signed your DSF FHIR server certificate (certificate A). For example use the following two lines if the server certificate is signed by DFN-Verein Global Issuing CA

      L114:  ssl_certificate_chain_file.pem:
+L115:    file: ./secrets/ssl_certificate_chain_file_DFN-Verein.pem

    6. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    7. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see FHIR server Configuration Parameters page.

    8. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_6_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_6_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L13:      - app_client_certificate_private_key.pem.password
+...
+L35:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L89:  app_client_certificate_private_key.pem.password:
+L90:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.6.0/maintain/upgrade-from-0.html b/v1.6.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..06bcb2bcb --- /dev/null +++ b/v1.6.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.6.0/maintain/upgrade-from-1.html b/v1.6.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..f5eefefea --- /dev/null +++ b/v1.6.0/maintain/upgrade-from-1.html @@ -0,0 +1,58 @@ + + + + + + + + + + Upgrade from DSF 1.5.2 + + + + + +
    Skip to main content

    Upgrade from DSF 1.5.2

    DSF-TeamLess than 1 minute

    Upgrading the DSF from 1.5.2 to 1.6.0 involves modifying the docker-compose.yml files and recreating the containers.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.6.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.6.0.

    version: '3.8'
+services:
+  proxy:
+-   image: ghcr.io/datasharingframework/fhir_proxy:1.5.2
++   image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
+    restart: on-failure
+...
+  app:
+-   image: ghcr.io/datasharingframework/fhir:1.5.2
++   image: ghcr.io/datasharingframework/fhir:1.6.0
+    restart: on-failure
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.6.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.6.0.

    version: '3.8'
+services:
+  app:
+-   image: ghcr.io/datasharingframework/bpe:1.5.2
++   image: ghcr.io/datasharingframework/bpe:1.6.0
+    restart: on-failure
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.6.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.6.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.6.0/process-plugins-advanced.html b/v1.6.0/process-plugins-advanced.html new file mode 100644 index 000000000..41e4cba1a --- /dev/null +++ b/v1.6.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + + diff --git a/v1.7.0/contribute/code.html b/v1.7.0/contribute/code.html new file mode 100644 index 000000000..9dd267bfa --- /dev/null +++ b/v1.7.0/contribute/code.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute code + + + + + +
    Skip to main content

    Contribute code

    DSF-TeamAbout 3 min

    Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community.

    Benefits of Contributing:

    • Foster community growth and diversification.
    • Sharpen your coding skills.
    • Gain recognition in the DSF community.
    • Directly impact the future of data sharing in medicine.

    Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF.

    General

    Code style

    You can import our code style for your specific IDE:

    • Eclipse. Open your preferences, click on Java, Code style, Formatter, Import and select the downloaded file.
    • IntelliJ. Open your settings, click on Editor, Code style, Java, the settings icon, import scheme, IntelliJ and select the downloaded file.

    Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use mvn compile -Pformat-and-sort.

    Branching strategy

    Git Flow is used as this project's branching strategy. Therefore, you will find the following structure:

    • main
    • develop
    • issue
    • hotfix
    • release

    Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category.

    Branch naming

    The following ruleset is applied to name branches:

    • issue/<issue-number>_<issue-name>
    • hotfix/<version>
    • release/<version>

    Setting up the project

    This chapter lists all important requirements to get the project buildable and running properly.

    Java

    This project uses Java JDK 17, so make sure you have it installed on your system.

    Docker

    Docker is used in this project to test database functionality and to run more complex test-setups.

    Maven

    The project relies on Maven as its management tool.
    Important: When building the project you might encounter the following error:
    Could not determine gpg version GPG is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with -Dgpg.skip.

    Workflow

    1. Create an issue or comment on an issue that you want to contribute some feature
    2. Fork the repository, create a branch and mention it in the issue
    3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests
    4. If your changes are production-ready, create a pull request.

    Pull request process

    We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it:

    1. Ship: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes.

    2. Show: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team.

    3. Ask: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control.

    This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors.

    For more information on Fowler's approach, visit Martin Fowler's article on Pull Requests.

    Data Security in DSF Development

    The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines:

    • No development with real personal data: Always use anonymized or synthetic data for development purposes.
    • No personal data in repositories: Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily.
    • Review all log files: Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included.
    + + + diff --git a/v1.7.0/contribute/documentation.html b/v1.7.0/contribute/documentation.html new file mode 100644 index 000000000..6ad908f04 --- /dev/null +++ b/v1.7.0/contribute/documentation.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute documentation + + + + + +
    Skip to main content

    Contribute documentation

    DSF-TeamLess than 1 minute

    Join us in enhancing our documentation!

    We believe in the power of community collaboration to make our documentation clearer, more comprehensive, and more user-friendly. There are several ways you can contribute, and we welcome greatly your input!

    1. Contact us with feedback: If you find any of our documentation unclear or if you think there's a topic not covered yet, please don't hesitate to reach out to us. Your perspective as a reader is invaluable in helping us to identify areas for improvement.
    2. Create an issue: You noticed something that needs fixing or you have a suggestion? Head over to our GitHub repository at Data Sharing Framework Documentation and please create an issue. This way, our team and other contributors can track and address documentation changes systematically.
    3. Contribute directly with a pull request: If you're feeling proactive and want to make direct changes, you're more than welcome to submit a pull request. Visit our GitHub repository at Data Sharing Framework Documentation and feel free to propose your changes. Whether it's a typo fix, a new section, or enhanced explanations, every contribution counts.

    We're excited to see your suggestions and are grateful for every contribution that helps us improve. Let's build better documentation together!

    + + + diff --git a/v1.7.0/contribute/index.html b/v1.7.0/contribute/index.html new file mode 100644 index 000000000..7978b56bd --- /dev/null +++ b/v1.7.0/contribute/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Contribute + + + + + +
    Skip to main content

    Contribute

    DSF-TeamAbout 2 min

    We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact.

    Ways you can contribute:

    1. Helping other users:
      • MII Zulip: If you are part of the German Medical Informatics Initiative, join the MII Zulip community to assist others, share your knowledge, and learn from fellow contributors.
      • GitHub Discussions: Engage with our community in GitHub Discussions by answering questions, providing feedback, and sharing your insights.
    2. Testing releases:
      • Stay ahead: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable.
      • Report findings: Share your testing results to help us refine and enhance our releases.
    3. Reviewing changes:
      • Peer review: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes.
      • Constructive feedback: Offer constructive feedback and suggestions to help improve and refine proposed changes.
    4. Documentation changes:
    5. Contributing bug reports:
      • Report bugs: If you find a bug, please report it via an issue on GitHub. Detailed bug reports are incredibly helpful.
      • Reproduction steps: Include steps to reproduce the bug and any relevant logs according to our bug report issue template.
    6. Contributing feature requests:
      • Suggest features: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template.
      • Collaborate on implementation: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our Getting started guide for code contributions to DSF.
    7. Contributing process plugins:
      • Develop process plugins for the DSF: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our Getting started guide for process plugin development will be a useful reference.
      • Share your work: Your plugins could be a valuable addition to the ecosystem and benefit other users.

    Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved.

    Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!

    + + + diff --git a/v1.7.0/develop/create.html b/v1.7.0/develop/create.html new file mode 100644 index 000000000..2904bb4a3 --- /dev/null +++ b/v1.7.0/develop/create.html @@ -0,0 +1,41 @@ + + + + + + + + + + Create a new process plugin + + + + + + + + + diff --git a/v1.7.0/develop/index.html b/v1.7.0/develop/index.html new file mode 100644 index 000000000..41aca801c --- /dev/null +++ b/v1.7.0/develop/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Develop Process Plugins + + + + + + + + + diff --git a/v1.7.0/develop/upgrade-from-0.html b/v1.7.0/develop/upgrade-from-0.html new file mode 100644 index 000000000..6b913bcb5 --- /dev/null +++ b/v1.7.0/develop/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade processes from 0.9.x + + + + + + + + + diff --git a/v1.7.0/dsf-for-dev.html b/v1.7.0/dsf-for-dev.html new file mode 100644 index 000000000..333662169 --- /dev/null +++ b/v1.7.0/dsf-for-dev.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF for Developers + + + + + + + + + diff --git a/v1.7.0/index.html b/v1.7.0/index.html new file mode 100644 index 000000000..a8f4d5e35 --- /dev/null +++ b/v1.7.0/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + DSF 1.7.0 + + + + + +
    Skip to main content

    DSF 1.7.0

    DSF-TeamLess than 1 minute

    Data Sharing Framework 1.x is the new major release of the Data Sharing Framework. Click here to find more information about the DSF in general.

    Important note

    This is a major DSF release not compatible with 0.9.x and older version developed at https://github.com/highmed/highmed-dsf.

    System Administrators

    Developers

    New features

    • Improved versioning to support up- and downwards-compatibility
    • Enhanced web ui to start processes in the web browser
    • Allow local user authentication and authorization with OpenID Connect
    • New process plugin API
    • Removed mostly unused features to simplify instance configuration
    • Unified proxy setup
    • Many more features, see 1.x release-notes
    + + + diff --git a/v1.7.0/maintain/allowList-mgm.html b/v1.7.0/maintain/allowList-mgm.html new file mode 100644 index 000000000..63adae617 --- /dev/null +++ b/v1.7.0/maintain/allowList-mgm.html @@ -0,0 +1,41 @@ + + + + + + + + + + Allow List Management + + + + + +
    Skip to main content

    Allow List Management

    DSF-TeamAbout 1 min

    You can read all about the concept of Allow Lists in our introduction.

    Overview

    To simplify the DSF Allow List Management we have built a portal for administration. The portal is managed by the GECKO Institute at Heilbronn University. You as an DSF administrator can create or update your Allow List information. The information you provide on this portal will be transferred to us and will be used to built Allow List bundles that get distributed to the communication partners of the distributed processes.

    The DSF Allow List management tool uses client certificates for authentication. You can either use a personal client certificate or the client certificate from your DSF BPE, which needs to be added to your web-browsers certificate store.

    Prerequisites

    1. Deployed DSF instance (test or production infrastructure)
      1.1 If none exists yet, read the installation guide
    2. Certificate
      2.1 If none exists yet, read the certificate requirements
    3. Organization identifier, shortest FQDN of your organizations website, e.g. my-hospital.de
    4. FHIR endpoint URL, e.g. https://dsf.my-hospital.de/fhir
    5. Contact details from a responsible person of your organization
    6. Access to the E-Mail address from your organization for verification

    Start here

    When you have fulfilled all the prerequisites, you can start managing your Allow Lists via the environment specific Allow List Management Tool:

    We use different highlight colors for the DSF Allow List Management Tool: Green for the Test environment and blue for the Production infrastructure. To access the site, you have to authenticate yourself with a client certificate. Your web-browser will show a dialog to choose a valid certificate.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to contact us on the MII-Zulip Channel or write us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.7.0/maintain/bpe-reverse-proxy/configuration.html b/v1.7.0/maintain/bpe-reverse-proxy/configuration.html new file mode 100644 index 000000000..b3fcd78c6 --- /dev/null +++ b/v1.7.0/maintain/bpe-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 2 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF BPE server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: FQDN of your DSF BPE server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
    • Default: /bpe

    SSL_CA_CERTIFICATE_FILE

    • Required: No
    • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_ca_chains.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_issuing_cas.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_EXPECTED_CLIENT_S_DN_C_VALUES

    • Required: No
    • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
    • Default: 'DE'

    SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

    • Required: No
    • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
    • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.7.0/maintain/bpe-reverse-proxy/index.html b/v1.7.0/maintain/bpe-reverse-proxy/index.html new file mode 100644 index 000000000..305e255a9 --- /dev/null +++ b/v1.7.0/maintain/bpe-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Reverse Proxy + + + + + + + + + diff --git a/v1.7.0/maintain/bpe/access-control.html b/v1.7.0/maintain/bpe/access-control.html new file mode 100644 index 000000000..e4be05c74 --- /dev/null +++ b/v1.7.0/maintain/bpe/access-control.html @@ -0,0 +1,61 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 2 min

    Overview

    The DSF BPE server provides a user interface for administrators. Without any additional configuration the user interface is not accessible with the organizations X.509 client certificate or any other certificate or OpenID Connect authenticated user.

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF BPE server OpenID Connect configuration page.

    Access to the user interface can be enabled for client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable access for a specific client-certificate:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - ADMIN

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_BPE_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the user interface. Allowed values are:

    ADMIN.

    practitioner-role

    The BPE server currently does not support any practionier-roles.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - ADMIN

    The third example allows administrator access and users e-mail addresses to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_BPE_SERVER_ROLECONFIG: |
+        - email-admins:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - ADMIN
    + + + diff --git a/v1.7.0/maintain/bpe/configuration.html b/v1.7.0/maintain/bpe/configuration.html new file mode 100644 index 000000000..f1e57b9e3 --- /dev/null +++ b/v1.7.0/maintain/bpe/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 9 min

    DEV_DSF_BPE_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.bpe.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_BPE_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.bpe.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD or DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.liquibase.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_BPE_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.bpe.db.liquibase.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_BPE_DB_URL

    • Property: dev.dsf.bpe.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF BPE server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/bpe

    DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP

    • Property: dev.dsf.bpe.db.user.camunda.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF BPE server for camunda processes
    • Default: camunda_users

    DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD or DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.camunda.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE
    • Example: /run/secrets/db_user_camunda.password

    DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME

    • Property: dev.dsf.bpe.db.user.camunda.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server for camunda processes
    • Recommendation: Use a different user then in DEV_DSF_BPE_DB_USER_USERNAME
    • Default: camunda_server_user

    DEV_DSF_BPE_DB_USER_GROUP

    • Property: dev.dsf.bpe.db.user.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF BPE server
    • Default: bpe_users

    DEV_DSF_BPE_DB_USER_PASSWORD or DEV_DSF_BPE_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.bpe.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF BPE server
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_BPE_DB_USER_USERNAME

    • Property: dev.dsf.bpe.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF BPE server
    • Default: bpe_server_user

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.bpe.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.bpe.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYEND

    • Property: dev.dsf.bpe.debug.log.message.onActivityEnd
    • Required: No
    • Description: To enable debug log messages for every bpmn activity end, set to true
    • Recommendation: This debug function should only be activated during process plugin development
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_ONACTIVITYSTART

    • Property: dev.dsf.bpe.debug.log.message.onActivityStart
    • Required: No
    • Description: To enable debug log messages for every bpmn activity start, set to true
    • Recommendation: This debug function should only be activated during process plugin development
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLES

    • Property: dev.dsf.bpe.debug.log.message.variables
    • Required: No
    • Description: To enable logging of bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
    • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_VARIABLESLOCAL

    • Property: dev.dsf.bpe.debug.log.message.variablesLocal
    • Required: No
    • Description: To enable logging of local bpmn variables for every bpmn activity start or end, when logging of these events is enabled, set to true
    • Recommendation: This debug function should only be activated during process plugin development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.bpe.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.local.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with the local DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.local.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until reading a resource from the local DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_LOCAL_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.local.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from the local DSF FHIR server, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_CONNECT

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established with a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 5000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_TIMEOUT_READ

    • Property: dev.dsf.bpe.fhir.client.remote.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 60000

    DEV_DSF_BPE_FHIR_CLIENT_REMOTE_VERBOSE

    • Property: dev.dsf.bpe.fhir.client.remote.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.fhir.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_BPE_FHIR_QUESTIONNAIRE_RESPONSE_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.questionnaire.response.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about questionnaire response resources from the DSF FHIR server
    • Default: ?criteria=QuestionnaireResponse%3Fstatus%3Dcompleted&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.bpe.fhir.server.base.url
    • Required: Yes
    • Description: Base address of the local DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_MAX

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.max
    • Required: No
    • Description: Number of retries until a websocket connection can be established with the DSF FHIR server, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_RETRY_SLEEP

    • Property: dev.dsf.bpe.fhir.task.subscription.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a websocket connection with the DSF FHIR server
    • Default: 5000

    DEV_DSF_BPE_FHIR_TASK_SUBSCRIPTION_SEARCH_PARAMETER

    • Property: dev.dsf.bpe.fhir.task.subscription.search.parameter
    • Required: No
    • Description: Subscription to receive notifications about task resources from the DSF FHIR server
    • Default: ?criteria=Task%3Fstatus%3Drequested&status=active&type=websocket&payload=application/fhir%2Bjson

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE

    • Property: dev.dsf.bpe.mail.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.bpe.mail.client.certificate.private.key
    • Required: No
    • Description: Private key corresponging to the SMTP server client certificate as PEM encoded file. Use DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD* or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem

    DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/smtp_server_client_certificate_private_key.pem.password

    DEV_DSF_BPE_MAIL_FROMADDRESS

    • Property: dev.dsf.bpe.mail.fromAddress
    • Required: No
    • Description: Mail service sender address
    • Example: sender@localhost

    DEV_DSF_BPE_MAIL_HOST

    • Property: dev.dsf.bpe.mail.host
    • Required: No
    • Description: SMTP server hostname
    • Example: smtp.server.de

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTBUFFERSIZE

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventBufferSize
    • Required: No
    • Description: Number of previous INFO, WARN log messages to include in ERROR log event mails (>=0); requires send mail on ERROR log event option to be enabled to have an effect
    • Default: 4

    DEV_DSF_BPE_MAIL_MAILONERRORLOGEVENTDEBUGLOGLOCATION

    • Property: dev.dsf.bpe.mail.mailOnErrorLogEventDebugLogLocation
    • Required: No
    • Description: Location of the BPE debug log as displayed in the footer of ERROR log event mails, does not modify the actual location of the debug log file; requires send mail on ERROR log event option to be enabled to have an effect
    • Default: /opt/bpe/log/bpe.log

    DEV_DSF_BPE_MAIL_PASSWORD or DEV_DSF_BPE_MAIL_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.password
    • Required: No
    • Description: SMTP server authentication password
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; use docker secret file to configure using DEV_DSF_BPE_MAIL_PASSWORD_FILE; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_PORT

    • Property: dev.dsf.bpe.mail.port
    • Required: No
    • Description: SMTP server port
    • Example: 465
    • Default: 0

    DEV_DSF_BPE_MAIL_REPLYTOADDRESSES

    • Property: dev.dsf.bpe.mail.replyToAddresses
    • Required: No
    • Description: Mail service reply to addresses; comma or space separated list, YAML block scalars supported
    • Example: reply.to@localhost

    DEV_DSF_BPE_MAIL_SENDMAILONERRORLOGEVENT

    • Property: dev.dsf.bpe.mail.sendMailOnErrorLogEvent
    • Required: No
    • Description: To enable mails being send for every ERROR logged, set to true; requires SMTP server to be configured
    • Default: false

    DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP

    • Property: dev.dsf.bpe.mail.sendTestMailOnStartup
    • Required: No
    • Description: To enable a test mail being send on startup of the BPE, set to true; requires SMTP server to be configured
    • Default: false

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore
    • Required: No
    • Description: PKCS12 encoded file with S/MIME certificate, private key and certificate chain to enable send mails to be S/MIME signed
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smime_certificate.p12

    DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD or DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE

    • Property: dev.dsf.bpe.mail.smime.p12Keystore.password
    • Required: No
    • Description: Password to decrypt the PKCS12 encoded S/MIMIE certificate file
    • Recommendation: Use docker secret file to configure using DEV_DSF_BPE_MAIL_SMIME_P12KEYSTORE_PASSWORD_FILE
    • Example: /run/secrets/smime_certificate.p12.password

    DEV_DSF_BPE_MAIL_TOADDRESSES

    • Property: dev.dsf.bpe.mail.toAddresses
    • Required: No
    • Description: Mail service recipient addresses, configure at least one; comma or space separated list, YAML block scalars supported
    • Example: recipient@localhost

    DEV_DSF_BPE_MAIL_TOADDRESSESCC

    • Property: dev.dsf.bpe.mail.toAddressesCc
    • Required: No
    • Description: Mail service CC recipient addresses; comma or space separated list, YAML block scalars supported
    • Example: cc.recipient@localhost

    DEV_DSF_BPE_MAIL_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.bpe.mail.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via DEV_DSF_BPE_MAIL_USESMTPS
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/smtp_server_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_BPE_MAIL_USERNAME

    • Property: dev.dsf.bpe.mail.username
    • Required: No
    • Description: SMTP server authentication username
    • Recommendation: Configure if the SMTP server reqiures username/password authentication; enable SMTP over TLS via DEV_DSF_BPE_MAIL_USESMTPS

    DEV_DSF_BPE_MAIL_USESMTPS

    • Property: dev.dsf.bpe.mail.useSmtps
    • Required: No
    • Description: To enable SMTP over TLS (smtps), set to true
    • Default: false

    DEV_DSF_BPE_PROCESS_ENGINE_COREPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.corePoolSize
    • Required: No
    • Description: Process engine job executor core pool size
    • Default: 4

    DEV_DSF_BPE_PROCESS_ENGINE_MAXPOOLSIZE

    • Property: dev.dsf.bpe.process.engine.maxPoolSize
    • Required: No
    • Description: Process engine job executor max pool size, additional threads until max pool size are created if the queue is full
    • Default: 10

    DEV_DSF_BPE_PROCESS_ENGINE_QUEUESIZE

    • Property: dev.dsf.bpe.process.engine.queueSize
    • Required: No
    • Description: Process engine job executor queue size, jobs are added to the queue if all core pool threads are busy
    • Default: 40

    DEV_DSF_BPE_PROCESS_EXCLUDED

    • Property: dev.dsf.bpe.process.excluded
    • Required: No
    • Description: List of process names that should be excluded from deployment during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Only deploy processes that can be started depending on your organization's roles in the Allow-List
    • Example: dsfdev_updateAllowList|1.0, another_process|x.y

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_MAX

    • Property: dev.dsf.bpe.process.fhir.server.retry.max
    • Required: No
    • Description: Number of retries until a connection can be established with the local DSF FHIR server during process deployment, -1 means infinite number of retries
    • Default: -1

    DEV_DSF_BPE_PROCESS_FHIR_SERVER_RETRY_SLEEP

    • Property: dev.dsf.bpe.process.fhir.server.retry.sleep
    • Required: No
    • Description: Milliseconds between two retries to establish a connection with the local DSF FHIR server during process deployment
    • Default: 5000

    DEV_DSF_BPE_PROCESS_PLUGIN_DIRECTROY

    • Property: dev.dsf.bpe.process.plugin.directroy
    • Required: No
    • Description: Directory containing the DSF BPE process plugins for deployment on startup of the DSF BPE server
    • Recommendation: Change only if you don't use the provided directory structure from the installation guide or made changes to tit
    • Default: process

    DEV_DSF_BPE_PROCESS_RETIRED

    • Property: dev.dsf.bpe.process.retired
    • Required: No
    • Description: List of already deployed process names that should be retired during startup of the DSF BPE server; comma or space separated list, YAML block scalars supported
    • Recommendation: Retire processes that where deployed previously but are not anymore available
    • Example: old_process|x.y

    DEV_DSF_BPE_PROCESS_THREADS

    • Property: dev.dsf.bpe.process.threads
    • Required: No
    • Description: Number of parallel Task / QuestionnaireResponse threads to start new or continue existing processes, a value <= 0 means number of cpu cores
    • Default: -1

    DEV_DSF_BPE_SERVER_BASE_URL

    • Property: dev.dsf.bpe.server.base.url
    • Required: No
    • Description: Base address of the BPE server, configure when exposing the web-ui
    • Example: https://foo.bar/bpe
    • Default: https://localhost/bpe

    DEV_DSF_BPE_SERVER_ROLECONFIG

    DEV_DSF_BPE_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.bpe.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_BPE_SERVER_UI_THEME

    • Property: dev.dsf.bpe.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: No
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: No
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: No
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/client_cert_ca_chains.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: No
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: No
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: No
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.7.0/maintain/bpe/index.html b/v1.7.0/maintain/bpe/index.html new file mode 100644 index 000000000..fc04e7efc --- /dev/null +++ b/v1.7.0/maintain/bpe/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + BPE Server + + + + + + + + + diff --git a/v1.7.0/maintain/bpe/oidc.html b/v1.7.0/maintain/bpe/oidc.html new file mode 100644 index 000000000..485a2baff --- /dev/null +++ b/v1.7.0/maintain/bpe/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF BPE server user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF BPE server supports Authorization Code Flow for the user interface. Back-Channel Logout is also supported.

    BPE Reverse Proxy

    The DSF BPE reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF BPE server accepts logout tokens at DEV_DSF_BPE_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF BPE server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/bpe:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-bpe
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.7.0/maintain/fhir-reverse-proxy/configuration.html b/v1.7.0/maintain/fhir-reverse-proxy/configuration.html new file mode 100644 index 000000000..e8d6c4fab --- /dev/null +++ b/v1.7.0/maintain/fhir-reverse-proxy/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 2 min

    APP_SERVER_IP

    • Required: Yes
    • Description: Hostname or IP-Address of the DSF FHIR server application container, the reverse proxy target
    • Example: app, 172.28.1.3

    HTTPS_SERVER_NAME_PORT

    • Required: Yes
    • Description: External FQDN of your DSF FHIR server with port, typically 443
    • Example: my-external.fqdn:443

    PROXY_PASS_CONNECTION_TIMEOUT_HTTP

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_CONNECTION_TIMEOUT_WS

    • Required: No
    • Description: Connection timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a connection to be established
    • Default: 30 seconds

    PROXY_PASS_TIMEOUT_HTTP

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server http connection, time the proxy waits for a reply
    • Default: 60 seconds

    PROXY_PASS_TIMEOUT_WS

    • Required: No
    • Description: Timeout (seconds) for reverse proxy to app server ws connection, time the proxy waits for a reply
    • Default: 60 seconds

    SERVER_CONTEXT_PATH

    • Required: No
    • Description: Reverse proxy context path that delegates to the app server, / character at start, no / character at end, use '' (empty string) to configure root as context path
    • Default: /fhir

    SSL_CA_CERTIFICATE_FILE

    • Required: No
    • Description: Certificate chain file including all issuing, intermediate and root certificates used to validate client certificates, PEM encoded, sets the apache httpd parameter SSLCACertificateFile
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_ca_chains.pem

    SSL_CA_DN_REQUEST_FILE

    • Required: No
    • Description: File containing all signing certificates excepted, will be used to specify the Acceptable client certificate CA names send to the client, during TLS handshake, sets the apache httpd parameter SSLCADNRequestFile; if omitted all entries from SSL_CA_CERTIFICATE_FILE are used
    • Recommendation: Use docker secret file to configure
    • Default: ca/client_cert_issuing_cas.pem

    SSL_CERTIFICATE_CHAIN_FILE

    • Required: No
    • Description: Certificate chain file, PEM encoded, must contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate), sets the apache httpd parameter SSLCertificateChainFile; can be omitted if either no chain is needed (self signed server certificate) or the file specified via SSL_CERTIFICATE_FILE contains the certificate chain
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_chain_file.pem

    SSL_CERTIFICATE_FILE

    • Required: Yes
    • Description: Server certificate file, PEM encoded, sets the apache httpd parameter SSLCertificateFile, may contain all certificates between the server certificate and the root ca certificate (excluding the root ca certificate). Omit SSL_CERTIFICATE_CHAIN_FILE if chain included
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_file.pem

    SSL_CERTIFICATE_KEY_FILE

    • Required: Yes
    • Description: Server certificate private key file, PEM encoded, unencrypted, sets the apache httpd parameter SSLCertificateKeyFile
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/ssl_certificate_key_file.pem

    SSL_EXPECTED_CLIENT_S_DN_C_VALUES

    • Required: No
    • Description: Expected client certificate subject DN country C values, must be a comma-separated list of strings in single quotation marks, e.g. 'DE', 'FR'. If a client certificate with a not configured subject country C value is used, the server answers with a 403 Forbidden status code
    • Default: 'DE'

    SSL_EXPECTED_CLIENT_I_DN_CN_VALUES

    • Required: No
    • Description: Expected client certificate issuer DN common-name CN values, must be a comma-separated list of strings in single quotation marks. If a client certificate from a not configured issuing ca common-name is used, the server answers with a 403 Forbidden status code
    • Default: 'GEANT TLS ECC 1', 'HARICA OV TLS ECC', 'GEANT TLS RSA 1', 'HARICA OV TLS RSA', 'GEANT S/MIME ECC 1', 'HARICA S/MIME ECC', 'GEANT S/MIME RSA 1', 'HARICA S/MIME RSA', 'DFN-Verein Global Issuing CA', 'Fraunhofer User CA - G02', 'D-TRUST SSL Class 3 CA 1 2009', 'Sectigo RSA Organization Validation Secure Server CA', 'GEANT OV RSA CA 4', 'GEANT Personal CA 4', 'GEANT eScience Personal CA 4', 'Sectigo ECC Organization Validation Secure Server CA', 'GEANT OV ECC CA 4', 'GEANT Personal ECC CA 4', 'GEANT eScience Personal ECC CA 4', 'D-TRUST Limited Basic CA 1-2 2019', 'D-TRUST Limited Basic CA 1-3 2019'

    SSL_VERIFY_CLIENT

    • Required: No
    • Description: Modifies the apache mod_ssl config parameter SSLVerifyClient
    • Recommendation: Set to optional when using OIDC authentication
    • Default: require
    + + + diff --git a/v1.7.0/maintain/fhir-reverse-proxy/index.html b/v1.7.0/maintain/fhir-reverse-proxy/index.html new file mode 100644 index 000000000..06406ef03 --- /dev/null +++ b/v1.7.0/maintain/fhir-reverse-proxy/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Reverse Proxy + + + + + + + + + diff --git a/v1.7.0/maintain/fhir/access-control.html b/v1.7.0/maintain/fhir/access-control.html new file mode 100644 index 000000000..aa8b9183c --- /dev/null +++ b/v1.7.0/maintain/fhir/access-control.html @@ -0,0 +1,79 @@ + + + + + + + + + + Access Control + + + + + +
    Skip to main content

    Access Control

    DSF-TeamAbout 3 min

    Overview

    The DSF FHIR server implements a subset of the FHIR R4 REST API. When accessing the API with a web browser a limited graphical user interface is shown. Without any additional configuration the API and user interface is only accessible with the X.509 client certificate configured for the organization via the configuration parameter: DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    OpenID Connect

    To enable OpenID Connect authentication of local user, see the DSF FHIR server OpenID Connect configuration page.

    Access to the API and user interface can be enabled for additional client certificates and local users authenticating via OAuth 2.0 OpenID Connect. Access can be configured for so called roles, with all roles specified using the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG. The value for this environment variable is specified as YAML using the block scalar |.

    The listing below shows a minimal configuration to enable read access for a specific client-certificate:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - example_read_only_role:
+            thumbprint: 00474993fa261b0225f93c5a66aa6fcc... [a-f0-9]{128}
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY

    The list of user roles above contains a single rule-entry example_read_only_role, matching the user via a client certificate SHA-512 thumprint and assigning three DSF roles. Any string can be used as the name for the rule-enty.

    Certificate Thumbprints

    SHA-512 certificate thumbprints in HEX form [a-f0-9]{128} can be calculated using:

    certtool --fingerprint --hash=sha512 --infile=certificate.pem

    Multiple user roles can be specified and all matching roles will be applied to an authenticated users. Use an empty string "" or a single block scalar | character as the value for the configuration parameter DEV_DSF_FHIR_SERVER_ROLECONFIG if no roles should be configured.

    Matching Users

    To apply roles, users can be matched via the thumbprint, email, token-role or token-group properties. A single value or a list of values can be specified.

    thumbprint

    The property thumbprint can used to specify one or multiple SHA-512 certificate thumbprints. Roles from this rule are applied to the authenticating user if the certificate matches one of the specified thumbprints.

    email

    Using the property email users can be matched against e-mail addresses specified in X.509 client certificates and in OpenID Connect access tokens. Values will be matched against e-mail addresses specified in the subject DN (via PKCS#9 extension 1.2.840.113549.1.9.1) and RFC-822 Name entries of the Subject Alternative Name field. If the user authenticates via OpenID Connect, the email claim from the access token will be matched against the property values.

    token-role and token-group

    With the properties token-role and token-group role and group names can be specified to match against role and group claims within OAuth 2.0 access tokens.

    DSF and Practitioner Roles

    Two types of roles can be applied to matched users.

    dsf-role

    DSF roles specified via the dsf-role property define general access to the REST API and user interface. Allowed values are:

    CREATE, READ, UPDATE, DELETE, SEARCH, HISTORY, PERMANENT_DELETE and WEBSOCKET.

    practitioner-role

    In order to allow users to start processes, the property practitioner-role can be used to assign codes from FHIR CodeSystem resources. Codes are specified in the form system-url|code.
    If the uses has a code specified here that match with a requester extension within the process plugin's ActivityDefinition resource, the user can start the process if he also has the dsf-role CREATE.

    Process plugins can defined and use there own code-systems. However, the DSF specifies a standard set of practitioner roles within the CodeSystem http://dsf.dev/fhir/CodeSystem/practitioner-role:

    UAC_USER, COS_USER, CRR_USER, DIC_USER, DMS_USER, DTS_USER, HRP_USER, TTP_USER, AMS_USER and DSF_ADMIN.

    Examples

    The first example defines a group of DSF administrators. Two client certificates match against this role:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - certificate-admins:
+            thumbprint: 
+              - afb68b1d9d47e691b8b3d50fd9848467cada8b1c76f5f4b45f00c9f8432d505361a3ee27805f4aa06799d9ac8dace94b3f1942fce44d84866961259b13be825d
+              - 2441bfddcad97eeb83c8c31fe181b90652787b8b59bf4e569219da7db4429e389479cb7c4a2f311e34217357d594ecad7d58ccfeef2a9e93c6fcf8d98897d88c
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The second example defines a group of DSF administrators by specifying an admin role that gets matched against OAuth 2.0 access tokens:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - token-role-admins:
+            token-role: admin
+            dsf-role:
+              - CREATE
+              - READ
+              - UPDATE
+              - DELETE
+              - SEARCH
+              - HISTORY
+            practitioner-role:
+              - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN

    The third example allows read-only access. Two e-mail addresses are used to match this role. E-mail addresses from X.509 client certificates and OAuth 2.0 access tokens are matched:

          DEV_DSF_FHIR_SERVER_ROLECONFIG: |
+        - read-only:
+            email:
+              - first.user@test.org
+              - second.user@test.org
+            dsf-role:
+              - READ
+              - SEARCH
+              - HISTORY
    + + + diff --git a/v1.7.0/maintain/fhir/configuration.html b/v1.7.0/maintain/fhir/configuration.html new file mode 100644 index 000000000..d31921886 --- /dev/null +++ b/v1.7.0/maintain/fhir/configuration.html @@ -0,0 +1,41 @@ + + + + + + + + + + Configuration Parameters + + + + + +
    Skip to main content

    Configuration Parameters

    DSF-TeamAbout 5 min

    DEV_DSF_FHIR_CLIENT_CERTIFICATE

    • Property: dev.dsf.fhir.client.certificate
    • Required: Yes
    • Description: PEM encoded file with local client certificate for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.fhir.client.certificate.private.key
    • Required: Yes
    • Description: Private key corresponding to the local client certificate as PEM encoded file. Use DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_certificate_private_key.pem

    DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.fhir.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the local client certificate encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/app_client_certificate_private_key.pem.password

    DEV_DSF_FHIR_CLIENT_TIMEOUT_CONNECT

    • Property: dev.dsf.fhir.client.timeout.connect
    • Required: No
    • Description: Timeout in milliseconds until a connection is established between this DSF FHIR server and a remote DSF FHIR server
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 2000

    DEV_DSF_FHIR_CLIENT_TIMEOUT_READ

    • Property: dev.dsf.fhir.client.timeout.read
    • Required: No
    • Description: Timeout in milliseconds until a reading a resource from a remote DSF FHIR server is aborted
    • Recommendation: Change default value only if timeout exceptions occur
    • Default: 10000

    DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.fhir.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_FHIR_CLIENT_VERBOSE

    • Property: dev.dsf.fhir.client.verbose
    • Required: No
    • Description: To enable verbose logging of requests to and replies from remote DSF FHIR servers, set to true
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_FORCEUNLOCK

    • Property: dev.dsf.fhir.db.liquibase.forceUnlock
    • Required: No
    • Description: To force liquibase to unlock the migration lock set to true
    • Recommendation: Only use this option temporarily to unlock a stuck DB migration step
    • Default: false

    DEV_DSF_FHIR_DB_LIQUIBASE_LOCKWAITTIME

    • Property: dev.dsf.fhir.db.liquibase.lockWaitTime
    • Required: No
    • Description: Liquibase change lock wait time in minutes, default 2 minutes
    • Default: 2

    DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD or DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.liquibase.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server to execute database migrations
    • Recommendation: Use docker secret file to configure by using DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE
    • Example: /run/secrets/db_liquibase.password

    DEV_DSF_FHIR_DB_LIQUIBASE_USERNAME

    • Property: dev.dsf.fhir.db.liquibase.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server to execute database migrations
    • Default: liquibase_user

    DEV_DSF_FHIR_DB_URL

    • Property: dev.dsf.fhir.db.url
    • Required: Yes
    • Description: Address of the database used for the DSF FHIR server
    • Recommendation: Change only if you don't use the provided docker-compose from the installation guide or made changes to the database settings/networking in the docker-compose
    • Example: jdbc:postgresql://db/fhir

    DEV_DSF_FHIR_DB_USER_GROUP

    • Property: dev.dsf.fhir.db.user.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF FHIR server
    • Default: fhir_users

    DEV_DSF_FHIR_DB_USER_PASSWORD or DEV_DSF_FHIR_DB_USER_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PASSWORD_FILE
    • Example: /run/secrets/db_user.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP

    • Property: dev.dsf.fhir.db.user.permanent.delete.group
    • Required: No
    • Description: Name of the user group to access the database from the DSF FHIR server for permanent deletes
    • Default: fhir_permanent_delete_users

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD or DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE

    • Property: dev.dsf.fhir.db.user.permanent.delete.password
    • Required: Yes
    • Description: Password to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use docker secret file to configure using DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE
    • Example: /run/secrets/db_user_permanent_delete.password

    DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME

    • Property: dev.dsf.fhir.db.user.permanent.delete.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server for permanent deletes
    • Recommendation: Use a different user then DEV_DSF_FHIR_DB_USER_USERNAME
    • Default: fhir_server_permanent_delete_user

    DEV_DSF_FHIR_DB_USER_USERNAME

    • Property: dev.dsf.fhir.db.user.username
    • Required: No
    • Description: Username to access the database from the DSF FHIR server
    • Default: fhir_server_user

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_CURRENTUSER

    • Property: dev.dsf.fhir.debug.log.message.currentUser
    • Required: No
    • Description: To enable logging of the currently requesting user set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_DBSTATEMENT

    • Property: dev.dsf.fhir.debug.log.message.dbStatement
    • Required: No
    • Description: To enable logging of DB queries set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_DEBUG_LOG_MESSAGE_WEBSERVICEREQUEST

    • Property: dev.dsf.fhir.debug.log.message.webserviceRequest
    • Required: No
    • Description: To enable logging of webservices requests set to true
    • Recommendation: This debug function should only be activated during development; WARNING: Confidential information may be leaked via the debug log!
    • Default: false

    DEV_DSF_FHIR_SERVER_BASE_URL

    • Property: dev.dsf.fhir.server.base.url
    • Required: Yes
    • Description: Base address of this DSF FHIR server to read/store fhir resources
    • Example: https://foo.bar/fhir

    DEV_DSF_FHIR_SERVER_INIT_BUNDLE

    • Property: dev.dsf.fhir.server.init.bundle
    • Required: No
    • Description: Fhir bundle containing the initial Allow-List, loaded on startup of the DSF FHIR server
    • Recommendation: Change only if you don't use the provided files from the installation guide, have local changes in the Allow-List or received an Allow-List from another source
    • Default: conf/bundle.xml

    DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE

    • Property: dev.dsf.fhir.server.organization.identifier.value
    • Required: Yes
    • Description: Local identifier value used in the Allow-List
    • Recommendation: By convention: The shortest possible FQDN that resolve the homepage of the organization
    • Example: hospital.com

    DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT

    • Property: dev.dsf.fhir.server.organization.thumbprint
    • Required: Yes
    • Description: The SHA-512 thumbprint of the local organization client certificate
    • Recommendation: The thumbprint can be calculated via certtool --fingerprint --hash=sha512 --infile=client_certificate.pem

    DEV_DSF_FHIR_SERVER_PAGE_COUNT

    • Property: dev.dsf.fhir.server.page.count
    • Required: No
    • Description: Page size returned by the DSF FHIR server when reading/searching fhir resources
    • Default: 20

    DEV_DSF_FHIR_SERVER_ROLECONFIG

    DEV_DSF_FHIR_SERVER_STATIC_RESOURCE_CACHE

    • Property: dev.dsf.fhir.server.static.resource.cache
    • Required: No
    • Description: To disable static resource caching, set to false
    • Recommendation: Only set to false for development
    • Default: true

    DEV_DSF_FHIR_SERVER_UI_THEME

    • Property: dev.dsf.fhir.server.ui.theme
    • Required: No
    • Description: UI theme parameter, adds a color indicator to the ui to distinguish dev, test and prod environments im configured; supported values: dev, test and prod

    DEV_DSF_PROXY_NOPROXY

    • Property: dev.dsf.proxy.noProxy
    • Required: No
    • Description: Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported
    • Example: foo.bar, test.com:8080

    DEV_DSF_PROXY_PASSWORD or DEV_DSF_PROXY_PASSWORD_FILE

    • Property: dev.dsf.proxy.password
    • Required: No
    • Description: Forward Proxy password
    • Recommendation: Configure password if proxy requires authentication, use docker secret file to configure using DEV_DSF_PROXY_PASSWORD_FILE

    DEV_DSF_PROXY_URL

    • Property: dev.dsf.proxy.url
    • Required: No
    • Description: Forward (http/https) proxy url, use DEV_DSF_BPE_PROXY_NOPROXY to list domains that do not require a forward proxy
    • Example: http://proxy.foo:8080

    DEV_DSF_PROXY_USERNAME

    • Property: dev.dsf.proxy.username
    • Required: No
    • Description: Forward proxy username
    • Recommendation: Configure username if proxy requires authentication

    DEV_DSF_SERVER_API_HOST

    • Property: dev.dsf.server.api.host
    • Required: No
    • Description: API connector host, default in docker image: 0.0.0.0
    • Default: 127.0.0.1

    DEV_DSF_SERVER_API_PORT

    • Property: dev.dsf.server.api.port
    • Required: No
    • Description: API connector port, default in docker image: 8080

    DEV_DSF_SERVER_AUTH_CLIENT_CERTIFICATE_HEADER

    • Property: dev.dsf.server.auth.client.certificate.header
    • Required: No
    • Description: Name of HTTP header with client certificate from reverse proxy
    • Default: X-ClientCert

    DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW

    • Property: dev.dsf.server.auth.oidc.authorization.code.flow
    • Required: No
    • Description: Set to true to enable OIDC authorization code flow
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL, DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT

    • Property: dev.dsf.server.auth.oidc.back.channel.logout
    • Required: No
    • Description: Set to true to enable OIDC back-channel logout
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to be set to true (enabled), DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID and DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH

    • Property: dev.dsf.server.auth.oidc.back.channel.logout.path
    • Required: No
    • Description: Path called by the OIDC provide to request back-channel logout
    • Default: /back-channel-logout

    DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN

    • Property: dev.dsf.server.auth.oidc.bearer.token
    • Required: No
    • Description: Set to true to enable OIDC bearer token authentication
    • Recommendation: Requires DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL to be specified
    • Default: false

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID

    • Property: dev.dsf.server.auth.oidc.client.id
    • Required: No
    • Description: OIDC provider client_id, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET

    • Property: dev.dsf.server.auth.oidc.client.secret
    • Required: No
    • Description: OIDC provider client_secret, must be specified if DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW is enabled

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate
    • Required: No
    • Description: PEM encoded file with client certificate for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key
    • Required: No
    • Description: Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE if private key is encrypted
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD or DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password
    • Required: No
    • Description: Password to decrypt the client certificate for the OIDC provider encrypted private key
    • Recommendation: Use docker secret file to configure using DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE
    • Example: /run/secrets/oidc_provider_client_certificate_private_key.pem.password

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_CONNECTTIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.connectTimeout
    • Required: No
    • Description: OIDC provider client connect timeout in milliseconds
    • Default: 5000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_IDLETIMEOUT

    • Property: dev.dsf.server.auth.oidc.provider.client.idleTimeout
    • Required: No
    • Description: OIDC provider client idle timeout in milliseconds
    • Default: 30000

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/oidc_provider_trust_certificates.pem
    • Default: ca/server_cert_root_cas.pem

    DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL

    • Property: dev.dsf.server.auth.oidc.provider.realm.base.url
    • Required: No
    • Description: OIDC provider realm base url
    • Example: https://keycloak.test.com:8443/realms/example-realm-name

    DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS

    • Property: dev.dsf.server.auth.trust.client.certificate.cas
    • Required: No
    • Description: PEM encoded file with one or more trusted full CA chains to validate client certificates for https connections from local and remote clients
    • Recommendation: Use docker secret file to configure
    • Example: /run/secrets/app_client_trust_certificates.pem
    • Default: ca/client_cert_ca_chains.pem

    DEV_DSF_SERVER_CERTIFICATE

    • Property: dev.dsf.server.certificate
    • Required: No
    • Description: Server certificate file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_CHAIN

    • Property: dev.dsf.server.certificate.chain
    • Required: No
    • Description: Server certificate chain file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY

    • Property: dev.dsf.server.certificate.key
    • Required: No
    • Description: Server certificate private key file for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD or DEV_DSF_SERVER_CERTIFICATE_KEY_PASSWORD_FILE

    • Property: dev.dsf.server.certificate.key.password
    • Required: No
    • Description: Server certificate private key file password for testing
    • Recommendation: Only specify For testing when terminating TLS in jetty server

    DEV_DSF_SERVER_CONTEXT_PATH

    • Property: dev.dsf.server.context.path
    • Required: No
    • Description: Web application context path, default in bpe docker image: /bpe, default in fhir docker image: /fhir
    • Recommendation: Only modify for testing

    DEV_DSF_SERVER_STATUS_HOST

    • Property: dev.dsf.server.status.host
    • Required: No
    • Description: Status connector host
    • Default: 127.0.0.1

    DEV_DSF_SERVER_STATUS_PORT

    • Property: dev.dsf.server.status.port
    • Required: No
    • Description: Status connector port, default in docker image: 10000
    + + + diff --git a/v1.7.0/maintain/fhir/index.html b/v1.7.0/maintain/fhir/index.html new file mode 100644 index 000000000..483ea5a76 --- /dev/null +++ b/v1.7.0/maintain/fhir/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + FHIR Server + + + + + + + + + diff --git a/v1.7.0/maintain/fhir/oidc.html b/v1.7.0/maintain/fhir/oidc.html new file mode 100644 index 000000000..cba40cb8c --- /dev/null +++ b/v1.7.0/maintain/fhir/oidc.html @@ -0,0 +1,60 @@ + + + + + + + + + + OpenID Connect + + + + + +
    Skip to main content

    OpenID Connect

    DSF-TeamAbout 1 min

    Overview

    Access to the DSF FHIR server REST API and user interface can be configured via access control roles. By default users are only authenticated using X.509 client certificates, but authentication for local users via OAuth 2.0 OpenID Connect can also be enabled.

    The DSF FHIR server supports Authorization Code Flow for the user interface as well as Bearer Token Authentication for the REST API. Back-Channel Logout is also supported.

    FHIR Reverse Proxy

    The DSF FHIR reverse proxy requires client certificates by default. To use OpenID Connect authentication the configuration parameter SSL_VERIFY_CLIENT needs to be set to optional.

    Authorization Code Flow

    To enable authentication via OpenID Connect authorization code flow, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW to true and specify the following parameters:

    Optionally, back channel logout can be enabled by setting DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT to true. The DSF FHIR server accepts logout tokens at DEV_DSF_FHIR_SERVER_BASE_URL + /back-channel-logout. The path can be modified via DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH.

    Bearer Token Authentication

    To enable bearer token authentication, set the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN to true and specify the following parameter:

    Additional ODIC Configuration Parameter

    A number of additional DEV_DSF_SERVER_AUTH_OIDC ... configuration parameter are specify on the DSF FHIR server configuration parameter page.

    For example the configuration parameter DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS can be used to specify a PEM encoded file with trusted root certificates to be used when accessing the OpenID Connect provider. If not specify the JVM default trusted root certificates are used for this connection.

    Example

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir:1.5.2
+    # ...
+    secrets:
+      - keycloak_root_ca.pem
+      # ...
+    environment:
+      # ...
+      DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true'
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak.test.org/realms/dsf
+      DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/keycloak_root_ca.pem
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dsf-fhir
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: n9bCMtjugv3Y_.szktXyQ2RH5se+J%o3
+    # ...
+secrets:
+  keycloak_root_ca.pem:
+    file: ./secrets/keycloak_root_ca.pem
    + + + diff --git a/v1.7.0/maintain/index.html b/v1.7.0/maintain/index.html new file mode 100644 index 000000000..b7fad23e9 --- /dev/null +++ b/v1.7.0/maintain/index.html @@ -0,0 +1,41 @@ + + + + + + + + + + Maintain a DSF instance + + + + + + + + + diff --git a/v1.7.0/maintain/install-plugins.html b/v1.7.0/maintain/install-plugins.html new file mode 100644 index 000000000..c7e77b5a6 --- /dev/null +++ b/v1.7.0/maintain/install-plugins.html @@ -0,0 +1,43 @@ + + + + + + + + + + Install Plugins + + + + + +
    Skip to main content

    Install Plugins

    DSF-TeamAbout 1 min

    Marketplace for process plugins

    To install and learn more about each Process Plugin, you can visit the Marketplace here.

    Overview

    • You can find an overview of compatable process plugins below (last updated 2025-01-22).
    Process Pluginreleased for testreleased for production
    Ping-Pongv1.0.1.0v1.0.1.0
    Allow-Listv1.0.0.1v1.0.0.1
    MII Process Feasibilityv1.0.0.7v1.0.0.7
    MII Process Reportv1.1.2.0v1.1.2.0
    MII Process Data Transferv1.0.3.0v1.0.3.0
    MII Process Data Sharingv1.0.2.0v1.0.2.0
    NUM-RDPv1.1.0.0v1.1.0.0
    • Explore and install Process Plugins in the Marketplace. Details on each plugin are available here.
    • Deploying the process plugin to the DSF involves copy the process jar-file and configuring environment variable for the business process engine (BPE).

    Prerequisites

    • A DSF installation of version 1.3.x or higher. An installation guide can be found here.

    Deployment

    • Add the process jar-file to the DSF BPE folder /opt/bpe/process:
    wget (your jar-file download link)

    For example:

     wget https://github.com/medizininformatik-initiative/mii-process-data-sharing/releases/download/v1.0.0.1/mii-process-data-sharing-1.0.0.1.jar
    • Make sure the process is readable by the bpe user or group, for example by executing:
    sudo chmod 440 (your jar-file name.jar)
+sudo chown root:bpe (your jar-file name.jar)

    For example:

    sudo chmod 440 mii-process-data-sharing-1.0.0.1.jar
+sudo chown root:bpe mii-process-data-sharing-1.0.0.1.jar
    • Modify the process exclude config in /opt/bpe/docker-compose.yml
    • Reminder: Update/verify required configurations in docker-compose.yml
    + + + diff --git a/v1.7.0/maintain/install.html b/v1.7.0/maintain/install.html new file mode 100644 index 000000000..bcb38d380 --- /dev/null +++ b/v1.7.0/maintain/install.html @@ -0,0 +1,65 @@ + + + + + + + + + + Install DSF 1.7.0 + + + + + +
    Skip to main content

    Install DSF 1.7.0

    DSF-TeamAbout 6 min

    In the following installation manual we will show you how you can install your own DSF instance to be part of an already existing DSF network.

    Unified installation manual

    The installation instructions of DSF 0.9.x for different application use cases (e.g. NUM CODEX or HiGHmed) are now combined under one common manual. The specific steps for process installation and configuration are documented at the process plugin documentation pages.

    Prerequisites

    Virtual Machines

    • DSF FHIR VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD
    • DSF BPE VM: min. 4 GB RAM, 4 vCPU, 20 GB HDD

    Docker / Docker-Compose

    Both VMs need latest docker (>= 24.0.0) and docker compose. For the latest install guide see https://docs.docker.com/engine/install.

    sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+sudo systemctl enable docker.service
+sudo systemctl enable containerd.service

    The current version of docker compose is installed with the current docker version.

    Client/Server Certificates

    Two Certificates from the GÉANT TCS (via DFN e.V.), D-Trust (via TMF e.V.) or DFN-PKI Global G2 (legacy, no new certificates are issued) are needed:

    • Certificate A: Server Certificate - TLS Web Server Authentication (DFN PKI Profile: 'Web Server', Common-Name: Your external DSF FHIR Servers FQDN)
    • Certificate B: Client Certificate - TLS Web Client Authentication (DFN PKI Profile: '802.1X Client', Common-Name: Your DSF BPE Servers FQDN)

    If you use GÉANT TCS certificates, then they are configured by default with the necessary X509v3 Extended Key Usages: TLS Web Server Authentication, TLS Web Client Authentication.

    Network setup / Network access

    • The DSF FHIR server needs to be accessible via the internet and able to access the internet without TLS interception.
    • The BPE FHIR server should only be accessible by the internal network and able to access your DSF FHIR server via its external FQDN and the internet without TLS interception.

    Here is a quick overview of the expected network setup.

    SourceTargetPortProtocol
    DSF BPE (local)DSF FHIR (local)443https, wss
    DSF BPE (local)DSF FHIR (other DSF communication partners)443https
    DSF FHIR (local)DSF FHIR (other DSF communication partners)443https (HTTP HEAD only)
    DSF BPE (other DSF communication partners)DSF FHIR (local)443https
    DSF FHIR (other DSF communication partners)DSF FHIR (local)443https (HTTP HEAD only)

    Connections to services that are used by process plugins (e.g. a fTTP, a terminology server, simplifier.net or a local FHIR server) are not listed. Please refer to the respective process plugin documentation pages for more information.

    Setup

    Prepare Certificates

    1. Server Certificate (certificate A)
      This certificate will be used as the DSF FHIR servers server certificate (ssl_certificate_file.pem, ssl_certificate_key_file.pem)

      • Store PEM encoded certificate as ssl_certificate_file.pem
      • Store unencrypted, PEM encoded private-key as ssl_certificate_key_file.pem
      • Store PEM encoded certificate chain (all intermediate CAs between the server and the root certificate, excluding root) as ssl_certificate_chain_file.pem

    2. Client Certificate (Certificate B)
      This certificate will be used as the DSF BPE servers client certificate (client_certificate.pem, client_certificate_private_key.pem) as well as the DSF FHIR servers client certificate (client_certificate.pem, client_certificate_private_key.pem)

      • Store PEM encoded certificate as client_certificate.pem
      • Store encrypted or not encrypted, PEM encoded private-key as client_certificate_private_key.pem

    DSF FHIR Server

    1. Add Group/User
      Add group and user used by the DSF FHIR java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2101 fhir
+sudo useradd --system --no-create-home --uid 2101 --gid 2101 fhir

    2. Download and Extract Config Files
      Download and unpack the prepared DSF FHIR server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_fhir_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_fhir_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/fhir assuming you changed into the /opt directory.

    3. Verify that the fhir system user or group can write into the following folder

      • /opt/fhir/log

    4. Add certificates and keys

      • Add the server certificate (certificate A), the corresponding private-key and the certificate chain (one file with all intermediate certificates, excluding the root CA) to /opt/fhir/secrets/
        • ssl_certificate_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_key_file.pem (chmod: 440, chown: fhir:docker)
        • ssl_certificate_chain_file.pem (chmod: 440, chown: fhir:docker)
      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/fhir/secrets/
        • client_certificate.pem (chmod: 440, chown: fhir:docker)
        • client_certificate_private_key.pem (chmod: 440, chown: fhir:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/fhir/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L34:      - app_client_certificate_private_key.pem.password
+...
+L47:      DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L109:  app_client_certificate_private_key.pem.password:
+L110:    file: ./secrets/client_certificate_private_key.pem.password

      How to chmod / chown

      For the example ssl_certificate_file.pem (chmod: 440, chown: fhir:docker) you must:

      1. Set the file content as requested
      2. Change the file permissions to 440 (allow read access to the owner of the file and the group the file belongs to, deny write access to everybody and deny read for other users):
        chmod 440 /opt/fhir/secrets/ssl_certificate_file.pem
      3. Change the owner of the file to the user fhir and the group the file belongs to to docker:
        chown fhir:docker /opt/fhir/secrets/ssl_certificate_file.pem

    5. Modify database passwords

      • /opt/fhir/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/fhir/secrets/db_user_permanent_delete.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> proxy -> environment:
        • HTTPS_SERVER_NAME_PORT: dsf.todo.organization.com:443
          Set your FHIR servers external FQDN, e.g. https://foo.bar.de -> foo.bar.de:443
        • For additional environment variables, see the FHIR Reverse Proxy Configuration Parameters page.
      • services -> app -> environment:

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: todo.organization.com
          Set your Organizations DSF identifier, aka the shortest FQDN that resolves to the main homepage of the organization, e.g. hs-heilbronn.de

        • DEV_DSF_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: f4344032fe77bffb912ff5abfd44da89fe64d355affb8d0f14c9ecb8bdbf92c7fe5f995b1ec0c453e4228b395e331052e4639044df4933d57721de508a84d26f
          Set the SHA-512 Hash (lowercase hex) of your client certificate (Certificate B)
          Use certtool --fingerprint --hash=sha512 --infile=client_certificate.pem to generate the hash.

        • DEV_DSF_FHIR_SERVER_ROLECONFIG: |
          (Optional) You can add other client certificates (e.g. personal certificates from admins) to your DSF instance. For additional information, see the FHIR server Access Control page.

        • For additional environment variables, see the FHIR server Configuration Parameters page.

    7. Start the DSF FHIR Server
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    DSF BPE Server

    1. Add Group/User
      Add group and user used by the DSF BPE java application. Ubuntu compatible commands below:

      sudo groupadd --gid 2202 bpe
+sudo useradd --system --no-create-home --uid 2202 --gid 2202 bpe

    2. Download and Extract Config Files
      Download and extract prepared DSF BPE server config files and folder structure:

      cd /opt
+wget https://dsf.dev/download/dsf_bpe_1_7_0.tar.gz
+sudo tar --same-owner -zxvf dsf_bpe_1_7_0.tar.gz

      The tar command will unpack the config files at /opt/bpe assuming you changed into the /opt directory.

    3. Verify that the bpe system user or group can write into the following folders

      • /opt/bpe/log

    4. Add certificates and keys

      • Add the client certificate (Certificate B) and the corresponding private-key to /opt/bpe/secrets/
        • client_certificate.pem (chmod: 440 chown: bpe:docker)
        • client_certificate_private_key.pem (chmod: 440 chown: bpe:docker)
      • If the private key is encrypted, add a password file with the password as the only content to /opt/bpe/secrets/client_certificate_private_key.pem.password
      • If the private key is not encrypted, remove the corresponding docker secret lines from the docker-compose.yml file
        L12:      - app_client_certificate_private_key.pem.password
+...
+L32:      DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password
+...
+L83:  app_client_certificate_private_key.pem.password:
+L84:    file: ./secrets/client_certificate_private_key.pem.password

    5. Modify database passwords

      • /opt/bpe/secrets/db_liquibase.password
        • Generate a random password (min. 32 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.
      • /opt/bpe/secrets/db_user_camunda.password
        • Generate a random password (min. 16 characters recommended) and replace the content of the file.

    6. Modify the docker-compose.yml file and set environment variables to the appropriate values

      • services -> app -> environment:

        • DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dsf.todo.organization.com/fhir
          Set your FHIR servers external FQDN, e.g. foo.bar.de -> https://foo.bar.de/fhir

        • For additional environment variables, see the BPE server Configuration Parameters page.

    7. Start the DSF BPE Server (without process plugins)
      Start using: docker compose up -d && docker compose logs -f (Ctrl-C will close log, but not stop container)

    8. Verify DSF BPE Startup

      • Check that the BPE was able to download new Task resources from the DSF FHIR server during startup.
      • Check that the BPE was able to download a Subscription resource from the DSF FHIR server during startup.
      • Check that the BPE was able to connect to the websocket endpoint of the DSF FHIR server during startup.

      If you need to debug the TLS connection to your DSF FHIR server use for example:
      docker run -it --rm alpine/openssl s_client your-fhir-server.fqdn:443
      The command above should print the server certificate of your DSF FHIR server (certificate A) and end with a message like [...]tlsv13 alert certificate required[...]

    Logs

    By default, we will log both to the console (collected by docker) and to files in the log directory, so you can use docker compose logs -f in /opt/bpe and /opt/fhir to view informational, warning and error logs. If you encounter any error and the reported information is not detailled enough, you can also check the logs in the /opt/fhir/log and /opt/bpe/log directories with debugging logs. There, you will also find older log files. If you have any questions and can't resolve them by yourself please always include the latest logs from /opt/fhir/log and /opt/bpe/log in your support request.

    On a successful BPE start, you should see the following entries in your BPE log:

    INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID1
+INFO Grizzly(1) -  INFO Grizzly(1) - ClientEndpoint.onOpen(37) | Websocket open, session SOME_RANDOM_UUID2

    On-Boarding

    Please visit the on boarding website of your network for more information.

    Ideas for improvement?

    Have you found an error or is something unclear to you? Then please feel free to write to us at gth-gecko@hs-heilbronn.de. Thank you very much!

    + + + diff --git a/v1.7.0/maintain/passwords-secrets.html b/v1.7.0/maintain/passwords-secrets.html new file mode 100644 index 000000000..1e24564ff --- /dev/null +++ b/v1.7.0/maintain/passwords-secrets.html @@ -0,0 +1,55 @@ + + + + + + + + + + Passwords and Secrets + + + + + +
    Skip to main content

    Passwords and Secrets

    DSF-TeamLess than 1 minute

    Environment variables ending in _PASSWORD or _SECRET can be configured using plain-text files. To achieve this, environment variable should be defined with _FILE appended to the name with the value defined as the location of the file. For all variables ending in _PASSWORD_FILE or _SECRET_FILE the DSF FHIR and DSF BPE applications will read the content of the fist line of the referenced file and dynamically define the corresponding _PASSWORD or _SECRET environment variables with the read values.

    Example Environment Variables

    • DEV_DSF_BPE_DB_USER_PASSWORD_FILE: If set to /run/secrets/db_user_password, the application will read the contents of the /run/secrets/db_user_password file and set the DEV_DSF_BPE_DB_USER_PASSWORD environment variable with the content from that file.
    • DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: If set to /run/secrets/oidc_client_secret, the application will read the contents of the referenced file and set the DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET environment variable accordingly.

    Docker Secrets

    It is recommended to use docker secrets as files for these environment variables. Docker secrets are mounted as files in /run/secrets/<secret_name> inside the container.

    Example docker-compose

    services:
+  app:
+    image: ghcr.io/datasharingframework/fhir
+    secrets:
+      - db_user_password
+      - oidc_client_secret
+    environment:
+      DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user_password
+      DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET_FILE: /run/secrets/oidc_client_secret
+
+secrets:
+  db_user_password:
+    file: ./secrets/db_user.password
+  api_key:
+    file: ./secrets/oidc_client.secret
    + + + diff --git a/v1.7.0/maintain/root-certificates.html b/v1.7.0/maintain/root-certificates.html new file mode 100644 index 000000000..da45e0563 --- /dev/null +++ b/v1.7.0/maintain/root-certificates.html @@ -0,0 +1,41 @@ + + + + + + + + + + Default Root Certificates + + + + + +
    Skip to main content

    Default Root Certificates

    DSF-TeamAbout 6 min

    A number of trusted certificate authorities (CAs) are included in the DSF docker images fhir_proxy, fhir, bpe_proxy and bpe by default. Root and intermediate certificates as well as the configured usage of issuing CAs as either server, client oder server and client CA are listed at the end.

    Extending or Replacing Trusted Certificate Authorities

    X.509 certificates of default trusted CAs are stored as .pem files containing multiple certificates in the docker images and can be replaced by either using docker bind mounts or configuring appropriate environment variables with different targets.

    FHIR Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /usr/local/apache2.
    Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.

    FHIR Server

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of remote DSF FHIR servers and the OIDC provider when using OpenID Connect for authenticating local users.
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /opt/fhir.

    BPE Reverse Proxy

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates (Apache httpd mod_ssl configuration option SSLCACertificateFile) as well as the CA Certificates for defining acceptable CA names (option SSLCADNRequestFile).
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /usr/local/apache2.
    Also Note: Using non default .pem files for the environment variables above may require also modifying the default values of the environment variables SSL_EXPECTED_CLIENT_S_DN_C_VALUES and SSL_EXPECTED_CLIENT_I_DN_CN_VALUES.

    BPE Server

    Defaults are configured for the list of issuing, intermediate and root CAs used for validating client certificates as well as root CAs used for validating server certificates of local and remote DSF FHIR servers, the local mail server (if configured and SMTP over TLS required) and the OIDC provider when using OpenID Connect for authenticating local users.
    Use the following environment variable to configure non default .pem files or override the existing files using docker bind mounts:

    Note: Default file location are relative to the docker image work directory /opt/bpe.

    List of Default Trusted Certificate Authorities

    If not mentioned explicitly, issuing CAs listed will sign X.509 certificates with Extended Key Usage entries TLS WWW server authentication and TLS WWW client authentication.

    CAs Trusted by Common Web Browsers and Operating Systems

    Other CAs

    + + + diff --git a/v1.7.0/maintain/upgrade-from-0.html b/v1.7.0/maintain/upgrade-from-0.html new file mode 100644 index 000000000..e3b494e5f --- /dev/null +++ b/v1.7.0/maintain/upgrade-from-0.html @@ -0,0 +1,41 @@ + + + + + + + + + + Upgrade from DSF 0.9.x + + + + + +
    Skip to main content

    Upgrade from DSF 0.9.x

    DSF-TeamAbout 1 min

    A direct upgrade from DSF 0.9.x to DSF 1.x is not supported.

    Do not use your 0.9.x configuration as starting point

    There are too many changes between DSF 0.9.x and DSF 1.x to use the old configuration as starting point and just adapt some configuration parameter names.

    Please use the new installation manual to perform a new installation and use the old setup only for reference.

    Instead, please perform the following steps:

    1. Shut down your DSF instances (DSF FHIR Server and DSF BPE).
    2. Backup your DSF instances (e.g. by moving the folders /opt/bpe and /opt/fhir to /opt/bpe_0.9 and /opt/fhir_0.9)
    3. Install the new DSF according to the instructions.
    4. You can copy your certificates (server- and client certificates) to your new installation. Please do not copy the CA certificate files from your old installation, as the new version will contain additional CAs (e.g. D-Trust).
    5. Configure your processes according to the new process plugin documentation. You can use your test environment configuration and your old production setup configuration for reference. Please ensure to use the new configuration parameter names, as many of them will have new prefixes (like DEV_DSF instead of ORG_HIGHMED).
    6. If you perform the installation before the change of the according environment, you can start the old instances again (out of the /opt/fhir_0.9 and /opt/bpe_0.9 directories).
    7. If you want to replace the old setup with the new one, shutdown the old instances (FHIR + BPE) and start the new ones.

    New process plugins

    Please do not copy your old process plugins into the new DSF. There will be a new release for each process plugin at the time you will be prompted to update your DSF instance.

    Use your old virtual machine

    We recommand the usage of your old DSF 0.9.x virtual machine for your new DSF 1.x setup. This will ensure that you already have the required firewall settings in place.

    + + + diff --git a/v1.7.0/maintain/upgrade-from-1.html b/v1.7.0/maintain/upgrade-from-1.html new file mode 100644 index 000000000..1669f61a4 --- /dev/null +++ b/v1.7.0/maintain/upgrade-from-1.html @@ -0,0 +1,129 @@ + + + + + + + + + + Upgrade from DSF 1.6.0 + + + + + +
    Skip to main content

    Upgrade from DSF 1.6.0

    DSF-TeamAbout 2 min

    Upgrading the DSF from 1.6.0 to 1.7.0 involves modifying the docker-compose.yml files and recreating the containers. In addition a number of docker secrets and environment variables can be removed if the newly introduced default values are sufficient. The now integrated defaults for trusted certificate authorities include updated configuration for the new certificate authority HARICA used by DFN e.V. and GÉANT TCS. See the Default Root Certificates page for more details and to learn how to configure overrides.

    Note: The configurations of trust stores for TLS connections managed by process plugins (for example HTTPS connections to the local KDS FHIR server) have not been modified with this release.

    Modify DSF FHIR Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/fhir directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/fhir /opt/fhir_backup_pre_1.7.0_upgrade

    2. Modify the DSF FHIR docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   proxy:
+-    image: ghcr.io/datasharingframework/fhir_proxy:1.6.0
++    image: ghcr.io/datasharingframework/fhir_proxy:1.7.0
+     restart: on-failure
+...
+       - ssl_certificate_file.pem
+       - ssl_certificate_key_file.pem
+       - ssl_certificate_chain_file.pem
+-      - ssl_ca_certificate_file.pem
+-      - ssl_ca_dn_request_file.pem
+     environment:
+...
+       SSL_CERTIFICATE_FILE: /run/secrets/ssl_certificate_file.pem
+       SSL_CERTIFICATE_KEY_FILE: /run/secrets/ssl_certificate_key_file.pem
+       SSL_CERTIFICATE_CHAIN_FILE: /run/secrets/ssl_certificate_chain_file.pem
+-      SSL_CA_CERTIFICATE_FILE: /run/secrets/ssl_ca_certificate_file.pem
+-      SSL_CA_DN_REQUEST_FILE: /run/secrets/ssl_ca_dn_request_file.pem
+     networks:
+...
+   app:
+-    image: ghcr.io/datasharingframework/fhir:1.6.0
++    image: ghcr.io/datasharingframework/fhir:1.7.0
+     restart: on-failure
+...
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_permanent_delete.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS:  /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password
+-      DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+-  ssl_ca_dn_request_file.pem:
+-    file: ./secrets/ssl_ca_dn_request_file.pem
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
    1. Upgrade the DSF FHIR containers
      From /opt/fhir execute
      docker compose up -d && docker compose logs -f

    Modify DSF BPE Server Setup

    1. Preparation / Backup

      • We recommend to create a backup of the /opt/bpe directory before proceeding with the upgrade.
        For example using: sudo cp -rp /opt/bpe /opt/bpe_backup_pre_1.7.0_upgrade

    2. Modify the DSF BPE docker-compose.yml file, replace the version number with 1.7.0 and remove not needed secrets and environment variables.

     version: '3.8'
+ services:
+   app:
+-    image: ghcr.io/datasharingframework/bpe:1.6.0
++    image: ghcr.io/datasharingframework/bpe:1.7.0
+     restart: on-failure
+     secrets:
+       - db_liquibase.password
+       - db_user.password
+       - db_user_camunda.password
+-      - app_client_trust_certificates.pem
+       - app_client_certificate.pem
+       - app_client_certificate_private_key.pem
+       - app_client_certificate_private_key.pem.password
+-      - ssl_ca_certificate_file.pem
+     volumes:
+...
+     environment:
+       TZ: Europe/Berlin
+-      DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/ssl_ca_certificate_file.pem
+       DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password
+...
+       DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password
+-      DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem
+       DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem
+...
+ secrets:
+...
+-  app_client_trust_certificates.pem:
+-    file: ./secrets/ssl_root_ca_certificate_file.pem
+...
+-  ssl_ca_certificate_file.pem:
+-    file: ./secrets/ssl_ca_certificate_file.pem
+...

    1. Upgrade the DSF BPE containers
      From /opt/bpe execute

      docker compose up -d && docker compose logs -f

    2. Verify your upgrade:

      • Verify the DSF FHIR server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-fhir-server-jetty, version: 1.7.0, [...]
      • Verify the DSF FHIR server started without errors
      • Verify the DSF FHIR server is accessible via https, for example by browsing to https://your-dsf-endpoint.de/fhir/ (authentication with your client-certificate)
      • Verify the DSF BPE server is running in version 1.6.0. The log should contain a message:
        INFO main - BuildInfoReaderImpl.logBuildInfo(137) | Artifact: dsf-bpe-server-jetty, version: 1.7.0, [...]
      • Verify the DSF BPE server started without errors
      • Verify your install with a ping/pong test
    + + + diff --git a/v1.7.0/process-plugins-advanced.html b/v1.7.0/process-plugins-advanced.html new file mode 100644 index 000000000..9f8ddbb80 --- /dev/null +++ b/v1.7.0/process-plugins-advanced.html @@ -0,0 +1,41 @@ + + + + + + + + + + Process Plugins Advanced + + + + + + + + +